Analysis of 2G and 3G Mobile Security - PowerPoint PPT Presentation

1 / 26
About This Presentation
Title:

Analysis of 2G and 3G Mobile Security

Description:

IP/TCP/application layer security mechanisms effectiveness and performance over ... Blacklisting. Tracing of users. User action authorization. Subscription ... – PowerPoint PPT presentation

Number of Views:159
Avg rating:3.0/5.0
Slides: 27
Provided by: roycam
Category:

less

Transcript and Presenter's Notes

Title: Analysis of 2G and 3G Mobile Security


1
Analysis of 2G and 3G Mobile Security
  • Roy Campbell

2
Participants
  • UIUC
  • Roy Campbell
  • Dennis Mickunas,
  • Jalal Al-Muhtadi
  • Sarosh Havewala
  • Motorola
  • Bruce Briley
  • John Wang
  • Rong Wang
  • Lily Chen

3
Contents
  • Motorola study of wireless security protocols
  • Present
  • Proposed
  • Approach
  • Other UIUC SRG security and mobile system
    research

4
GSM Security
  • Analysis of
  • existing 2nd Generation (2G) CDMA and GSM
    security frameworks.
  • 3rd Generation (3G) CDMA and GSM network
    security proposals.
  • Analyzing various aspects of 3G encryption and
    authentication techniques and their impact upon
    performance.

5
Internet Security
  • IP/TCP/application layer security mechanisms
    effectiveness and performance over wireless
    networks
  • Comparative performance analyses of the various
    security mechanisms (literature versus our
    studies)
  • Security threat evaluation

6
2G GSM Security
  • Private Key
  • A3 Key Negotiation
  • A8 Key Generation
  • A5 Encryption
  • Private Key encrypts message to server
  • Server generates random number for session key

7
3G GSM Security Scenarios
  • Integration with Internet
  • Web Access
  • Multimedia
  • QoS
  • Network Applications
  • Levels of Service
  • Bandwidth

The effect of deploying security mechanisms
under different scenarios and the impact on
performance and security
8
Security Features within different Components
Studying existing security features and their
effectiveness under different traffic scenarios
and QoP.
  • User
  • Subscriber
  • UMTS terminal equipment
  • Network operator
  • Service provider

9
User Security Features
  • location confidentiality
  • identity confidentiality
  • traffic confidentiality
  • traffic integrity
  • non-repudiation
  • user events, numbering, service profile
  • access control

10
Subscriber Security Features
  • Subscriber access to service profile
  • user action authorization
  • incontestable charging
  • privacy of charging data
  • integrity of charging data
  • charging limitation

11
Terminal Equipment
  • Location confidentiality
  • Authentication of user to terminal
  • Access control to terminal
  • Terminal numbering

12
Network Operator Security
  • Databases
  • Re-authentication
  • Blacklisting
  • Tracing of users
  • User action authorization
  • Subscription authorization
  • Tracing of terminal equipment

13
User Security Features Cont.
  • Signaling and control data
  • confidentiality
  • origin authentication
  • integrity
  • Authentication
  • user to user
  • network operator to user
  • service provider to user

14
Plan of Action
  • Using Simulation software to model wireless
    communications networks, protocols, mobile
    devices, and various security mechanisms.
  • Existing Simulators OPNET, OMNET, CSim
    (others)
  • Alternatively, implementing our own simulator.

15
Evaluating Performance over Wireless Links
i1000plus
Internet
Evaluating different authentication
encryption mechanisms
Base
Base
Gateway
16
Modeling Wireless Communication
Security plug-ins
Internet
Java Virtual Cell phone
Java Virtual Cell phone
Simulating A wireless link over TCP/IP
Gateway
Java Virtual Base
Java Virtual Base
17
UIUC SRG Security and Mobile System
ResearchSecure Active Network
  • Seraphim interoperable secure active networks
  • Role based access control policies
  • Dynamic security enforcement using active
    capability

18
CORBA Security Services
  • Standard object interfaces for accessing security
    services
  • Authentication, non-repudiation, and access
    control
  • Interoperability between different security
    mechanisms
  • Interoperability among different policy domains

Object Implementation
Client
A
B
request
?

interceptor
ORB
ORB
SecIOP
SESAME
Use generate security information in the IOR
19
Security Components
Application Client
Application Server
Active Capability/Certificates
Active Capability/Certificates
BOA
Stub
ORB
Dynamic Policies
Security Mechanisms
Network Transport
20
2k Global Distributed Mobile Object System
  • Mobile users, resources, dynamic networks
  • Infrastructure for smart spaces
  • Network-centric user-oriented view
  • Components
  • Security
  • Distributed object solutions

21
(No Transcript)
22
A Light-Weight Security Mechanism Tiny UIUC
SESAME
23
Dynamic Security Policy with Risk Values
  • Policy representation framework supports
  • Discretionary Access Control(DAC)
  • Double DAC
  • Role Base Access Control
  • Assignment of Risk values to different entities
    and dynamically changing them
  • Non-Discretionary Access Control including
    Mandatory Access Control(MAC)
  • GUI for building and administrating policies

24
PalmPilot Integration in 2K
2k
System Bootstrapping
System Utilization
2
1
3
4
5
6

Camera
7
25
Streaming Video to Palm Pilot
MPEG Stream
  • Palm Pilot
  • lacks processing power to decode MPEG
  • Video proxy
  • transforms MPEG streams
  • reduces
  • frame rate, color depth, size
  • sends compressed bitmaps

Video Proxy
Compressed Bitmap Stream
26
Loadable Protocols
  • Transparently change CORBA networking
  • Dynamically loadable transport protocols
  • Supports multi-protocol applications
  • IP multicast protocol module (IPM)
  • Multicast used for discovery/allocation

TAO
GIOP
TCP/IIOP
UDP
LDP
IP Multicast
Write a Comment
User Comments (0)
About PowerShow.com