Introduction

The chapters so far have looked at the main functionality of a cognitive radio through an exploration of the ‘observe, decide, act’ cycle. We now step back from this and look at security issues specifically related to cognitive radio. This chapter is the shortest chapter of the book. This is not indicative of the level of importance of the topic of security and cognitive radio but of the fact that cognitive radio security has to date received much less attention than other topics.

All communication systems need to be made secure to operate. Typically any users of a system have to authenticate themselves on the network. Authentication is the process of determining whether someone or something is, in fact, who or what it is declared to be. Some authentication processes may involve the simple use of a password but others are more complex. The use of digital certificates, issued and verified by what is known as a Certificate Authority (CA) as part of a public key infrastructure, is an example of a more stringent process. Following authentication, authorisation processes, to ensure data and services are accessible only to those who have the correct entitlements, are needed. During all communication privacy may need to be guaranteed. Encryption is typically used to achieve this either using a public key infrastructure, a symmetric cryptographic approach or hash algorithms. Eavesdropping by man-in-the-middle attacks must be avoided.