TM255

Communication and

Arab Open University - Fall 2022

information technologies
Block 1 - Part 3
Wireless Local Area Networks
1
• A LAN (Local Area Network) is a term usually used to describe a
network that provides access to services and applications within a
common organisational structure or a limited geographical area.
• A LAN can exist to support a few users with a single, small network,
such as might be found in a small office or home environment.
• It can also exist to support hundreds of users situated in different
buildings in a large organisation.
• Originally all LANs were wired, with computers connected to each
other, servers and other networks using cables and networking
equipment such as switches and routers.

Arab Open University - Fall 2022

• Wireless Local Area Networks (wireless LANs or WLAN) – also
known as Wi-Fi.
• Wireless LANs are one type of wireless network that use the radio
signals as the communication medium instead of wires.
• Wireless LANs are available for use in many public areas, such as
airports, train stations and shopping centres. They are used
extensively in the workplace and increasingly in the home. 2
 3.2 Wireless LANs and Wi-Fi

Arab Open University - Fall 2022

3
Activity 3.4
Make a list of some situations or applications where a wireless LAN could be
more effective than a wired LAN.
A wireless LAN enables:
• computing devices around the home to be connected quickly and conveniently.
• Greater flexibility in an office environment, where costs associated with office
changes and furniture reorganisations can be minimised.
• Medical staff with tablet or laptop computers to update central patient
information instantly.
• Businesses, such as a hotel or cafe, to provide temporary and hassle-free
internet connection for customers.

Arab Open University - Fall 2022

• Schools, colleges and universities to provide easy access to information and
learning material in a variety of environments.
• The installation of a cost-effective network infrastructure for older buildings
where laying wires is physically difficult and therefore expensive
• Exhibitions and trade show organisers to provide temporary internet access to
visitors.
• Shop or warehouse workers to remain mobile while exchanging information
with a database.
• People in the workplace in meetings or at conferences to remain connected to 4
information needed to make decisions.
3.2.1 Wi-Fi standards
• Wireless LANs conform to a set of standards with the generic
name of Wi-Fi.
• Wi-Fi standards are specified by the Institute of Electrical and
Electronics Engineers (IEEE) and known as the IEEE 802.11
family of standards for wireless LANs.
• Ethernet is used interchangeably with IEEE 802.3 (the IEEE

Arab Open University - Fall 2022

family of standards that define wired LANs).
• There are many similarities between the 802.11 and 802.3
families of standards
• Both of them are based on a layered architecture model.
• Both standards are designed to perform a broadly similar task 
getting data across a network (although by different types of
communication link). 5
3.2.1 Wi-Fi standards
Activity 3.6
• In the context of network communications, what is a standard?
Why standards, such as the IEEE 802.11 standards, are
important in communications networks?
• A standard is a formal document containing an agreed norm

Arab Open University - Fall 2022

(‫ ) ا لمعيار‬or requirement.
• It establishes methods, criteria, processes and practices relating to
a specified technology.
• Standards are important because they enable different companies,
such as equipment manufacturers, to produce items that, if
compatible with an agreed standard, will work in conjunction
(‫ مقترن‬،‫ )متزامن‬with other items following the same standard.
Therefore, the items are interoperable! 6
• Standards, therefore, also encourage innovation (‫)ابتكار‬.
3.2.1 Wi-Fi standards
• Transmission on most radio frequencies is strictly controlled by
governments who license their use
• There are, however, some bands of frequencies, known as the
ISM bands, which are licencefree  known as the 2.4 GHz band
and the 5 GHz band specified for wireless LAN use in the 802.11
standards.

Arab Open University - Fall 2022

• 2.4 GHz and 5 GHz are abbreviations term ‘band’ implies a
range of frequencies
• 2.4 GHz ISM band runs from 2.4 GHz to 2.4835 GHz
• 5 GHz band runs from 5.15 GHz to 5.85 GHz
• It’s important to appreciate that some governments don’t allocate
all of the frequencies in the ISM bands
• Governments may also impose limits on maximum power output 7
allowed when transmitting on some ISM frequencies
 Arab Open University - Fall 2022
8
3.2.1 Wi-Fi standards
• 802.11n could use either the 5 GHz or the 2.4 GHz band and was the first standard to
use MIMO, which stands for multiple-input, multiple-output. MIMO is a technique of
using multiple antennas at the transmitter and receiver to increase data rates.
• By 2013, 802.11ac products were becoming available, which used more antennas to
exploit MIMO further. With an update known as ‘Wave 2’, 802.11ac increased channel
sizes up to 160 MHz – four times the maximum channel size of 802.11n.
( ‫ ) ا لّتحا ل‬describes itself as a global, non-profit industry association
• The Wi-Fi Alliance ‫ف‬
with over 300 companies as members (Wi-Fi Alliance, 2009a).
• It was formed to address the problem of incompatibility between products produced
by different manufacturers, some of which did not fully implement 802.11, while

Arab Open University - Fall 2022

others included proprietary (‫ )ا لملكية‬extensions.
• Wi-Fi Stands for “Wireless Fidelity”
Activity 3.7
Table 3.1 shows that 802.11a achieved a data rate in the 5 GHz band that is almost five times that
achieved by 802.11b in the 2.4 GHz band. Can you identify any possible factors for this?
• One factor is that the 5 GHz band (5.15 GHz to 5.85 GHz) has a total bandwidth of 700 MHz –
although not all of this is available for Wi-Fi. The 2.4 GHz band (2.4 GHz to 2.4835 GHz) has a total
bandwidth of 83.5 MHz, so it is much less. Higher data rates are expected where more spectrum is
available.
• 5 GHz is roughly twice the frequency of 2.4 GHz. Higher frequencies are generally able to carry 9
data at a faster rate than lower frequencies can.
• Also 802.11a used a different modulation and multiplexing scheme to 802.11b.
3.2.1 Wi-Fi standards
• Modulation and multiplexing determine how data is superimposed onto a radio carrier and how
resource is shared between users.
• While earlier standards typically used modulation schemes up to 64- QAM, as signal processing
capabilities have increased, more recent standards specify up to 256-QAM or even 1024-QAM. 64-
QAM can carry 6 bits per symbol.
• From Table 3.2 you can see that the latest Wi-Fi standards all use OFDM or orthogonal frequency
division multiplexing, whereas early Wi-Fi used DSSS, which stands for direct sequence spread
spectrum.
• OFDM is a form of FDM – where many signals are multiplexed over different frequencies.
• DSSS on the other hand involves using a single, very wide bandwidth. So, the two techniques are
very different. OFDM has become popular, both in Wi-Fi and mobile networks.

Arab Open University - Fall 2022

10
3.2.2 WLAN configuration
• End-user devices access a wireless network using small
transmitter/ receiver units  described as wireless LAN
adapters or sometimes wireless network interface cards
(wireless NICs) and are analogous to the network adapter
cards (NICs) required to connect to a wired LAN.

Arab Open University - Fall 2022

• They provide the interface between the device and the
network.
• Wireless LAN adapters are fully integrated in most notebook
computers, as they are in many personal digital assistants
(PDAs) and smartphones, but they are also available as PCI
cards and USB devices, which are systems for computer
connectivity. Desktop computers may have integrated systems,
11
or an additional PCI card adapter can be fitted.
 3.2.2 WLAN configuration
• End-point devices in a wireless network are often referred to as nodes or
stations
• There are two basic configurations for a wireless network.
• The first and simplest is an independent network known as an ad hoc or peer-
to-peer network. Also, sometimes referred to as a WANET or MANET (wireless
or mobile adhoc network)
• Ad-hoc network is decentralised, which means it doesn’t rely on a central
device to manage the network. Each node in the network needs a wireless

Arab Open University - Fall 2022

network adapter but no further equipment is needed. When two or more
wireless nodes are within range, they can set up an ad hoc network.
• Ad hoc networks aren’t used much and
generally wouldn’t be thought of as
wireless LANs, but occasionally
connecting to another person’s
notebook computer to swap files for
example can be useful.
• An advantage of an ad hoc network is 12
that usually it doesn’t need any
administration or preconfiguration.
3.2.2 WLAN configuration
• The second basic wireless network configuration is one that is used as an
extension to a wired network, and is usually situated within a building or a
communal area such as a university campus  known as an infrastructure
network.
• This is the type that most people are familiar with and use on a day-to-day
basis, whether as an extension to a wired network, home network or as a
hot spot for mobile devices to connect to the internet.

Arab Open University - Fall 2022

13
3.2.2 WLAN configuration
• The main component of this type of network is a
transmitter/receiver unit called an access point (AP) or
sometimes a wireless access point (WAP).
• The AP connects to a router, which in turn connects to a wired
LAN or to a broadband connection. For small office and home

Arab Open University - Fall 2022

networks it’s common for the AP and the router to be housed
together in a single unit.
• The AP forms part of the wired network infrastructure and is
not mobile(‫)متحرك‬. Its purpose is to receive, buffer (store for a
short time) and transmit data between one wireless device
and another or between a wireless device and the wired
network. To perform these functions it also has to control
14
wireless network traffic in the immediate area.
3.2.2 WLAN configuration
• Wireless LANs in larger organisations may use several APs to
cover a larger area, though APs within range of each other
must be set to use different frequencies or channels so that
they don’t interfere with each other
• A moving wireless node is associated with a single AP at any

Arab Open University - Fall 2022

one time. AP areas overlap to allow continuous
communication as the node is moving. The node will always
try to communicate with the AP producing the strongest
signal, so as the user moves close to the boundary of two or
more APs there is a transition to the AP with the strongest
signal.

15
3.2.3 Transmission channels
• 802.11 specifies the 2.4 GHz
band in terms of 14 channels,
identified in terms of their
central frequency.
• For each channel, the

Arab Open University - Fall 2022

difference between their
highest and lowest frequency
(this is their bandwidth (‫عرض‬
‫ )ا لنطاقا لترددي‬is also specified.
• In the 802.11b standard this
is 22 MHz (0.022 GHz)
• In the 802.11g standard this
is 20 MHz (0.020 GHz) 16
3.2.3 Transmission channels
• With a 20 MHz bandwidth, this means that each channel occupies a band of
frequencies lying from 10 MHz (0.01 GHz) below to 10 MHz above its central
frequency.
• For example, channel 1 occupies the band of frequencies lying between
2.402 and 2.422 GHz.
Activity 3.10
Looking back at the Table, what is the band of frequencies occupied by
(a) channel 3

Arab Open University - Fall 2022

(b) channel 5?
What problem would arise if one Wi-Fi network transmitting on channel 3 was
within range of another Wi-Fi network transmitting on channel 5?
(a) Channel 3 occupies the band of frequencies from 2.412 to 2.432 GHz.
(b) Channel 5 occupies the band of frequencies from 2.422 to 2.442 GHz.
Problem : Some of the frequencies used by channel 3 are also used by channel
5. This means that if these channels are used within range of each other the
signals would interfere. 17
3.2.3 Transmission channels
• Even in situations where all 14 channels are available for use,
it is not possible to transmit signals simultaneously in the
same vicinity on all channels
• Solution: In fact, the 802.11b and g standards specify a 25
MHz separation between centre frequencies of collocated
channels. (In this context the term collocated means being

Arab Open University - Fall 2022

within radio range of each other.)
• This provides a 5 MHz frequency gap known as a guard band
to prevent interference.
• Note: Different countries allocate the channels in different
ways.

18
3.2.3 Transmission channels
• Figure below illustrates the 5 MHz guard band lying between
the frequency bands of channel 3 and channel 8.

Arab Open University - Fall 2022

19
3.2.3 Transmission channels
• The maximum number of collocated channels in the 2.4
GHz band is three.

20
3.2.3 Transmission channels
Activity 3.11
While setting up a wireless 802.11g wireless network (in the UK)
you note that another nearby network AP is set to use channel
11.
(a) Which of the other channel would be the best choice for your
new network?

Arab Open University - Fall 2022

There must be a 5 MHz guard band between channels, so only
those channels that use frequencies below 2.447 GHz could be
used. Channels 1 to 6 satisfy the required conditions.
(b) What is the maximum number of non-overlapping channels
available in the UK? (the 2.4 GHz ISM band runs from 2.4 to
2.4835 GHz)
This ISM band has a bandwidth of 83.5 MHz. This is sufficient to 21
accommodate no more than 3 separate channels with centres
separated by 25 MHz.
3.2.3 Transmission channels
• The method of channel allocation in the 5 GHz band is
broadly similar to that described for the 2.4 GHz band,
but the much wider frequency spectrum of the 5 GHz
band results in a much greater number of non-
overlapping channels – up to a maximum of 25.
• Again, it’s important to note that the actual number of

Arab Open University - Fall 2022

non-overlapping channels available will depend on a
country’s regulatory policy.
• We refer to the 5 GHz spectrum as being less crowded
than the 2.4 GHz spectrum, This is because the 2.4 GHz
spectrum has been used for longer and by many different
radio systems. Older Wi-Fi networks, cordless phones, 22
Bluetooth devices, baby monitors and car alarms can
operate at 2.4 GHz and can cause interference.
3.3 Sharing the Transmission

Arab Open University - Fall 2022

Medium

23
3.3.1 Access control in wired and
wireless networks
• All LANs require mechanisms that define how a node makes a
connection to the network and how network resources are allocated
in a fair and orderly way.
• The two types of media access control are:
1. Control-based
2. Contention-based.

Arab Open University - Fall 2022

• In control-based media access each device is given its own scheduled
time slot for placing data on the network, so all the network devices
take turns. This is inefficient because some devices may not have data
to transmit, while those that do have to wait for their turn.
• In contention-based media access any device can attempt to place
data on the network at any time. This is more efficient as it means a
device does not have to wait its turn. However, there is the possibility
that two or more devices attempt to place data on the network at the
24
same time in which case a ‘collision’ occurs. In practice the data from
the two devices doesn’t collide but instead becomes corrupted.
3.3.1 Access control in wired and
wireless networks
• Types of contention-based media access control that take different
approaches in dealing with collisions: CSMA/CD and CSMA/CA.
• Carrier sense multiple access with collision detection (CSMA/CD)
• operates by taking action once devices have placed data on the network.
• a node continues to sense the medium while it is transmitting and it
immediately stops transmitting and sends a jamming signal if it detects
signals from another node.

Arab Open University - Fall 2022

• CSMA/CD was commonly used in wired Ethernet networks where devices
shared the same medium (the same cable),
• this no longer needed now that wired LANs use switches to connect
devices and effectively reduce the traffic on one network section to that
to and from a single device.
• In networks using the CSMA/CD, a node needs to be able to continue
sensing the medium while it is transmitting. However, it is difficult and
expensive to produce wireless LAN devices that can do this because 25
they would need to transmit and receive at the same time and,
therefore, have separate transmit and receive antennas and circuitry.
Instead, 802.11 uses CSMA/CA, which works to avoid collisions occurring.
3.3.1 Access control in wired and
wireless networks
• Assume that the node is fitted with a suitable wireless
network adapter and that it has been authorised to use
the network following a user identifier and a password
request. The process of connecting to an AP is as follows:
1. When a device is switched on it scans the area at regular

Arab Open University - Fall 2022

intervals to look for an AP to connect to. It does this by
sending out special packets of information called probe
request frames.
2. It then waits for a response to its probe. This is returned
in the form of a probe response frame. If more than one
AP responds, the device will connect to the one with the
26
strongest signal.
3.3.1 Access control in wired and
wireless networks
How network resources are allocated?
• Wi-Fi networks use a contention-based media access method called carrier sense
multiple access with collision avoidance (CSMA/CA), it works to avoid collisions
occurring.
• The following is an explanation of the process:
1. When a node wants to send a packet, it checks to see if the channel is clear; in other
words, that no other transmission is taking place. (This is the ‘carrier sense’ part of the
protocol.)

Arab Open University - Fall 2022

a) If the channel is clear for a specified period of time, the data frame is sent
immediately.
b) If the channel is not clear, the sending node waits for a random time called the
backoff and then checks again to see if the channel is clear.
1) If the channel is clear after the backoff, the device transmits the data packet.
2) If the channel is still not clear, the backoff random delay is set again and the
process is repeated until the channel is clear (this is the ‘collision avoidance’
part of the protocol).
2. Finally, the receiving device sends an acknowledge (ACK) frame if the data is received 27
without error. The acknowledgement indicates that no ‘collision’ has taken place.
3. If the sending device fails to receive the ACK frame, then the whole process is
repeated.
3.3.1 Access control in wired
and wireless networks
• This version of CSMA/CA works well in wireless networks
where all transmitting devices are in range of one other,
but problems can arise in networks where nodes are
situated on the boundary of the network coverage.
• These nodes are in range of the AP but not within range

Arab Open University - Fall 2022

of the distant nodes and so cannot ‘hear’ each other.
• In these circumstances, a node sensing the channel may
judge it to be clear when in fact it isn’t. (This is known as
the ‘hidden node’ problem.)

28
3.3.1 Access control in wired and
wireless networks
• Nodes A, B and C are all in range of the AP. Nodes A and B can hear
each other, as can B and C. But A and C cannot hear each other and
therefore there is the risk both will start transmitting at the same
time.

Arab Open University - Fall 2022

29
3.3.1 Access control in wired
and wireless networks
• In these cases 802.11 defines an optional extra stage to the
CSMA/CA protocol.
• When this option is implemented, the node sends a small
information frame called a request to send (RTS).
• This contains information about the data to be sent, such as its

Arab Open University - Fall 2022

source and destination.
• The AP responds with a clear to send (CTS) frame if the
channel is clear.
• On receipt of the CTS frame, the node sends the data packet.
• When this is received the AP sends an ACK frame as
confirmation.
• If the sending device fails to receive an ACK frame, it repeats 30
the process until an ACK is received.
3.3.1 Access control in wired and wireless networks

Arab Open University - Fall 2022

31
3.3.2 Segmentation of data
• If a long message were to be transmitted in a single stream
across a network it would mean that no other messages could
be carried for the duration of the transmission.
• This would result in significant delays for other network users.
• It would also mean that the entire message would have to be
re-sent if a failure occurred on the link during transmission.

Arab Open University - Fall 2022

• A solution is to break the message up into multiple small
chunks, known as segments, and to send each segment
separately.
1. Segmentation also increases the reliability of network
communication.
2. If a small segment is lost or corrupted, only that small part
would need to be retransmitted. 32
3.3.2 Segmentation of data
• A data segment is encapsulated with a header (and
sometimes a trailer) giving additional data to enable the
segment to be delivered to its destination.
• This additional data includes the address of the sender
and the recipient, and other network management or
control information.

Arab Open University - Fall 2022

• As the data is passed down from one layer to another,
further layers of encapsulation are added.
• Frames from the wireless LAN must be able to pass easily
into the wired LAN and vice versa.
• Each frame will require at least a destination address so
that the frame can be routed to the correct node, and 33
some sequence control information so that the data
segments can be reconstructed in the correct order.
3.3.2 Segmentation of data
• Nodes need some way of locating an AP and the AP needs
some way of authenticating the node and joining it to the
wireless LAN.
 Therefore, some of the frames sent will be concerned
solely with this process. This is not a requirement in a
wired LAN.

Arab Open University - Fall 2022

• Furthermore, there may be instances where APs attached to
the same wired LAN will need to exchange data.
 In these cases some additional addressing will be required
to identify the AP as well as the source and destination
addresses.

34
3.3.2 Segmentation of data
• 802.11 satisfies the demands by increasing the level of
management and control of the network. The standard
specifies three frame types:
1. Data frames carry application-level data.
2. Management frames manage access to the wired network.

Arab Open University - Fall 2022

3. Control frames assist the delivery of data frames.
Activity 3.13
Earlier in this section you met different frame types for a probe
request, a probe response, RTS, CTS and ACK. Place each of these in
the category of either management frame or control frame.
• Probe request and probe response frames are related to access to
the wireless network and are therefore management frames. 35
• RTS, CTS and ACK frames are related to the delivery of data frames
and are therefore control frames.
3.3.2 Segmentation of data
• Just like the nodes on a wired network, each wireless node is
identified by a MAC address, also known as a physical address.
• The 802.11 frame provides four address fields which can
contain up to four of the following five address types:
1. Basic service set identifier (BSSID) giving the identity of

Arab Open University - Fall 2022

the network associated with a particular AP
2. Destination node address
3. Source node address
4. Receiver AP address
5. Transmitter AP address
• Different address fields are used for different purposes,
depending on the frame type. 36
 3.4 Securing a Wireless LAN

Arab Open University - Fall 2022

37
3.4.1 Vulnerabilities of wireless networks
• The main reason that wireless networks are more vulnerable
than wired networks is the nature of the transmission channel
they use.
• In a wired LAN, access to the network is restricted to those with
physical access to a port into which they can plug a network-
enabled device.
• Wireless networks have no defined boundary, as the radio waves

Arab Open University - Fall 2022

used to carry data travel varying distances.
• The radio transmissions used in wireless LANs are relatively low
in power in comparison with those in other wireless networks,
such as mobile phone networks.
• Wi-Fi equipment has a restricted range but often (depending on
the nature and layout of the building) the radio waves will reach
outside the walls of the building where the equipment is located.
38
Therefore, people who do not have physical access to the building,
whether it is a home or office environment, still may have access
to the network and potentially the data transmitted over it.
3.4.1 Vulnerabilities of wireless networks
• There are commercial hardware
and software detection
methods available that:
• Can be used to check the
security of a wireless network.
• These can also find other
wireless networks available in

Arab Open University - Fall 2022

the local area and be used to
gain illegal access.
• Even without specialist software,
most modern wireless enabled
computers are able to detect
any networks in proximity.
• Open networks, with no
security, can be joined by 39
anyone within range.
 3.4.1 Vulnerabilities of wireless networks
• The range of private wireless networks can extend well
beyond the intended coverage area. In these cases, if technical
security measures are not applied or weak measures are used,
data is exposed and at risk.
• The main risks and
concerns that wireless
networks face due to

Arab Open University - Fall 2022

their inherent
characteristics are:
1. Unauthorised Use Of
Bandwidth,
2. Eavesdropping
3. Threats To Network
Availability. 40
3.4.1 Vulnerabilities of wireless networks
Unauthorised use of bandwidth
• Finding and connecting to a wireless AP without the permission
of the owner is sometimes known as war driving. In the UK and
some other countries this is illegal.
• Whilst other people using your bandwidth may seem harmless,
unless they are using it to do something illegal or are
eavesdropping on your messages, such use may be detrimental
(‫ ) ض ار‬to performance and in some circumstances may expose

Arab Open University - Fall 2022

(‫كشف ي ع رض‬
، ‫ )ي‬you to additional data charges.
Eavesdropping
• Eavesdropping ‫نصات‬
( ‫ ) ا إل‬is the intercepting (‫ ) ا إلعتراض‬and reading
of information by someone who is not the intended recipient,
and is a very real threat to the privacy of information on a
wireless network.
• At a personal level, information may include emails, a record of
web browsing activities and, more importantly, credit card and 41
personal details when services or goods are purchased over the
internet.
3.4.1 Vulnerabilities of wireless networks
Threats to network availability
• There is a well-known type of attack against networks in
general called a denial of service (DoS) attack.
• Such an attack prevents legitimate users of a network from
accessing services or information, and can be done in many
ways.
• How it may happen? One way is to flood the network with bogus

Arab Open University - Fall 2022

‫زائف‬
( ) messages so that genuine (‫ ) أصيل‬ones are delayed or do not
get through at all.
• DoS attacks result in a reduction in network performance and
sometimes complete network failure. DoS attacks on wireless
LANs can be easier to mount than attacks on a wired LAN, as
physical access to the network isn’t required.
42
3.4.2 Factors influencing the design of wireless
security measures
• Apply rigorous ( ‫ ) ص ارم‬authentication and
encryption procedures to ensure that only the
intended users are accessing the network and
only the intended recipients of messages can
actually read them.

Arab Open University - Fall 2022

• However, there are other factors that affect the
design of the security controls used.

43
3.4.2 Factors influencing the design of wireless
security measures
• Wired networks use security communications protocols to
establish a secure connection or to ensure the security of a
particular message.
• These protocols comprise a series of messages that are
exchanged in order to share authentication and encryption
information. This enables both parties to know that the other
person is actually who they say they are and allows the sender to

Arab Open University - Fall 2022

encrypt messages and the recipient to decrypt them.
• However, these protocols have been designed for wired networks.
They tend to require a large amount of overhead and are not
optimised to work well in networks where high error rates might
be a problem. In other words, they are not well suited to a
wireless environment.
• In addition to this, wireless devices are often battery powered,
and the use of complex protocols is more draining on battery life.
44
3.4.2 Factors influencing the design of wireless
security measures

• Another consideration is that security controls should

not interfere with the way in which a network is
intended to operate and the services it is intended to
offer.
• Measures have to be carefully designed to consider:

Arab Open University - Fall 2022

1. User experience
2. Limitations of the devices
3. Transmission channel
4. Intended use of the network
5. whilst ensuring adequate levels of security are
provided. 45
3.4.3 WLAN Security Measures
• Despite the additional vulnerabilities and restrictions, most
wireless equipment that is sold today has the tools necessary
to provide adequate levels of security, provided it is correctly
set up and configured.
• However, the default (factory) settings often provide
inadequate security provision.

Arab Open University - Fall 2022

• The use of inadequate security measures (or worse still,
neglecting to implement any security measures at all) is one of
the biggest problems in wireless LAN security.

46
3.4.3 WLAN Security Measures
Wired equivalent privacy and Wi-Fi protected access
• WEP is part of the original 802.11 standard and provides an
optional encryption procedure.
• The main aim of WEP was to provide protection against
casual eavesdropping  to make a wireless LAN equivalently
secure to a (non-encrypted) wired LAN.

Arab Open University - Fall 2022

• In addition, it allows access control to be set up so that only
legitimate users can gain access.
• Encryption and access control are achieved by issuing nodes
with a secret key that could be used for authentication with
the AP, and subsequently for data encryption.

47
3.4.3 WLAN Security Measures
• When WEP’s security flaws became apparent, work
began on an amendment (‫ ) ا لّتع ديل‬to the original 802.11
standard to rectify (‫ )ي صحح‬the problems.
• This amendment is 802.11i: it specifies security
mechanisms to replace the authentication and

Arab Open University - Fall 2022

encryption technologies originally offered by WEP.
Wi-Fi protected access (WPA)
• WPA was offered as a quick solution that addressed the
major flaws of WEP.
• WPA can operate on existing hardware and requires only
software updates applied to both the AP and wireless
48
network card installed in the node.
3.4.3 WLAN Security Measures
WPA2
• The full 802.11i solution, or WPA2, required new hardware due to
the use of a completely different encryption mechanism and,
therefore, took longer than WPA to integrate into products.
• It develops and extends the security offerings of WPA and provides
an even higher level of security, including a special ‘government-
grade’ encryption algorithm.
• Most modern wireless network cards and APs offer WEP, WPA

Arab Open University - Fall 2022

and/or WPA2 as options and it is usually just a case of selecting the
correct options and entering a suitable network key.
• WPA’s main weakness however is against brute force attacks.
• A brute force attack is one where a password, or other information
such as a PIN, is obtained through consecutive, high-speed guesses
that try all possible combinations.
• While the encryption algorithm used in WPA2 security has no known
49
weaknesses at the time of writing, WPA2 is also vulnerable to a
brute force attack, although this is mitigated somewhat through the
use of longer passwords.
3.4.3 WLAN Security Measures
802.1x and Enterprise Security
• At personal level, networks offer WPA/WPA2-personal (also called
WPA/WPAPSK) and at organization level offer WPA/WPA2-
enterprise.
• The main difference between personal and enterprise security is the
authentication processes involved.
• WPA/WPA2-personal options are:
• Easier to set Up

Arab Open University - Fall 2022

• Used in most home or simple Wi-Fi networks.
• If you have a home Wi-Fi network, you will probably have an SSID
(Service Set Identifier) and a single password that all users
wanting to access network resources need to use.
• The SSID is the network name and can be changed.

50
3.4.3 WLAN Security Measures
802.1x and Enterprise Security
• Enterprise security uses a separate server to provide authentication
and is more appropriate for business environments where users are
required to have an individual login identifier and password.
• The approach is based on 802.1x, which is another IEEE standard
that defines a centralised authentication protocol for both wired
and wireless LANs.
• 802.1x defines three parties:

Arab Open University - Fall 2022

1. Supplicant – the client or device wishing to access the network
2. Authenticator – in the case of Wi-Fi this is the wireless access
point
3. Authentication server – known as a Remote Authentication Dial-
in User Service (RADIUS) server, which supports the necessary
authentication protocols.
• When a supplicant requests access, the credentials (user identifier
and password) are forwarded by the authenticator to the
51
authentication server for verification. If the authentication server
determines the credentials are valid, the supplicant is allowed
access to the network.
 3.4.3 WLAN Security Measures
Access control lists
• In addition to selecting an appropriate security protocol such as WPA2,
you can add another level of security on a home or small office Wi-Fi
network. This uses the MAC address associated with the wireless
network card of the node that will connect to the AP.
• Every network card (whether wired or wireless) has a unique MAC
address. This can be added to an access control list, allowing only
nodes with those addresses to access the network.

Arab Open University - Fall 2022

• This is obviously restricted to networks that have a relatively small
number of nodes, otherwise it becomes a tedious task and is difficult to
keep up to date.
• The use of an access control list does not make a network impenetrable.
Since techniques, such as MAC spoofing where an attacker can change
the MAC address of a device to match one on the access control list, are
not as complicated as launching an attack on WPA2.
• While an access control list provides an additional layer of security, 52
encryption and authentication through a protocol such as WPA2 is
more important.
3.5 Techniques for Increasing

Arab Open University - Fall 2022

Capacity

53
some of the approaches that have been implemented in recent
Wi-Fi standards to increase the capacity – the maximum data
rate. (802.11n employs the following strategies)
1. Transmission of multiple data streams using a single
channel
2. Channel bonding

Arab Open University - Fall 2022

3. Reduction of management overheads

54
3.5.1 Transmission Of Multiple Data
Streams Using A Single Channel
• APs conforming to the 802.11a, 802.11b and 802.11g
standards used a single transmitter and single receiver and
were known as Single-Input Single-output (SISO).
• When operating at their optimum capability, the channel
capacity of such systems can be increased only by
• increasing the transmit power, which would boost the

Arab Open University - Fall 2022

signal-to-noise ratio (SNR) at the receiver
• or by increasing the bandwidth.
• Government regulation means that neither of these options
were possible at the time these networks were in use.
• 802.11n’s answer was to increase channel capacity through
the use of multiple transmitters and multiple receivers, a
55
technology known as Multiple-Input Multiple-Output
(MIMO).
3.5.1 Transmission Of Multiple Data
Streams Using A Single Channel
• How this is done?
• As you learnt in part 2, some objects can reflect radio waves,
causing a transmitted signal to propagate along multiple
different pathways. This effect is known as spatial ‫ي‬
( ‫ )مكان‬diversity
(‫ )ت نوع‬ multipath fading!
• MIMO turns this effect of spatial diversity to advantage
through the use of multiple antennas at the transmitter, each

Arab Open University - Fall 2022

slightly separated from the other.
• The transmitter divides the data stream between the
antennas, each stream carrying different information, and
transmits them simultaneously over the same channel.
• Each stream takes a slightly different path to the receivers, so
that each fluctuates ‫ب‬ ( ّ‫ ) ي تقل‬and fades ‫بهت‬( ‫ ) ي‬quite
independently from the others. 56
3.5.1 Transmission Of Multiple Data
Streams Using A Single Channel
• This uniqueness enables each stream to be
independently identified by the receivers  Spatial
Multiplexing
• Only a very small antenna separation is needed to
exploit (‫ )ي ستغل‬the effects of spatial diversity.

Arab Open University - Fall 2022

57
3.5.1 Transmission Of Multiple Data
Streams Using A Single Channel
• 802.11n can operate with up to four antennas at the
transmitter and four at the receiver, although the most
common implementations are 2 × 3 (that is, two antennas at
the transmitter and three at the receiver) 3 × 3 and 4 × 4.
• The maximum number of antennas was increased to eight for

Arab Open University - Fall 2022

802.11ac.
• Clearly, to support the transmission of multiple data streams,
both the transmitter and the receiver require multiple
antennas. However, even in cases where there are two
transmitting antennas but only a single receiving antenna,
MIMO technology still offers better performance than earlier
802.11 versions.
58
• An enhanced version of MIMO called multi-user MIMO or
MU-MIMO was introduced to later versions of 802.11ac and
will also feature in 802.11ax.
3.5.2 Channel Bonding
• In Section 3.2 I described the use of 20 MHz channels
separated by 5 MHz guard bands to avoid interference. In the
2.4 GHz band this left room for a maximum of only three non-
overlapping collocated channels but the broader 5 GHz band
offered significantly more.
• 802.11n defined channels of 20 MHz and 40 MHz, the latter
resulting from the ‘bonding’ together of two adjacent 20

Arab Open University - Fall 2022

MHz channels.
• 802.11ac and 802.11ax take this further and define channels
of 80 MHz and 160 MHz. This is known as channel bonding.
• Channel bonding eliminates the need for the guard band
between the bonded channels, therefore releasing
bandwidth and increasing the overall channel capacity.
• Channel bonding is discouraged in the 2.4 GHz band due to 59
the limited number of non-overlapping 20 MHz channels
available.
3.5.2 Channel Bonding
• This technique, however, is much more achievable in the
larger 5 GHz band and has become more popular over recent
years as spectrum regulators have released more 5 GHz
spectrum for Wi-Fi.

Arab Open University - Fall 2022

60
3.5.3 Reduction of Management Overheads

• The administrative data included in each 802.11 frame is

an overhead that eats into the capacity for carrying user
data.
• 802.11n, 802.11ac and 802.11ax, address this by
specifying options for putting multiple frames together

Arab Open University - Fall 2022

as a single transmission with a single overhead.
• This is known as frame aggregation and results in the
further efficiency of fewer potential collisions.
• To take advantage of frame aggregation, a block of
frames destined for a single address must be collected.
This can result in delays while the early frames have to
wait for the later ones before a block is aggregated. 61
3.5.3 Reduction of Management Overheads
• Again, when using the CSMA/CA MAC protocol, each
frame is acknowledged by the receiver on arrival by the
sending of an ACK frame.
• 802.11n specifies a block acknowledgement protocol to
reduce the resulted high consumed bandwidth, where
several frames are acknowledged in a single ACK frame.

Arab Open University - Fall 2022

• A further improvement in efficiency has been to reduce
the size of the ACK frame compared with earlier 802.11
standards.
• Increasing the portion of the frame that is carrying data
by implementing options such as frame aggregation and
block acknowledgements means that a greater
proportion of the maximum data rate can be allocated to 62
actual data to improve throughput.
3.6 Recent Developments in

Arab Open University - Fall 2022

Uses of Wi-Fi

63
• Recent developments in the 802.11 standard are aiming to provide
different services than those we have looked at in this part. For
example:
1. There is an increased demand for providing communications
infrastructures that support the Internet of Things, and the
amendment 802.11ah is one such offering.
2. Another amendment 802.11af, also referred to as White-Fi and
Super Wi-Fi, was ratified in 2014 to define the use of Wi-Fi within
TV white space (TVWS), which is the unused TV spectrum in the

Arab Open University - Fall 2022

VHF and UHF bands. Due to the extended range at these
frequencies, one of its main purposes is seen as having the
potential to provide Wi-Fi to rural and remote areas.
3. 802.11ad, or WiGig, operates in the 60 GHz frequency range (the
millimeter band) for different applications to those in 802.11ac or
802.11ax. For example, fast networking in already dense
deployment environments, where the other bands are heavily
utilised, and ultrafast speeds in the home, such as for home
64
entertainment systems.