Smartening the environment using wireless sensor networks in a developing country
This presentation is the property of its rightful owner.
Sponsored Links
1 / 53

Smartening the Environment using Wireless Sensor Networks in a Developing Country PowerPoint PPT Presentation


  • 92 Views
  • Uploaded on
  • Presentation posted in: General

Smartening the Environment using Wireless Sensor Networks in a Developing Country. Wireless Network Security 3G, 4G Wireless PAN/LAN/MAN. Al-Sakib Khan Pathan Department of Computer Science International Islamic University Malaysia. Guided and Unguided Media.

Download Presentation

Smartening the Environment using Wireless Sensor Networks in a Developing Country

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Smartening the environment using wireless sensor networks in a developing country

Smartening the Environment using Wireless Sensor Networks in a Developing Country

Wireless Network Security

3G, 4G

Wireless PAN/LAN/MAN

Al-Sakib Khan Pathan

Department of Computer Science

International Islamic University Malaysia

UTM, 23 May 2012


Guided and unguided media

Guided and Unguided Media

  • All types of communications need some kind of medium.

  • The information is encoded in a signal that is carried through a medium.

    • Quality depends on the characteristics of the medium.

  • Two main groups of transmission media, namely the guided medium and the wireless medium.

UTM, 23 May 2012


Guided and unguided media1

Guided and Unguided Media

  • For the guided medium, there is a physical path (such as a cable) for electromagnetic wave propagation.

  • For the wireless medium, the electromagnetic wave is transmitted through air, water, or vacuum (space).

  • A wireless medium is also called an unguided medium.

UTM, 23 May 2012


Wireless lan

Wireless LAN

  • A wireless LAN or WLAN is a wireless local area network that uses radio waves as its carrier.

  • The last link with the users is wireless, to give a network connection to all users in a building or campus.

  • The backbone network usually uses cables.

UTM, 23 May 2012


Wireless network security

Wireless Network? Security?

Source: http://www.pinellascomputers.com/wp-content/uploads/2011/07/wireless-networking-wifi-internet-setup.jpg

UTM, 23 May 2012


Wireless network features

Wireless Network Features

  • Wireless networks are treated as having more vulnerabilities than wired networks because of their

    • shared nature

    • naturally broadcasted states

    • unclear perimeters

    • invisible access

UTM, 23 May 2012


What other wireless

What other “Wireless”?

  • 3G Wireless Networks

    • 3G or 3rd generation mobile telecommunications is a generation of standards for mobile phones and mobile telecommunication services fulfilling the International Mobile Telecommunications-2000 (IMT-2000) specifications by the International Telecommunication Union.

    • Application services include wide-area wireless voice telephone, mobile Internet access, video calls and mobile TV, all in a mobile environment.

UTM, 23 May 2012


What other wireless1

What other “Wireless”?

  • 4G Wireless Networks

    • In telecommunications, 4G is the fourth generationof cell phone mobile communications standards. It is a successor of the third generation (3G) standards.

    • 4G system provides mobile ultra-broadband Internet access, for example to laptops with USB wireless modems, to smartphones, & to other mobile devices.

    • Conceivable applications include amended mobile web access, IP telephony, gaming services, high-definition mobile TV, video conferencing, 3D television.

UTM, 23 May 2012


3g wireless

3G Wireless

Source: http://www.topglobalusa.com/images/j041.gif

UTM, 23 May 2012


A cell tower

A Cell Tower

UTM, 23 May 2012


3g and wifi

3G and WiFi

S: http://www.cryptech.com.au/wp-content/uploads/2010/03/difference-between-3g-mobile-broadband-and-wifi-wireless-network.png

UTM, 23 May 2012


What they have in common

What they have in Common?

  • Wireless unguided medium.

  • Potential threat from anybody within the range of wireless coverage/communication.

  • Attenuation.

  • Distortion during signal propagation.

  • Noises.

  • Do all of these impact security?

UTM, 23 May 2012


Security viewing angles

Security Viewing Angles

  • Viewing Angle 1

    • (a) Key Management

    • (b) Secure Routing

    • (c) Secure Services

    • (d) Intrusion Detection Systems (IDS) [outsider, insider]

  • Viewing Angle 2

    • (a) Physical security

    • (b) Deployment security (sparse or dense, etc.)

    • (c) Topological security (cluster/flat, hierarchy/tree, etc.)

    • (d) Wireless communication security

    • (e) Data security

UTM, 23 May 2012


Security viewing angles1

Security Viewing Angles

  • Viewing Angle 3: Holistic Security

    • (a) Application layer security

    • (b) Transport layer security

    • (c) Network layer security

    • (d) Data link layer security

    • (e) Physical layer security

  • Holistic Security? – Still open research issue!

UTM, 23 May 2012


Main security aspects

Main Security Aspects

  • Authentication

  • Authorization

  • Privacy/Confidentiality

  • Integrity

  • Non-repudiation

UTM, 23 May 2012


3g security background

3G Security: Background

  • One of the aspects of GSM that has played a significant part in its global appeal is its set of security features

  • GSM was the first public telephone system to use integrated cryptographic mechanisms

  • GSM security model has been adopted, modified and extended for DECT, TETRA and 3GPP

UTM, 23 May 2012


Smartening the environment using wireless sensor networks in a developing country

3GPP

  • The 3rd Generation Partnership Project (3GPP) is a collaboration between groups of telecommunications associations, known as the Organizational Partners.

  • The initial scope of 3GPP was to make a globally applicable 3G mobile phone system specification based on evolved Global System for Mobile Communications (GSM) specifications within the scope of the International Mobile Telecommunications-2000 project of the ITU.

UTM, 23 May 2012


3gpp security principles

3GPP Security Principles

  • Ensure that 3G security builds on the security of GSM where features that have proved to be needed and that are robust shall be adopted for 3G

  • Ensure that 3G security improves on the security of second generation systems by correcting real and perceived weaknesses

  • Ensure that new 3G security features are defined as necessary to secure new services offered by 3G

UTM, 23 May 2012


3g security objectives

3G Security Objectives

  • Ensure that

    • information generated by or relating to a user is adequately protected against misuse or misappropriation.

    • the resources and services provided are adequately protected against misuse or misappropriation.

    • the security features standardized are compatible with world-wide availability.

    • the security features are adequately standardized to ensure world-wide interoperability and roaming between different serving networks.

UTM, 23 May 2012


3g security objectives1

3G Security Objectives

  • Ensure that

    • the level of protection afforded to users and providers of services is better than that is provided in contemporary fixed and mobile networks (including GSM).

    • the implementation of 3GPP security features and mechanisms can be extended and enhanced as required by new threats and services.

UTM, 23 May 2012


3g requirements capture

3G Requirements Capture

  • Based on the threat analysis, a comprehensive list of security requirements were captured and categorized

  • The security requirements help identify which security features need to be introduced in order to counteract the threats

  • The requirements capture has led to the identification of additional security features beyond those retained from GSM

UTM, 23 May 2012


3g security arch background

3G Security Arch: Background

Source:

Peter Howard , Vodafone, UK

Presentation Slides

UTM, 23 May 2012


3g r99 security features beyond gsm

3G R99 Security Features (beyond GSM)

  • Protection against active attacks on the radio interface

    • New integrity mechanism added to protect critical signaling information on the radio interface

    • Enhanced authentication protocol provides mutual authentication and freshness of cipher/integrity key towards the user

  • Enhanced encryption

    • Stronger algorithm, longer key

    • Encryption terminates in the radio network controller rather than the base station

UTM, 23 May 2012


3g r99 security features beyond gsm1

3G R99 Security Features (beyond GSM)

  • Core network security

    • Some protection of signaling between network nodes

  • Potential for secure global roaming

    • Adoption of 3GPP authentication by TIA TR-45 / 3GPP2

UTM, 23 May 2012


3g security architecture

3G Security Architecture

Home Environment (HE)

Serving Network (SN)

Access Network (AN)

Mobile Terminal (MT)

Terminal Equipment (TE)

User Services Identity Module (USIM)

UTM, 23 May 2012


3g network architecture

3G Network Architecture

IP RAN

CircuitNetwork

Circuit/ Signaling

Gateway

Mobility Manager

Feature

Server(s)

Circuit Switch

IN Services

RNC

Call Agent

Voice

Data + Packet Voice

IP Core

Network

Radio Access Control

Packet Network

(Internet)

Packet Gateway

Intelligent Network (IN)

Radio Network Controller (RNC)

IP Radio Access Network (IP RAN)

3G

2G/2.5G

2G

Source: Presentation Slides of Myagmar, Gupta: UIUC, USA, 2001

UTM, 23 May 2012


Improved security features 1

Improved Security Features, 1

  • Network Authentication

    • The user can identify the network

  • Explicit Integrity

    • Data integrity is assured explicitly by use of integrity algorithms

    • Also stronger confidentiality algorithms with longer keys

  • Network Security

    • Mechanisms to support security within and between networks

UTM, 23 May 2012


Improved security features 2

Improved Security Features, 2

  • Switch Based Security

    • Security is based within the switch rather than the base station

  • IMEI Integrity

    • Integrity mechanisms for IMEI (International Mobile Equipment Identity) provided from the start

  • Secure Services

    • Protect against misuse of services provided by SN and HE

UTM, 23 May 2012


Improved security features 3

Improved Security Features, 3

  • Secure Applications

    • Provide security for applications resident on USIM

  • Fraud Detection

    • Mechanisms to combating fraud in roaming situations

  • Flexibility

    • Security features can be extended and enhanced as required by new threats and services

UTM, 23 May 2012


Improved security features 4

Improved Security Features, 4

  • Visibility and Configurability

    • Users are notified whether security is on and what level ofsecurity is available

    • Users can configure security features for individual services

  • Compatibility

    • Standardized security features to ensure world-wide interoperability and roaming

    • At least one encryption algorithm exported on world-wide basis

UTM, 23 May 2012


Improved security features 5

Improved Security Features, 5

  • Lawful Interception

    • Mechanisms to provide authorized agencies with certain information about subscribers

UTM, 23 May 2012


Problems of 3g security 1

Problems of 3G Security, 1

  • IMSI (International Mobile Subscriber Identity) is sent in cleartext when allocating TMSI (Temporary Mobile Subscriber Identity) to user.

  • The transmission of IMEI (International Mobile Equipment Identity) is not protected; IMEI is not a security feature.

  • A user can be enticed to camp on a false BS. Once the user camps on the radio channels of a false BS, the user is out of reach of the paging signals of SN.

UTM, 23 May 2012


Problems of 3g security 2

Problems of 3G Security, 2

  • Hijacking outgoing/incoming calls in networks with disabled encryption is possible. The intruder poses as a man-in-the-middle and drops the user once the call is set-up.

UTM, 23 May 2012


4g security

4G Security?

  • Two issues are at the forefront of 4G development:

    • the verification of users and

    • the limitation of network access in the heterogeneous architecture.

  • Other vulnerabilities involve providers utilizing different systems and the basis of user-centered design, which allows users to select their preferred connection method.

UTM, 23 May 2012


Wireless pan

Wireless PAN

  • WPAN?

    • A wireless personal area network (WPAN) is a personal area network - a network for interconnecting devices centered around an individual person's workspace - in which the connections are wireless.

      • IrDA (Infrared Data Association)

      • Bluetooth

      • Wireless USB

      • Z-Wave

      • ZigBee

      • Body Area Network

UTM, 23 May 2012


Wireless lan man

Wireless LAN/MAN

  • WLAN?

    • Wireless connected LAN.

  • WMAN?

    • A metropolitan area network (MAN) is a computer network that usually spans a city or a large campus. A MAN usually interconnects a number of local area networks (LANs) using a high-capacity backbone technology, such as fiber-optical links, and provides up-link services to wide area networks (or WAN) and the Internet. Wireless Version!!

UTM, 23 May 2012


What about security

What About Security?

  • Common solutions may work in each type of network.

  • Basic wireless security barriers are present but based on characteristics and network settings, things may be different and may demand specific security measures.

  • Based on different standards, different security requirements are met.

UTM, 23 May 2012


What about security1

What About Security?

Two security services are mainly emphasized:

  • Authentication

    • Shared Key Authentication

  • Privacy/Confidentiality (Encryption)

    • Wired Equivalence Privacy

  • Other aspects are often requirement specific.

UTM, 23 May 2012


Wlan security

WLAN Security?

  • 802.11 standard specifies the operating parameters of wireless local area networks (WLAN)

    • History: 802.11, b, a, g, i

  • Minimal security in early versions.

  • Original architecture not well suited for modern security needs.

  • 802.11i attempts to address security issues with WLANs.

UTM, 23 May 2012


Ieee 802 11b

IEEE 802.11b

  • Wired Equivalent Privacy (WEP)

    • Confidentiality

      • Encryption

        • 40-bit keys (increased to 104-bit by WEP2)

        • Based on RC4 algorithm

  • Access Control

    • Shared key authentication + Encryption

  • Data Integrity

    • Integrity checksum computed for all messages

UTM, 23 May 2012


Ieee 802 11b1

IEEE 802.11b

  • Vulnerabilities in WEP

    • Poorly implemented encryption

      • Key reuse, small keys, no keyed MIC

    • Weak authentication

    • No key management

    • No interception detection

UTM, 23 May 2012


Ieee 802 11b attacks

IEEE 802.11b: Attacks

  • Successful attacks on 802.11b

    • Key recovery - AirSnort

    • Man-in-the-middle

    • Denial of service

    • Authentication forging

    • Known plaintext

    • Known ciphertext

UTM, 23 May 2012


Ieee 802 11i

IEEE 802.11i

  • IEEE 802.11i-2004 or 802.11i, implemented as WPA2 (Wi-Fi Protected Access II), is an amendment to the original IEEE 802.11.

  • The draft standard was ratified on 24 June 2004

  • Later amendments in 2007 and 2012!

UTM, 23 May 2012


Original ieee 802 11i

Original IEEE 802.11i

  • Security Specifications

    • Improved Encryption

      • CCMP (AES), TKIP (Temporal Key Integrity Protocol), WRAP (Wireless Robust Authenticated Protocol)

    • 2-way authentication

    • Key management

    • Ad-hoc network support

    • Improved security architecture

UTM, 23 May 2012


802 11i authentication

802.11i Authentication

UTM, 23 May 2012


802 11 encryption

802.11 Encryption

UTM, 23 May 2012


802 11i potential weaknesses

802.11i: Potential Weaknesses

  • Hardware requirements

    • Hardware upgrade needed for AES (Advanced Encryption Standard) support

      • Strength of TKIP and WRAP questionable in the long term

    • AS (auth. server) needed for 2-way authentication

  • Complexity

    • The more complex a system is, the more likely it may contain an undetected backdoor

  • Patchwork nature of “fixing” 802.11b

UTM, 23 May 2012


Connecting wlan control

Connecting WLAN – Control?

  • Options:

    • May be connected securely (WPA2, 802.11i, etc.)

    • If unsecured, connect to your secure systems securely:

      • VPN – Virtual Private Network

      • SSL connections to secure systems

    • Be careful not to expose passwords

    • Watch for direct attacks on untrusted networks

UTM, 23 May 2012


802 11i improvements

802.11i Improvements

  • 802.11i appears to be a significant improvement over 802.11b from a security standpoint

  • Vendors are nervous about implementing 802.11i protocols due to how quickly WEP was compromised after its release

  • Time will tell how effective 802.11i actually is

  • Wireless networks will not be completely secure until the standards that specify them are designed from the beginning with security in mind

UTM, 23 May 2012


Remarks wlan security

Remarks – WLAN Security

  • Wireless LAN Security also could be benefited by the advancements of security measures for other networks.

  • The main reason that WLANs are attacked is due to their availability for long time and the medium used, where anybody can try to join in.

  • All these apply to PAN and MAN as well!!

UTM, 23 May 2012


References

References

[1] Marius Popovici, Daniel Crisan, Zagham Abbas, "Wireless Networks", http://ftp.utcluj.ro/pub/users/cemil/rlc/Wireless%20Networks.ppt

[2] Peter Howard, "3G Security Overview", Presentation Slides, Vodafone, UK

[3] http://www.3gpp.org/ftp/Specs/html-info/FeatureOrStudyItemFile-60150.htm

[4] Colin Blanchard, "Security for the Third Generation (3G) Mobile System", Network Systems & Security Technologies.

[5] Myagmar, Gupta , “3G Security Overview”, Presentation Slides of UIUC 2001.

[6] Kim W. Tracy, "Wireless LAN Security", NEIU, University Computing www.neiu.edu/~ncaftori/355/Wireless.ppt

UTM, 23 May 2012


Smartening the environment using wireless sensor networks in a developing country

THANK YOU

UTM, 23 May 2012


Questions and answers

Questions and Answers

[email protected] , [email protected]

http://staff.iium.edu.my/sakib/

???

http://staff.iium.edu.my/sakib/ndclab

UTM, 23 May 2012


  • Login