The business of securing wireless networks is booming. Everyone wants to go wireless, but are afraid of the seemingly poor security. I’ve read plenty of articles about companies who have come out with all sorts of approaches, such as client/server data encryption, special networking equipment, etc. I haven’t seen much news about a particular technology that could help us secure our wireless networking in a fairly easy to understand and implement fashion, by using GPS technology. Let me explain.

GPS technology has gotten to be commonplace these days. It would be fairly easy to come up with the hardware that can use this technology. But how to put it to work? Well, we’ve come up with some pretty good solutions for encrypting the data that goes back and forth between the clients and the servers. Where we’re failing is in limiting the reach of that data. We all know that wireless networks can’t be physically delimited. They will go through our walls and windows. That’s the clincher – if we could only limit how far it can go, we’ve got it made.

Well, I’d like to put forth one approach to doing this – and you’re probably already catching on, which is great! We need to come up with a hardware wireless access point or gateway that can act as a GPS transmitter. It will act as a central point, or antenna, and will broadcast its availability, along with GPS coordinates, to the clients. Here we can actually break this into two subs:

1. We can program a map of our building or perimeter, into the wireless router/access point, and thus be able to allow or disallow clients to connect based on whether or not they are within our pre-determined perimeter. The clients would also need to have some sort of GPS functionality programmed into their wireless cards, so they can talk back about their location to the router. This, coupled with MAC filtering, would act as a wonderful physical barrier.
2. We can come up with an additional hardware component – let’s call them perimeter delimiters – that we can stick (as guideposts) at the corners or our surface area that we want to cover. They would serve two purposes: would bounce wireless traffic back to the central router, and would determine whether or not a client that is trying to connect to the router is outside or inside our perimeter. This would eliminate the need of coming up with special wireless cards that have integrated GPS functionality. These “perimeter delimiters” would determine how far or how close a device is from the central router (based on the strength of the connection signal) and would then make a yes/no decision about whether to let that client connect or not.

Given that GPS positioning is fairly accurate (within 3-6 feet, at any rate), these methods would allow us to safely shut out unallowed devices from connecting.

You could say, yes, that may be true, but we still have a problem with those people would would listen in on our wireless traffic! Maybe, but I think I may have a solution for that as well. Let’s take these same perimeter delimiters, and let’s give them a different purpose. Instead of acting as wireless traffic mirrors, they would act as wireless traffic disrupters! We could let them be unidirectional antennas that would emit the opposite waveforms of our wireless traffic outside our perimeter, and will thus effectively cancel out the wireless traffic that goes outside our perimeter. This works along the same lines as radar jamming. Our perimeter delimiters would listen in on all of our wireless traffic in the area, then flood the external perimeter (through unidirectional antennas – which are the key) with the exact opposite waveforms.

Now let’s deal with data encryption. We’ve all seen that really expensive encryption hardware is not the answer. Just look at the Texas Instruments debacle that’s recently made the news with the car key chip. That’s not to say that we don’t need hardware encryption. We do, but we shouldn’t rely solely on hardware. I think we should also use software. Here’s what I mean. We now have all sorts of encryption methods: WEP, WPA, etc. The problem is that most of the hardware out there can only use one sort of encryption at a time. What we really need is the ability to come up with a different lock and key encryption method every time a device connects to a wireless router or access point. We can do this by first varying the encryption methods used for every connect, and also by varying the encryption methods used for portions of the data. We should also be able to insert bogus data inbetween our data bits, and by labeling them with a different key every time, allow the client and server to delete them out of the traffic and thus understand each other. We should also be able to vary the amounts of data we encrypt through a particular method, and the amounts of bogus data we insert between the real data bits. The router can come up with a particular ratio for all these combinations at the time of the connect. That’s what I mean by a lock and key method. We should also be able to randomly change how often the lock and key are changed while the device is connected to the network. By making multiple components of the encryption method random – and at random times – this makes it extremely difficult to listen in on our traffic.

Will this slow down the speed of our connections? Yes, but in some situations, it’s worth it. Ideally, we should be able to tone down the strength of our encryption on the home devices – and thus gain back our speed – but it should be coded in, just in case we need it.