NIST Issues Guidance to Secure WiMAXThreats Focus on Compromising Links Between WiMAX Nodes
Special Report 800-127, Guide to Securing WiMAX Wireless Communications, recommends that organizations:
- Develop a robust wireless metropolitan area network security policy and enforce it;
- Assess WiMAX technical countermeasures before implementing a vendor's WiMAX technology;
- Require mutual authentication for WiMAX devices; and
- Implement FIPS-validated encryption algorithms employing FIPS-validated cryptographic modules to protect data communications.
WiMAX technology is largely based on the wireless interface defined in the IEEE 802.16 standard. According to NIST, the original purpose of IEEE 802.16 technology was to provide last-mile broadband wireless access as an alternative to cable, digital subscriber line-, or T1 service. Developments in the IEEE 802.16 standard shifted the technology's focus toward a more cellular-like, mobile architecture to serve a broader market. Today, NIST says, WiMAX technology continues to adapt to market demands and provide enhanced user mobility. SP 800-127 discusses WiMAX wireless communication topologies, components, certifications, security features and related security concerns.
What are the threats to WiMAX? NIST says they focus on compromising the radio links between WiMAX nodes. These radio links support line-of-sight and non-line-of-sight signal propagation. Links from line-of-sight WiMAX systems are generally harder to attack than those from non-line-of-sight systems because an adversary would have to physically locate equipment between the transmitting nodes to compromise the confidentiality or integrity of the wireless link.
WiMAX non-line-of-sight systems provide wireless coverage over large geographic regions, which expands the potential staging areas for clients and adversaries. Like other networking technologies, all WiMAX systems must address threats arising from denial of service attacks, eavesdropping, man-in-the-middle attacks, message modification and resource misappropriation.