analysis of 2g and 3g mobile security l.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Analysis of 2G and 3G Mobile Security PowerPoint Presentation
Download Presentation
Analysis of 2G and 3G Mobile Security

Loading in 2 Seconds...

play fullscreen
1 / 26

Analysis of 2G and 3G Mobile Security - PowerPoint PPT Presentation


  • 375 Views
  • Uploaded on

Analysis of 2G and 3G Mobile Security. Roy Campbell. UIUC : Roy Campbell Dennis Mickunas, Jalal Al-Muhtadi Sarosh Havewala. Motorola : Bruce Briley John Wang Rong Wang Lily Chen. Participants. Contents. Motorola study of wireless security protocols Present Proposed Approach

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Analysis of 2G and 3G Mobile Security' - MikeCarlo


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
participants
UIUC:

Roy Campbell

Dennis Mickunas,

Jalal Al-Muhtadi

Sarosh Havewala

Motorola:

Bruce Briley

John Wang

Rong Wang

Lily Chen

Participants
contents
Contents
  • Motorola study of wireless security protocols
    • Present
    • Proposed
  • Approach
  • Other UIUC SRG security and mobile system research
gsm security
GSM Security
  • Analysis of
    • existing 2nd Generation (2G) CDMA and GSM security frameworks.
    • 3rd Generation (3G) CDMA and GSM network security proposals.
  • Analyzing various aspects of 3G encryption and authentication techniques and their impact upon performance.
internet security
Internet Security
  • IP/TCP/application layer security mechanisms effectiveness and performance over wireless networks
  • Comparative performance analyses of the various security mechanisms (literature versus our studies)
  • Security threat evaluation
2g gsm security
2G GSM Security
  • Private Key
    • A3 Key Negotiation
    • A8 Key Generation
    • A5 Encryption
    • Private Key encrypts message to server
    • Server generates random number for session key
3g gsm security scenarios
3G GSM Security Scenarios

The effect of deploying security mechanisms under different scenarios and the impact on performance and security

  • Integration with Internet
  • Web Access
  • Multimedia
  • QoS
  • Network Applications
  • Levels of Service
  • Bandwidth
security features within different components
Security Features within different Components

Studying existing security features and their effectiveness under different traffic scenarios and QoP.

  • User
  • Subscriber
  • UMTS terminal equipment
  • Network operator
  • Service provider
user security features
User Security Features
  • location confidentiality
  • identity confidentiality
  • traffic confidentiality
  • traffic integrity
  • non-repudiation
  • user events, numbering, service profile
  • access control
subscriber security features
Subscriber Security Features
  • Subscriber access to service profile
  • user action authorization
  • incontestable charging
  • privacy of charging data
  • integrity of charging data
  • charging limitation
terminal equipment
Terminal Equipment
  • Location confidentiality
  • Authentication of user to terminal
  • Access control to terminal
  • Terminal numbering
network operator security
Network Operator Security
  • Databases
  • Re-authentication
  • Blacklisting
  • Tracing of users
  • User action authorization
  • Subscription authorization
  • Tracing of terminal equipment
user security features cont
User Security Features Cont.
  • Signaling and control data
    • confidentiality
    • origin authentication
    • integrity
  • Authentication
    • user to user
    • network operator to user
    • service provider to user
plan of action
Plan of Action
  • Using “Simulation” software to model wireless communications networks, protocols, mobile devices, and various security mechanisms.
  • Existing Simulators: OPNET, OMNET++, C++Sim (others)
  • Alternatively, implementing our own simulator.
slide15

Evaluating Performance over Wireless Links

i1000plus

Internet

Evaluating

different

authentication

&

encryption

mechanisms

Base

Gateway

Base

slide16

Modeling Wireless Communication

Security plug-ins

Internet

Java Virtual

Cell phone

Java Virtual

Cell phone

Simulating A

wireless link

over TCP/IP

Gateway

Java Virtual

Base

Java Virtual

Base

uiuc srg security and mobile system research secure active network
UIUC SRG Security and Mobile System Research:Secure Active Network
  • Seraphim interoperable secure active networks
  • Role based access control policies
  • Dynamic security enforcement using active capability
corba security services
CORBA Security Services

Object Implementation

Client

  • Standard object interfaces for accessing security services
  • Authentication, non-repudiation, and access control
  • Interoperability between different security mechanisms
  • Interoperability among different policy domains

A

B

request

*

interceptor

ORB

SecIOP

ORB

SESAME

Use & generate security information in the IOR

security components
Security Components

Application Client

ApplicationServer

ActiveCapability/Certificates

ActiveCapability/Certificates

Stub

BOA

ORB

Dynamic

Policies

Security Mechanisms

Network Transport

2k global distributed mobile object system
2k: Global Distributed Mobile Object System
  • Mobile users, resources, dynamic networks
  • Infrastructure for smart spaces
  • Network-centric user-oriented view
  • Components
  • Security
  • Distributed object solutions
slide21

Profile

Service

2K

Env.

Service

Office 3201

Naming

Service

QoS

Office 3234

slide22

IDL Interface

GSS-API

TinySESAME

Ñ

A Light-Weight Security Mechanism: Tiny UIUC SESAME

dynamic security policy with risk values
Dynamic Security Policy with Risk Values
  • Policy representation framework supports:
    • Discretionary Access Control(DAC)
    • Double DAC
    • Role Base Access Control
    • Assignment of Risk values to different entities and dynamically changing them
    • Non-Discretionary Access Control including Mandatory Access Control(MAC)
    • GUI for building and administrating policies
palmpilot integration in 2k

Profile

Server

Environment

Service

Environment

Implementation

Repository

2K Camera

Device Driver

PalmPilot Integration in 2K

System Bootstrapping

2k

System Utilization

2

1

3

4

5

6

Camera

7

streaming video to palm pilot
Streaming Video to Palm Pilot

MPEG Stream

  • Palm Pilot
    • lacks processing power to decode MPEG
  • Video proxy
    • transforms MPEG streams
    • reduces
      • frame rate, color depth, size
    • sends compressed bitmaps

Video Proxy

Compressed Bitmap Stream

loadable protocols
Loadable Protocols
  • Transparently change CORBA networking
  • Dynamically loadable transport protocols
  • Supports multi-protocol applications
  • IP multicast protocol module (IPM)
  • Multicast used for discovery/allocation

TAO

GIOP

TCP/IIOP

LDP

UDP

IP Multicast