Wi-Fi body to simplify security

The group that certifies Wi-Fi products aims to make more wireless LANs secure by taking some of the work out of locking them down.

The Wi-Fi Alliance is set to announce on Monday at the International Consumer Electronics Show its WPS (Wi-Fi Protected Setup) specification, which lays out an easier process for setting up a secure wireless LAN. The group will also reveal the first devices certified under WPS, though it will take a few more months for consumer products to reach store shelves.

Wi-Fi security has greatly improved since home users first embraced wireless LANs a few years ago, but most consumers still don't use the available tools because they are too hard to set up, said Frank Hanzlik, managing director of the Wi-Fi Alliance. WPS cuts the number of steps required to secure a new network, he said. Although vendors have been selling their own simplified security systems, they want a standard technology that access points and devices from all vendors can use, according to Hanzlik. Intel Corp., Microsoft Corp., Cisco Systems Inc.'s Linksys division and other vendors helped develop WPS.

Wireless LAN security systems, including the current WPA2 (Wi-Fi Protected Access 2) standard, encrypt traffic and require user authentication to get on the network. Traditionally, when consumers set up new wireless LANs, they have to set a network name and a "pass phrase" for the access point, then select the name and enter the pass phrase on every new device as they add it to the network.

With WPS, the access point automatically generates a network name. Consumers can add clients to the secure network by either entering a PIN (personal identification number) of four or eight digits or pushing special buttons built in to the access point and client. Later this year, the Wi-Fi Alliance will start certifying products that use near-field communication, in which users simply touch a token or card to the new device.

The new standard will help but won't make all new LANs secure, said Gartner Inc. analyst Ken Dulaney.

"A lot of consumers will just leave the security off like they do today, but if you want security, this is a lot easier than the current process," Dulaney said.

Today, setting up security is especially hard with devices that don't have a PC interface, such as printers and cameras. Entering a PIN on those clients using a small display and a navigation pad will be much easier than the current process, he said.

Security was the top concern of Wi-Fi users surveyed in 2006, but only 60 percent secured their networks, according to JupiterResearch analyst Ina Sebastian. The main reason they gave for not doing so was uncertainty about the technology. Easy security setup will become even more important as consumers start adding more entertainment devices to their LANs, because many wireless entertainment users are concerned about eavesdropping, she said.

The first certified products will largely be reference designs for manufacturers, Hanzlik said. The first wave of consumer products, which will carry a special logo in addition to the standard Wi-Fi insignia, will probably hit the market around June, he said.