190 likes | 349 Views
Chapter 4. Application Level Security in Cellular Networks. Generations of Cellular Networks (1). 1G 2G and 2.5G High-Speed Circuit-Switched Data (HSCSD) General Packet Radio Service (GPRS) Enhanced Data Rates for GSM Evolution (EDGE) Cellular Digital Packet Data (CDPD) 3G.
E N D
Chapter 4 Application Level Security in Cellular Networks
Generations of Cellular Networks (1) • 1G • 2G and 2.5G • High-Speed Circuit-Switched Data (HSCSD) • General Packet Radio Service (GPRS) • Enhanced Data Rates for GSM Evolution (EDGE) • Cellular Digital Packet Data (CDPD) • 3G
Generations of Cellular Networks (2) • 4G • Push and Pull Services • Location-based Services • Entertainment Services
Security Issues and Attacks in Cellular Networks (1) • Cellular Network limitations • Open wireless medium • Limited bandwidth • System Complexity • Limited Power • Limited Processing Power • Relativity Unreliable Network Connection
Security Issues and Attacks in Cellular Networks (2) • Security Issues in Cellular network • Authentication • Integrity • Confidentiality • Access Control • OS in Mobile Devices • Location Detection • Viruses and Malware
Security Issues and Attacks in Cellular Networks (3) • Downloaded Contents • Device Security • Attacks on Cellular Networks • Denial of Service (DoS) • Distributed Denial of Service (DDoS) • Channel Jamming • Unauthorized Access • Eavesdropping
Security Issues and Attacks in Cellular Networks (4) • Message Forgery • Message Replay • Man-in-the-Middle Attack • Session Hijacking
GSM Security for Applications (1) • GSM Architecture • GSM Security Features • Anonymity or Subscriber Identity Confidentiality • Subscriber Identity Authentication • Encryption of User Traffic and User Control Data • Use of SIM as Security Module
GSM Security for Applications (2) • GSM Security Attacks • SIM/MS Interface Tapping • Attacks on the Algorithm A3/8 • Flaws in A5/1 and A5/2 Algorithms • Attacks on the SIM Card • False Base Station
GSM Security for Applications (3) • GSM Security Solutions • GSM – Newer A3/A8 Implementation • GSM – A5/3 Ciphering • Public Key Infrastructure in Mobile Systems • Secure Browsing • Access to Enterprise Networks • Mobile Payment Authentication • Access Control
GSM Security for Applications (4) • Digital Signatures on Mobile Transactions • Messaging • Content Authentication • Digital ID
GPRS Security for Applications (1) • Security Issues in GPRS • Related to ME and SIM card • Between ME and SGSN • Between SGSN and GGSN • Among different operators • Between GGSN and external connected networks (Internet)
GPRS Security for Applications (2) • Security Threats to the GPRS • Unauthorized Access to the data • Threats to Integrity • DoS • Attack from valid network • Randomly Changing Source Address • Unauthorized Access to Services
GPRS Security for Applications (3) • GPRS Security Solutions • Ciphering based on KASUMI added to GPRS called GEA3 • Performed in higher layer LLC (Logical Link Control) • MAC messages are not ciphered • UMTS ciphering occurs at MAC layer
UMTS Security for Applications (1) • 5 different sets of security features • Network Access Security • Network Domain Security • User Domain Security • Application Security • Visibility and Configurability of security
UMTS Security for Applications (2) • UMTS AKA Security Mechanism • UMTS Authentication and Key Agreement (UMTS AKA) • Authentication and Key Agreement using challenge/response mechanism • See figure 4.9 UMTS AKA Protocol • UMTS Network Authentication to Phone
3G Security for Applications (1) • 3G Attacks • DoS • Overbilling Attack • Spoofed PDP Context • Signaling-level attacks • Some Security Solutions for 3G • A new authentication scheme with anonymity for wireless networks
3G Security for Applications (2) • Manual authentication for wireless devices • Elliptic Curve Cryptography for Wireless Security • Channel Surfing and Spatial Retreats
Some of Security and Authentication Solutions • Protocol of Gong et al. • GSM User Authentication Protocol (GUAP) • One-time Password Schemes • Mobile ATP • ATP using GSM • OTP using GPRS • Web/Mobile Authentication System with OTP • Location-based Encryption • BioPasswords