We think you have liked this presentation. If you wish to download it, please recommend it to your friends in any social system. Share buttons are a little bit lower. Thank you!
Presentation is loading. Please wait.
Published byAshley McNulty
Modified over 2 years ago
U M T S F o r u m © UMTS 2002 UMTS Security aspects UMTS Forum ICTG Chair Bosco Fernandes Siemens AG Tel Brussels July 14th, 2003
U M T S F o r u m 2 © UMTS 2002 Overview Introduction Introduction Security architecture Security architecture Security implementations Security implementations Security technologies Security technologies Security in the cellular networks Security in the cellular networks Security and regulatory aspects Security and regulatory aspects Conclusion Conclusion
U M T S F o r u m 3 © UMTS 2002 Introduction 3G networks security analysis is a challenging issue Network security? Evaluation of security requirements from legislation, standardization, providers, and end-customers Threat and risk analysis of networks, services and applications Choice of adequate technical and organizational security solutions Authentication Legal requirements Network protection Availability Confidentiality Non-repudiation Integrity
U M T S F o r u m 4 © UMTS 2002 VPN router Corporate network Corporate network Transport network Unauthorized access to servers Modification of transmitted data User masquerade Eavesdropping of transmitted data Internet 1 2 End-to-End Security GSM/UMTS Peer-to-Peer Security 3 Security architecture Different types of network security have to interoperate: corporate/WLAN,Internet, public PLMN
U M T S F o r u m 5 © UMTS 2002 Security implementation Additional security at different levels implies additional costs Security levels and security scalability Security levels and security scalability security functions can be added at one or more different network levels and generally are realised in network, end systems and applications in parallel. security functions can be added at one or more different network levels and generally are realised in network, end systems and applications in parallel. additional security at different levels implies additional costs. additional security at different levels implies additional costs. Content Provider Layer Service Creation Layer Network Element Layer Physical Transmission Layer Network management Security Functions
U M T S F o r u m 6 © UMTS 2002 Security technologies There are lots of security products and more will come Infrastructure: PKI, firewalls... Infrastructure: PKI, firewalls... Algorithms: public key and secret key Algorithms: public key and secret key cryptosystems cryptosystems Protocols: IPsec, TLS, WTLSP… Protocols: IPsec, TLS, WTLSP… Applications: AAA, Certificates, PTD… Applications: AAA, Certificates, PTD… Terminal: anti-virus, biometrics… Terminal: anti-virus, biometrics… Privacy: P3P, Location based services… Privacy: P3P, Location based services…
U M T S F o r u m 7 © UMTS 2002 Security in cellular networks Specifications on Security UMTS relevant security mechanisms are mainly standardised by 3GPP and IETF. UMTS relevant security mechanisms are mainly standardised by 3GPP and IETF. The increasing use of IP-based protocols and applications in mobile networks expose those to additional threats and opens possible new security gaps; The increasing use of IP-based protocols and applications in mobile networks expose those to additional threats and opens possible new security gaps; There are functional entities in UMTS operators networks that are not UMTS specific and therefore not within of the 3GPP specs (e.g. routers, DHCP servers, e.t.c.). There are functional entities in UMTS operators networks that are not UMTS specific and therefore not within of the 3GPP specs (e.g. routers, DHCP servers, e.t.c.). standardisation is a major contributor for security functions but there are areas not within standardisation scope that need further investigation (e.g. network design, protection of network nodes, security analysis of IETF protocols in the UMTS context)
U M T S F o r u m 8 © UMTS 2002 Regulatory aspects The network is global, regulation is not Lawful interception Lawful interception Anti-fraud policy Anti-fraud policy Regional policy Regional policy Privacy Privacy
U M T S F o r u m 9 © UMTS 2002 Conclusion The UMTSF has completed a detailed analyses of implication of security requirements on 3G network, user device, content, service provider and applications. The report generated a number of questions to promote an understanding of the level of security and where it needs to be implemented. One of the most common mistakes that one can make when implementing security solutions is sub- optimising one part and neglecting another.
Encrypting Wireless Data with VPN Techniques. Topics Objectives VPN Overview Common VPN Protocols Conclusion.
Internet Protocol Security (IP Sec). Securing Intranets and Extranets at all levels.
© 2006 IBM Corporation Introduction to z/OS Security Lesson 4: There’s more to it than RACF.
Network Security Chapter 1 - Introduction. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,
Introduction to Network Security INFSCI 1075: Network Security Amir Masoumzadeh.
GSC: Standardization Advancing Global Communications Telecommunication Security Herbert Bertine Chairman, ITU-T SG 17 SOURCE:ITU-T TITLE:ITU-T Security.
ITU-TSG16 ITU-T Standardization Seminar – Madrid, December 2002 H.323 and some Security-related issues – a presentation in two parts Simão Ferraz.
GSC Global Standards Collaboration GSC#10 28 August – 2 September 2005 Sophia Antipolis, France ITU-T Security Standardization Herb Bertine Chairman ITU-T.
BZUPAGES.COM BSIT BZUPAGES.COM BSIT ON.
1 IEEE MEDIA INDEPENDENT HANDOVER DCN: sec Title: Security Group TR Date Submitted: 20 th January, 2009 Presented at IEEE
Security Policy. TOPICS Objectives WLAN Security Policy General Security Policy Functional Security Policy Conclusion.
International Telecommunication Union ITU-T Network Security Initiatives Mike Harrop Rapporteur SG17 Q4 ETSI Security Workshop January 2007.
Overview of ETSIs Technical Groups - The ETSI Approach David Boswarthick Technical Officer TC M2M © ETSI All rights reserved.
UMTS and Beyond Prof. Hamid Aghvami Centre for Telecommunications Research - Kings College London Wireless Multimedia Communications Ltd.
Virtual Private Networks (VPNs) VPNs allow secure, remote, connections… but they don’t protect you from a compromised remote PC.
Security Controls and Systems in E-Commerce Prof. Mohamed Aly Aboul - Dahab Head of Electronic and communications Engineering Department Arab Academy for.
Omniran ecsg 1 IEEE 802 OmniRAN ECSG Results and Proposals Scope of IEEE 802, gaps and proposed ways forward
© ITU Telecommunication Development Bureau (BDT) – E-Strategy Unit.. Page - 1 Building Confidence in E-government Services ITU-T Workshop on.
The Whole/Hole of Security Public (DoD) v. Corporate Carl Bourland US Army Judge Advocate Generals Corps.
International Telecommunication Union WTSA Preparatory meeting for Africa Victoria Falls, Zimabawe, June 2004 Security Standardization in ITU-T Telecommunication.
Chapter 11 E-Commerce Security. Electronic CommercePrentice Hall © Learning Objectives 1.Document the trends in computer and network security attacks.
Unpublished © Telemetry Associates Ltd – SMARTHOUSEII-M4.ppt slide no 1 SMARTHOUSE logo copyright Telemetry Associates Ltd. SMARTHOUSE – Second Open.
HIPAA Security Presentation to The American Hospital Association Dianne Faup Office of HIPAA Standards November 5, 2003.
===!"§ Deutsche Telekom The Technology Neutrality Concept Used to Perpetuate Regulation into NGN ITU NGN-Workshop Geneva, March 2006 Hasan Alkas.
1 NISTIR 7628 Guidelines to Smart Grid Cyber Security Volume II: Privacy Briefing February 16, 2011 CSWG Privacy Subgroup Lead: Rebecca Herold
Identity and Locators in IPv6 IAB Meeting IETF 60 August 2004.
University of Murcia (Spain) New Security Services Based on PKI Antonio F. Gómez Skarmeta University of Murcia SPAIN.
FP7 Security Theme /1 FP7-SEC INFO DAY Sept – Brussels Clément WILLIAMSON - European Commission – DG Enterprise & Industry 4 Security missions.
Architectural Approaches to Multi-Homing for IPv6 A Walk-Through of draft-huston-multi6-architectures-00 Geoff Huston June 2004.
© 2017 SlidePlayer.com Inc. All rights reserved.