802.11i (How we got here and where are we headed)

This paper will focus on the current IEEE1 802.11i standard and the components that comprise the standard. It will show how the standard ensures the integrity of the CIA triad in an effort to restore confidence in corporate WLANs. The Confidentiality, Integrity, and Availability triad is often taken for granted, but it is the criteria that any security infrastructure should meet. I believe that corporate WLAN implementations have been curtailed due to the lack of a truly secure standard. Perhaps a better word than curtailed is underutilized. I believe corporations have found a place for WLANs, but due to their lack of standardized and reliable security, they are not being used to their fullest potential. While some work has been done to remediate some of the shortcomings of WEP by both individual vendors and the Wi-Fi Alliance2, the IEEE has responded to the need for a formal standard. The committee has taken 'best-of-breed' authentication encryption and authorization standards and has combined them to create what are to be called Robust Secure Networks or RSNs. The implementation recommendations in this paper will focus on enterprise implementations of the 802.11i standard while looking into the past deficiencies of WLAN security and attempts to remediate them.