In a guest post for National Cyber Security Awareness Month, Jim Gogan, Assistant Vice Chancellor for Communication Technologies at Information Technology Services, explains how UNC-Chapel Hill’s new primary wireless connection eduroam can ensure the most secure transmission of both your data and your identity.
Wi-Fi/wireless technology can produce spine shivers for anyone concerned about network security. The use of open-air radio frequencies can mean that your transmissions are as secure as a postcard, and the use of traditional username and password for authentication could present a threat for identify theft every time you connect to the network. In the current world of Wi-Fi, the options available for encryption and authentication consist of:
- Open – no encryption, no authentication
- PSK – or pre-shared key, where the encryption is very strong but uses a passphrase for authentication that’s shared by all users, or
- Enterprise mode, which offers the strongest levels of encryption and authentication, using 802.1X technology.
The “eduroam” network is an advertised wireless network found on thousands of universities and research institutions across the world that uses the Enterprise/802.1X mode of authentication and encryption. Each participating institution maintains RADIUS authentication servers that operate in a worldwide hierarchy for credential verification; when you connect to an eduroam network, a secure tunnel is established to your home institution where your identity is verified, allowing you to connect to the network at that eduroam site.
At UNC-Chapel Hill, the authentication mechanism that we have chosen to use for eduroam within this framework is EAP-TLS, in which public certificates are used for identity authentication instead of username and password. Other 802.1X authentication mechanisms can allow for eavesdropping of unencrypted username/password combinations.
With this configuration then, use of the eduroam network for wireless connectivity can ensure the most secure transmission of both your data and your identity, not only on the local campus, but anywhere around the world that supports eduroam.
October is National Cyber Security Awareness Month. Visit ITS News throughout October for posts offering cyber security advice from experts and other tech tips. For additional cyber security tips and to check out the activities and resources associated with National Cyber Security Awareness Month, visit the national campaign’s website.