中英文文献翻译无线安全.docx

中英文文献翻译无线安全.docx

《中英文文献翻译无线安全.docx》由会员分享，可在线阅读，更多相关《中英文文献翻译无线安全.docx（10页珍藏版）》请在冰豆网上搜索。

中英文文献翻译无线安全

英文原文

WirelessSecurity

RichardBarber

RichardBarber,grouptechnicaladvisorofArticon-Integralislooks,attheevolutionoftele-and

data-communicationssystemsandassessesthepotentialadvantagesformobilesecurityofferedby

technologieslikeBluetooth

Security

Today'swirelessworldmeansthatdataisbeingsent,amongus,invisiblyfromdevicetodevice,countrytocountry,persontoperson. Thisdata,intheformofe-mails,photos,contactsandaddressesarepreciousandprivatetoeachofus. Thisprivateinformation,nolongermakingitswayalongwiresinplainsight,needstobesentsecurelytoitsintendedrecipientwithoutinterception. Wirelessstandardstheworldoverareevolvingandhavevariousformatsfordealingwiththesecurityissuesofitsusers. Bluetoothwirelesstechnologyisnoexception.

Bluetoothwirelesstechnologyhas,fromitsinception,putgreatemphasisonwirelesssecuritysothatusersofthisglobalstandardcanfeelsecurewhilemakingtheirconnections. TheBluetoothSpecialInterestGroup（SIG）,madeupofover4000membermanufacturers,hasaBluetoothsecurityexpertsgroupmadeupofengineersfromitsmembercompanieswhoprovidecriticalsecurityinformationandfeedbackthatistakenintoaccount

astheBluetoothwirelessspecificationevolves.

ProductdevelopersthatuseBluetoothwirelesstechnologyintheirproductshaveseveraloptionsforimplementingsecurity. TherearethreemodesofsecurityforBluetoothaccess

betweentwodevices.

        SecurityMode1:

non-secure

        SecurityMode2:

servicelevelenforcedsecurity

        SecurityMode3:

linklevelenforcedsecurity

Themanufacturerofeachproductdeterminesthesesecuritymodes. Devicesandservicesalsohavedifferentsecuritylevels. Fordevices,therearetwolevels:

"trusteddevice"and"untrusteddevice."Atrusteddevice,havingbeenpairedwithone'sotherdevice,hasunrestrictedaccesstoallservices.Withregardtoservices,threesecuritylevelsaredefined:

servicesthatrequireauthorizationandauthentication,servicesthatrequireauthenticationonlyandservicesthatareopentoalldevices.

Lately,confusionandmisinformationsurroundingsecurityandBluetoothwirelesstechnologyhasincreased. Thecurrentsecurityissuestypicallyinvolvemobilephones. Howtheseissuesapplytootherclassesofdevicesisimportantandisoftennotaddressed. TheencryptionalgorithmintheBluetoothspecificationsissecure.ThisincludesdevicessuchasmiceandkeyboardsconnectingtoaPC,amobilephonesynchronizingwithaPC,andaPDAusingamobilephoneasamodemtonamejustafewofthemanyusecases.

Caseswheredatahasbeencompromisedonmobilephonesaretheresultofimplementationissuesonthatplatform. TheBluetoothSIGdiligentlyworkswithourmemberstoinvestigateanyissuesthatarereportedtounderstandtherootcauseoftheissue.Ifitisaspecificationissue,weworkwiththemembershiptogetpatchesoutandensurefuturedevicesdon'tsufferfromthesamevulnerability.Thisisanon-goingprocess.Therecentlyreportedissuesofadvanced"hackers"gainingaccesstoinformationstoredonselectmobilephonesusingBluetoothfunctionalityareduetoincorrectimplementation.Thenamesbluesnarfingandbluebugginghavebeengiventothesemethodsofillegalandimproperaccesstoinformation.Thequestionsandanswersbelowprovideuserswithmoreinformationaboutthesecurrentissuesandwilladdresstheirconcernsfordealingwiththesesecurityrisks.

Whatisbluejacking?

BluejackingallowsphoneuserstosendbusinesscardsanonymouslyusingBluetoothwirelesstechnology.BluejackingdoesNOTinvolvetheremovaloralterationofanydatafromthedevice.Thesebusinesscardsoftenhaveacleverorflirtatiousmessageratherthanthetypicalnameandphonenumber.Bluejackersoftenlookforthereceivingphonetopingortheusertoreact.Theythensendanother,morepersonalmessagetothatdevice.Onceagain,inordertocarryoutabluejacking,thesendingandreceivingdevicesmustbewithin10metersofoneanother.Phoneownerswhoreceivebluejackmessagesshouldrefusetoaddthecontactstotheiraddressbook.Devicesthataresetinnon-discoverablemodearenotsusceptibletobluejacking.

Whatisbluebugging?

BluebuggingallowsskilledindividualstoaccessthemobilephonecommandsusingBluetoothwirelesstechnologywithoutnotifyingoralertingthephone’suser.Thisvulnerabilityallowsthehackertoinitiatephonecalls,sendandreceivetextmessages,readandwritephonebookcontacts,eavesdroponphoneconversations,andconnecttotheInternet.Aswithalltheattacks,withoutspecializedequipment,thehackermustbewithina10meterrangeofthephone.Thisisaseparatevulnerabilityfrombluesnarfinganddoesnotaffectallofthesamephonesasbluesnarfing.

Whatisbluesna