Analysis of location-based security technology

Source: Internet
Author: User

The original network security technology, policies, and management methods of the fixed LAN cannot meet the network security requirements under the new situation of the wireless LAN. Especially for enterprises with high requirements for network security, how to use wireless LAN to improve office conditions while, the focus of enterprises is to effectively prevent unauthorized external access and protect sensitive information.

Although some standards (such as Wi-FiWPA2 and 802.11i) provide new levels of wireless security capabilities and are supported by new monitoring and intrusion protection tools, however, the focus of enterprises has shifted to how to combine traditional network security and physical security to form a new location-based network security solution. Helps enterprises balance the contradiction between providing mobile Internet services for their employees and visitors while providing necessary checks on this unmanageable freedom.

For example, if an enterprise deploys a wireless LAN in its office building to facilitate staff work, but the enterprise does not want people outside the office building to access its wireless LAN, to prevent security risks such as network attacks and sensitive information theft. For another example, an enterprise needs to implement wireless Internet access for the Human Resources department because of its office needs, but wireless access except for the Human Resources department needs to be restricted to prevent others from accessing sensitive information within the Department, such as employee information and performance appraisal information.

This is the root of the role of location-based security technology: restrict the access permission of the wireless LAN based on the user's location information. In addition to adding a layer of physical security protection, positioning control and access permission control can also prevent network unit overload (and prevent "DoS Attacks "), and restrict the visitor's access to the network.

This new cybersecurity concept is actually a concept of "physical barrier", that is, limiting network access activities based on the geographical location and authorization status of visitors. This concept is not technically difficult to implement, as long as the positioning technology is introduced into the wireless LAN.

The user's identity is based on one or more IDs (such as RFID badges/visitor cards and Mobile Wi-Fi devices), and the location technology is used to determine the location of a specific ID, in this way, the user's network access level is set. The basic premise is to create a virtual access fence for each mobile device and each user. It is used to track users' actions in the building, and recognize or reject users' access to network resources based on the authorization status and whether they are in the specified permitted area.

The "physical barrier" can also be set to allow access to wireless LAN and network resources only when the ID card (physical security) is provided to the specified user and his/her mobile device, this greatly reduces the possibility of someone using another user's hosts or mobile devices to access unauthorized information on the Internet.

Geo-fencing allows a visitor's location to access a wireless LAN when he/she is in the conference room with other employees of the Company, whereas access after leaving the meeting room is denied. In addition, "Geo-fencing can send an alarm when a visitor leaves the permitted area and terminate Wireless LAN access.

The comprehensive application of location-based security technology and user and mobile device identity recognition technology improves network protection and Intelligent Identification capabilities to a higher level. Geo-fencing allows you to create a custom invisible fence that moves with each mobile device, allowing the network administrator to ensure that each device can only access authorized areas and resources on the network.

Edit recommendations]

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.