We think you have liked this presentation. If you wish to download it, please recommend it to your friends in any social system. Share buttons are a little bit lower. Thank you!
Presentation is loading. Please wait.
Published byAshley McNulty
Modified over 4 years ago
U M T S F o r u m www.umts-forum.org © UMTS 2002 UMTS Security aspects UMTS Forum ICTG Chair Bosco Fernandes Siemens AG E-mail:firstname.lastname@example.org Tel.+49 89 722 25524 Brussels July 14th, 2003
U M T S F o r u m 2 © UMTS 2002 Overview Introduction Introduction Security architecture Security architecture Security implementations Security implementations Security technologies Security technologies Security in the cellular networks Security in the cellular networks Security and regulatory aspects Security and regulatory aspects Conclusion Conclusion
U M T S F o r u m 3 © UMTS 2002 Introduction 3G networks security analysis is a challenging issue Network security? Evaluation of security requirements from legislation, standardization, providers, and end-customers Threat and risk analysis of networks, services and applications Choice of adequate technical and organizational security solutions Authentication Legal requirements Network protection Availability Confidentiality Non-repudiation Integrity
U M T S F o r u m 4 © UMTS 2002 VPN router Corporate network Corporate network Transport network Unauthorized access to servers Modification of transmitted data User masquerade Eavesdropping of transmitted data Internet 1 2 End-to-End Security GSM/UMTS Peer-to-Peer Security 3 Security architecture Different types of network security have to interoperate: corporate/WLAN,Internet, public PLMN
U M T S F o r u m 5 © UMTS 2002 Security implementation Additional security at different levels implies additional costs Security levels and security scalability Security levels and security scalability security functions can be added at one or more different network levels and generally are realised in network, end systems and applications in parallel. security functions can be added at one or more different network levels and generally are realised in network, end systems and applications in parallel. additional security at different levels implies additional costs. additional security at different levels implies additional costs. Content Provider Layer Service Creation Layer Network Element Layer Physical Transmission Layer Network management Security Functions
U M T S F o r u m 6 © UMTS 2002 Security technologies There are lots of security products and more will come Infrastructure: PKI, firewalls... Infrastructure: PKI, firewalls... Algorithms: public key and secret key Algorithms: public key and secret key cryptosystems cryptosystems Protocols: IPsec, TLS, WTLSP… Protocols: IPsec, TLS, WTLSP… Applications: AAA, Certificates, PTD… Applications: AAA, Certificates, PTD… Terminal: anti-virus, biometrics… Terminal: anti-virus, biometrics… Privacy: P3P, Location based services… Privacy: P3P, Location based services…
U M T S F o r u m 7 © UMTS 2002 Security in cellular networks Specifications on Security UMTS relevant security mechanisms are mainly standardised by 3GPP and IETF. UMTS relevant security mechanisms are mainly standardised by 3GPP and IETF. The increasing use of IP-based protocols and applications in mobile networks expose those to additional threats and opens possible new security gaps; The increasing use of IP-based protocols and applications in mobile networks expose those to additional threats and opens possible new security gaps; There are functional entities in UMTS operators networks that are not UMTS specific and therefore not within of the 3GPP specs (e.g. routers, DHCP servers, e.t.c.). There are functional entities in UMTS operators networks that are not UMTS specific and therefore not within of the 3GPP specs (e.g. routers, DHCP servers, e.t.c.). standardisation is a major contributor for security functions but there are areas not within standardisation scope that need further investigation (e.g. network design, protection of network nodes, security analysis of IETF protocols in the UMTS context)
U M T S F o r u m 8 © UMTS 2002 Regulatory aspects The network is global, regulation is not Lawful interception Lawful interception Anti-fraud policy Anti-fraud policy Regional policy Regional policy Privacy Privacy
U M T S F o r u m 9 © UMTS 2002 Conclusion The UMTSF has completed a detailed analyses of implication of security requirements on 3G network, user device, content, service provider and applications. The report generated a number of questions to promote an understanding of the level of security and where it needs to be implemented. One of the most common mistakes that one can make when implementing security solutions is sub- optimising one part and neglecting another.
Network Security Chapter 1 - Introduction.
HUAWEI TECHNOLOGIES CO., LTD. Page 1 Femtocell Synchronization Analysis HUAWEI TECHNOLOGIES CO., LTD. Rock Xie.
Encrypting Wireless Data with VPN Techniques
Internet Protocol Security (IP Sec)
Security by Design A Prequel for COMPSCI 702. Perspective “Any fool can know. The point is to understand.” - Albert Einstein “Sometimes it's not enough.
0 0 0 BBWF Madrid October 2005 Access-independent Core Networks: Converging towards all-IP Andy Jones Head of Transmission & Interconnectivity Vodafone.
Security in VoIP Networks Juan C Pelaez Florida Atlantic University Security in VoIP Networks Juan C Pelaez Florida Atlantic University.
Nicolas FISCHBACH Senior Manager, IP Engineering/Security - COLT Telecom - version 1.0 Voice over IP (VoIP)
Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
1 Voice over Internet Protocol (VoIP) Security Affects on the IP Network Architecture Conference ICS – Wireless Group Meeting Tempe, Arizona.
1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.
RSVP Cryptographic Authentication "...RSVP requires the ability to protect its messages against corruption and spoofing. This document defines a mechanism.
1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:
1 Network Architecture and Design Advanced Issues in Internet Protocol (IP) IPv4 Network Address Translation (NAT) IPV6 IP Security (IPsec) Mobile IP IP.
World Class Standards ANFOV - Milano, 14 November 2007 – Paolo DE LUTIIS ANFOV - Milano, 14 November 2007 Autore:Paolo DE LUTIIS Telecom Italia Security.
Security Threats and Security Requirements for the Access Node Control Protocol (ANCP) IETF 67 - ANCP WG November 5-10, 2006 draft-moustafa-ancp-security-threats-00.txt.
Myagmar, Gupta UIUC G Security Principles Build on GSM security Correct problems with GSM security Add new security features Source: 3GPP.
Internet Protocol Security An Overview of IPSec. Outline: What Security Problem? Understanding TCP/IP. Security at What Level? IP Security.
A Security Pattern for a Virtual Private Network Ajoy Kumar and Eduardo B. Fernandez Dept. of Computer Science and Eng. Florida Atlantic University Boca.
January 23-26, 2007 Ft. Lauderdale, Florida IP Communications, Secure – By Design Roger W. Farnsworth.
© 2018 SlidePlayer.com Inc. All rights reserved.