WIRELESS TECHNOLOGY WITHIN A MILITARY TREATMENT FACILITY

By

Andrew M Almstrom

A Graduate Research Report Submitted for INSS 690

in Partial Fulfillment of the Requirements of the Degree of
Master of Science in Management Information Systems

Bowie State University

Maryland in Europe
May 2005
 TABLE OF CONTENTS

ABSTRACT……………………………………………………………………….. iv

LIST OF FIGURES………………………………………………………………..v

CHAPTER

I INTRODUCTION…………………………………………………………1

Statement of Problem……………………………………………. 2

Need for the Study……………………………………….. ………2

II REVIEW OF THE LITERATURE………………………………………3

Literature Review………………………………………………….3

WLAN Security Overview……………………………………….. 4

Summary of the Literature………………………………………. 4

III METHODOLOGY………………………………………………………5

Design, Participants, Instruments, and Procedures………….. 5

Assumptions ………………..……………………………………. 5

IV RESULTS, ANALYSIS AND DISCUSSION…………………………6

WLAN Security – Encryption………………..……………………6

WEP…………………………………………….…………..7

WPA……………………………………….………………. 8

WPA2…………………………………….…......………….8

WLAN Security – Physical……………………..…………………9

MAC Filtering……………………….………………….…..9

Closed Network……………………………………………9

Range..……………………………………………………..9

ii
 Rogue Access Points……………………………………..10

Audit Trail…………………………………………………..10

User Training………………………………………………11

HIPPA Compliance………………………………………………..11

V RECOMENDATIONS AND CONCLUSION…………...……….……13

REFERENCES…………………………………………………………………….15

iii
 ABSTRACT

Since the first use of a computer for medical purposes, medical personnel

have been limited by the location of the computer. With the development of

wireless technology it was only a matter of time until it was used within a Military

Treatment Facility (MTF). Being mobile throughout the hospital, with constant

access to critical medical information would increase job quality, efficiency, and

performance. There are, however, some negative aspects; using this technology

within an MTF would be sending unencrypted medical information across open

air radio frequencies for interception by anyone with the right equipment and

knowledge. This is a significant HIPPA violation and cannot be overlooked. For

this reason, strong data encryption must be coupled with multiple layers of

security. Controlling both the area of coverage as well as signal strength is also

needed in order to maintain data integrity. All users of the wireless network will

require training on all aspects of wireless technology, as well as the numerous

security concerns that come with this technology.

iv
 LIST OF FIGURES

FIGURE 1 - Going Wireless………………………………………………… 2

FIGURE 2 - Clustering Security……………………………………………… 6
FIGURE 3 - Level of Security vs. Cost……………………………………. 7

v
 1

CHAPTER ONE

INTRODUCTION

The use of Wireless Technology within a Military Treatment Facility (MTF)

is a rapidly emerging area of growth and importance for boundless access to the
network for medical personnel. They have been limited to the locations of
network connections to access critical medical information. With the use of
wireless technology, these boundaries are taken down and it opens up a new
world of possibilities. With instant access to the information and systems they
need, medical professionals will better serve their patients. This will lead to an
increase in both accuracy and efficiency of hospital operations, which will result
in higher satisfaction levels among patients regarding the healthcare they are
receiving.

Naturally, the use of this technology brings serious concerns that need to
be addressed. Due to the fact that this is such a broad subject, this paper will
focus mainly on the security aspect of implementing wireless security within an
MTF. The implementation of wireless security within a controlled Military facility
requires that certain guidelines and protocols be followed. Because of this, a
large majority of information for this research paper was taken from military
controlled internet sites, regulations, standards and other various outside
agencies.
 2

(Source: Software Technology Support Center, 2005)

[FIGURE 1, Going Wireless by David Coverly]

Statement of the Problem

Within the Military Treatment Facilities medical personnel are controlled by

the technology that is used within the hospital. Due to the fact that current
network infrastructure is limited to a wired network that in turns limits the amount
of medical care given to patients. Due to the security vulnerabilities that go along
with a wireless network many network administrators have been reluctant to
migrate over to wireless. There are some increased risks with implementing this
type of technology but, with proper training and a layered security plan the risks
can be minimal.

Need for Study

Ever effort must be made in order to provide the best, most efficient,
health care possible to the military community. Wireless Technology is still in its
infancy stage and much technological advancement is being developed filed
almost daily. This technology, if understood and controlled, can benefit the
medical community in more ways than one.
 3

CHAPTER TWO

LITERATURE REVIEW

Review of the Literature

The following is a summary of the literature reviewed which provides some

background and information on Wireless Technology. The sources of the
information was collected from the Internet (military and civilian web sites)
Military Regulations and Guidelines

Wireless Technology uses radio frequency (RF) technology to transmit

and receive data over unlicensed spectrum. Wireless Technology used on a
network is called a Wireless Local Area Network (WLAN). WLANs are
implemented as an extension to wired LANs within a building, and can provide
the final few meters of connectivity between a wired network and the mobile user.
With the use of Access Points (APs) they connect to a LAN by means of Ethernet
cable. Usually installed in the ceiling, access points receive, buffer, and transmit
data between the WLAN and the wired network infrastructure. A single access
point supports on average twenty users and has a coverage varying from 20
meters in areas with obstacles (walls, stairways, elevators) and up to 100 meters
in areas with clear line of sight. A building may require several access points to
provide complete coverage and allow users to roam seamlessly between access
points.

The Institute of Electrical and Electronics Engineers (IEEE) have

established the IEEE 802.11 standard, which is the predominant standard for
WLANs. The 802.11 standard refers to a family of specifications developed by
the IEEE for wireless LAN technology. 802.11 specifies an over-the-air interface
between a wireless client and a base station or between two wireless clients.

The main IEEE 802.11 standards are:

The 802.11a standard provides specifications for wireless ATM systems

and is used in access hubs. Networks using 802.11a operate at radio
frequencies between 5.725 GHz and 5.850 GHz. The specification uses a
modulation scheme especially well suited to use in office settings. In 802.11a,
data speeds as high as 54 Mbps are possible.

The 802.11g standard for WLANs that offers transmission over relatively
short distances at up to 54 megabits per second (Mbps. Networks employing
802.11g operate at radio frequencies between 2.400 GHz and 2.4835 GHz. The
 4

802.11g specification employs orthogonal frequency division multiplexing

(OFDM), the modulation scheme used in 802.11a, to obtain higher data speed.

The 802.11i standard for WLANs provides improved encryption for

networks. The 802.11i standard requires new encryption key protocols, known as
Temporal Key Integrity Protocol (TKIP) and Advanced Encryption Standard
(AES). The 802.11i standard was officially ratified by the IEEE in June of 2004,
and thereby became part of the 802.11 family of wireless network specifications.
The 802.11i specification offers a level of security sufficient to satisfy most
government agencies. However, AES requires a dedicated chip, and this may
mean hardware upgrades for most existing Wi-Fi networks.

WLAN Security Overview

There is no way a System Administrator is going to prevent hackers from

detecting the WLANs RF signal. You can control the strength and range of the
signal, but not who is listening. The WLAN signal is transmitted through radio
waves that can be intercepted by anyone that is within range of the signal. The
best you can do is make the contents of the signal unreadable to unauthorized
individuals. In order to do this, a form of data encryption must be used. This is
the first line of defense against would-be hackers.

There are three forms of data encryption in WLAN software; WEP, WPA
and WPA2. Encrypted network traffic will most times deter the average intruder,
but by no means is encryption the final solution. Other forms of security are
needed, such as controlling who is connected to the network, areas of wireless
coverage, as well as users being educated about the security vulnerabilities of
wireless technology.

Summary of the Literature

The information discussed focuses mainly on the security aspect of

implementing wireless technology. The areas discussed are the 802.11 wireless
standards implemented by the Institute of Electrical and Electronics Engineers as
well as the different forms of security such as data encryption and physical
security.
 5

CHAPTER THREE

METHODOLOGY

Design, Participants, Instruments, and Procedures

The report was written focusing on the security aspect of using Wireless
Technology within a MTF. Three main sections are discussed: forms of data
encryption, physical security and HIPPA compliance. The main participant of this
paper was the subject matter expert, Gerald Murphy, who helped narrow the
focus of this paper as well as discuss some of the key security concerns of
Wireless Technology. The main instruments in this paper included both online
and print resources and are listed in the references section of this paper. The
procedures mainly focused on internet queries using multiple search engines and
other online resources.

Research Assumptions

• This paper assumes there is a wired network installed utilizing either fiber
or Cat 5 cable on a Client/Server based network.

• The current network in place is assumed to handle the additional

bandwidth brought on by the wireless network.

• The concern of the radio frequency used to transmit data interfering with
medical equipment will not be discussed within this paper.
 6

CHAPTER FOUR

RESULTS, ANALYSIS AND DISCUSSION OF THE RESEARCH

WLAN Security – Encryption

(Source: Meetinghouse Inc, 2005)

[FIGURE 2, Clustering Security]

Because of the insecurities involved with wireless technology, people are

naturally timid about installing it on their network. WLANs are inherently insecure,
but the more layers of security they have, the less likely they are to be hacked.
With the proper security in place, a wireless network can be as secure, if not
more, than a wired network. The security of the network is only as good as the
technology used and the people using it. Before one can realize the benefits of
wireless communication, implementation of extensive security mechanisms must
be in place to ensure that the traffic passed over the network remains
uncompromised.

There are three main IEEE 802.11X security protocols to discuss when
dealing with WLANs. The first one (WEP) is outdated and has many known
security vulnerabilities, but should nevertheless be discussed. The other two
(WPA and WPA2) are updated versions of WEP, are in whole more secure, but
are not without their flaws.
 7

(Source: National Institute of Standards and Technology, 2005)

[FIGURE 3, Level of Security vs. Cost]

WEP

The Wired Equivalent Privacy (WEP) algorithm is used to protect wireless

communication from eavesdropping. The security protocol works at the data link
layer requiring all parties have the same secret key (either 40 bit or 128 bit). This
key is used to encrypt the data packets before they are sent as well and integrity
checking the packets that have been sent to make sure they have not been
modified.

WEP is the lowest form of security and doesn't provide enough security for
most enterprise wireless LAN applications. WEP can be cracked in either the 40
bit or 128 bit variations within roughly fifteen minutes using any one of the many
off-the-shelf tools such as WEPCrack or Airsnort which are available free on the
internet. The problem with WEP is the use of weak keys. A hacker can easily
exploit this vulnerability, discover the default security key, and decrypt any
message being sent or received.
 8

WPA

Wi-Fi Protected Access (WPA) addresses the majority of WEPs known

vulnerabilities and is intended for enterprise infrastructure networks. This type of
infrastructure includes numerous workstations, access points, and authentication
servers (such as RADIUS or LDAP). The authentication servers hold user
credentials (usernames/passwords) which allow users to access the network.
WPA has basically taken what security WEP had and increased it by including
Temporal Key Integrity Protocol (TKIP).

WEP produces what's referred to as a "key schedule" by concatenating a

shared secret key with a randomly-generated 24-bit initialization vector (IV). WEP
inputs the resulting key schedule into a pseudo-random number generator that
produces a key stream equal to the length of the 802.11 frame's payload. WPA
automatically generates a new unique encryption key periodically for each client.
WPA uses a unique key for each 802.11 frame. This avoids the same key staying
in use for weeks or months as they do with WEP. WEP appends a 4-byte
integrity check value (ICV) to the 802.11 payload. The receiver will calculate the
ICV upon reception of the frame to determine whether it matches the one in the
frame. If they match, there is some assurance that there was no tampering.

Although WPA is an improvement over WEP it is not perfect. There is still

one significant flaw within WPA; it does not fix the potential denial of service
(DoS) attacks. If a hacker sends multiple packets a second to an access point, it
will stop all traffic for one minute. This is the same as turning the network off
during that specific period of time.

WPA2

Wi-Fi Protected Access 2 (WPA2) is WPA with a different type of

encryption. WPA2 uses AES-CCMP instead of RC4/TKIP. AES-CCMP is
abbreviated from Advanced Encryption Standard-Counter Mode with Cipher
Block Chaining Message Authentication Code Protocol. AES has been adopted
by the Department of Commerce and the National Institute of Standards and
Technology (NIST) as an official government standard for data privacy. AES
meets the government's FIPS (Federal Information Processing Standard) 140-2
security requirements.
 9

WLAN Security – Physical

MAC Filtering

Another form of security that can and should be used is Media Access
Control (MAC) Authentication. MAC addresses on wireless clients are burned
into the hardware. Once enabled, whenever the wireless access point or router
receives a request to join with the WLAN, it compares the MAC address of that
client against the access list. Clients on the list authenticate as normal; clients
not on the list are denied any access to the WLAN. Unfortunately, there is a
problem with this type of physical security. Some clients allow their MAC address
to be "impersonated" or "spoofed" in software. This would allow a hacker to
change his MAC address and gain access to the network.

With this form of security there is a large overhead due to the fact that all
Access Points will need to have access to the current access list. Although MAC
address filtering is not foolproof, it still remains a useful additional layer of
security which helps to improve the overall security posture of the WLAN.

Closed Network

A closed network is another form of security where the WLAN does not
broadcast its name Service Set Identifier (SSID) in beacon frames; workstations
must know the SSID in order to connect to access points in that network. The key
for this type of security to work is to change the default manufacturer SSID to
something that only your organization would understand.

This form of security is only as strong as the users of the network. Anyone
that gains access to the SSID will be granted access to the WLAN. For this
reason, this form of security should be used in conjunction with other forms of
security.

Range

Limiting the range of WLANs can actually benefit your network security.
By placing Access Points near the center of buildings and avoiding placing them
near exterior walls, the range will be limited to specific buildings and required
areas. Also, reduce the Access Point broadcast strength whenever possible to
help control the range of the signal within designated areas.
 10

Another aspect of this is configuring the Access Points to power off at

certain times. If there is an area that is not used at a specific time then powering
off that segment decreases the chances of being compromised. The smaller and
more limited the area of coverage, the less likely a hacker will be to gain access.
Forcing an intruder to enter the premises in order to gain access will deter the
majority of would be hackers.

Naturally, limiting the range and strength will not completely protect the
WLAN from possible attackers but, it will deter many of them due to the fact they
will have to gain physical access to the building.

Rogue Access Points

Another significant threat to network security is the possibility that rogue

wireless access points (AP) may be present on the network. A rogue access
point is one that is not authorized for operation. These access points enable an
open, insecure interface to the network from outside the physically controlled
facility. The problem with a rogue AP is that it allows just about anyone with an
802.11-equipped device on the network, which puts them very close to mission-
critical resources.

In most cases an employee has relatively free access to the facility, which
makes it possible for them to install a rogue access point. An employee may
purchase an access point and install it without coordinating with their IT
organization in order to access to the network from a conference room for an
important meeting. The majority of times when this occurs the individual did not
understand the security issues involved. As a result, the network is left wide open
for a casual snooper or hacker to attack.

In order to avoid this type of security breach users should be aware of

current local security policies governing installation of equipment on government
networks. Annual user training of all policies and regulations should be
mandatory.

Other times a hacker can install a rogue access point on the network but,
in order to do so, the hacker would need physical access to the network. This
would require the hacker to pass through other areas of physical security, and
most times would cause them look for other vulnerabilities.

Audit Trail

The use of an Audit Trail is useful when monitoring the network. It is a

record of the activity while the user is logged in. This record will log everything
from the number of login attempts to the files that were accessed. This is a very
 11

powerful tool that can be used to discover and trace a possible security breach.
For this feature to work, every user must have a unique username/password and
keep them confidential at all times.

Audit trails are useful when recreating a security breach. The negative
side of using an audit trail as security measure is the fact that this data is of the
past actions and is not very useful when trying to stop a one time hack attempt. It
is, however, useful if used to monitor continuous hack attempts in order to trace
them back to the hacker, or used to block previously unknown vulnerabilities.

User Training

The wireless network is secured using multiple layers of encryption and

many forms of physical security, all for the end result of protecting the data on
the network. Many man hours of planning and configuring equipment goes into
setting up the network for wireless access. All this is for naught if the users of the
network do not understand the security concerns and policies governing the use
of a WLAN. It would only take a computer user a few minutes to thwart any form
of WLAN security by installing a rogue access point that is not secured. Most
computer users are not malicious, just ill-informed of the policies governing their
networks. Many people have wireless access at home, and know it is very simple
to install an access point and access the network. What many people fail to
recognize is that a military network is much different than a home network,
although they both run on the same principles. They must be made aware of the
serious implications of allowing an unauthorized individual access to a
government network.

Security awareness training should be a requirement for all mobile

wireless device users, and should be provided on a regular basis. This training
ensures users are informed of all DOD policies (DOD Directive 8100.2) and
guidelines regarding WLAN security. Also, product specific training may be
necessary to certify mobile and wireless devices are securely configured,
deployed, and used.

HIPPA Compliance

HIPAA requires safe electronic data interchange (EDI) of medical records,

also known as protected health information (PHI), by covered entities such as
health-care plans--HMOs, Medicare and Medicaid programs--and clearinghouses
that store and process electronic health-care information. HIPAA security rules
guard against unauthorized transmission of PHI only in electronic form--over the
internet, extranet, private networks and leased and dial-up lines. In order to
remain HIPPA compliant the military network is required to have the two following
 12

controls as security mechanisms to secure network traffic: Integrity Controls and

Message Authentication.

Integrity Controls verifies that the data sent is actually the data that is
received. This is done through a mathematical algorithm in which a numerical
“fingerprint” is calculated based on unique characteristics of the original
message. Once the message is received the receiving computer recalculates the
hash using the dame algorithm. Then it compares the two numerical fingerprints
to prove that the message has not been altered.

Message authentication verifies that a message did indeed originate from

the claimed location, that the file’s uniqueness was maintained, and that the file
was not altered. This process also uses a mathematical algorithm to create a
unique value that once received is compared to the second value and checked
for authenticity.

Unfortunately, a default WLAN does not meet the minimum specifications

defined by HIPPA Security. Although, a WLAN with either WPA or WPA2
enabled exceeds the HIPPA standards. No military network, especially no
medical network, should be using WEP. The weak data encryption does not meet
military standards. Only WPA or WPA2 should be used with the military network.
 13

CHAPTER FIVE

CONCLUSIONS AND RECOMENDATIONS

Recommendations

You need to ask yourself is wireless actually needed? Controlling the

environment where the wireless technology is used is the best approach.
Controlling the area of coverage as well as knowing who is accessing the WLAN
makes securing the WLAN much easier. The smaller the area of coverage the
more control you will have. Once the area has been determined the security plan
should be developed in layers. The layers should include data encryption such as
WPA or WPA2 as well as other physical security features. Some of the physical
security features that should be included in the security plan are MAC address
filtering, the use of audit trails, controlled range and strength of the signal.

User training should not be overlooked. Having users that are fully trained
and understand the vulnerabilities of wireless technology only strengthens the
entire security program. The strongest aspect of any security program should be
training the computer users. Computer users should understand the basic
principles and fundamentals of wireless security. User training should include
initial as well as semi-annual refresher training. A strong training plan is vital to
the security of any wireless network.

Conclusion

Any time you transmit data over a network, you acknowledge a certain
level of insecurity. Transmitting that same data using radio frequencies increases
that risk exponentially. In today’s society, there is no such thing as a totally
secure network. Even the tightest security plan has vulnerabilities. The only way
to be 100% safe is to either turn off the computers, or take away all user rights.
Unfortunately, neither of these solutions is realistic for network administrators.
The best approach to securing a WLAN is with the use of multiple security layers
and user training.

There is no one form of security that is adequate enough to secure a

military wireless network or any wireless network. Multiple forms of overlapping
security are the only one true way to secure a wireless network. Currently WEP2
is the strongest wireless encryption available and should be used in any Military
 14

network. There are many forms of physical security that can and should be used
from MAC filtering to scanning for rogue access points. When discussing the
security of wireless networks, there is no such thing as too much security.

Computer users are always the one possible weak link. No matter how
much security is in place to protect the network a user can make it all for naught.
Computer users need to be educated about the proper uses of wireless networks
as well as the vulnerabilities that come along with this type of technology. Only
the users that need wireless technology should be allowed to use it. The less
people accessing it the more controlled the environment is.
 15

References

HIPPA Security: You Can Run, But You Can’t Hide. Retrieved Feb 28, 2005.

From:http://www.texmed.org/cme/pms/ec_pmsem/hippa/physical_safegua

rds.asp

DISA (10 February 2005). Mobile and Wireless Device Addendum to the

Wireless Security Technical Implementation Guide. Retrieved March 10, 2005.

From http://iase.disa.mil/wireless/mobile-computing-addendum-v1r0.doc

Tom Karygiannis (2002). NIST Wireless Security Guidance SP 800-48

Retrieved Mar 1, 2005.

From http://csrc.nist.gov/wireless/S05_NIST-tk2.pdf

Roshan and Leary (2004) 802.11 Wireless LAN Fundamentals: A practical guide

to understanding, designing, and operating 802.11 WLANs.

Pages 227 – 149

DISA (27-Jan-2005). Wireless Security Frequently Asked Questions

Retrieved Feb 27, 2005.

From http://iase.disa.mil/wireless/wirelessfaq.html
 16

DISA (15-Apr-2004). Wireless Security Technical Implementation Guide

Retrieved Feb 27, 2005.

From http://iase.disa.mil/stigs/stig/wireless_stig-v3r1.zip

ISS.net (interview). Internet Security According to Gartner

Retrieved Apr 2, 2005. From http://www.iss.net/resources/pescatore.php

IEEE 802.11 LAN/MAN Wireless LANS. Retrieved Mar 3, 2005.

From http://standards.ieee.org/getieee802/802.11.html

ISS.net. Best Security Practices for HIPPA Compliance. Retrieved Feb 26, 2005.

From http://documents.iss.net/marketsolutions/ISSHIPAABrochure.pdf

ISS.net. Active Wireless Protection. Retrieved Feb 27, 2005.

From http://documents.iss.net/whitepapers/ActiveWirelessProtection.pdf

DISA (29-Sep-2003). Network Infrastructure Security Technical Implementation

Guide Retrieved Feb 27, 2005.

From http://iase.disa.mil/stigs/stig/network-stig-v5r2-9-29-03.doc
 17

Karygiannis and Owens (2002). Wireless Network Security.

Retrieved Mar 12, 2005.

From http:// csrc.nist.gov/publications/ nistpubs/800-48/NIST_SP_800-

48.pdf

DODD 8100.2. Retrieved Jan 31, 2005.

From www.dtic.mil/whs/directives/orres/pdf/d81002_041404/d81002p.pdf

HQDA LTR 25-02-1. U.S. Army Wireless Local Area Networks .

Retrieved Feb 28, 2005.

From:http://www.apd.army.mil/pamdocs/PAM2530_detail.asp?ItemNo=07

9369

Defense-in-Depth: Information Assurance (IA) and Computer Network Defense

(CND) Retrieved Feb 27, 2005.

From https://ca.dtic.mil/cjcs_directives/cdata/limited/m651001.pdf

White (2002). Data Communications and Computer Networks: A Business User’s

Approach. Pages 411-441