Security architecture in the third generation networks

Proceedings of 2nd IEEE International Conference on Universal Personal Communications, 2000

Second generation mobile networks, as the Global System for Mobile Communications (GSM) and the Digital European Cordless Telecommunications (DECT) have been studied in the environment of the European mobile communications. These networks will be used for the nineties. However, third generation for mobile communications are being developed in order to join these networks and to provide a single access. This paper claims to give a description of the Universal Mobile Telecommunication System (UMTS) and the Future Public Land Mobile Telecommunications Systems (FPLMTS) and to make a comparison between them with regards to security. For this purpose, several aspects of security mainly related to functional entities, security architecture, call handling and location management are specially studied for both systems. The UMTS network is being developed within the European Commission's Research on Advanced Communications in Europe (RACE) in order to give telephonic mobile support in Europe and the rest of the world in the 2000s. In the UMTS network planning, an interface with other networks like the Universal Personal Telecommunications (UPT) has been defined and its integration with Broadband Integrated Services Digital Networks (BISDN) is being studied. Likewise it would be advisable to establish the compatibility between UMTS and FPLMTS. *

Computer Communications, 2004

In the last few years, we have witnessed an explosion in demand for security measures motivated by the proliferation of mobile/wireless networks, the fixed-mobile network convergence, and the emergence of new services, such as e-commerce. 3G-systems play a key role in this network evolution, and, thus, all stakeholders are interested in the security level supported in the new emerging mobile environment. This paper elaborates on the security framework in 3G mobile networks. The security requirements imposed by the different types of traffic, and by the different players involved (mobile users, serving network and service providers) are investigated. The security architecture, which comprises all the security mechanisms that are projected for the Universal Mobile Telecommunication System (UMTS) network, is analyzed. The employment of traditional security technologies, originally designed for fixed networking, such as firewalls, and static Virtual Private Network (VPN), in order to safeguard the UMTS core network from external attacks, as well as to protect user data when conveyed over the network are examined. Critical points in the 3G-security architecture that may cause network and service vulnerability are identified and discussed. Furthermore, proposals for the enhancement of the 3G-security architecture, and the provision of advanced security services to end-user data traffic within and outside the UMTS core network are discussed. The proposed enhancements can be easily integrated in the existing network infrastructure, and operate transparently to the UMTS network functionality. q IPsec IP security KAC key administration center MAC message authentication code MAP mobile application part MAPsec MAP security MS mobile station MT mobile terminal MSC mobile switching centre NE network entities NDS network domain security PS packet switched Rel-4 release 4 Rel-5 release 5 R99 release '99 RAND random challenge RES user response to challenge RNC radio network controller

2002

Security is a primary concern in mobile communication systems. Wireless access is inherently less secure, and mobility implies higher security risks than static operation. The security framework for 3G mobile systems is considered, and its principles and security requirements are discussed. Furthermore, the security features that are currently being standardized in 3GPP, as well as the emerging 3G-security architecture are elaborated. The focus is on the various mechanisms and protocols, which are employed to provide security at different levels, and on their effect on network operation.

Annales Des Télécommunications, 2000

The development of radio networks has brought the problem of security specifically related to mobility of terminals sharply into focus, and has created the need for radio network operators to implement new security functionalities. The security level of the analog radio mobile systems (the so-called “first generation ” systems was very low, and these systems were often exposed to massive fraud. The development of digital radio mobile systems (the so-called “second generation” systems: GSM, DECT,. allowed the systematic introduction of cryptology based protection mechanisms. Hence, for gsm networks for instance, the main fraud and confidentiality problems were taken into account at the design stage and a security architecture was implemented to provide security services to users and network operators. The third generation mobile telecommunication systems belonging to the imt- 2000 family (which are still under specification within standardisation bodies in particular within the 3gpp worldwide third generation partnership project) will, in the forthcoming years, provide a wide variety of services on a single terminal in a multi-environment (domestic, public, business), multi-operator, and multi-service provider context. Security will be based on second generation systems security functions that have proved to be needed and reliable, and shall be adapted and improved to resolve security threats underlying to new services supplied by third generation radio systems. This document presents examples of security solutions currently implemented for protecting second generation radio mobile systems against frauds and attacks and gives an overview of potential solutions for protecting future third generation radio mobile telecommunication systems. Le développement des réseaux radiomobiles a mis en évidence des problèmes de sécurité spécifiques liés à la mobilité des terminaux, ce qui a conduit les opérateurs de ces réseaux à implanter de nouvelles fonctions de sécurité. Les systèmes analogiques dits de première génération présentaient un niveau de sécurité très faible, et nombre de ces systèmes étaient exposés à des fraudes massives. Le développement des systèmes numériques dits de deuxième génération (GSM, dect, etc.) a permis l’introduction de mécanismes de protection basés sur la cryptologie. Ainsi, pour les réseaux gsm, les principaux problèmes de fraude et de confidentialité ont été pris en compte dès la conception du système, et une architecture de sécurité a été mise en place pour offrir des services de sécurité aux usagers et aux opérateurs. Les systèmes mobiles de troisième génération de la famille imt- 2000 (dont la spécification est en cours dans divers organismes de normalisation, en particulier le projet 3gpp de partenariat mondial sur la mobilité 3g) fourniront dans les années qui viennent un large éventail de services sur un même terminal, dans un contexte multi- environnement (domestique, public, professionnel), multi-exploitant, et multi-fournisseur de services. La sécurité sera basée sur les fonctions de sécurité des systèmes de deuxième génération qui ont démontré leur utilité et leur robustesse, mais elle sera adaptée pour résoudre les menaces inhérentes aux nouveaux services qui seront offerts par ces systèmes. Cet article présente des exemples de mécanismes de sécurité actuellement utilisés pour la protection des mobiles de deuxième génération contre les fraudes et les attaques, et donne un aperçu des solutions envisagées pour la protection des systèmes mobiles de troisième génération.

2006 IEEE International Conference on Industrial Informatics, 2006

This paper presents an in-depth analysis and evaluation of the security of UMTS. Four classes of attacks and threats are discussed in detail. Thereafter, the available security mechanism and services of UMTS are reviewed and evaluated. It is found that most of the potential attacks and threats can be thwarted by the available security services and mechanisms of UMTS.

CBU International Conference Proceedings, 2019

Mobile networks have been around us for decades, and life without them is difficult to reconstruct. Their gradual evolution has varied over time, depending on the requirements of their users. Originally, they were used only for the transmission of telephony, but transmission in the speech band today is mainly used for data transmission and telephony is in moderate attenuation. Various types of data can be transmitted via mobile networks due to their size or importance. In the area of ​​security, mobile networks are used from two basic points of view. The first aspect is the use for communication between the components of the electrical security system and the second is the transmission of information from the monitored object to the monitoring and alarm receiving center. The aim of the paper will be to point out the composition of mobile networks focusing on the functioning of cellular systems and the course of communication between individual parts of the system. The main view will...

IEEE Wireless Communications, 2004

The first generation of cellular mobile communications systems contained few if any security measures to protect the system operator and users. The second generation generally did a lot better, and contained entity authentication and confidentiality protection. Although this was a major improvement, security protection in the second generation left a lot to be desired. With the advent of 3G mobile systems a serious effort has been made to create a consistent security architecture based on the threats and risks a 3G system faces.

Wireless and Mobile Network Security, 2009

With the increase in popularity of mobile phones over landlines, the mobile telecommunication network has now become the primary source of communication for not only business and pleasure, but also for the many life and mission critical services such as E-911. These networks have become highly attractive targets to adversaries due to their heavy usage and their numerous vulnerabilities that may be easily exploited to cause major network outages.

2008

1997