U M T S F o r u m © UMTS 2002 UMTS Security aspects UMTS Forum ICTG Chair Bosco Fernandes Siemens AG

Slides:



Advertisements
Similar presentations
Network Security Chapter 1 - Introduction.
Advertisements

Encrypting Wireless Data with VPN Techniques
Internet Protocol Security (IP Sec)
Security by Design A Prequel for COMPSCI 702. Perspective “Any fool can know. The point is to understand.” - Albert Einstein “Sometimes it's not enough.
0 0 0 BBWF Madrid October 2005 Access-independent Core Networks: Converging towards all-IP Andy Jones Head of Transmission & Interconnectivity Vodafone.
Security in VoIP Networks Juan C Pelaez Florida Atlantic University Security in VoIP Networks Juan C Pelaez Florida Atlantic University.
Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
1 Voice over Internet Protocol (VoIP) Security Affects on the IP Network Architecture Conference ICS – Wireless Group Meeting Tempe, Arizona.
Research Seminar on Telecommunications Business IPSEC BUSINESS Henri Ossi.
1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.
RSVP Cryptographic Authentication "...RSVP requires the ability to protect its messages against corruption and spoofing. This document defines a mechanism.
1 Network Architecture and Design Advanced Issues in Internet Protocol (IP) IPv4 Network Address Translation (NAT) IPV6 IP Security (IPsec) Mobile IP IP.
World Class Standards ANFOV - Milano, 14 November 2007 – Paolo DE LUTIIS ANFOV - Milano, 14 November 2007 Autore:Paolo DE LUTIIS Telecom Italia Security.
A Security Pattern for a Virtual Private Network Ajoy Kumar and Eduardo B. Fernandez Dept. of Computer Science and Eng. Florida Atlantic University Boca.
January 23-26, 2007 Ft. Lauderdale, Florida IP Communications, Secure – By Design Roger W. Farnsworth.
1 © NOKIA Presentation_Name.PPT / DD-MM-YYYY / Initials Company Confidential The Internet offers no inherent security services to its users; the data transmitted.
Doc.: IEEE /0407r0 Submission Andrew Myers, BT Slide 1 March 2004 WLAN Backend System Security and WLAN Interworking Security Andrew Myers British.
Evaluation of an internet protocol security based virtual private network solution Thesis written by Arto Laukka at TeliaSonera Finland Oyj SupervisorProfessor.
G53SEC 1 Mobile Security GSM, UTMS, Wi-Fi and some Bluetooth.
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 30 Internet Security.
Mobile and Wireless Security INF245 Guest lecture by Bjorn Jager Molde University College.
Applied Cryptography for Network Security
NCHU AI LAB Implications of Unlicensed Mobile Access for GSM security From : Proceeding of the First International Conference on Security and Privacy for.
CS 689 (Research Methods) Security in Asynchronous Transfer Mode(ATM) By SOBHA SIRIPURAPU.
NETWORK SECURITY.
Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.
© 2007 Cisco Systems, Inc. All rights reserved.ISCW-Mod3_L7 1 Network Security 2 Module 6 – Configure Remote Access VPN.
LEVERAGING UICC WITH OPEN MOBILE API FOR SECURE APPLICATIONS AND SERVICES Ran Zhou 1 9/3/2015.
32.1 Chapter 32 Security in the Internet: IPSec, SSL/TLS, PGP, VPN, and Firewalls Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction.
1 Chapter 9 E- Security. Main security risks 2 (a) Transaction or credit card details stolen in transit. (b) Customer’s credit card details stolen from.
Remote Access Chapter 4. Learning Objectives Understand implications of IEEE 802.1x and how it is used Understand VPN technology and its uses for securing.
Lesson 20-Wireless Security. Overview Introduction to wireless networks. Understanding current wireless technology. Understanding wireless security issues.
Introduction to Secure Messaging Issues Russ Chung, American Eagle Group The Open Group Messaging Forum July 24, 2003.
UNIVERSITY OF PATRAS Department of Electrical & Computer Engineering Wireless Telecommunications Laboratory M. Tsagkaropoulos “Securing.
©The McGraw-Hill Companies, Inc., 2000© Adapted for use at JMU by Mohamed Aboutabl, 2003Mohamed Aboutabl1 1 Chapter 29 Internet Security.
2003/12/291 Security Aspects of 3G-WLAN Interworking 組別: 2 組員: 陳俊文 , 李奇勇 , 黃弘光 , 林柏均
Chapter 4 Application Level Security in Cellular Networks.
Privacy, Confidentiality, and Security Unit 8: Professional Values and Medical Ethics Lecture 2 This material was developed by Oregon Health & Science.
Wireless Network Security Presented by: Prabhakaran Theertharaman.
1 University of Palestine Information Security Principles ITGD 2202 Ms. Eman Alajrami 2 nd Semester
Privacy, Confidentiality, and Security Component 2/Unit 8c.
11 SECURING NETWORK COMMUNICATION Chapter 9. Chapter 9: SECURING NETWORK COMMUNICATION2 OVERVIEW  List the major threats to network communications. 
Topic 1 – Introduction Huiqun Yu Information Security Principles & Applications.
On Requirements for Mobile Commerce By Aj.Pongthep Termsnguanwong.
Cryptography and Network Security Chapter 16 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Wireless security Wi–Fi (802.11) Security
Information Security Measures Confidentiality IntegrityAccessibility Information cannot be available or disclosed to unauthorized persons, entities or.
1 Network Security: Introduction Behzad Akbari Fall 2009 In the Name of the Most High.
Analysis of SIP security Ashwini Sanap ( ) Deepti Agashe ( )
1 Network Security Maaz bin ahmad.. 2 Outline Attacks, services and mechanisms Security attacks Security services Security Mechanisms A model for Internetwork.
UNIT 7 SEMINAR Unit 7 Chapter 9, plus Lab 13 Course Name – IT482 Network Design Instructor – David Roberts – Office Hours: Tuesday.
CS457 Introduction to Information Security Systems
Virtual Private Networks
IEEE 802 OmniRAN EC SG July 2013 Conclusion
IEEE 802 OmniRAN EC SG July 2013 Conclusion
UNIT.4 IP Security.
Cryptography and Network Security Chapter 16
Computer Security Network Security
SECURITY MECHANISM & E-COMMERCE
CONFIDENTIALITY, INTEGRITY, LEGAL INTERCEPTION
امنیت شبکه علی فانیان
SECURING WIRELESS LANS WITH CERTIFICATE SERVICES
IS4680 Security Auditing for Compliance
Cryptography and Network Security
ITU-T Workshop on Security, Seoul (Korea), May 2002
LM 7. Cellular Network Security
Global One Communications
Unit # 1: Overview of the Course Dr. Bhavani Thuraisingham
Security Insights: Secure Messaging
Presentation transcript:

U M T S F o r u m © UMTS 2002 UMTS Security aspects UMTS Forum ICTG Chair Bosco Fernandes Siemens AG Tel Brussels July 14th, 2003

U M T S F o r u m 2 © UMTS 2002 Overview Introduction Introduction Security architecture Security architecture Security implementations Security implementations Security technologies Security technologies Security in the cellular networks Security in the cellular networks Security and regulatory aspects Security and regulatory aspects Conclusion Conclusion

U M T S F o r u m 3 © UMTS 2002 Introduction 3G networks security analysis is a challenging issue Network security? Evaluation of security requirements from legislation, standardization, providers, and end-customers Threat and risk analysis of networks, services and applications Choice of adequate technical and organizational security solutions Authentication Legal requirements Network protection Availability Confidentiality Non-repudiation Integrity

U M T S F o r u m 4 © UMTS 2002 VPN router Corporate network Corporate network Transport network Unauthorized access to servers Modification of transmitted data User masquerade Eavesdropping of transmitted data Internet 1 2 End-to-End Security GSM/UMTS Peer-to-Peer Security 3 Security architecture Different types of network security have to interoperate: corporate/WLAN,Internet, public PLMN

U M T S F o r u m 5 © UMTS 2002 Security implementation Additional security at different levels implies additional costs Security levels and security scalability Security levels and security scalability security functions can be added at one or more different network levels and generally are realised in network, end systems and applications in parallel. security functions can be added at one or more different network levels and generally are realised in network, end systems and applications in parallel. additional security at different levels implies additional costs. additional security at different levels implies additional costs. Content Provider Layer Service Creation Layer Network Element Layer Physical Transmission Layer Network management Security Functions

U M T S F o r u m 6 © UMTS 2002 Security technologies There are lots of security products and more will come Infrastructure: PKI, firewalls... Infrastructure: PKI, firewalls... Algorithms: public key and secret key Algorithms: public key and secret key cryptosystems cryptosystems Protocols: IPsec, TLS, WTLSP… Protocols: IPsec, TLS, WTLSP… Applications: AAA, Certificates, PTD… Applications: AAA, Certificates, PTD… Terminal: anti-virus, biometrics… Terminal: anti-virus, biometrics… Privacy: P3P, Location based services… Privacy: P3P, Location based services…

U M T S F o r u m 7 © UMTS 2002 Security in cellular networks Specifications on Security UMTS relevant security mechanisms are mainly standardised by 3GPP and IETF. UMTS relevant security mechanisms are mainly standardised by 3GPP and IETF. The increasing use of IP-based protocols and applications in mobile networks expose those to additional threats and opens possible new security gaps; The increasing use of IP-based protocols and applications in mobile networks expose those to additional threats and opens possible new security gaps; There are functional entities in UMTS operators networks that are not UMTS specific and therefore not within of the 3GPP specs (e.g. routers, DHCP servers, e.t.c.). There are functional entities in UMTS operators networks that are not UMTS specific and therefore not within of the 3GPP specs (e.g. routers, DHCP servers, e.t.c.). standardisation is a major contributor for security functions but there are areas not within standardisation scope that need further investigation (e.g. network design, protection of network nodes, security analysis of IETF protocols in the UMTS context)

U M T S F o r u m 8 © UMTS 2002 Regulatory aspects The network is global, regulation is not Lawful interception Lawful interception Anti-fraud policy Anti-fraud policy Regional policy Regional policy Privacy Privacy

U M T S F o r u m 9 © UMTS 2002 Conclusion The UMTSF has completed a detailed analyses of implication of security requirements on 3G network, user device, content, service provider and applications. The report generated a number of questions to promote an understanding of the level of security and where it needs to be implemented. One of the most common mistakes that one can make when implementing security solutions is sub- optimising one part and neglecting another.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.