Tài liệu hạn chế xem trước, để xem đầy đủ mời bạn chọn Tải xuống
1
/ 22 trang
THÔNG TIN TÀI LIỆU
Thông tin cơ bản
Định dạng
Số trang
22
Dung lượng
735,57 KB
Nội dung
WirelessNetworkSecurity:AnOverview
Danda B. Rawat
Eastern Kentucky University, USA
Gongjun Yan
Indiana University Kokomo USA
Bhed Bahadur Bista
Iwate Prefectural University, Japan
Vigs Chandra
Eastern Kentucky University, USA
ABSTRACT
With the rapid development and successful deployment of wireless technologies and
applications, wireless networks have been a part of day-to-day businesses. Securing available
resources on any personal, corporate or academic data network is of vital importance. As
wireless signal is freely available in the air in wireless communications, wireless security is a
major concern. Generally, wireless networks consist of voice communication networks such as
wireless cellular telephone networks and data centric wireless networks such as WiMAX and
wireless Local Area Networks (LAN). Moreover, cell phones are not only used for voice
communications but also for data communications such as access the Internet and text
messaging. Similarly, in addition to data communicating in wireless LAN, voice over Wi-Fi is
also being popular. Therefore, it is essential to provide secure communication medium for the
users in all wireless networks from all perspectives. This chapter presents anoverview of
security issues along with the fundamental concepts related to wireless networks such as cellular
wireless network, wirelesses LAN, wireless Personal Area Network (PAN), WiMAX
(Worldwide Interoperability for Microwave Access), ZigBee and so on. With this chapter,
readers can have a more thorough understanding of wireless security techniques, issues, trends
and best practices in different wireless networks.
1. INTRODUCTION
Wireless communications is the fastest growing segment of communication industry. Wireless
technologies and applications have been widely deployed in various areas. Successful
deployment of wireless local area network (LAN) in unlicensed ISM band and cellular wireless
telephone networks in licensed band in the past decades have shown the wide spread use of
wireless technologies and applications. More wireless applications and technologies are under
development and deployment. Wirelessnetwork consists of various types of networks that
communicate without a wired medium. Generally, wirelessnetwork can be categorized into two
different types based on structure of the networks [1]: Infrastructure-based wireless networks and
infrastructure less wireless networks.
Infrastructure-based wirelessnetwork has central unit through which the client stations
communicate with each other. Cellular telephone systems such as GSM or CDMA and the IEEE
802.11 wireless LAN in AP mode and the IEEE 802.16 WiMAX are some examples of
2
infrastructure based wireless networks. GSM, CDMA, and their variants are most widely
deployed cellular communication technologies and networks that made mobile communications
possible. GSM and CDMA use basestation thorough which mobile phones communicate with
each other. Generally, cellular wirelessnetwork covers wide area and known as wireless wide
area networks (WWAN). Similarly WiMAX network also has centralized basestation used by
wireless clients when they communication with each other. Coverage area of WiMAX is closer
to metropolitan area and known as a Wireless Metropolitan Area Network (WMAN). Wireless
LAN (WLAN) in infrastructure mode uses centralized Wireless Access Point (WAP) through
which wireless client stations communicate with each other. As the centralized basestations or
APs in infrastructure based wireless networks are mostly static and costly, such networks require
serious and careful topology design for better performance and coverage.
Infrastructure less wirelessnetwork does not contain any centralized infrastructure and thus
wireless client stations communicate with each other directly in peer-to-peer manner. These
types of networks are also known as wireless ad hoc networks. Network topology of wireless ad
hoc network is dynamic and changes constantly and the change in topology is adapted by
participating wireless stations on the fly.
Sub categories of wireless networks under centralized infrastructure-based and infrastructure-less
wireless networks are depicted in Figure 1. Cellular networks are for voice communications but
it also carries data whereas WiMAX is last mile internet delivery for larger coverage area.
Wireless LAN is for data communication for local areas. However, Voice over Wi-Fi is also part
of wireless LAN. Recent advancements have shown that the infrastructure based wireless
networks support both voice and data communications.
Figure 1: Classification of Wireless Networks
Infrastructure based wireless networks need fixed infrastructures such as basestation in cellular
telephone networks and WiMAX networks or wireless access point (AP) in wireless LAN to
facilitate the communications among mobile users. The fixed infrastructure serves as a backbone
for these kinds of wireless networks. Mobile users connect to fixed infrastructure through
wireless link and can move anywhere within a coverage area of a basestation and can move from
handover features. For example, cellular
telephone system consists of a fixed basestation for a cell and each cell can handle number of
mobile users. While communicating, mobile users can move within a coverage area of a
basestation and from one basestation to another by using roaming features. To cover large area
Infrastructure-based wireless networks
Infrastructure-less wireless networks
Wireless
Networks
Wireless LAN
in Access
Point Mode
Wireless
Mesh
Networks
Cellular
Telephone
Networks
Wireless
LAN in Ad
Hoc Mode
Wireless
Sensor
Networks
WiMAX
Networks
3
and large number of users, multiple basestations are needed and basestations are connected with
each other by reliable wired or wireless link to provide seamless wireless service.
Interconnecting link should be robust in terms of reliability, efficiency, fault tolerance,
transmission range, and so on to provide uninterrupted service.
2. CELLULAR TELEPHONE NETWORKS
Cellular Communication has become an important part of our daily life. Almost 2.3 billion users
have subscribed for telephone services and it is predicted by Gartner that by 2013 mobile devices
such as PDA will surpass the PC for internet browsing as cellular telephone network offer
mobile communications. Cellular telephone communications uses basestation to cover a certain
area. The area covered by a basestation is known as cell [1]. Mobile users connect to their
basestation to communicate with each other. Mobile users can move within a cell during
communications and can move from one cell to another using handover technique without
breaking communications. Wireless systems are prone to interference from other users who share
same frequency for the communications. To avoid interference between cells, adjacent cell use
different frequencies as shown in Figure 2.
Figure 2: Cells with Different Frequencies in Cellular Telephone Networks
Cellular networks are commercially available since early 1980s. Japan implemented cellular
telephone systems in 1979 and became the first country to deploy first cellular telephone
network. European countries implemented Nordic Mobile Telephony (NMT) in 1982 and
became second. Finally, US deployed Advanced Mobile Phone System (AMPS) as the first
cellular telephone network in 1983 [2].
4
There are different generations of cellular telephone systems [1, 2]. First generation (1G)
wireless telephone networks were the first cellular networks that are commercially available. 1G
network was able to transmit voice with maximum speed of about 9.6Kb/s. 1G
telecommunication networks used analog modulation to transmit voice and are regarded as
analog telecommunication networks.
1G cellular system has some limitations such as poor voice quality, no support of encryption,
inefficient use of frequency spectrum, and poor interference handling techniques. Personal
communication services (PCS) introduced the concept of digital modulation in which the voice
was converted into digital code and became the second regeneration (2G) cellular telephone
system. 2G being digital addressed some of the limitation of 1G and was deployed using
different signal representation and transmission techniques.
In the US, Code Division Multiple Access (CDMA), North American Time Division Multiple
Access (NA-TDMA) and digital AMPS (D-AMPS) have been deployed as a 2G cellular
network. In Europe, Time Division Multiplexing (TDM) based Global System for mobile
communication (GSM) has been deployed whereas in Japan Personal Digital Cellular (PDC) has
been deployed. GSM based cellular system became the most widely adopted 2G technology in
the world.
limitations of 1G. People were actively looking for data communications along with voice
communication service as a result data services over 2G appeared and became 2.5G. The 1xEV-
DO and 1xEV-DV have been deployed as 2.5G in the US. 1xEV-DV uses single radio frequency
channel for data and voice, whereas 1xEV-DO uses separate channels for data and voice.
High Speed circuit switched data (HSCSD), General packet Radio Service (GPRS), Enhanced
Data Rate for GSM Evolution (EDGE) have been deployed in Europe. High Speed circuit
switched data (HSCSD) was the first attempt at providing data at high speed data communication
over GSM with speeds of up to 115 kbps.
However, this technique cannot support large bursts of data. The GPRS can support large burst
data transfers and it had service GPRS support node (SGSN) for security mobility and access
control and Gateway GPRS support node (GGSN) in order to connect to external packet
switched networks. EDGE provides data rates of up to 384 kbps. CDPD uses the detected idle
voice channels to transmit data without disturbing voice communications.
Then 3G developed with goals of providing fast internet connectivity, enhanced voice
communication, video telephone, and so on. CDMA2000 in the US, Wideband-CDMA
(WCDMA) in Europe, and Time Division-Synchronous Code Division Multiple Access (TD-
SCDMA) in china were deployed as 3G cellular networks. Actually its processes was started the
process in 1992 and resulted as a new network infrastructure called International mobile
telecommunications 2000 (IMT- 2000). IMT-2000 aimed of receiving [3, 4],
To offer wide range of services over a wide coverage area
To provide the best quality of service (QoS) possible
To accommodate a variety of mobile users and stations
To admit the provision of service among different networks
To provide an open architecture and a modular structure
5
The 3G has been deployed in the most of the countries and have been taking a major
communication networks however service providers have already started deploying the fourth
generation (4G) system which offer data rate of up to 20Mbps and support mobile
communication in moving vehicles with speed up to 250 km/hr.
Fourth generation (4G) is the next generation after 3G aims of incorporating high quality of
service and mobility in which a mobile user terminal will always select the best possible access
available. 4G also aims of using mobile IP with IPv6 address scheme in which each mobile
device will have its own and globally unique IP address.
It is important to understand the architecture of cellular network to understand the security
issues. Cellular network has two main parts [5],
The Radio Access Network (RAN)
The Core Network (CN)
Mobile users gain access wirelessly to the cellular network via radio access network (RAN) as
shown in Figure 3. RAN is connected to core area network (CN). Core network is connected to
internet via gateway through which mobile users can receive multimedia services. Core network
is also connected to public switched network (PSTN). PSTN is the circuit switched telephone
public telephone network that is used to deliver calls to landline telephones. PSTN uses a set of
signaling protocol called signaling No 7 (SS7) that is defined by ITU (international
Telecommunication Union). SS7 provides telephony functions. Core network provides the
interface for the communication among mobile users and landline telephone users.
Figure 3: Cellular Telephone Network Architecture
The RAN consists of the existing GPRS or GSM or CDMA cellular telephone networks in which
Radio Network Controller (RNC) or Basestation connector (BSC) is connected to packet
switched core network (PS-CN) to provide the interaction between RAN and CN.
6
Core network consists of circuit switch network, packet switched network and IP multimedia
networks. The high-end network servers facilitate the core network and provide several functions
through Home Location Register (HLR) to maintain subscriber information, the visitor location
register (VLR) to maintain temporary data of subscribers, the mobile switching center (MSC) to
interface the RAN and CN, and the gateway switching center (GMSC) to route the calls to the
actual location of mobile users [6].
Every subscriber is permanently assigned to home network and is also affiliated with a visiting
network through which subscriber can roam onto it. The home network is responsible to
maintain subscriber profile and current location. The visiting network is the network where a
mobile user is currently roaming. It is important to note that the visiting networks provide all the
functionality to mobile users on behalf of the home network.
IP based servers such as DNS, DHCP and RADIUS servers interact with the gateways and
provide control and management functions needed for mobile users while getting service from
the Internet.
2.1 SECURITY ISSUES IN CELLULAR NETWORKS
Multiple entities incorporate in cellular telephone networks and the infrastructure for them is
massive and complex. IP multimedia Internet connection with the core network in telephone
network presents a big challenge for the network to provide security. Wireless networks in
general have many limitations compared to wired networks such as [4, 5]
Radio signal travels through open wireless access medium such as air.
Limited bandwidth shared by many mobile users.
Mobility in wireless networks makes system more complex.
Mobile stations run on limited time batteries resulting in power issue in wireless Systems.
Small mobile device has limited processing capability.
Unreliable network connection for mobile users.
Apart from above listed limitations, several security issues we need to consider when deploying
a cellular network. There are varieties of attacks in wireless cellular network:
1. Denial of Service (DOS) caused by sending excessive data to the network so that the
legitimate users are unable to access network resources.
2. Distributed Denial of Service (DDOS) is result of attack by multiple attackers.
3. Channel Jamming by sending high power signal over the channel that denies access to the
network.
4. Unauthorized Access to the network by illegitimate users.
5. Eavesdropping in wireless communications.
6. Message Replay: it can be done even if the transmission is encrypted by sending
encrypted message repeatedly.
7. Man in the Middle Attack.
8. Session Hijacking: Hijack the established session and pretend as a legitimate user.
2.1.1 SECURITY IN THE RADIO ACCESS NETWORK
In radio access network, mobile users connect with each other wirelessly through basestation.
This type of network is prone to attack. A dedicated attacker with a radio transmitter/receiver can
7
easily capture the radio signal transmitted on the air. In 1G and 2G systems, there was no
encryption mechanism to hide voice from malicious and no guard mechanism against
eavesdropping on conversations between the mobile user and basestation. Because of no
security provision in 1G and 2G cellular telephone systems, attacker not only can enjoy the
wireless service without paying the service fees but also can entice the mobile users through
rouge or false basestation and get secrete information. The 3G cellular system has security
provision to prevent attack. It had encryption mechanism with integrity keys to encrypt the
conversation and thus the attacker cannot change the conversation between mobile user and
basestation. 3G has improved radio network security. However, it still cannot prevent DOS
attack when large numbers of requests are sent from radio access network to the visiting MSC in
which MSC needs to verify every request through authentication process. Because of excessive
requests and authentication, MSC may fail to serve legitimate users.
2.1.2 SECURITY IN THE CORE NETWORK
Core network security deals with the security issues at the service node and wire-line-signaling
message between service nodes. Protection is provided for the services that users Mobile
Application Part (MAP) protocol. Security for MAP protocol is provided through MAP security
(MAPSec) when MAP runs on SS7 protocol stack or IPSec when MAP runs on top of IP. The
3G also lacks in security for all types of signaling messages. However, the end-to-end security
(EndSec) protocol proposed in [7] can prevent from misrouting the signal.
Internet connectivity through mobile device introduces the biggest threat to the cellular network
security. Any attacks that are possible on the internet can now be entered in to the core network
via gateways located between core network and the Internet. One example of this kind of attack
is into the E-911 service [8]. Short message and voice conversation still use same channel
resulting in contention and collision between them. Prevention of entire core network (servers for
PSTN, circuit and packet switched network services) from attacks that are coming through
internet link is important. As PSTN uses SS7 protocol that does not have any authentication
mechanism and transmits voice message in plaintext, attacker can easily introduce fake messages
or attack by DOS. There are some works going on to secure PSTN but not much [9].
As mentioned above cellular network has many new services and the security architecture needs
to provide security for all these services.
2.1.3 CELLULAR NETWORK SECURITY ARCHITECTURE
Cellular network security architecture consists of five sets of features as shown in Figure 4.
Figure 4: Cellular Network Security Architecture
8
Network Access Security is responsible for providing authentication of user and mobile device,
confidentiality, and integrity. It enables mobile users to access cellular network services
securely. International Mobile Equipment Identifier (IMEI) and secret Cipher Key (CK) are used
to provide confidentiality of both device and user. Challenge response method using a secret key
is used to achieve authentication. It is worth noting that the Authentication and Key Agreement
(AKA) provides mutual authentication for the user and the network. A cipher key (CK) and an
integrity key (IK) for which user and the network agreed are used until their time expires.
Integrity protection in cellular network is necessary as control signaling communications
between a mobile station and a network is sensitive. An integrity algorithm and integrity key
(IK) provides the integrity service.
Network Domain Security enables nodes in the service provider securely exchange the signaling
data and prevent from attacks on the wired networks.
User Domain Security enables mobile stations to securely connect to the basestation and prevent
from external attacks.
Application Security provides secure mechanisms to exchange messages between users of user
domain and services of service provider domain for different applications.
Visibility and Configurability of Security feature allows users to query what security features are
available to them and what features they can use.
2.1.4 WIRELESS APPLICATION PROTOCOL (WAP)
Cellular networks are connected to the Internet through core networks to provide the internet
access to mobile users using Wireless application protocol (WAP) [10]. Thus, it is important to
understand the security mechanisms of the protocol used to access the Internet via core network.
WAP is an open specification protocol meaning that it is independent of the underlying
networks. It is platform and technology independent and thus provides internet access service to
the users that use either WCDMA or CMDA 2000 or UMTS or any operating systems such as
Windows CE, PALM OS etc. The first version of WAP (WAP1) was released in 1998. WAP1
considers that the wireless mobile device has limited power and other resources and has limited
security features and thus communicates through other gateways while communicating with the
servers. The second version of WAP (WAP2) was released in 2002. it assumes that the mobile
devices are powerful. It has better security features and thus mobile users directly communicate
with the servers.
WAP Device
WAP Gateway
Web Server
Figure 5: WAP2 Protocol Stack
9
WAP2 Protocol Stack/Layers shown in Figure 5 are briefly discussed below:
1. Wireless Application Environment (WAE): This layer is like an application layer in OSI
reference model and the WAE provides an environment for WAP applications such as
web applications.
2. Hypertext Transfer Protocol (HTTP): This layer deals with a platform independent
protocol that is used for transferring web content/pages.
3. Transport Layer Security (TLS): This is the fourth layer (from bottom) protocol that
provides security features such as confidentiality, integrity and authentication. TSL used
in WAP2 is known as profiled TLS that consists of a cipher and authentication suites,
session resume, identification suites, and tunneling capability.
4. Transport Control Protocol (TCP): This is the third layer (from bottom) protocol that is a
standard reliable transport control protocol.
5. Internet Protocol (IP): This is the second layer (from bottom) protocol that is responsible
to route data in a network.
6. Bearer Protocol: This is the lowest level protocol that can be used any wireless
techniques (e.g. CDMA, GSM, WCDMA, etc.) used in cellular telephone networks.
Overall, multiple layers of protocol stack with multiple layer of encryption address the security
issues in existing 3G wireless cellular networks that consumes more power and introduces the
high transmission delay. In 4G, only one layer is responsible to encrypt the data using interlayer
security [11] that reduces the delay.
3. WORLDWIDE INTEROPERABILITY FOR MICROWAVE ACCESS (WIMAX)
Worldwide Interoperability for Microwave Access (WiMAX) [12] is a wireless metropolitan
area network (WMAN) that can offer data-transfer rates of up to 75 Mbps or an area of radius of
about 50 km (30 miles) and is part of fourth generation (4G) wireless communication
technology. WiMAX was released in December of 2001 as IEEE 802.16 standard. The IEEE
802.16 uses three major frequency bands: 10 to 66 GHz (licensed bands), 2 to 11 GHz (licensed
bands), 2 to 11 GHz (unlicensed bands).
WiMAX still has some shortcomings in terms of security as designers have incorporate the use
of the pre-existing standard DOCSIS (Data over Cable Service Interface Specifications) that was
used in cable communication [13]. Among different IEEE 802.16 standards, 802.16a/d standards
make use of public-key encryption keys (that are exchanged at connection setup time) and the
basestation authenticates the clients using 56-bit Data Encryption Standard (DES) based digital
certificates [13]. However, it does not provide adequate protection against data forgery. IEEE
802.16e implements a 128-bit encryption key mode based on the Advanced Encryption Standard
(AES) to remove the flaws that are present in 802.16a/d. The man-in-the-middle attacks
launched using rouge basestations are mitigated by client-to-basestation and basestation-to-client
authentication [13].
4. WIRELESS LOCAL AREA NETWORK
Successful deployment of Wireless LAN in the past decade is due to its advantages such as
flexibility, scalability, mobility and freedom that wired networks lack [14]. Wireless networks
are easy to install in rural areas, where wired networks infrastructure is either difficult or
impossible to create due to physical obstacles. They are easily scalable, flexible, and aesthetic
10
since wireless devices communicate using mainly either radio frequency (RF) or infrared
frequency (IR).
The main standards in the wireless LAN is IEEE 802.11 and also known as Wi-Fi. IEEE
standardized wireless LAN in 1999 however; it was tested in 1971 by researcher of University of
Hawaii. Recent standard of Wireless LAN is IEEE 802.11-2007. IEEE 802.11 Wireless LAN can
be configured in an infrastructure (AP) mode or in an ad-hoc mode.
4.1 WIRELESS LAN IN AP MODE
Wireless LANs in AP mode consist of wireless client stations (STAs) and an Access Point (AP)
in which clients are equipped with wireless adaptor that allow wireless communication among
other wireless stations. In this case AP functions like a regular switch or router in wired network
for the wireless client stations. In AP mode wirelesses LAN, all communications pass through an
AP meaning that wireless clients cannot communicate with each other directly.
The basic structure of a Wireless LAN is called Basic Service Set (BSS) as shown in Figure 6, in
which the network consists of an AP and several wireless devices. In order to form a wireless
network, AP continually broadcasts its Service Set Identifier (SSID), aka logical name of
wireless network, to allow wireless client stations to join the network. The area covered by a
transmission range of an AP is called basic service area (BSA).
Figure 6: Wireless LAN in AP Mode (also known as BSS)
Wireless LAN is connected to wired-network through AP. Thus, AP is a gateway for wireless
client stations to join to a wired network. One example is shown in Figure 6 where AP is
connected to wired-network through switch.
For roaming support, basic service sets can be combined to form an Extended Service Set (ESS).
In ESS, APs are connected to a single backbone system to provide roaming (moving from one
BSS to another BSS) for wireless client stations (STAs) as shown in figure 7.
[...]... change the orientation or position of a wireless AP or clients to increase the signal strength Furthermore, one can change the security features to secure the wireless network and channel used for wireless transmission to have the least interference for wireless network 12 Figure 9: Wireless LAN Channel Assignment for multiple APs 4.2 WIRELESS LAN IN AD HOC MODE When wireless devices communicate with each... networks is presented Combination of different systems within wireless cellular network makes system itself complex and brings more and more security vulnerabilities and loopholes and attackers can exploit the vulnerabilities available in any part of the network and can enter into the network Protocols and practices used to secure wireless cellular network are presented Similarly, to secure WiMAX network, ... Set In order to avoid interference, wireless APs should be configured in such a way that they transmit in non-overlapping adjacent channels shown in Figures 7 and 8 If multiple APs overlap in transmission ranges in the same channel, performance of wireless LAN will be significantly degraded [14] Figure 8: Wireless LAN Channel Assignment for multiple APs Channel occupancy information along with MAC address,... proposed PANA framework with protocol that is used as a messaging protocol between wireless clients and wireless network access authority is presented The security schemes that can be implemented in PAN including Bluetooth, ZigBee and UWB networks are also presented Furthermore, the best practices and recommendations to secure different wireless networks and devices are presented Wherever wireless networks... the wireless LAN configuration is called an Independent Service Set (IBSS) Figure 10: Wireless LAN in Ad Hoc Mode: IBSS One of the ad hoc wireless nodes (e.g computer) should be configured to provide SSID for wireless ad hoc networking 13 4.3 SECURITY ATTACKS IN WIRELESS LAN As in the other wireless networks, medium used to transfer data from source to destination is RF signal The RF signal in wireless. .. the access network and wireless client After successful PANA authentication, client is authorized to receive IP forwarding service from the network PANA is the network layer protocol and is intended to authenticate PaC (PANA Client) with PAA (PANA Authentication Agent) in situations where no prior trust between PAA and PaC exists PANA consists of four parts: Wireless Client known as PaC (PANA Client),... attacks and vulnerabilities can only be mitigated if the best practices as well as correct policies and standards are used We have discussed some of the important and best practices that can be implemented to improve mobile and wireless security However, wireless security will remain hot research topic until there exists ways to threaten the wireless networks 21 REFERENCES [1] Andrea Goldsmith, Wireless. .. wireless LAN is also freely available in air that makes easy for everyone to attack the network if it is not properly configured to secure the transmission Typical transmit power of APs lies in the range of 50mW to 100mW (maximum allowed range by FCC in the US is 4 watts) range of wireless AP is about 300ft to 1800ft [17] After successful deployment of wireless LAN and handheld devices, wireless applications... imposing mutual authentication between AP and network devices, rouge access point and reply attack can be solved 4.3.8 DOS ATTACKS In this type of attack, attacker sends noise continually on a specific channel to ruin the network performance RF jamming is an example of DoS attack in the wireless network [14, 20] 14 4.4 SECURITY IN WIRELESS LAN 802.11 The 802.11 IEEE standard consists of three layers (a)... encryption and requires hardware upgrade to support the new encryption algorithm It is considered to be the best solution to secure wireless data transfer under 802.11i Robust Secure/Security Network (RSN) is a part of 802.11i standard that provides mechanism to create secure communication channel between an AP and wireless clients by broadcasting an RSN Information Element message across the wirelessnetwork . the wireless network and channel used for wireless transmission to have the least
interference for wireless network.
12
Figure 9: Wireless LAN Channel.
to metropolitan area and known as a Wireless Metropolitan Area Network (WMAN). Wireless
LAN (WLAN) in infrastructure mode uses centralized Wireless Access