530 likes | 666 Views
Smartening the Environment using Wireless Sensor Networks in a Developing Country. Wireless Network Security 3G, 4G Wireless PAN/LAN/MAN. Al-Sakib Khan Pathan Department of Computer Science International Islamic University Malaysia. Guided and Unguided Media.
E N D
Smartening the Environment using Wireless Sensor Networks in a Developing Country Wireless Network Security 3G, 4G Wireless PAN/LAN/MAN Al-Sakib Khan Pathan Department of Computer Science International Islamic University Malaysia UTM, 23 May 2012
Guided and Unguided Media • All types of communications need some kind of medium. • The information is encoded in a signal that is carried through a medium. • Quality depends on the characteristics of the medium. • Two main groups of transmission media, namely the guided medium and the wireless medium. UTM, 23 May 2012
Guided and Unguided Media • For the guided medium, there is a physical path (such as a cable) for electromagnetic wave propagation. • For the wireless medium, the electromagnetic wave is transmitted through air, water, or vacuum (space). • A wireless medium is also called an unguided medium. UTM, 23 May 2012
Wireless LAN • A wireless LAN or WLAN is a wireless local area network that uses radio waves as its carrier. • The last link with the users is wireless, to give a network connection to all users in a building or campus. • The backbone network usually uses cables. UTM, 23 May 2012
Wireless Network? Security? Source: http://www.pinellascomputers.com/wp-content/uploads/2011/07/wireless-networking-wifi-internet-setup.jpg UTM, 23 May 2012
Wireless Network Features • Wireless networks are treated as having more vulnerabilities than wired networks because of their • shared nature • naturally broadcasted states • unclear perimeters • invisible access UTM, 23 May 2012
What other “Wireless”? • 3G Wireless Networks • 3G or 3rd generation mobile telecommunications is a generation of standards for mobile phones and mobile telecommunication services fulfilling the International Mobile Telecommunications-2000 (IMT-2000) specifications by the International Telecommunication Union. • Application services include wide-area wireless voice telephone, mobile Internet access, video calls and mobile TV, all in a mobile environment. UTM, 23 May 2012
What other “Wireless”? • 4G Wireless Networks • In telecommunications, 4G is the fourth generationof cell phone mobile communications standards. It is a successor of the third generation (3G) standards. • 4G system provides mobile ultra-broadband Internet access, for example to laptops with USB wireless modems, to smartphones, & to other mobile devices. • Conceivable applications include amended mobile web access, IP telephony, gaming services, high-definition mobile TV, video conferencing, 3D television. UTM, 23 May 2012
3G Wireless Source: http://www.topglobalusa.com/images/j041.gif UTM, 23 May 2012
A Cell Tower UTM, 23 May 2012
3G and WiFi S: http://www.cryptech.com.au/wp-content/uploads/2010/03/difference-between-3g-mobile-broadband-and-wifi-wireless-network.png UTM, 23 May 2012
What they have in Common? • Wireless unguided medium. • Potential threat from anybody within the range of wireless coverage/communication. • Attenuation. • Distortion during signal propagation. • Noises. • Do all of these impact security? UTM, 23 May 2012
Security Viewing Angles • Viewing Angle 1 • (a) Key Management • (b) Secure Routing • (c) Secure Services • (d) Intrusion Detection Systems (IDS) [outsider, insider] • Viewing Angle 2 • (a) Physical security • (b) Deployment security (sparse or dense, etc.) • (c) Topological security (cluster/flat, hierarchy/tree, etc.) • (d) Wireless communication security • (e) Data security UTM, 23 May 2012
Security Viewing Angles • Viewing Angle 3: Holistic Security • (a) Application layer security • (b) Transport layer security • (c) Network layer security • (d) Data link layer security • (e) Physical layer security • Holistic Security? – Still open research issue! UTM, 23 May 2012
Main Security Aspects • Authentication • Authorization • Privacy/Confidentiality • Integrity • Non-repudiation UTM, 23 May 2012
3G Security: Background • One of the aspects of GSM that has played a significant part in its global appeal is its set of security features • GSM was the first public telephone system to use integrated cryptographic mechanisms • GSM security model has been adopted, modified and extended for DECT, TETRA and 3GPP UTM, 23 May 2012
3GPP • The 3rd Generation Partnership Project (3GPP) is a collaboration between groups of telecommunications associations, known as the Organizational Partners. • The initial scope of 3GPP was to make a globally applicable 3G mobile phone system specification based on evolved Global System for Mobile Communications (GSM) specifications within the scope of the International Mobile Telecommunications-2000 project of the ITU. UTM, 23 May 2012
3GPP Security Principles • Ensure that 3G security builds on the security of GSM where features that have proved to be needed and that are robust shall be adopted for 3G • Ensure that 3G security improves on the security of second generation systems by correcting real and perceived weaknesses • Ensure that new 3G security features are defined as necessary to secure new services offered by 3G UTM, 23 May 2012
3G Security Objectives • Ensure that • information generated by or relating to a user is adequately protected against misuse or misappropriation. • the resources and services provided are adequately protected against misuse or misappropriation. • the security features standardized are compatible with world-wide availability. • the security features are adequately standardized to ensure world-wide interoperability and roaming between different serving networks. UTM, 23 May 2012
3G Security Objectives • Ensure that • the level of protection afforded to users and providers of services is better than that is provided in contemporary fixed and mobile networks (including GSM). • the implementation of 3GPP security features and mechanisms can be extended and enhanced as required by new threats and services. UTM, 23 May 2012
3G Requirements Capture • Based on the threat analysis, a comprehensive list of security requirements were captured and categorized • The security requirements help identify which security features need to be introduced in order to counteract the threats • The requirements capture has led to the identification of additional security features beyond those retained from GSM UTM, 23 May 2012
3G Security Arch: Background Source: Peter Howard , Vodafone, UK Presentation Slides UTM, 23 May 2012
3G R99 Security Features (beyond GSM) • Protection against active attacks on the radio interface • New integrity mechanism added to protect critical signaling information on the radio interface • Enhanced authentication protocol provides mutual authentication and freshness of cipher/integrity key towards the user • Enhanced encryption • Stronger algorithm, longer key • Encryption terminates in the radio network controller rather than the base station UTM, 23 May 2012
3G R99 Security Features (beyond GSM) • Core network security • Some protection of signaling between network nodes • Potential for secure global roaming • Adoption of 3GPP authentication by TIA TR-45 / 3GPP2 UTM, 23 May 2012
3G Security Architecture Home Environment (HE) Serving Network (SN) Access Network (AN) Mobile Terminal (MT) Terminal Equipment (TE) User Services Identity Module (USIM) UTM, 23 May 2012
3G Network Architecture IP RAN CircuitNetwork Circuit/ Signaling Gateway Mobility Manager Feature Server(s) Circuit Switch IN Services RNC Call Agent Voice Data + Packet Voice IP Core Network Radio Access Control Packet Network (Internet) Packet Gateway Intelligent Network (IN) Radio Network Controller (RNC) IP Radio Access Network (IP RAN) 3G 2G/2.5G 2G Source: Presentation Slides of Myagmar, Gupta: UIUC, USA, 2001 UTM, 23 May 2012
Improved Security Features, 1 • Network Authentication • The user can identify the network • Explicit Integrity • Data integrity is assured explicitly by use of integrity algorithms • Also stronger confidentiality algorithms with longer keys • Network Security • Mechanisms to support security within and between networks UTM, 23 May 2012
Improved Security Features, 2 • Switch Based Security • Security is based within the switch rather than the base station • IMEI Integrity • Integrity mechanisms for IMEI (International Mobile Equipment Identity) provided from the start • Secure Services • Protect against misuse of services provided by SN and HE UTM, 23 May 2012
Improved Security Features, 3 • Secure Applications • Provide security for applications resident on USIM • Fraud Detection • Mechanisms to combating fraud in roaming situations • Flexibility • Security features can be extended and enhanced as required by new threats and services UTM, 23 May 2012
Improved Security Features, 4 • Visibility and Configurability • Users are notified whether security is on and what level of security is available • Users can configure security features for individual services • Compatibility • Standardized security features to ensure world-wide interoperability and roaming • At least one encryption algorithm exported on world-wide basis UTM, 23 May 2012
Improved Security Features, 5 • Lawful Interception • Mechanisms to provide authorized agencies with certain information about subscribers UTM, 23 May 2012
Problems of 3G Security, 1 • IMSI (International Mobile Subscriber Identity) is sent in cleartext when allocating TMSI (Temporary Mobile Subscriber Identity) to user. • The transmission of IMEI (International Mobile Equipment Identity) is not protected; IMEI is not a security feature. • A user can be enticed to camp on a false BS. Once the user camps on the radio channels of a false BS, the user is out of reach of the paging signals of SN. UTM, 23 May 2012
Problems of 3G Security, 2 • Hijacking outgoing/incoming calls in networks with disabled encryption is possible. The intruder poses as a man-in-the-middle and drops the user once the call is set-up. UTM, 23 May 2012
4G Security? • Two issues are at the forefront of 4G development: • the verification of users and • the limitation of network access in the heterogeneous architecture. • Other vulnerabilities involve providers utilizing different systems and the basis of user-centered design, which allows users to select their preferred connection method. UTM, 23 May 2012
Wireless PAN • WPAN? • A wireless personal area network (WPAN) is a personal area network - a network for interconnecting devices centered around an individual person's workspace - in which the connections are wireless. • IrDA (Infrared Data Association) • Bluetooth • Wireless USB • Z-Wave • ZigBee • Body Area Network UTM, 23 May 2012
Wireless LAN/MAN • WLAN? • Wireless connected LAN. • WMAN? • A metropolitan area network (MAN) is a computer network that usually spans a city or a large campus. A MAN usually interconnects a number of local area networks (LANs) using a high-capacity backbone technology, such as fiber-optical links, and provides up-link services to wide area networks (or WAN) and the Internet. Wireless Version!! UTM, 23 May 2012
What About Security? • Common solutions may work in each type of network. • Basic wireless security barriers are present but based on characteristics and network settings, things may be different and may demand specific security measures. • Based on different standards, different security requirements are met. UTM, 23 May 2012
What About Security? Two security services are mainly emphasized: • Authentication • Shared Key Authentication • Privacy/Confidentiality (Encryption) • Wired Equivalence Privacy • Other aspects are often requirement specific. UTM, 23 May 2012
WLAN Security? • 802.11 standard specifies the operating parameters of wireless local area networks (WLAN) • History: 802.11, b, a, g, i • Minimal security in early versions. • Original architecture not well suited for modern security needs. • 802.11i attempts to address security issues with WLANs. UTM, 23 May 2012
IEEE 802.11b • Wired Equivalent Privacy (WEP) • Confidentiality • Encryption • 40-bit keys (increased to 104-bit by WEP2) • Based on RC4 algorithm • Access Control • Shared key authentication + Encryption • Data Integrity • Integrity checksum computed for all messages UTM, 23 May 2012
IEEE 802.11b • Vulnerabilities in WEP • Poorly implemented encryption • Key reuse, small keys, no keyed MIC • Weak authentication • No key management • No interception detection UTM, 23 May 2012
IEEE 802.11b: Attacks • Successful attacks on 802.11b • Key recovery - AirSnort • Man-in-the-middle • Denial of service • Authentication forging • Known plaintext • Known ciphertext UTM, 23 May 2012
IEEE 802.11i • IEEE 802.11i-2004 or 802.11i, implemented as WPA2 (Wi-Fi Protected Access II), is an amendment to the original IEEE 802.11. • The draft standard was ratified on 24 June 2004 • Later amendments in 2007 and 2012! UTM, 23 May 2012
Original IEEE 802.11i • Security Specifications • Improved Encryption • CCMP (AES), TKIP (Temporal Key Integrity Protocol), WRAP (Wireless Robust Authenticated Protocol) • 2-way authentication • Key management • Ad-hoc network support • Improved security architecture UTM, 23 May 2012
802.11i Authentication UTM, 23 May 2012
802.11 Encryption UTM, 23 May 2012
802.11i: Potential Weaknesses • Hardware requirements • Hardware upgrade needed for AES (Advanced Encryption Standard) support • Strength of TKIP and WRAP questionable in the long term • AS (auth. server) needed for 2-way authentication • Complexity • The more complex a system is, the more likely it may contain an undetected backdoor • Patchwork nature of “fixing” 802.11b UTM, 23 May 2012
Connecting WLAN – Control? • Options: • May be connected securely (WPA2, 802.11i, etc.) • If unsecured, connect to your secure systems securely: • VPN – Virtual Private Network • SSL connections to secure systems • Be careful not to expose passwords • Watch for direct attacks on untrusted networks UTM, 23 May 2012
802.11i Improvements • 802.11i appears to be a significant improvement over 802.11b from a security standpoint • Vendors are nervous about implementing 802.11i protocols due to how quickly WEP was compromised after its release • Time will tell how effective 802.11i actually is • Wireless networks will not be completely secure until the standards that specify them are designed from the beginning with security in mind UTM, 23 May 2012
Remarks – WLAN Security • Wireless LAN Security also could be benefited by the advancements of security measures for other networks. • The main reason that WLANs are attacked is due to their availability for long time and the medium used, where anybody can try to join in. • All these apply to PAN and MAN as well!! UTM, 23 May 2012