Security in Wireless Systems
6. The VLR returns the status to the MSC.
7. The MSC sends a message to the MS with a success or failure indication. Both GSM and North American systems use the international mobile equipment identity (IMEI) stored in the equipment identity register (EIR) to check mal- functions and fraudulent equipment. The EIR contains a valid list (list of valid mobiles), a suspect list (list of mobiles under observation), and a fraudulent list (list of mobiles for which service is barred) (see Figure 7.9 for call fl ow).
7.8.2 Security in GPRS
The general packet radio service (GPRS) allows packet data to be sent and received across a mobile network (GSM). GPRS can be considered an extension to the GSM network to provide 3G services. GPRS has been designed to allow users to con- nect to the Internet, and as such is an essential fi rst step toward 3G networks
IMEI Request
IMEI Response
Check IMEI
IMEI Check Results (IMEI)
IMEI: International Mobile Equipment Identity MSC MS 1 2 3 4 EIR FIGURE 7.9
Equipment identity check.
CH07-P374463.indd 196
197
for all mobile operations. In GPRS, TMSI is replaced by P-TMSI and P-TMSI signa- ture as alternative identities. The HLR GPRS register maps between internet pro- tocol (IP) addresses and IMSI.
GPRS security functionality is equivalent to the existing GSM security. Authentication and encryption setting procedures are based on the same algo- rithms, keys, and criteria as in GSM systems.
GPRS provides identity confi dentiality to make it diffi cult to identify the user. This is achieved by using a temporary identity where possible. When possible, confi dentiality also protects dialed digits and addresses. As in GSM, the device is authenticated by a challenge-response mechanism. This only verifi es that the smart card within the device contains the correct key. GPRS does not provide end-to-end security so there is a point where the data is vulnerable to eavesdropping or attack. If this point can be protected, e.g., in a physically secure location, this is not a prob- lem. However, if end-to-end security is required, there are other standards that can be used over GPRS; such as the wireless application protocol (WAP) and Internet protocol security (IPSec).
In GPRS authentication is performed by serving GPRS support node (SGSN) instead of VLR. The encryption is not limited to radio part, but it is up to SGSN. An IP address is assigned after authentication and ciphering algorithm negotiation.
7.8.3 Security in UMTS
The security in universal mobile telecommunications services (UMTS) is built upon the security of GSM and GPRS. UMTS uses the security features from GSM that have proved to be needed and robust. UMTS security tries to ensure com- patibility with GSM in order to ease interworking and handoff between GSM and UMTS. The security features in UMTS correct the problems with GSM by address- ing its real and perceived security weaknesses. New security features are added as necessary for new services offered by UMTS and to take into account the changes in network architecture. In UMTS the SIM is called UMTS SIM (USIM).
UMTS uses public keys. In UMTS mutual authentication between the mobile and BS occurs; thus there is no fake BS attack. UMTS has increased key lengths and provides end-to-end security. The other security features of UMTS are listed below:
■ Subscriber individual key K.
■ Authentication center and USIM share – User-specifi c secret key K ;
– Message authentication functions f 1 , f2 ; and – Key generating functions f3 , f4 , f5 .
■ The authentication center has a random number generator.
■ The authentication center has a scheme to generate fresh sequence numbers.
■ USIM has a scheme to verify freshness of received sequence numbers.
■ Authentication functions f1 , f2 are: – MAC (XMAC); and
– RES (XRES).
7.8 Security in GSM, GPRS, and UMTS
CH07-P374463.indd 197
198 CHAPTER 7 Security in Wireless Systems
■ Key generating functions f 3 , f4 , f5 are: – f3 : ciphering key CK (128 bit); – f4 : integrity key IK (128 bit); and – f5 : anonymity key AK (128 bit).
■ Key management is independent of equipment. Subscribers can change handsets without compromising security.
■ Assure the user and network that CK/IK have not been used before.
■ For operator-specifi c functions, UMTS provides an example called Milenage based on the Rijndael block cipher.
■ Integrity function f9 and ciphering function f8 are based on the Kasumi block cipher.
7.9 DATA SECURITY
The primary goals in providing data security are confi dentiality, integrity, and availability. Confi dentiality deals with the protection of data from unauthorized disclosures of customers and proprietary information. Integrity is the assurance that data has not been altered or destroyed. Availability is to provide continuous operations of hardware and software so that parties involved can be assured of uninterrupted service.
In this section, we focus upon commonly used data security methods includ- ing fi rewalls, encryption, and authentication protocols.
7.9.1 Firewalls
Firewalls have been used to prevent intruders from securing Internet connection and making unauthorized access and denial of service attacks to the organization network. This could be for a router, gateway, or special purpose computer. The fi rewalls examine packet fl owing into and out of the organization network and restrict access to the network. There are two types of fi rewalls: (1) packet fi lter- ing fi rewall, and (2) application-level gateway.
The packet fi lter examines the source and destination address of packets passing through the network and allows only the packets that have acceptable addresses. The packet fi lter also examines IP addresses and TCP (transmission control protocol) ports. The packet fi lter is unaware of applications and what an intruder is trying to do. It considers only the source of data packets and does not examine the actual data. As a result, malicious viruses can be installed on an autho- rized user computer, giving the intruder access to the network without authorized user knowledge.
The application-level gateway acts as an intermediate host computer between the outside client and the internal server. It forces everyone to log in to the gate- way and allows access only to authorized applications. The application-level
CH07-P374463.indd 198