中英文文献翻译无线安全.docx
《中英文文献翻译无线安全.docx》由会员分享,可在线阅读,更多相关《中英文文献翻译无线安全.docx(10页珍藏版)》请在冰豆网上搜索。
![中英文文献翻译无线安全.docx](https://file1.bdocx.com/fileroot1/2022-10/9/7949668f-af4d-401c-a397-9ce51dff40e4/7949668f-af4d-401c-a397-9ce51dff40e41.gif)
中英文文献翻译无线安全
英文原文
WirelessSecurity
RichardBarber
RichardBarber,grouptechnicaladvisorofArticon-Integralislooks,attheevolutionoftele-and
data-communicationssystemsandassessesthepotentialadvantagesformobilesecurityofferedby
technologieslikeBluetooth
Security
Today'swirelessworldmeansthatdataisbeingsent,amongus,invisiblyfromdevicetodevice,countrytocountry,persontoperson. Thisdata,intheformofe-mails,photos,contactsandaddressesarepreciousandprivatetoeachofus. Thisprivateinformation,nolongermakingitswayalongwiresinplainsight,needstobesentsecurelytoitsintendedrecipientwithoutinterception. Wirelessstandardstheworldoverareevolvingandhavevariousformatsfordealingwiththesecurityissuesofitsusers. Bluetoothwirelesstechnologyisnoexception.
Bluetoothwirelesstechnologyhas,fromitsinception,putgreatemphasisonwirelesssecuritysothatusersofthisglobalstandardcanfeelsecurewhilemakingtheirconnections. TheBluetoothSpecialInterestGroup(SIG),madeupofover4000membermanufacturers,hasaBluetoothsecurityexpertsgroupmadeupofengineersfromitsmembercompanieswhoprovidecriticalsecurityinformationandfeedbackthatistakenintoaccount
astheBluetoothwirelessspecificationevolves.
ProductdevelopersthatuseBluetoothwirelesstechnologyintheirproductshaveseveraloptionsforimplementingsecurity. TherearethreemodesofsecurityforBluetoothaccess
betweentwodevices.
SecurityMode1:
non-secure
SecurityMode2:
servicelevelenforcedsecurity
SecurityMode3:
linklevelenforcedsecurity
Themanufacturerofeachproductdeterminesthesesecuritymodes. Devicesandservicesalsohavedifferentsecuritylevels. Fordevices,therearetwolevels:
"trusteddevice"and"untrusteddevice."Atrusteddevice,havingbeenpairedwithone'sotherdevice,hasunrestrictedaccesstoallservices.Withregardtoservices,threesecuritylevelsaredefined:
servicesthatrequireauthorizationandauthentication,servicesthatrequireauthenticationonlyandservicesthatareopentoalldevices.
Lately,confusionandmisinformationsurroundingsecurityandBluetoothwirelesstechnologyhasincreased. Thecurrentsecurityissuestypicallyinvolvemobilephones. Howtheseissuesapplytootherclassesofdevicesisimportantandisoftennotaddressed. TheencryptionalgorithmintheBluetoothspecificationsissecure.ThisincludesdevicessuchasmiceandkeyboardsconnectingtoaPC,amobilephonesynchronizingwithaPC,andaPDAusingamobilephoneasamodemtonamejustafewofthemanyusecases.
Caseswheredatahasbeencompromisedonmobilephonesaretheresultofimplementationissuesonthatplatform. TheBluetoothSIGdiligentlyworkswithourmemberstoinvestigateanyissuesthatarereportedtounderstandtherootcauseoftheissue.Ifitisaspecificationissue,weworkwiththemembershiptogetpatchesoutandensurefuturedevicesdon'tsufferfromthesamevulnerability.Thisisanon-goingprocess.Therecentlyreportedissuesofadvanced"hackers"gainingaccesstoinformationstoredonselectmobilephonesusingBluetoothfunctionalityareduetoincorrectimplementation.Thenamesbluesnarfingandbluebugginghavebeengiventothesemethodsofillegalandimproperaccesstoinformation.Thequestionsandanswersbelowprovideuserswithmoreinformationaboutthesecurrentissuesandwilladdresstheirconcernsfordealingwiththesesecurityrisks.
Whatisbluejacking?
BluejackingallowsphoneuserstosendbusinesscardsanonymouslyusingBluetoothwirelesstechnology.BluejackingdoesNOTinvolvetheremovaloralterationofanydatafromthedevice.Thesebusinesscardsoftenhaveacleverorflirtatiousmessageratherthanthetypicalnameandphonenumber.Bluejackersoftenlookforthereceivingphonetopingortheusertoreact.Theythensendanother,morepersonalmessagetothatdevice.Onceagain,inordertocarryoutabluejacking,thesendingandreceivingdevicesmustbewithin10metersofoneanother.Phoneownerswhoreceivebluejackmessagesshouldrefusetoaddthecontactstotheiraddressbook.Devicesthataresetinnon-discoverablemodearenotsusceptibletobluejacking.
Whatisbluebugging?
BluebuggingallowsskilledindividualstoaccessthemobilephonecommandsusingBluetoothwirelesstechnologywithoutnotifyingoralertingthephone’suser.Thisvulnerabilityallowsthehackertoinitiatephonecalls,sendandreceivetextmessages,readandwritephonebookcontacts,eavesdroponphoneconversations,andconnecttotheInternet.Aswithalltheattacks,withoutspecializedequipment,thehackermustbewithina10meterrangeofthephone.Thisisaseparatevulnerabilityfrombluesnarfinganddoesnotaffectallofthesamephonesasbluesnarfing.
Whatisbluesna