Federated Wireless Security Policy
With the proliferation of multi-tenant buildings as well as densely populated areas where a client’s RF footprint may reach beyond the office’s physical boundaries there is a need to detect and inoculate wireless networks from attacks from areas outside the entity’s physical office space. Through discussions with business partners and clients, BITHGROUP has developed a “Federated Wireless Security Policy” to mitigate the risk.

BITHGROUP will implement a wireless security infrastructure that will leverage location information in the determination of a client’s Wireless Security Policy. BITHGROUP will work with our clients and their neighbors to develop an infrastructure that is flexible and responsive enough to add new devices to the RF footprint and manage those devices dynamically. This will allow a client to dynamically mitigate a real-time threat that originates outside their physical perimeter while notifying their neighbors of the anomalous behavior. This will allow the companies involved to increase their Wireless Security Posture while avoiding any ambiguity with respect to legal issues when the determination is made to shut down the offending wireless device. BITHGROUP’s Federated Wireless Security Policy service can help entities that are not client’s of the BITHGROUP but that are members of the Federated Wireless Security Policy by making them aware of anomalous behavior within their own perimeter.

Overview:
With the proliferation of multi-tenant buildings as well as densely populated areas where a client’s RF footprint may reach beyond the office’s boundaries, there is a need to detect and inoculate wireless networks from attacks from areas outside the entities physical perimeter. Through discussions with business partners and clients, BITHGROUP Technologies has developed our “Federated Wireless Security Policy (FedWiSP)” to mitigate this risk.

Details:
FedWiSP has three components. First, a Federated Wireless Security Agreement between companies within a common RF footprint. Second, the infrastructure to identify anomalous behavior and compare against known wireless attacks along with the capability to identify the attacker’s location. Third, the programmatic capability to mitigate an attack in real-time as a function of the Federation’s Wireless Security Policy.

Most companies rely on their wireless network as part of their critical business infrastructure. Technology is present today to both detect and mitigate a wireless attack but companies hesitate to use it. There may be a concern as to whether the attack is really from a hacker or if it is only a company within their RF footprint with a mis-configured device. The affected company may be hesitant to utilize tools to mitigate the attack for fear of litigation from their RF neighbor. This can cause them to lose precious time while they do further analysis of the attack to determine its origin. This precious time can be effectively eliminated with FedWiSP. The FedWiSP agreement gives any signatory the right to mitigate an offending device (within attack signature parameters agreed upon by the signatories) in real-time via over-the-air commands to the offending device. The FedWiSP technology infrastructure will support the agreed-upon mitigation strategy through the FedWiSP Federated Security Policy. An infrastructure of Wireless Partner products as well as the FedWiSP management console will determine where the attack came from (Company B’s conference room, etc) from an “Intra-AP” perspective. This gives our client companies their physical perimeter back which has been lost in wireless infrastructures to-date. This infrastructure’s granularity will be a function of client needs. Some clients may only want to know if a wireless security event has occurred within their office space or not. Other companies may be interested as to where within their space the attack happened. FedWiSP can be customized to serve these varied needs. Once the attack has been mitigated, FedWiSP will send an e-mail description of the attack, where it originated from, the company affected and the mitigation taken to the Wireless Security Administrator of the offending company. This is a reciprocal arrangement that effectively raises the security level of all signatory companies within the common RF space.