Chad Wilson typedeaf at yahoo.com
Fri Mar 14 18:43:43 CDT 2014

Both 802.15 (Zigbee) and 802.16 (WiMAX) implement security at the data link layer. 

If you search for "802.16 security", or follow the link I included previously, I think you will find it interesting to see how much security is implemented. e.g. It uses PKI and X.509!

Even more interesting is to see that even with a dozen security mechanisms, its still full of vulnerabilities. 

Security is not limited to higher layer protocols. Security is only limited to implementation. In the case of WiMAX a ton of security mechanisms were thrown at it, but it just was not implemented well. 

The person speaking to WiMAX was stating that the reason WiMAX is insecure is due to A) the only security mechanism is whether the MAC is present in a database of valid customers and B) security could not be implemented at the MAC layer. Neither of those statements are true. The reason WiMAX is insecure is due to a poor security implementation at the MAC layer. 

If you wanted to, you could add a layer of security to RS-232 by cramming some more information in the headers and modifying the device drivers to use your new RS-232-Secure protocol. 

 From: Bryan Beicker <bryan at beicker.com>
To: The San Antonio Linux User's Group Mailing List <satlug at satlug.org> 
Sent: Friday, March 14, 2014 1:06 PM
Subject: Re: [SATLUG] WiMAX MAC Security

His main point was that in formal Formal Computer Science education, one comes across the OSI model:


Of course, nobody really uses OSI, real world people use the defacto TCP/IP model:


Both layers have a "Link Layer", a low hardware level layer where things like MAC addresses are handled.

Both layers place TLS encryption in a higher level layer.

Both models are educational models and don't always fit real-world implementations perfectly.
-- _______________________________________________
SATLUG mailing list
SATLUG at satlug.org
http://alamo.satlug.org/mailman/listinfo/satlug to manage/unsubscribe
Powered by Rackspace (www.rackspace.com)

More information about the SATLUG mailing list