Phd defence seminar

Printer-friendly version
Date and time: 
Fri, 2018-02-23 15:22
Location / Venue: 

phd lab


Despite the growing popularity of WLANs in organizations, recent studies have established that many implementations of authentication and access control in public WLANs are compromisable because design or selection of security features and how to configure them is a challenge to many WLAN implementers. While researchers have designed various approaches for selecting different authentication and access control mechanisms, these approaches are piecemeal and therefore not sufficient on their own to comprehensively address design or selection of various security features and how to configure them. Poor implementation of authentication and access control security in large public WLANs such as those in Universities is therefore the main problem addressed in this research. The main focus of this study was development of a simulation model that facilitates implementation and evaluation of WLAN authentication and access control security in a public WLAN. In this research, we investigated IEEE 802.11 implementation specific vulnerabilities that may contribute to poor WLAN authentication and access control security performance. Secondly, we analyzed security offered by WLAN cipher suites, authentication and access control mechanisms, end user and server system software used in WLAN authentication and access control. Third, we established relevant architectural components and used them to develop and prototype a simulation model that enables selection or design of security features and their configuration for WLAN authentication and access control in large public WLANs.Last, we validated/evaluated the model on the basis of its intended purpose over the domain of its intended applicability. The research process involved three phases; the first phase was preliminary studies which involved empirical descriptive survey on selected University WLANs in Kenya as well as attack tree and CVSS analysis of known attacks to WLANs.The second phase involved design of model architectural components, component value function tables, model algorithms and finally prototyping the model design. The third phase involved conceptual model validation, computerized model verification and operational model validation. Findings from the empirical survey confirmed that many implementations of public WLANs are vulnerable. The practitioners expressed the need for a model to explain and visualize the security of a WLAN authentication and access control. There was also concurrence among practitioners that an implementation model for authentication and access control can be used to increase the security of WLAN authentication in their environments. Based on attack tree and CVSS analysis, it was established that there are eight key terminal components that influence security of a WLAN during authentication and access control. These components are cipher suite, authentication credentials, client utility, client driver, accesspoint utility, authentication and access control mechanism, authentication server and user database. It was also established that there is atleast one attack tool available to exploit vulnerabilities in each of these terminal components. Results from the various validation approaches employed indicate that the conceptual architectural model was well thought because it was consistent with the understanding of the experts, its implementation was well done and in general the model developed enables implementation and evaluation of security features for WLAN authentication and access control.

Keywords: Trusted computing base concept, attack tree methodology, common vulnerability scoring system, authentication and access control security.

Expiry Date: 
Sat, 2019-02-23 15:22
Contact Person: 


phd defence seminar David Gitonga.pdf270.61 KB

News and Events

Community Outreach

Contact Us

P. O. Box 30197 - 00100 GPO Nairobi
School of Computing & Informatics Building
Chiromo Campus, off Riverside Drive
University of Nairobi
Tel: +254-4447870,
Fax: +254-4447870

Locate Us

UoN Website | UoN Repository | ICTC Website

Copyright © 2018. ICT WebTeam, University of Nairobi