1 / 27

SECURITY IN MOBILE NETWORKS

SECURITY IN MOBILE NETWORKS. BY BHONGIRI ANAND RAJ VENKAT PAVAN RAVILISETTY NAGA MOHAN MADINENI. Introduction. Mobile communication - provides huge wireless connectivity in today’s world enabling mobility and computing in different communication environments.

toril
Télécharger la présentation

SECURITY IN MOBILE NETWORKS

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. SECURITY IN MOBILE NETWORKS BY BHONGIRI ANAND RAJ VENKAT PAVAN RAVILISETTY NAGA MOHAN MADINENI

  2. Introduction • Mobile communication - provides huge wireless connectivity in today’s world enabling mobility and computing in different communication environments. • In traditional e-commerce, due to lack of security, frauds are seen as the major obstacle to people. • web browsers and servers are enabled to use public infrastructures for cryptographic key distribution and use protocols such as SSL

  3. Need to ensure that client and server sides are not ignored. • Installing firewalls and intrusion detection systems, systems can be traced • Flexibility and functionality are key factors for creating successful e-commerce applications

  4. Some of the mechanisms in communication security are: • Confidentiality • Integrity • Authentication • Non repudiation • Location of the communication • The location of the communication, whether the communication is taking place or not are some of the mechanisms need to be private • Confidentiality of traffic, location and addresses of mobile network will depend on technology used.

  5. Depending on the protocols used, the types of authentication varies • For example, in SSL – has four different types of authentication • Server authentication • Client authentication • Both client and server’s authentication • No authentication, but, providing only confidentiality.

  6. Different groups have different importance regarding authentication. For example: • Network operators – interested in authenticating the users for billing purpose • Content service providers and users – will be interested in authenticating themselves and with the network service providers. These all authentications depend on business model and technology used • Public key cryptography – an essential element for SSL. Used for securing web communications. • Public key certificate • CA (certification authorities) digital signature on public key • some attributes

  7. CA ( certificate authority) – is a trusted third party (TTP) used to verify and certify the identity of public key owner before issuing certificate. • Security in heterogeneous networks – architectures depend on protocol layers which represents the way of modeling and implementing data transmission between the communication parties Figure: communication protocol layers

  8. Mobile applications like radio network span over different networks which complicates the security implementation and becomes difficult to obtain end to end security. • There will be difference between desired security service and the protocol layer For example, figure: security architecture using WTLS

  9. Usage of security • Common design makes security services as transparent as possible. but, this makes user to get less security information Figure: semantic protocol layer between human user and organizations • a good user interface indicated the combination of multimedia and optimal terminal design.

  10. Security of active content • Active content • allows sound and image animation • Provides the user with the ability to interact with server side during session • Active X, java applets are some of the examples • sandboxing and certification is used to counter threats from active content • Sandboxing • the active content is restricted in what resources it can access on the host system • Adv: always active and transparent to user • Disadv: limits the capabilities of active contents • Certification • trusted party has validated and digitally signed active content • Adv: can access all system resources • Disadv: certification is not equivalent with trustworthiness

  11. Security level of mobile communication • Level 1 security: • Implemented using passcode identification • User send the passcode to the mobile network and then it is compared with one in the database • Level 2 security: • Implemented using symmetric key schemes • Main feature is client able to authenticate the identity with gateway

  12. Figure: Generic model of level 2 secure mobile communication

  13. Level 3 security: • Implemented by asymmetric key schemes. • Client is able to authenticate the gateway’s identity Figure: Generic model of level 3 secure mobile communication

  14. Implementing the security levels in mobile communication • Mobile devices and networks need to support technologies and standards • Different models were proposed. But, communication between mobile device and trusted server is not secure. Clients are classified into following categories • No private key • One private key used for authentication or signing • Two or more private keys from which one is used for authentication and the other one for signing

  15. Implementation of security level 1 • The client sends the passcode by SMS or WAP • When verified, user is granted to access information • Implementation of security level 2 • Depends on capability of storing private keys • If not capable, private key must be stored either in mobile device or must be entered by user • Implementation of security level 3 • Depends on capability of client to store private keys • Generate the digital signature • If the client is not able to generate digital signatures, we use delegated PKI (public key infrastructure) signing ( means the security server signs on behalf of mobile device)

  16. Implementing security level 3 of mobile communications

  17. Some of the physical constraints of mobile communication systems are: • Broad-based medium: • Wireless medium is broad based medium • Extremely exposed to eavesdropping (spying) • Disconnections • Frequently gets disconnected due to high degree of noise and interference • Heterogeneity • Moving from one domain to other host encounters different levels of security and management policies • Highly distributed environment

  18. Some of the security threats are: • Device vulnerability : • Many mobile devices are small and light weight which leads to device being misplaced or lost • Raises a security concern as thief have chances to view some secret information • Domain crossing: • Happens when user mobile gets into a new location belonging to other domain and was registered • This raises some of the security matters • When entering into new domain, important for both user and foreign domain trust one and other

  19. Anonymity: • Mobile user wants to be anonymous to the outside domains • Authentication: • Mobile user crosses domain boundaries must be authenticated • Should not interfere with users task which requires the authentication to be transparent to user Some of the examples of mobile communication are: • Global System for Mobile communication (GSM): • Cellular Digital Packet Data (CDPD) • Mobile IP

  20. Conclusion • Mobile networks have positive side and negative side • The mobile network operators are well placed to become trusted third party and able to support the security applications. • Development of e-commerce technology, functionality and flexibility gets the highest priority as form the basis for new business model • The only hope is in future, mobile networks will be more secure

  21. What are the different encryption types and tools available in networks security? There are three types • Manual encryption: • Completely provided by the user • User has to manually select the objects for encryption such as files or folder and run some command to encrypt or decrypt these objects • Transparent encryption: • here the encryption/decryption is performed at a low level during all read/write operations • From the point of general security principles, complete low-level transparent encryption is the most secure type imaginable, easiest, and imperceptible for the user to manage

  22. Semi transparent encryption • This operates not permanently, but before or after access is made to confidential objects or during some read or write operations 2. How do you do authentication with a message digests MD5 in network? • MD5 is a cryptographic hash function with 128 bit has value output. • Used to check integrity of files or inputs. • An MD5 hash is expressed as a 32-character hex number. It takes the variable-length input and converts it into a fixed length output of 128-bits called as MD5 hash. • It is a one way hash function • Any change in the message would result in a completely different hash

  23. 3. What is routing protocol and routed protocol? • Routed protocol • Any protocol that provides enough information in its network layer address to allow a packet to be forwarded from host to host base on addressing scheme. • Routed protocols define the format and use of the fields within a packet. • Internet protocol (IP) is an example for routed protocol • Routing protocol • Support a routed protocol by providing mechanisms for sharing routing information.

  24. Routing protocol messages move between routers • The routing protocol allows the routers to communicate with other routers to update and maintain tables. 4. What are the different types of network security? • There are two types of network security • Physical security • It is important to physically secure your computer and its components so that unauthorized people cannot touch your computers and gain access to your network.

  25. Software security: • Along with securing your hardware it is necessary to protect your network from hackers and outside attackers • Keeping a firewall on the system to block unwanted data • Having maximum protection against viruses • Use spam filter software There are many more things to do to ensure complete network security.

  26. References • http://sky.fit.qut.edu.au/~josang/papers/JS2003-AISW.pdf • http://www.win.tue.nl/~jmarkovs/Application%20level%20security%20of%20mobile%20communications%20-%20MII2003%20final.pdf • http://www.docomoeurolabs.de/pdf/publications/STL_wpmc03_future_mobile.pdf • http://www.philadelphia.edu.jo/aiccsa2007/t3.pdf

  27. ?

More Related