1. Field of the Invention
The present invention relates to independent wireless access point security. More specifically, the present invention relates to securing independent access points with digital certificates which can be validated.
2. Background of the Invention
Cellular telephones are tremendously popular. It is estimated that at the end of 2007 the total worldwide subscriber rate reached 3.3 billion. Close to 80% of the world's population enjoys mobile telephone coverage, a figure that will only increase. As cellular telephones gain popularity, their functionality has increased also. Standard service includes voice calling, caller ID, call waiting, and voice mail. Service providers also offer text messaging, push mail, navigation, and even a high-speed internet connection directly to your telephone.
At the same time, people have become much more dependent on their cellular telephones. Many people no longer have traditional land-line telephones in their house, instead choosing to rely on their cellular telephone. Cellular telephones can accomplish almost everything that a land-line telephone does with the added benefit of being able to be taken with you on the go. And that is the least a cellular telephone has to offer.
Cellular telephones have become a necessity in the business world. With the fast pace of business today, people must be reachable at any time of day, every day. With cellular telephones, laptop computers, and Personal Digital Assistants (PDAs), users can easily be called or e-mailed anytime and almost anywhere. Companies have come to rely on the luxury of instant communication with their employees. Decisions can be made faster and more confidently. For the small business entrepreneur, hiring employees is not always a priority, especially in the beginning. These entrepreneurs must handle everything themselves at times, and need to stay connected to their clients. Having telephone calls, email, internet, and navigation all on one mobile device is invaluable.
New networks increase the number of areas with available service. Many newer telephones are equipped with wireless access. Wireless access points allow these telephones to connect to the internet. Ad hoc networks, such as these wireless access points, are appearing with more and more frequency as businesses and even individuals allow for secure and unsecured use. With the emergence of BLUETOOTH, areas with access to BLUETOOTH are also becoming increasingly common. Additionally, the increasing prevalence of femtocells increases areas of network availability. Femtocells connect to service providers' networks via broadband and allow service providers to extend service indoors, especially in areas of limited access. In the future, 4G networks will become prevalent as well. These networks will be the next complete evolution in wireless communications.
Meanwhile the internet itself has grown very large. One source estimates the internet in its entirety is about five million terabytes of data. The famed search engine GOOGLE is said to have only indexed about 170 terabytes of that data. Websites are hosted in many different countries around the world. The internet is used for shopping, banking, social gatherings, education, news, etc. However, as more and more people transact their business across the internet others have been thinking of malicious ways to intercept people's bank accounts, credit cards, etc.
Identity theft has become a common tactic for criminals these days, and one of the largest sources of identity theft is through the internet. Criminals will send emails disguised as a bank, credit card company, or other financial institution with links directly to their website. The website will look legitimate, but it is merely a front to collect personal information so they can turn around and assume your identity with a real financial institution. The government cannot always keep up with these crimes largely due to the sources being offshore.
Most of this can be done through a home internet connection, but usually requires some small deviation in the website address, name, or other method. For example, a criminal may want to pose as BANK OF AMERICA, which owns the website www.bankofamerica.com. In order to do this he may setup a website and register as the domain name www.loankofamerica.com or www.bankofamerica.com. The differences are subtle, and often enough to trick an unsuspecting person. The criminal will send mass emails out to everyone he can, disguised as BANK OF AMERICA, in hopes that at least one person will visit the site, assume it is legit, and enter their bank information. This all happens from the victim's own home internet connection.
As more and more wireless access points appear, people wonder how safe they are to use. Sometimes the access point is owned by a restaurant, coffee shop, corporation, etc., but sometimes it is just someone's personal access point which has been left unsecured. Ideally the access point allows unfiltered access to the internet without recordation of use, but that is not always the case. Unfortunately, an open wireless access point can leave a person more vulnerable than when using their home internet connection. Many open access points, including harmless access points, practice ethereal logging, which is another way of saying that every packet of data transfer through that access point is recorded. Some of these packets are encrypted, but some are not. A savvy hacker can root through these packets and figure out anything from visited websites to secret passwords. Ethereal logging is somewhat common, however, and rarely has malicious intent behind it. It does carry somewhat of a risk and some people feel uncomfortable knowing that every packet of data is being recorded. However, there is a much bigger danger of connecting to the internet through a random access point.
Fake Domain Name Service (DNS) tables can be used in an unsecured access point. DNS, generally, is a service that links domain names to Internet Protocol (IP) addresses. Every domain name, like www.bankofamerica.com, www.google.com, www.yahoo.com, etc., is associated with an IP address. The IP address is necessary for a web browser to locate the server on the internet which contains the desired website. Normally the access point will reference some global DNS server in order to find the IP address and connect to that server, but an access point has the capability of referencing another server, or another table to find the IP address. The problem is when someone accesses www.bankofamerica.com through an open access point, there is a potential for them to be sent to a wholly different website. What is worse is the website they are directed to will look and feel exactly like BANK OF AMERICA's website, but is really just a front to record your passwords, social security numbers, etc.
What is needed in the art is a way of ensuring the security of these random, independent access points which allows anyone to use them to conduct their business transactions without fear of identity theft or other malicious tactics.