The IEEE 802.11 provides for MAC access control and encryption mechanisms. Earlier,
the wire line equivalent privacy (WEP) algorithm was used to encrypt messages. WEP uses a Rivest Cipher 4 (RC4) pseudo-random number generator with two key structures
of 40 and 128 bits. Because of the inherent weaknesses of the WEP, the IEEE 802.11i committee developed a new encryption algorithm and worked on the enhanced security and authentication mechanisms for 802.11 systems.
For access control, ESSID (also known as a WLAN service area ID) is programmed into each AP and is required in order for a wireless client to associate with an AP. In addition, there is provision for a table of MAC addresses called an access control list to be included in the AP, restricting access to stations whose MAC addresses are not on the list.
Beyond layer-2, 802.11 WLANs support the same security standards supported by other 802 LANs for access control (such as network operating system logins) and encryption (such as IPSec or application-level encryption). These higher-level technologies can be used to create end-to-end secure networks encompassing both wired LAN and WLAN components, with the wireless piece of the network gaining additional security from the IEEE 802.11i feature set.
Source of Information : Elsevier Wireless Networking Complete