Tuesday, January 14, 2020
3G network based security threats Essay
The key threats for 3G networks in perspective of integration of networks are: Wireless LAN customer who does not have access to 3G networks get access to 3G services without subscription. WLAN user gains access to 3G network and creates issues such as Denial of Service WLAN user gains access to 3G network and uses impersonation for using the service but charging other customers. Manipulation of charging when services like calls are transferred from one network to another. Application and Data related threats. Collection of login details and personal details that are transmitted over the network by using sniffing tools and mechanisms, especially when sufficient transport security is not set. Manipulation of information used for user authentication or service access to gain access to unauthorised services or manipulation of billing. Extracts personal information that are used at other places such as credit card information. Obtain information about user such as permanent identity in the network. Virus attacks from WLAN devices to other devices in the network Trojans and malicious software passed from one end-device to another. For volume based charging model, a rogue partner can flood the user with garbage packets to increase the invoiced amount. Malicious programs on the user terminal that increases the traffic to certain sites or content to illegally increase the traffic. Security Considerations for 3G-WLAN Integrated Networks. The security framework for 3G-WLAN integrated networks consists of various layers. Each security layer is independent of the other layers. However, there needs to be an overall security scheme that connects all the security requirements together. Also, since some of the vulnerabilities can happen at multiple layers, a holistic approach and framework is required to address all the risks of the special network. Authentication security at the user terminal. The authentication scheme in the case of 3G-WLAN should be based on a challenge response protocol similar to the existing mobile communication authentication scheme. This requires that the authentication details in the user terminal to be stored securely on UICC or SIM card. This should support mutual authentication and security mechanisms such EAP. Signalling and User Data Security. The subscriber needs to have the same level of security as the mobile access that is specified for the 3G networks. This means that the WLAN authentication and re-authentication mechanisms must be at the same levels as for 3G USIM based access. It needs to support the maintaining session key verification and maintenance. Also the 3G systems should provide the required keys with sufficient length and levels of entropy that are required by the WLAN subsystem. WLAN key agreement, distribution and authentication mechanism should be secure against any attacks by middlemen. The WLAN access technology between the user equipment and the access point/ network should be able to utilise the generated session keying material to ensure the integrity of the connection for authentication. Privacy of User Identity. The keys used by 3G AAA function that are used for the generation of temporary identities that is used for the communication between the network element and the user terminal should not be possible to recover. If it is possible to retrieve the keys, the permanent identity can be derived from any of the temporary identities. Also it should be possible to mask the different temporary identities corresponding to the permanent identity.