ASTAP-24/INP-17

/ ASIA-PACIFIC TELECOMMUNITY
The 24th APT Standardization Program Forum
(ASTAP-24) / Document
ASTAP-24/INP-16
27 – 29August 2014, Bangkok, Thailand /

17August 2014

ETRI, Republic of Korea

Method for secure construction and management of wireless lan

  1. Introduction

It was agreed that EG IS would make the security handbook which provides useful information about information security and cybersecurity in the last meeting ASTAP 23, ASTAP22, ASTAP21 and ASTAP20.

Moreover, it was proposed and accepted for general users to use public wireless LAN securely in 23rd ASTAP forum. But, wireless LAN is often used for general users by installing access point in private home or office. Therefore we propose the method for secure construction and management of wireless LAN for the security handbook in this contribution.

  1. Proposal

Attachment is the contents for the security handbook for the method for secure construction and management of wireless LAN. We propose the following attachment for the contents in the security handbook.

Attachment: Method for secure construction and management of wireless LAN

Table of Contents

1.Introduction

2.Objectives

3.Terms and definitions

4.Scope

5.Constraints

6.Method for secure construction and management of wireless LAN

7.References

  1. Introduction

Wireless LAN can be installed and used these days quite often. Although wireless LAN is easy to access and convenient to use, it has a weakness. Because anyone can connect to the network freely without wire, various security threats can happen by malicious users. Therefore several special attentions are needed to use wireless LAN safely.

  1. Objectives

This document is the guideline for using wireless LAN securely. This document provides several special attentions when general users are using wireless LAN.

  1. Terms and definitions

AP(Access Point):a device which connects wireless device with wireless LAN card to the network and is connected wired into the network. In other words, AP is a device which makes connection between wired and wireless network

SSID(Service Set Identifier): SSID is a unique identifier which attached to packet header which is telecommunicated through wireless LAN, and is a text data which corresponds to the name of the wireless LAN. Since SSID distinguishes one wireless LAN from others, all the wireless devices should proper SSID to connect to the specific wireless LAN

  1. Scope

This document is for end users using wireless LAN.

  1. Constraints

This is very general guidelines and for end users only. For system operators and under special circumstances, users consider many other conditions and this document does not cover them.

  1. Method for secure construction and management of wireless LAN

Anyone can construct and manage wireless LAN by buying and installing AP easily. But, because everyone can freely connect wireless LAN without wired connection, many security threats such as leakage of personal information can happen by malicious users. Therefore users who want to install and utilize wireless LAN need to oblige the following several special attentions.

-Initial setting of AP should be changed.

In case one person installs wireless LAN for himself or herself, the very user of wireless LAN is a manager of the AP as a whole. Moreover, ID or password of AP is not set or is set commonly the same. Therefore users who installed AP should manage wireless AP by setting secure password.

Moreover, wireless LAN management page should be set which can be accessed by not wireless but wired.

-Regular checking for log is needed.

Wireless AP automatically generates and stores log file which is related to connection.These log files should be checked regularly for confirming existence of any unlawful behavior, and these log files should be stored for certain period.

-SSID and password should be changed regularly if possible.

SSID and connection password should be changed as regularly as possible. Moreover, password of high security level should be used.

  1. References

[1] “Wireless LAN”, Wikipedia,

Page 1 of 3