Mobile Office Security Requirements for the Mobile Office

Size: px
Start display at page:

Download "Mobile Office Security Requirements for the Mobile Office"

Transcription

1 Mobile Office Security Requirements for the Mobile Office Alcatel SEL AG 20./

2 Overview Security Concepts in Mobile Networks Applications in Mobile Networks Mobile Terminal used for Network Access Security Requirements Alcatel SEL AG, S. Rupp Mobile Office - Anforderungen an die Sicherheit 2

3 Mobile Networks Security Concepts in Mobile Networks GSM WAP UMTS Applications in Mobile Networks Mobile Terminal used for Network Access Security Requirements Alcatel SEL AG, S. Rupp Mobile Office - Anforderungen an die Sicherheit 3

4 Security Concepts in GSM mobile / fixed network Air Interface BTS BTS BSC MSC/VLR PLMN/PSTN HLR/AuC BSC encrypted BTS AuC HLR BTS BSC MSC VLR Authentication Center Home Location Register Base Transceiver Station Base Station Controller Mobile Switching Center Visitor Location Register subscriber authentication encrypted air interface anonymous identity Alcatel SEL AG, S. Rupp Mobile Office - Anforderungen an die Sicherheit 4

5 Authentication in GSM MSC/VLR PLMN/PSTN MS ME SIM Air Interface signed response ciphering key 3 2 BTS 1 challenge BSC =? RAND SRES Kc A3 A8 3 HLR/AuC Ki Ki A8 A3 Authentication triplets generated in AuC and collected in MSC: RAND SRES Kc random number, signed response, ciphering key Ki ME MS SIM Individual secret Key Mobile Equipment Mobile Station = ME+SIM Subscriber Identity Module Challenge/response authentication from MSC to SIM Enter ciphering mode without transmitting Kc on the air Alcatel SEL AG, S. Rupp Mobile Office - Anforderungen an die Sicherheit 5

6 Transport encryption in WAP WAP gateway Web server WAP browser mobile network WTLS Internet SSL Main risks handled: eavesdropping on the air and in the Internet Internet and Mobile Network encrypted WTLS: network-independent technology Operates on GSM, CDMA, GPRS, Alcatel SEL AG, S. Rupp Mobile Office - Anforderungen an die Sicherheit 6

7 UMTS network Node B RNC 3G MSC/VLR Circuit Core Network 3G SGSN 3G GGSN UICC: USIM,... Node B IP intranet IP Network MSC RNC SGSN GGSN UICC USIM circuit traffic packet traffic Mobile Switching Center Radio Network Controller Serving GPRS Support Node Gateway GPRS Support Node UMTS Integrated Circuit Card User Service Identity Module Improved network security New interfaces to be secured: Internet and Multimedia Services Alcatel SEL AG, S. Rupp Mobile Office - Anforderungen an die Sicherheit 7

8 Security Concepts in UMTS Compatibility with GSM security features and network Address the security weaknesses of GSM: access security only: security between mobile and switch, i.e. microwave links now encrypted subscriber authentication only: mutual authentication of subscriber and network vulnerable for active attacks: encrypted signaling messages short keys: increased key length clear transmission of cipher keys and authentication values within and between networks in case of roaming: session keys for roaming (transport security) lack of confidence in cryptographic algorithms: well-studied open algorithms Alcatel SEL AG, S. Rupp Mobile Office - Anforderungen an die Sicherheit 8

9 Mobile Network Summary GSM - GSM + plain text transmitted in the network subscriber authentic. encrypted air interface no end-to-end WAP security full transport layer encr. WAP choice of algorithms, no end-to-end security elliptic curve cryptogr. efficient for mobiles plain text in WAP UMTS gateway network authentication UMTS exposed to attacks from the Internet data privacy problem in location based services Alcatel SEL AG, S. Rupp Mobile Office - Anforderungen an die Sicherheit 9 protected access network encrypted messages increased key lengths secure interface between networks

10 Mobile Applications Security Concepts in Mobile Networks Applications in Mobile Networks Application in the Terminal: WAP or SAT Application in PDA or Notebook Mobile Terminal used for Network Access Security Requirements Alcatel SEL AG, S. Rupp Mobile Office - Anforderungen an die Sicherheit 10

11 Applications in the terminal SMS, USSD GSM SAT: SIM Application Toolkit Mobile is used as a primitive I/O-terminal Interface between mobile and SIM standardized, i.e. independent from mobile equipment Communication uses SMS or USSD for transport Applications are specific for the card used, programming by experts only Applications limited in size by card memory and performance SAT browser incl. security plug-ins instead of WAP Mature technology, widely supported by terminals Slow transmission: mainly for small messages SMS USSD Short Message Service Unstructured Supplementary Service Data Alcatel SEL AG, S. Rupp Mobile Office - Anforderungen an die Sicherheit 11

12 Applications in the terminal SMS, USSD JavaCard SMS USSD GSM Short Message Service Unstructured Supplementary Service Data Mobile terminal is an Internet access terminal which can be used for phone calls in special cases, Mobile is used as a primitive I/O-terminal Performance of Smart Cards rapidly increasing In addition to the SIM application, e.g. Java Interpreter and (remotely) loaded Java applets can execute in the Smart Card User interactive applications run on the Card Functionality of the mobile terminal can be controlled by the Smart Card Payload in a SMS is sent to the Smart Card without user intervention Serious security issues to be solved (signed applets, verification of arriving applets ) Alcatel SEL AG, S. Rupp Mobile Office - Anforderungen an die Sicherheit 12

13 Network Access Security Concepts in Mobile Networks Applications in Mobile Networks Mobile Terminal used for Network Access Security Requirements Alcatel SEL AG, S. Rupp Mobile Office - Anforderungen an die Sicherheit 13

14 Mobile Terminal used as Network Access Ca. 500 Mio. GSM terminals in use world-wide can be always online, i.e. 3 times more than Internet hosts Network access from PDA or Notebook via mobile terminal using cable, Infrared, Bluetooth, ad-hoc-networks Alcatel SEL AG, S. Rupp Mobile Office - Anforderungen an die Sicherheit 14

15 Mobile Terminal used as Network Access Bluetooth: local wireless connection to devices, speed: up and down 433 kbits/s each or up 58 kbits/s and down 721 kbits/s, 8 devices, multipoint Bluetooth security symmetric payload encryption (8 128 bits key length) optional authorization (permission to use services) challenge-response authentication to check that both sides of a pair of devices use the same encryption key frequency hopping Bluetooth provides basic security for simple networks needs application level support and end-to-end security for serious, security sensitive work Alcatel SEL AG, S. Rupp Mobile Office - Anforderungen an die Sicherheit 15

16 Mobile Terminal used as Network Access IrDA: point-to-point ad-hoc transmissions for up to ca. 1m with at up to 4 Mbits/s (16 Mbits/s under development) requires optical visibility uses the same upper layer protocol as Bluetooth for point-and-shoot style of operation in a narrow angle (ca. 30 ), easy choice of recipient IrDa security: no link layer security relies on application level security security mechanisms Alcatel SEL AG, S. Rupp Mobile Office - Anforderungen an die Sicherheit 16

17 Mobile Equipment used as Network Access Wireless LAN (IEEE b) security frequency hopping; access control lists data security: Wired Equivalent Privacy (WEP) encrypts data, but leaves the headers intact, weak algorithm 40 bits RC4, shared key; this is not an end-to-end privacy challenge-response authentication no access barriers inside the network defined shares the same vulnerabilities with wired LAN (Internet access, sniffing, ) plus vulnerability for jamming (Denial of Service attack) Internet requires careful handling of security issues on upper layers Access Point Intranet Appli. Server Alcatel SEL AG, S. Rupp Mobile Office - Anforderungen an die Sicherheit 17

18 Ad-hoc networks Ad-hoc networks: mutual communication among wireless clients no network structure Ad-hoc network security: Authenticity to be implemented by signed certificates Access control lists sophisticated key agreement necessary to defend eavesdropping during the key agreement phase (secure authentication and encryption) Alcatel SEL AG, S. Rupp Mobile Office - Anforderungen an die Sicherheit 18

19 Security Requirements Security Concepts in Mobile Networks Applications in Mobile Networks Mobile Terminal used for Network Access Security Requirements Alcatel SEL AG, S. Rupp Mobile Office - Anforderungen an die Sicherheit 19

20 Security Requirements Challenge Security threats for the Mobile Office are not new, but PDAs, WAP, Bluetooth present unique and urgent security challenges when connected to critical/sensitive enterprise systems or used for commercial transactions how to guarantee secure host access and secure transactions from mobile terminals using a variety of protocols? Alcatel SEL AG, S. Rupp Mobile Office - Anforderungen an die Sicherheit 20

21 Security Requirements for the Mobile Office Mandatory security requirements confidentiality cryptography authentication certificates integrity signatures non-repudiation signatures+certificates easy and strong user authentication explicit transaction authorization end-to-end encryption accepted log-on security (biometrics ) instead of several PINs, passwords, etc. intrusion detection and audit-trail Define a security policy that states the rules for access and plan mechanisms and countermeasures Alcatel SEL AG, S. Rupp Mobile Office - Anforderungen an die Sicherheit 21

22 Summary Standard challenges of e-commerce Denial-of-Service attacks virus code modification, replay, etc. in gateway systems Additional challenges for m-commerce easy eavesdropping on air interface Denial-of-Service attacks : jamming limited performance of mobile devices in terms of memory and throughput means limited cryptographic performance variety of protocols to be supported high risk that mobile equipment is stolen or lost, i.e. user authentication is critical and the shared secret should not be compromised in that case Alcatel SEL AG, S. Rupp Mobile Office - Anforderungen an die Sicherheit 22

23 Summary Authentication and end-to-end encryption crucial Problem of secure key handling to be solved without complicating the handling Networks provide at best basic security; PKI (Public Key Infrastructure) required for commercial use and for access to sensitive data: cryptography, digital signatures, digital certificates: under defin. by Radicchio, Msign, GMCIG, Met,... SIM+SIM Application Toolkit, Java Card or UICC with security applications can host security software in a mobile terminal; smart card and cryptographic software to be used in a PDA or notebook Alcatel SEL AG, S. Rupp Mobile Office - Anforderungen an die Sicherheit 23

24 Recommendations build security in from the beginning build a complete security solution incl. intrusion detection, anti-virus scanners (content), firewalls, access control, logging, handle gateways (e.g. WAP gateway) as if they were application servers fully support wireless networks by central IT or outsource the construction of a secure infrastructure to avoid creation of distributed less secure networks monitor security regularly (operate and maintain (!) intrusion detection, process access logs, ) and prepare to react Alcatel SEL AG, S. Rupp Mobile Office - Anforderungen an die Sicherheit 24

25 Alcatel s role Alcatel is a network manufacturer covering the complete range of products Alcatel offers consulting services Alcatel is a partner in cooperations e.g. with KeySoft for mobile-based Extranet access solutions based on the MOBEX product: mobile access to mail, files, calendar, secured applications, etc. Gemplus to guarantee the compatibility of the USIM smart card with the UMTS network Certicom, RSA et al. for security technology used in mobile, VPN and PABX solutions Alcatel SEL AG, S. Rupp Mobile Office - Anforderungen an die Sicherheit 25

26 contact: Alcatel SEL AG, S. Rupp Mobile Office - Anforderungen an die Sicherheit 26

Authentication and Secure Communication in GSM, GPRS, and UMTS Using Asymmetric Cryptography

Authentication and Secure Communication in GSM, GPRS, and UMTS Using Asymmetric Cryptography ISSN (Online): 1694-0784 ISSN (Print): 1694-0814 10 Authentication and Secure Communication in GSM, GPRS, and UMTS Using Asymmetric Cryptography Wilayat Khan 1 and Habib Ullah 2 1 Department of Electrical

More information

Solution for Non-Repudiation in GSM WAP Applications

Solution for Non-Repudiation in GSM WAP Applications Solution for Non-Repudiation in GSM WAP Applications CRISTIAN TOMA, MARIUS POPA, CATALIN BOJA Economic Informatics Department Academy of Economic Studies Romana Square No. 6, Bucharest ROMANIA cristian.toma@ie.ase.ro

More information

Mobile Network Evolution Part 1. GSM and UMTS

Mobile Network Evolution Part 1. GSM and UMTS Mobile Network Evolution Part 1 GSM and UMTS GSM Cell layout Architecture Call setup Mobility management Security GPRS Architecture Protocols QoS EDGE UMTS Architecture Integrated Communication Systems

More information

GSM and UMTS security

GSM and UMTS security 2007 Levente Buttyán Why is security more of a concern in wireless? no inherent physical protection physical connections between devices are replaced by logical associations sending and receiving messages

More information

DATA SECURITY 1/12. Copyright Nokia Corporation 2002. All rights reserved. Ver. 1.0

DATA SECURITY 1/12. Copyright Nokia Corporation 2002. All rights reserved. Ver. 1.0 DATA SECURITY 1/12 Copyright Nokia Corporation 2002. All rights reserved. Ver. 1.0 Contents 1. INTRODUCTION... 3 2. REMOTE ACCESS ARCHITECTURES... 3 2.1 DIAL-UP MODEM ACCESS... 3 2.2 SECURE INTERNET ACCESS

More information

THE INFORMATION SECURITY OF A BLUETOOTH-ENABLED HANDHELD DEVICE

THE INFORMATION SECURITY OF A BLUETOOTH-ENABLED HANDHELD DEVICE THE INFORMATION SECURITY OF A BLUETOOTH-ENABLED HANDHELD DEVICE Frankie Tvrz¹ and Marijke Coetzee² 1 Department of Business Information Technology 2 Academy for Information Technology University of Johannesburg

More information

7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?

7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security? 7 Network Security 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework 7.4 Firewalls 7.5 Absolute Security? 7.1 Introduction Security of Communications data transport e.g. risk

More information

12/3/08. Security in Wireless LANs and Mobile Networks. Wireless Magnifies Exposure Vulnerability. Mobility Makes it Difficult to Establish Trust

12/3/08. Security in Wireless LANs and Mobile Networks. Wireless Magnifies Exposure Vulnerability. Mobility Makes it Difficult to Establish Trust Security in Wireless LANs and Mobile Networks Wireless Magnifies Exposure Vulnerability Information going across the wireless link is exposed to anyone within radio range RF may extend beyond a room or

More information

Theory and Practice. IT-Security: GSM Location System Syslog XP 3.7. Mobile Communication. December 18, 2001. GSM Location System Syslog XP 3.

Theory and Practice. IT-Security: GSM Location System Syslog XP 3.7. Mobile Communication. December 18, 2001. GSM Location System Syslog XP 3. Participant: Hack contacting... IT-Security: Theory and Practice Mobile Communication December 18, 2001 Uwe Jendricke uwe@iig.uni-freiburg.de Lecture Homepage: http://www.informatik.uni-freiburg.de/~softech/teaching/ws01/itsec/

More information

Authentication and Security in IP based Multi Hop Networks

Authentication and Security in IP based Multi Hop Networks 7TH WWRF MEETING IN EINDHOVEN, THE NETHERLANDS 3RD - 4TH DECEMBER 2002 1 Authentication and Security in IP based Multi Hop Networks Frank Fitzek, Andreas Köpsel, Patrick Seeling Abstract Network security

More information

Lecture Objectives. Lecture 8 Mobile Networks: Security in Wireless LANs and Mobile Networks. Agenda. References

Lecture Objectives. Lecture 8 Mobile Networks: Security in Wireless LANs and Mobile Networks. Agenda. References Lecture Objectives Wireless Networks and Mobile Systems Lecture 8 Mobile Networks: Security in Wireless LANs and Mobile Networks Introduce security vulnerabilities and defenses Describe security functions

More information

a) Encryption is enabled on the access point. b) The conference room network is on a separate virtual local area network (VLAN)

a) Encryption is enabled on the access point. b) The conference room network is on a separate virtual local area network (VLAN) MIS5206 Week 12 Your Name Date 1. Which significant risk is introduced by running the file transfer protocol (FTP) service on a server in a demilitarized zone (DMZ)? a) User from within could send a file

More information

UMTS security. Helsinki University of Technology S-38.153 Security of Communication Protocols k-p.perttula@hut.fi 15.4.2003

UMTS security. Helsinki University of Technology S-38.153 Security of Communication Protocols k-p.perttula@hut.fi 15.4.2003 UMTS security Helsinki University of Technology S-38.153 Security of Communication Protocols k-p.perttula@hut.fi 15.4.2003 Contents UMTS Security objectives Problems with GSM security UMTS security mechanisms

More information

SECURITY ISSUES AND CHALLENGES IN MOBILE COMPUTING AND M-COMMERCE

SECURITY ISSUES AND CHALLENGES IN MOBILE COMPUTING AND M-COMMERCE SECURITY ISSUES AND CHALLENGES IN MOBILE COMPUTING AND M-COMMERCE ABSTRACT Krishna Prakash and Balachandra Department of Information and Communication Technology, MIT Manipal Mobile computing and Mobile

More information

Security. Contents. S-72.3240 Wireless Personal, Local, Metropolitan, and Wide Area Networks 1

Security. Contents. S-72.3240 Wireless Personal, Local, Metropolitan, and Wide Area Networks 1 Contents Security requirements Public key cryptography Key agreement/transport schemes Man-in-the-middle attack vulnerability Encryption. digital signature, hash, certification Complete security solutions

More information

Cornerstones of Security

Cornerstones of Security Internet Security Cornerstones of Security Authenticity the sender (either client or server) of a message is who he, she or it claims to be Privacy the contents of a message are secret and only known to

More information

Global System for Mobile Communication Technology

Global System for Mobile Communication Technology Global System for Mobile Communication Technology Mobile Device Investigations Program Technical Operations Division DHS - FLETC GSM Technology Global System for Mobile Communication or Groupe Special

More information

GSM and Similar Architectures Lesson 03 GSM System Architecture

GSM and Similar Architectures Lesson 03 GSM System Architecture GSM and Similar Architectures Lesson 03 GSM System Architecture 1 Mobile communication using base station in cellular networks A mobile station, MS, communicates with a GSM public land mobile network (PLMN)

More information

GSM Authentication Centre

GSM Authentication Centre Description GSM Authentication Centre Contents 1 Introduction...3 2 Overview...3 3 Functionality...4 3.1 General...4 3.2 AuC Administration...4 3.3 Operation and maintenance...5 3.4 Statistics...5 3.5

More information

Mobile Devices Security: Evolving Threat Profile of Mobile Networks

Mobile Devices Security: Evolving Threat Profile of Mobile Networks Mobile Devices Security: Evolving Threat Profile of Mobile Networks SESSION ID: MBS-T07 Anand R. Prasad, Dr.,ir., Selim Aissi, PhD Objectives Introduction Mobile Network Security Cybersecurity Implications

More information

International Journal of Computing and Business Research (IJCBR)

International Journal of Computing and Business Research (IJCBR) AN INVESTIGATION OF GSM ARCHITECTURE AND OVERLAYING WITH EFFICIENT SECURITY PROTOCOL Karun Madan, Surya World Institute of Engg. & Technology, Rajpura, Punjab ABSTRACT The Global System for Mobile Communications

More information

Security in Wireless Local Area Network

Security in Wireless Local Area Network Fourth LACCEI International Latin American and Caribbean Conference for Engineering and Technology (LACCET 2006) Breaking Frontiers and Barriers in Engineering: Education, Research and Practice 21-23 June

More information

ICANWK406A Install, configure and test network security

ICANWK406A Install, configure and test network security ICANWK406A Install, configure and test network security Release: 1 ICANWK406A Install, configure and test network security Modification History Release Release 1 Comments This Unit first released with

More information

Security Measures and Weaknesses of the GPRS Security Architecture

Security Measures and Weaknesses of the GPRS Security Architecture Security Measures and Weaknesses of the GPRS Security Architecture Christos Xenakis Security Group, Communication Networks Laboratory, Department of Informatics & Telecommunications, University of Athens,

More information

HANDBOOK 8 NETWORK SECURITY Version 1.0

HANDBOOK 8 NETWORK SECURITY Version 1.0 Australian Communications-Electronic Security Instruction 33 (ACSI 33) Point of Contact: Customer Services Team Phone: 02 6265 0197 Email: assist@dsd.gov.au HANDBOOK 8 NETWORK SECURITY Version 1.0 Objectives

More information

Security (II) ISO 7498-2: Security Architecture of OSI Reference Model. Outline. Course Outline: Fundamental Topics. EE5723/EE4723 Spring 2012

Security (II) ISO 7498-2: Security Architecture of OSI Reference Model. Outline. Course Outline: Fundamental Topics. EE5723/EE4723 Spring 2012 Course Outline: Fundamental Topics System View of Network Security Network Security Model Security Threat Model & Security Services Model Overview of Network Security Security Basis: Cryptography Secret

More information

Wireless Security Threats and Countermeasures

Wireless Security Threats and Countermeasures Wireless Security Threats and Countermeasures Wireless and Optical Communications Conference 2007 Steve Wang Distinguished Member of Technical Staff Alcatel-Lucent Lilse, IL 60532 April 2007 All Rights

More information

9243060 Issue 1 EN. Nokia and Nokia Connecting People are registered trademarks of Nokia Corporation

9243060 Issue 1 EN. Nokia and Nokia Connecting People are registered trademarks of Nokia Corporation 9243060 Issue 1 EN Nokia and Nokia Connecting People are registered trademarks of Nokia Corporation Nokia 9300i Configuring connection settings Nokia 9300i Configuring connection settings Legal Notice

More information

United States Trustee Program s Wireless LAN Security Checklist

United States Trustee Program s Wireless LAN Security Checklist United States Trustee Program s Wireless LAN Security Checklist In support of a standing trustee s proposed implementation of Wireless Access Points (WAP) in ' 341 meeting rooms and courtrooms, the following

More information

Mobility and cellular networks

Mobility and cellular networks Mobility and cellular s Wireless WANs Cellular radio and PCS s Wireless data s Satellite links and s Mobility, etc.- 2 Cellular s First generation: initially debuted in Japan in 1979, analog transmission

More information

WLAN security. Contents

WLAN security. Contents Contents WEP (Wired Equivalent Privacy) No key management Authentication methods Encryption and integrity checking WPA (WiFi Protected Access) IEEE 802.1X authentication framework Practical example using

More information

PM ASSIGNMENT. Security in Mobile Telephony and Voice over IP

PM ASSIGNMENT. Security in Mobile Telephony and Voice over IP PM ASSIGNMENT Security in Mobile Telephony and Voice over IP Christian Wallin Christian.wallin.7513@student.uu.se Danlu Fu danlu.fu.6095@student.uu.se David Alfonso david.alfonso.5823@student.uu.se 1.

More information

How to secure an LTE-network: Just applying the 3GPP security standards and that's it?

How to secure an LTE-network: Just applying the 3GPP security standards and that's it? How to secure an LTE-network: Just applying the 3GPP security standards and that's it? Telco Security Day @ Troopers 2012 Peter Schneider Nokia Siemens Networks Research 1 Nokia Siemens Networks 2012 Intro

More information

Packet Level Authentication Overview

Packet Level Authentication Overview Packet Level Authentication Overview Dmitrij Lagutin, Dmitrij.Lagutin@hiit.fi Helsinki Institute for Information Technology HIIT Aalto University School of Science and Technology Contents Introduction

More information

Security and Authentication Concepts

Security and Authentication Concepts Security and Authentication Concepts for UMTS/WLAN Convergence F. Fitzek M. Munari V. Pastesini S. Rossi L. Badia Dipartimento di Ingegneria, Università di Ferrara, via Saragat 1, 44100 Ferrara, Italy

More information

Krypto för mobila system

Krypto för mobila system Inst för Elektro- och Informationsteknik Lunds Universitet Box 118, 221 00 Lund Internetdagarna 2009 Introduction Communication standards for mobile systems: GSM, UMTS (3G), 4G, Bluetooth, WiMax, WLAN,...

More information

Network Security 網 路 安 全. Lecture 1 February 20, 2012 洪 國 寶

Network Security 網 路 安 全. Lecture 1 February 20, 2012 洪 國 寶 Network Security 網 路 安 全 Lecture 1 February 20, 2012 洪 國 寶 1 Outline Course information Motivation Introduction to security Basic network concepts Network security models Outline of the course 2 Course

More information

Fundamentals of Network Security - Theory and Practice-

Fundamentals of Network Security - Theory and Practice- Fundamentals of Network Security - Theory and Practice- Program: Day 1... 1 1. General Security Concepts... 1 2. Identifying Potential Risks... 1 Day 2... 2 3. Infrastructure and Connectivity... 2 4. Monitoring

More information

Mobile Phone Security. Hoang Vo Billy Ngo

Mobile Phone Security. Hoang Vo Billy Ngo Mobile Phone Security Hoang Vo Billy Ngo Table of Content 1. Introduction Page 2 1.1 Analog Network Page 2 1.2 Digital Network Page 2 2. Security Protocols Page 4 2.1 Analog Page 4 2.2 Digital Page 5 3.

More information

SHORT MESSAGE SERVICE SECURITY

SHORT MESSAGE SERVICE SECURITY SHORT MESSAGE SERVICE SECURITY February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in

More information

TETRA Security for Poland

TETRA Security for Poland TETRA ASSOCIATION TETRA Security for Poland Brian Murgatroyd TETRA ASSOCIATION former Chairman Security and Fraud Prevention Group Warren Systems (SFPG) Independent Security Consultant brian@warrensystems.co.uk

More information

White Paper. Bearer Independent Protocol (BIP)

White Paper. Bearer Independent Protocol (BIP) White Paper Bearer Independent Protocol (BIP) - 2 - Contents 1 Executive summary...4 2 Introduction...5 3 Solution description...5 3.1 Standards compliance...5 3.2 Interface architecture...6 3.3 Data carriers...9

More information

PwC. Outline. The case for wireless networking. Access points and network cards. Introduction: OSI layers and 802 structure

PwC. Outline. The case for wireless networking. Access points and network cards. Introduction: OSI layers and 802 structure PwC Outline Wireless LAN Security: Attacks and Countermeasures 1. Introduction 2. Problems with 802.11 security 3. Attacks on and risks to Wireless Networks 4. Defending wireless networks ISACA Hong Kong

More information

Steelcape Product Overview and Functional Description

Steelcape Product Overview and Functional Description Steelcape Product Overview and Functional Description TABLE OF CONTENTS 1. General Overview 2. Applications/Uses 3. Key Features 4. Steelcape Components 5. Operations Overview: Typical Communications Session

More information

Security Requirements for Wireless Networking

Security Requirements for Wireless Networking Security Requirements for Wireless Networking Developed by Copyright 2007 Rysavy Research TABLE OF CONTENTS INTRODUCTION... 2 SECURITY REQUIREMENTS... 2 WIRELESS OPERATOR SECURITY LIMITATIONS... 3 END

More information

U.S. Patent Appl. No. 13/247.308 filed September 28, 2011 NETWORK ADDRESS PRESERVATION IN MOBILE NETWORKS TECHNICAL FIELD

U.S. Patent Appl. No. 13/247.308 filed September 28, 2011 NETWORK ADDRESS PRESERVATION IN MOBILE NETWORKS TECHNICAL FIELD U.S. Patent Appl. No. 13/247.308 filed September 28, 2011 NETWORK ADDRESS PRESERVATION IN MOBILE NETWORKS TECHNICAL FIELD [0001] The disclosure relates to mobile networks and, more specifically, to wireless

More information

Using etoken for SSL Web Authentication. SSL V3.0 Overview

Using etoken for SSL Web Authentication. SSL V3.0 Overview Using etoken for SSL Web Authentication Lesson 12 April 2004 etoken Certification Course SSL V3.0 Overview Secure Sockets Layer protocol, version 3.0 Provides communication privacy over the internet. Prevents

More information

Securing VoIP Networks using graded Protection Levels

Securing VoIP Networks using graded Protection Levels Securing VoIP Networks using graded Protection Levels Andreas C. Schmidt Bundesamt für Sicherheit in der Informationstechnik, Godesberger Allee 185-189, D-53175 Bonn Andreas.Schmidt@bsi.bund.de Abstract

More information

Encrypted SMS, an analysis of the theoretical necessities and implementation possibilities

Encrypted SMS, an analysis of the theoretical necessities and implementation possibilities Radboud University Nijmegen Bachelor Thesis Encrypted SMS, an analysis of the theoretical necessities and implementation possibilities Author: Lars Lockefeer Supervisors: Engelbert Hubbers Roel Verdult

More information

LTE Overview October 6, 2011

LTE Overview October 6, 2011 LTE Overview October 6, 2011 Robert Barringer Enterprise Architect AT&T Proprietary (Internal Use Only) Not for use or disclosure outside the AT&T companies except under written agreement LTE Long Term

More information

Chapter 9 Mobile Communication Systems

Chapter 9 Mobile Communication Systems Chapter 9 Mobile Communication Systems 1 Outline Cellular System Infrastructure Registration Handoff Roaming Multicasting Security and Privacy 2 Cellular System Base Station System BTS VLR HLR MS MS BTS

More information

A Systemfor Scanning Traffic Detection in 3G WCDMA Network

A Systemfor Scanning Traffic Detection in 3G WCDMA Network 2012 IACSIT Hong Kong Conferences IPCSIT vol. 30 (2012) (2012) IACSIT Press, Singapore A Systemfor Scanning Traffic Detection in 3G WCDMA Network Sekwon Kim +, Joohyung Oh and Chaetae Im Advanced Technology

More information

Module 8. Network Security. Version 2 CSE IIT, Kharagpur

Module 8. Network Security. Version 2 CSE IIT, Kharagpur Module 8 Network Security Lesson 2 Secured Communication Specific Instructional Objectives On completion of this lesson, the student will be able to: State various services needed for secured communication

More information

White paper. Bluetooth security. jabra.com

White paper. Bluetooth security. jabra.com Bluetooth security bluetooth security 2 Background During the past years wireless voice communication over Bluetooth has increased rapidly. With over 2 billion units out on the market it is fair to raise

More information

Chapter 3: WLAN-GPRS Integration for Next-Generation Mobile Data Networks

Chapter 3: WLAN-GPRS Integration for Next-Generation Mobile Data Networks Chapter 3: WLAN-GPRS Integration for Next-Generation Mobile Data Networks IEEE Wireless Communication, Oct. 2002 Prof. Yuh-Shyan Chen Department of Computer Science and Information Engineering National

More information

NAVAL POSTGRADUATE SCHOOL THESIS

NAVAL POSTGRADUATE SCHOOL THESIS NAVAL POSTGRADUATE SCHOOL MONTEREY, CALIFORNIA THESIS SHORT MESSAGE SERVICE (SMS) SECURITY SOLUTION FOR MOBILE DEVICES by Yu Loon Ng December 2006 Thesis Advisor: Co-Advisor: Gurminder Singh John Gibson

More information

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 12 Applying Cryptography

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 12 Applying Cryptography Security+ Guide to Network Security Fundamentals, Third Edition Chapter 12 Applying Cryptography Objectives Define digital certificates List the various types of digital certificates and how they are used

More information

Wireless Security 1 --Cellular Networks

Wireless Security 1 --Cellular Networks Wireless Security 1 --Cellular Networks Outline Wireless networks Wireless security challenges GSM security current status, attacks and remedies 3GPP security Classification of Wireless Networks WLAN:

More information

Mobile Wireless Overview

Mobile Wireless Overview Mobile Wireless Overview A fast-paced technological transition is occurring today in the world of internetworking. This transition is marked by the convergence of the telecommunications infrastructure

More information

Key Management (Distribution and Certification) (1)

Key Management (Distribution and Certification) (1) Key Management (Distribution and Certification) (1) Remaining problem of the public key approach: How to ensure that the public key received is really the one of the sender? Illustration of the problem

More information

2G/3G Mobile Communication Systems

2G/3G Mobile Communication Systems 2G/3G Mobile Communication Systems Winter 2012/13 Integrated Communication Systems Group Ilmenau University of Technology Outline 2G Review: GSM Services Architecture Protocols Call setup Mobility management

More information

Wireless Security: Token, WEP, Cellular

Wireless Security: Token, WEP, Cellular Wireless Security: Token, WEP, Cellular 27 May 2015 Lecture 9 Some slides adapted from Jean-Pierre Seifert (TU Berlin) 27 May 2015 SE 425: Communication and Information Security 1 Topics for Today Security

More information

The GSM and GPRS network T-110.300/301

The GSM and GPRS network T-110.300/301 The GSM and GPRS network T-110.300/301 History The successful analog 1:st generation mobile telephone systems proved that there is a market for mobile telephones ARP (AutoRadioPuhelin) in Finland NMT (Nordic

More information

World Summit on Information Society (WSIS) Forum 2013. 16 May 2013

World Summit on Information Society (WSIS) Forum 2013. 16 May 2013 World Summit on Information Society (WSIS) Forum 2013 Toolkit for creating ICT-based services using mobile communications for e- government services 16 May 2013 Hani Eskandar ICT Applications coordinator

More information

Recommended 802.11 Wireless Local Area Network Architecture

Recommended 802.11 Wireless Local Area Network Architecture NATIONAL SECURITY AGENCY Ft. George G. Meade, MD I332-008R-2005 Dated: 23 September 2005 Network Hardware Analysis and Evaluation Division Systems and Network Attack Center Recommended 802.11 Wireless

More information

Global System for Mobile Communications (GSM)

Global System for Mobile Communications (GSM) Global System for Mobile Communications (GSM) Nguyen Thi Mai Trang LIP6/PHARE Thi-Mai-Trang.Nguyen@lip6.fr UPMC/PUF - M2 Networks - PTEL 1 Outline Principles of cellular networks GSM architecture Security

More information

EUCIP - IT Administrator. Module 5 IT Security. Version 2.0

EUCIP - IT Administrator. Module 5 IT Security. Version 2.0 EUCIP - IT Administrator Module 5 IT Security Version 2.0 Module 5 Goals Module 5 Module 5, IT Security, requires the candidate to be familiar with the various ways of protecting data both in a single

More information

Authentication in WLAN

Authentication in WLAN Authentication in WLAN Flaws in WEP (Wired Equivalent Privacy) Wi-Fi Protected Access (WPA) Based on draft 3 of the IEEE 802.11i. Provides stronger data encryption and user authentication (largely missing

More information

Mobile Communications Chapter 4: Wireless Telecommunication Systems slides by Jochen Schiller with modifications by Emmanuel Agu

Mobile Communications Chapter 4: Wireless Telecommunication Systems slides by Jochen Schiller with modifications by Emmanuel Agu Mobile Communications Chapter 4: Wireless Telecommunication Systems slides by Jochen Schiller with modifications by Emmanuel Agu Market GSM Overview Services Sub-systems Components Prof. Dr.-Ing. Jochen

More information

Episode 5: Cellular Networks (GSM and UMTS)

Episode 5: Cellular Networks (GSM and UMTS) Episode 5: Cellular Networks (GSM and UMTS) Hannes Frey and Peter Sturm University of Trier Motivation Mobile telephone networks are nearly ubiquitous Still basic client/server architecture Only last mile

More information

Chapter 6 Wireless and Mobile Networks

Chapter 6 Wireless and Mobile Networks Chapter 6 Wireless and Mobile Networks A note on the use of these ppt slides: We re making these slides freely available to all (faculty, students, readers). They re in PowerPoint form so you see the animations;

More information

2. From a control perspective, the PRIMARY objective of classifying information assets is to:

2. From a control perspective, the PRIMARY objective of classifying information assets is to: MIS5206 Week 13 Your Name Date 1. When conducting a penetration test of an organization's internal network, which of the following approaches would BEST enable the conductor of the test to remain undetected

More information

Handoff in GSM/GPRS Cellular Systems. Avi Freedman Hexagon System Engineering

Handoff in GSM/GPRS Cellular Systems. Avi Freedman Hexagon System Engineering Handoff in GSM/GPRS Cellular Systems Avi Freedman Hexagon System Engineering Outline GSM and GSM referemce model GPRS basics Handoffs GSM GPRS Location and Mobility Management Re-selection and routing

More information

VPN SECURITY. February 2008. The Government of the Hong Kong Special Administrative Region

VPN SECURITY. February 2008. The Government of the Hong Kong Special Administrative Region VPN SECURITY February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in part without the

More information

AL AKHAWAYN UNIVERSITY in IFRANE School of Science & Engineering Computer Security (CSC 3355) Spring 2011

AL AKHAWAYN UNIVERSITY in IFRANE School of Science & Engineering Computer Security (CSC 3355) Spring 2011 AL AKHAWAYN UNIVERSITY in IFRANE School of Science & Engineering Computer Security (CSC 3355) Spring 2011 Project N 2: Authentication and Encryption in GSM and 3G/UMTS An Emphasis on Protocols and Algorithms

More information

General security analysis of an IT configuration based on WLAN

General security analysis of an IT configuration based on WLAN General security analysis of an IT configuration based on WLAN Thijs Veugen (TNO Telecom, p.j.m.veugen@telecom.tno.nl) Sander Degen (TNO Telecom, a.j.g.degen@telecom.tno.nl) In this chapter a structured

More information

INTERNET SECURITY: FIREWALLS AND BEYOND. Mehernosh H. Amroli 4-25-2002

INTERNET SECURITY: FIREWALLS AND BEYOND. Mehernosh H. Amroli 4-25-2002 INTERNET SECURITY: FIREWALLS AND BEYOND Mehernosh H. Amroli 4-25-2002 Preview History of Internet Firewall Technology Internet Layer Security Transport Layer Security Application Layer Security Before

More information

GSM Risks and Countermeasures

GSM Risks and Countermeasures GSM Risks and Countermeasures STI Group Discussion and Written Project Authors: Advisor: Johannes Ullrich Accepted: February 1, 2010 Abstract Recent research has shown that GSM encryption can be cracked

More information

Overview. SSL Cryptography Overview CHAPTER 1

Overview. SSL Cryptography Overview CHAPTER 1 CHAPTER 1 Note The information in this chapter applies to both the ACE module and the ACE appliance unless otherwise noted. The features in this chapter apply to IPv4 and IPv6 unless otherwise noted. Secure

More information

Overview of CSS SSL. SSL Cryptography Overview CHAPTER

Overview of CSS SSL. SSL Cryptography Overview CHAPTER CHAPTER 1 Secure Sockets Layer (SSL) is an application-level protocol that provides encryption technology for the Internet, ensuring secure transactions such as the transmission of credit card numbers

More information

m-trilogix White Paper on Security in Wireless Networks

m-trilogix White Paper on Security in Wireless Networks m-trilogix White Paper on Security in Wireless Networks Executive Summary Wireless local area networks (WLANs) based on IEEE 802.11b (Wi-Fi) will ship, according to a Cahners- Instat study, 23.6 million

More information

Content Teaching Academy at James Madison University

Content Teaching Academy at James Madison University Content Teaching Academy at James Madison University 1 2 The Battle Field: Computers, LANs & Internetworks 3 Definitions Computer Security - generic name for the collection of tools designed to protect

More information

GPRS Network Security

GPRS Network Security AT&T Wireless Services, Inc. GPRS Network Security Document Number 12199 Revision 0.4.5 Peter Rysavy, Primary Contributing Writer Product Development AT&T Wireless Services, Inc. PO Box 97061 Redmond,

More information

Modul 11 GSM & GPRS Standard

Modul 11 GSM & GPRS Standard TT 4113 Cellular Communication Systems Modul 11 GSM & GPRS Standard 1 Faculty of Electrical and Communication Institut Teknologi Telkom Bandung 2010 2 Development of GSM Standard 3 History of GSM 1st &

More information

Secure web transactions system

Secure web transactions system Secure web transactions system TRUSTED WEB SECURITY MODEL Recently, as the generally accepted model in Internet application development, three-tier or multi-tier applications are used. Moreover, new trends

More information

GSM Architecture Training Document

GSM Architecture Training Document Training Document TC Finland Nokia Networks Oy 1 (20) The information in this document is subject to change without notice and describes only the product defined in the introduction of this documentation.

More information

Wireless VPN White Paper. WIALAN Technologies, Inc. http://www.wialan.com

Wireless VPN White Paper. WIALAN Technologies, Inc. http://www.wialan.com Wireless VPN White Paper WIALAN Technologies, Inc. http://www.wialan.com 2014 WIALAN Technologies, Inc. all rights reserved. All company and product names are registered trademarks of their owners. Abstract

More information

E-Commerce Security. The Client-Side Vulnerabilities. Securing the Data Transaction LECTURE 7 (SECURITY)

E-Commerce Security. The Client-Side Vulnerabilities. Securing the Data Transaction LECTURE 7 (SECURITY) E-Commerce Security An e-commerce security system has four fronts: LECTURE 7 (SECURITY) Web Client Security Data Transport Security Web Server Security Operating System Security A safe e-commerce system

More information

Advanced Authentication

Advanced Authentication White Paper Advanced Authentication Introduction In this paper: Introduction 1 User Authentication 2 Device Authentication 3 Message Authentication 4 Advanced Authentication 5 Advanced Authentication is

More information

Mobile Services (ST 2010)

Mobile Services (ST 2010) Mobile Services (ST 2010) Chapter 2: Mobile Networks Axel Küpper Service-centric Networking Deutsche Telekom Laboratories, TU Berlin 1 Mobile Services Summer Term 2010 2 Mobile Networks 2.1 Infrastructure

More information

Nokia and Nokia Connecting People are registered trademarks of Nokia Corporation

Nokia and Nokia Connecting People are registered trademarks of Nokia Corporation Nokia and Nokia Connecting People are registered trademarks of Nokia Corporation Nokia E70 Configuring connection settings Nokia E70 Configuring connection settings Legal Notice Copyright Nokia 2006. All

More information

Wireless Threats To Corporate Security A Presentation for ISACA UK Northern Chapter

Wireless Threats To Corporate Security A Presentation for ISACA UK Northern Chapter Wireless Threats To Corporate Security A Presentation for ISACA UK Northern Chapter Introduction Who are we? Matt Moore, Senior Consultant @ PenTest Ltd. Mark Rowe, Technical Director @ PenTest Ltd. What

More information

Network Access Security. Lesson 10

Network Access Security. Lesson 10 Network Access Security Lesson 10 Objectives Exam Objective Matrix Technology Skill Covered Exam Objective Exam Objective Number Firewalls Given a scenario, install and configure routers and switches.

More information

TLS and SRTP for Skype Connect. Technical Datasheet

TLS and SRTP for Skype Connect. Technical Datasheet TLS and SRTP for Skype Connect Technical Datasheet Copyright Skype Limited 2011 Introducing TLS and SRTP Protocols help protect enterprise communications Skype Connect now provides Transport Layer Security

More information

Mobile Security. Practical attacks using cheap equipment. Business France. Presented the 07/06/2016. For. By Sébastien Dudek

Mobile Security. Practical attacks using cheap equipment. Business France. Presented the 07/06/2016. For. By Sébastien Dudek Mobile Security Practical attacks using cheap equipment Presented the 07/06/2016 Business France By Sébastien Dudek For Content Security measures Recent publications in the hacking community Practical

More information

Information Technology Career Cluster Introduction to Cybersecurity Course Number: 11.48100

Information Technology Career Cluster Introduction to Cybersecurity Course Number: 11.48100 Information Technology Career Cluster Introduction to Cybersecurity Course Number: 11.48100 Course Description: Introduction to Cybersecurity is designed to provide students the basic concepts and terminology

More information

Remote Access Security

Remote Access Security Glen Doss Towson University Center for Applied Information Technology Remote Access Security I. Introduction Providing remote access to a network over the Internet has added an entirely new dimension to

More information

Ett halvt steg framåt. Mats Carlberg

Ett halvt steg framåt. Mats Carlberg GSM, GPRS och EDGE Ett halvt steg framåt Mats Carlberg matca@lysator.liu.se mats.carlberg@ericsson.com 2003 12 09 Översikt GSM systemets delar och hur de hänger ihop. Paketdata i GSM. GPRS som utbyggnad

More information

ISM/ISC Middleware Module

ISM/ISC Middleware Module ISM/ISC Middleware Module Lecture 13: Security for Middleware Applications Dr Geoff Sharman Visiting Professor in Computer Science Birkbeck College Geoff Sharman Sept 07 Lecture 13 Aims to: 2 Show why

More information

City University of Hong Kong. Information on a Course offered by Department of Electronic Engineering with effect from Semester A in 2012/2013

City University of Hong Kong. Information on a Course offered by Department of Electronic Engineering with effect from Semester A in 2012/2013 City University of Hong Kong Information on a Course offered by Department of Electronic Engineering with effect from Semester A in 01/013 Part I Course Title: Course Code: Course Duration: Cryptography

More information