The Research Of Strengthening WLAN Security With Certificates

With the rapid growth of WLAN,and the advantage for installation and usage, WLAN has been widely used in corporations,offices,horne,airports,hospaitals ,or those environments for dealing with emergency envens such as direct a battle and rush to deal with an emergency .As the Wired LAN is not suitable for use. Howere opening wireless transmission brings some security problems for WLAN. Such those data is easily wiretapped , intercepted and modified. Especially the equipement of WLAN is easily suffering from the Denial of Service attack and illegal replacement attack.In this paper I systematically introduce the architecture and work mode of WLAN .Such as Ad Hoc Mode and Infrastructure Mode .I also compaire the security vulnerabilities of WLAN with the security vulnerabilities of Wired LAN , and classify the security vulnerabilities . In my paper I systematically introduce the solutions for security problems of WLAN .Those solutions can be classified no-cipher solutions and cipher solutions roughly. In no-cipher solutions I will introduce Frequency-Hopping Spread Spectrum,and Direct-Sequence Spread Spectrum , SSID Authentication , ACL technologies. And in cipher solution,I will introduce WEP, Wi-Fi Protected Access, and especially pay attention to 802.11i and our WAPI. As to 802.11i I will introduce the main cipher algorithm used in this solution,and the process of its authentication, especially the process of RSNA. I also analyse the security of 802.11i and point out the advantage and disadvantage of the solution. And I also pay a lot of attention to another WLAN solution that is WAPI. I will explicitly introduce the data frame used in WAPI,the process of authentication,and finally point out some disadvantages and give some solutions to reinforce the solution.The experience of scientific research during my graduate study such as: participate in the development of physical isolation card of Shan Dong Zhong Fu,and implement the technology of physical isolation; participate in the development of the Inner network surveillance system,and implement the technology to stop unregistered PC from connecting the network; take charge in the development of private API of Shan Dong Zhong Fu USBKEY,and implement the major cipher algorithm ,such as RSA,TDES,SHA1,MD5 etc; participate in the development of Shan Dong Zhong Fu Authentication System,and implement the major function of CA; participate in the integration of Zhong Fu USBKEY and Shan Dong CA ,and implement the CSP and CSP tools; take charge in the implement of Smart IC card and Smart Cipher Key API.