How this is accomplished is explained in the next
section.
You must understand, however, that the network can only authenticate and authorize
the device attempting access. There is no means of authenticating the person using
the device, unless the device itself employs some form of biometrics. The network
assumes that the use of the device is legitimate and allows access to the device (it is
assumed that the device has been adequately protected).
The ultimate security, of course, begins at the device level, ensuring that the device
itself is protected from unauthorized usage. This is difficult to enforce because most
people do not want to be bothered with things like biometrics and passwords. If there
were a way to authenticate the user of the device at the device, without too much inconvenience
to the subscriber, security would be a lot easier.
When access to a device is compromised, the attacker has full access to the network.
However, there are other methods to gain access into the network without using the
actual device itself. Masquerading as a legitimate subscriber allows hackers to use
their own devices to gain access into the network.
There are methods that can be used to prevent man-in-the-middle, spoofing, and
other forms of attacks where hackers gain access through other network entities and
masquerade as an authorized subscriber.
Pages:
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314