Analysis of 2g and 3g mobile security
Download
1 / 26

analysis of 2g and 3g mobile security - PowerPoint PPT Presentation


  • 362 Views
  • Uploaded on

Analysis of 2G and 3G Mobile Security. Roy Campbell. UIUC : Roy Campbell Dennis Mickunas, Jalal Al-Muhtadi Sarosh Havewala. Motorola : Bruce Briley John Wang Rong Wang Lily Chen. Participants. Contents. Motorola study of wireless security protocols Present Proposed Approach

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'analysis of 2g and 3g mobile security ' - MikeCarlo


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

Participants l.jpg

UIUC:

Roy Campbell

Dennis Mickunas,

Jalal Al-Muhtadi

Sarosh Havewala

Motorola:

Bruce Briley

John Wang

Rong Wang

Lily Chen

Participants


Contents l.jpg
Contents

  • Motorola study of wireless security protocols

    • Present

    • Proposed

  • Approach

  • Other UIUC SRG security and mobile system research


Gsm security l.jpg
GSM Security

  • Analysis of

    • existing 2nd Generation (2G) CDMA and GSM security frameworks.

    • 3rd Generation (3G) CDMA and GSM network security proposals.

  • Analyzing various aspects of 3G encryption and authentication techniques and their impact upon performance.


Internet security l.jpg
Internet Security

  • IP/TCP/application layer security mechanisms effectiveness and performance over wireless networks

  • Comparative performance analyses of the various security mechanisms (literature versus our studies)

  • Security threat evaluation


2g gsm security l.jpg
2G GSM Security

  • Private Key

    • A3 Key Negotiation

    • A8 Key Generation

    • A5 Encryption

    • Private Key encrypts message to server

    • Server generates random number for session key


3g gsm security scenarios l.jpg
3G GSM Security Scenarios

The effect of deploying security mechanisms under different scenarios and the impact on performance and security

  • Integration with Internet

  • Web Access

  • Multimedia

  • QoS

  • Network Applications

  • Levels of Service

  • Bandwidth


Security features within different components l.jpg
Security Features within different Components

Studying existing security features and their effectiveness under different traffic scenarios and QoP.

  • User

  • Subscriber

  • UMTS terminal equipment

  • Network operator

  • Service provider


User security features l.jpg
User Security Features

  • location confidentiality

  • identity confidentiality

  • traffic confidentiality

  • traffic integrity

  • non-repudiation

  • user events, numbering, service profile

  • access control


Subscriber security features l.jpg
Subscriber Security Features

  • Subscriber access to service profile

  • user action authorization

  • incontestable charging

  • privacy of charging data

  • integrity of charging data

  • charging limitation


Terminal equipment l.jpg
Terminal Equipment

  • Location confidentiality

  • Authentication of user to terminal

  • Access control to terminal

  • Terminal numbering


Network operator security l.jpg
Network Operator Security

  • Databases

  • Re-authentication

  • Blacklisting

  • Tracing of users

  • User action authorization

  • Subscription authorization

  • Tracing of terminal equipment


User security features cont l.jpg
User Security Features Cont.

  • Signaling and control data

    • confidentiality

    • origin authentication

    • integrity

  • Authentication

    • user to user

    • network operator to user

    • service provider to user


Plan of action l.jpg
Plan of Action

  • Using “Simulation” software to model wireless communications networks, protocols, mobile devices, and various security mechanisms.

  • Existing Simulators: OPNET, OMNET++, C++Sim (others)

  • Alternatively, implementing our own simulator.


Slide15 l.jpg

Evaluating Performance over Wireless Links

i1000plus

Internet

Evaluating

different

authentication

&

encryption

mechanisms

Base

Gateway

Base


Slide16 l.jpg

Modeling Wireless Communication

Security plug-ins

Internet

Java Virtual

Cell phone

Java Virtual

Cell phone

Simulating A

wireless link

over TCP/IP

Gateway

Java Virtual

Base

Java Virtual

Base


Uiuc srg security and mobile system research secure active network l.jpg
UIUC SRG Security and Mobile System Research:Secure Active Network

  • Seraphim interoperable secure active networks

  • Role based access control policies

  • Dynamic security enforcement using active capability


Corba security services l.jpg
CORBA Security Services

Object Implementation

Client

  • Standard object interfaces for accessing security services

  • Authentication, non-repudiation, and access control

  • Interoperability between different security mechanisms

  • Interoperability among different policy domains

A

B

request

*

interceptor

ORB

SecIOP

ORB

SESAME

Use & generate security information in the IOR


Security components l.jpg
Security Components

Application Client

ApplicationServer

ActiveCapability/Certificates

ActiveCapability/Certificates

Stub

BOA

ORB

Dynamic

Policies

Security Mechanisms

Network Transport


2k global distributed mobile object system l.jpg
2k: Global Distributed Mobile Object System

  • Mobile users, resources, dynamic networks

  • Infrastructure for smart spaces

  • Network-centric user-oriented view

  • Components

  • Security

  • Distributed object solutions


Slide21 l.jpg

Profile

Service

2K

Env.

Service

Office 3201

Naming

Service

QoS

Office 3234


Slide22 l.jpg

IDL Interface

GSS-API

TinySESAME

Ñ

A Light-Weight Security Mechanism: Tiny UIUC SESAME


Dynamic security policy with risk values l.jpg
Dynamic Security Policy with Risk Values

  • Policy representation framework supports:

    • Discretionary Access Control(DAC)

    • Double DAC

    • Role Base Access Control

    • Assignment of Risk values to different entities and dynamically changing them

    • Non-Discretionary Access Control including Mandatory Access Control(MAC)

    • GUI for building and administrating policies


Palmpilot integration in 2k l.jpg

Profile

Server

Environment

Service

Environment

Implementation

Repository

2K Camera

Device Driver

PalmPilot Integration in 2K

System Bootstrapping

2k

System Utilization

2

1

3

4

5

6

Camera

7


Streaming video to palm pilot l.jpg
Streaming Video to Palm Pilot

MPEG Stream

  • Palm Pilot

    • lacks processing power to decode MPEG

  • Video proxy

    • transforms MPEG streams

    • reduces

      • frame rate, color depth, size

    • sends compressed bitmaps

Video Proxy

Compressed Bitmap Stream


Loadable protocols l.jpg
Loadable Protocols

  • Transparently change CORBA networking

  • Dynamically loadable transport protocols

  • Supports multi-protocol applications

  • IP multicast protocol module (IPM)

  • Multicast used for discovery/allocation

TAO

GIOP

TCP/IIOP

LDP

UDP

IP Multicast


ad