• United States



Toolbox: Where the Wireless Is

Apr 01, 20053 mins
CSO and CISOData and Information Security

The beauty of wireless computing is, well, the absence of wires. Or more practically, freedom for the end user to roam about. From a certain perspective, it’s conceptually similar to what the Internet provides

relatively location-independent computing. As long as you’re within reach of a wireless router or access point, you can use whatever resources are attached to that networkprinters, Internet access and so on. (For more on wireless networks, see “Five Essentials to Wireless Security,” Page 42.)

While mobility is in many respects liberating, there’s an oft-overlooked drawback: It’s decidedly difficult to deliver services that take advantage of the user’s physical location, such as information about their surrounding environment or the ability to find other networked users in the area.

This issue goes back many years, before the advent of widespread wireless computing access. Telecommunications vendors have for some time tried to solve the same problem (on an added-cost basis, of course) for cell phone users. Commercial solutions commonly involve GPS-enabling the phone; see AT&T Wireless’s Find People Nearby service or WaveMarket’s beta-test Crunkie service (described as a “mobile social networking tool” combining a mapping application and Web logging). If the name hasn’t tipped you off already, Crunkie seems primarily aimed at people younger than the average CSO reader (or writer). On a security-related note, a company called TruePosition provides the underlying technology for T-Mobile’s e911 service, which allows emergency personnel to locate highway travelers calling on non-GPS cell phones.

Nowadays, more people are looking at the idea of determining the location of a wireless computer user based on his proximity to wireless access points. Again, many applications are not security-related; see, for instance, Newbury Networks’ Digital Docent product, which delivers information to museum visitors based on the kiosk or display they’re closest to. But security services and benefits can just as easily piggyback on this kind of technology, a fact that Newbury exploits with other products called WiFi Workplace and WiFi Watchdog. Location-based wireless security products can be used, for example, to detect the presence of a wardriver on your network by locating his connection in the parking lot outside your headquarters. They can also alert security staff to the presence and location of vulnerabilities on the network itself.

Ekahau, a U.S.-based company with a Mayan name and Finnish technology, has created an engine for determining wireless user location. The technology was developed at the University of Helsinki. Ekahau’s technology is primarily not for purchase by end users but is built into other company’s products.

For a good noncommercial exposition of some of the technical hurdles and solutions in this arena, researchers at Rice University have posted a paper worth reading. For the link to it, visit

CSO has previously explored the use of voice over wireless IP technology to advance the security agenda. (To read more on VoIP, see “Voice of Reason,” March 2005.) CSOs may want to keep an eye on future developments in all location-based wireless products. The potential for upgrading security, while simultaneously delivering valuable business or consumer services, is high.