Movatterモバイル変換

[0]ホーム
URL:

Skip to main content
Springer Nature Link
Log in

Security architectures for B3G mobile networks

  • Published:
Telecommunication Systems Aims and scope Submit manuscript

Abstract

This paper analyzes the security architectures employed in the interworking model that integrates third-generation (3G) mobile networks and Wireless Local Area Networks (WLANs), materializing Beyond 3G (B3G) networks. Currently, B3G networks are deployed using two different access scenarios (i.e., WLAN Direct Access and WLAN 3GPP IP Access), each of which incorporates a specific security architecture that aims at protecting the involved parties and the data exchanged among them. These architectures consist of various security protocols that provide mutual authentication (i.e., user and network authentication), as well as confidentiality and integrity services to the data sent over the air interface of the deployed WLANs and specific parts of the core network. The strengths and weaknesses of the applied security measures are elaborated on the basis of the security services that they provide. In addition, some operational and performance issues that derives from the application of these measures in B3G networks are outlined. Finally, based on the analysis of the two access scenarios and the security architecture that each one employs, this paper presents a comparison of them, which aims at highlighting the deployment advantages of each scenario and classifying them in terms of: a) security, b) mobility, and c) reliability.

This is a preview of subscription content,log in via an institution to check access.

Access this article

Log in via an institution

Subscribe and save

Springer+ Basic
¥17,985 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price includes VAT (Japan)

Instant access to the full article PDF.

Similar content being viewed by others

Explore related subjects

Discover the latest articles, news and stories from top researchers in related subjects.

References

  1. Aboba, B., & Beadles, M. (1999).The network access identifier. RFC 2486, Jan. 1999.

  2. Aboba, B., Blunk, L., Vollbrecht, J., Carlson, J., & Levkowetz, H. (2004).The Extensible Authentication Protocol (EAP). RFC 3748, Jun. 2004.

  3. Arkko, J., & Haverinen, H. (2006).EAP-AKA authentication. RFC 4187, Jan. 2006.

  4. Asokan, N., Niemi, V., & Nyberg, K. (2005).Man-in-the-middle in tunneled authentication protocols, 3364, 28–41.

  5. Borisov, N., Goldberg, I., & Wagner, D. (2001).Intercepting mobile communications: The insecurity of 802.11. 7th ACM/IEEE International Conference on Mobile Computing and Networking (MOBICOM), Rome, Italy, Jul. 2001.

  6. Calhoun, P., Loughney, J., Guttman, E., Zorn, G., & Arkko, J. (2003).Diameter base protocol. RFC 3588, Sep. 2003.

  7. Dutta, A., Zhang, T., Madhani, S., Taniuchi, K., Fujimoto, K., Katsube, Y., Ohba, Y., & Schulzrinne, H. (2004).Secure universal mobility for wireless internet. Proceedings of the 2nd ACM international workshop on Wireless mobile applications and services on WLAN hotspots (WMASH), Philadelphia, USA, Oct. 2004.

  8. Eastlake, D., & Jones, P. (2001).US Secure Hash Algorithm 1 (SHA1). RFC 3174, Sep. 2001.

  9. Eronen, P. (2006).IKEv2 Mobility and Multihoming Protocol (MOBIKE). RFC 4555, Jun. 2006.

  10. Haverinen, H., & Saloway, J. (2006).EAP-SIM authentication. RFC 4186, Jan. 2006.

  11. Kaufman, C. (2005).The Internet Key Exchange (IKEv2) protocol. RFC 4306, Dec. 2005.

  12. Kent, S., & Atkinson, R. (1998).IP Encapsulating Security Payload (ESP). RFC 2406, Nov. 1998.

  13. Kent, S., & Atkinson, R. (1998).IP Authentication Header (AH). RFC 2402, Nov. 1998.

  14. Kent, S., & Atkinson, R. (1998).Security architecture for internet protocol. RFC 2401, Nov. 1998.

  15. Kivinen, T., & Tschofenig, H. (2006).Design of the mobike protocol. RFC 4621, Aug. 2006.

  16. Krawczyk, H., Bellare, M., & Canetti, R. (1997).HMAC: Keyed-hashing for message authentication. RFC 2104, Feb. 1997.

  17. Laat, C., Gross, G., Gommans, L., Vollbrecht, J., & Spence, D. (2000).Generic AAA architecture. RFC 2903, Aug. 2000.

  18. Ntantogian, C., Xenakis, C., & Merakos, L. (2006).An enhanced EAP-SIM authentication scheme for securing WLAN. 15th IST Mobile & Wireless Communications, Myconos, Greece, Jun. 2006.

  19. Patel, S.Analysis of EAP-SIM session keys agreement. Lucent Technologies.

  20. Prasithsangaree, P., & Krishnamurthy, P. (2004). On a framework for energy-efficient security protocols in wireless networks.Computer Communications,27(17), 1716–1729.

    Article  Google Scholar 

  21. Rajavelsamy, R., Jeedigunta, V., Holur, B., Choudhary, M., & Song, O. (2005).Performance evaluation of VoIP over 3G-WLAN interworking system (Vol. 4, pp. 2312–2317). IEEE Wireless Communications and Networking Conference (WCNC), Mar. 2005.

  22. Rigney, C., Rubens, A., Simpson, W., & Willens, S. (1997).Remote Authentication Dial In User Services (RADIUS). RFC 2138, Apr. 1997.

  23. Saha, D., Mukherjee, A., Misra, I. S., & Chakraborty, M. (2004). Mobility support in IP: A survey of related protocols.IEEE Network,18(6), 34–40.

    Article  Google Scholar 

  24. Salkintzis, A. K. (2004). Interworking techniques and architectures for WLAN/3G integration toward 4G mobile data networks.IEEE Wireless Communications,11(3), 50–61.

    Article  Google Scholar 

  25. Whiting, D., Housley, R., & Ferguson, N. (2003).Counter with CBC MAC (CCM). RFC 3610, Sep. 2003.

  26. Xenakis, C., & Merakos, L. (2004). Security in third generation mobile networks.Computer Communications,27(7), 638–650.

    Article  Google Scholar 

  27. Xenakis, C., Laoutaris, N., Merakos, L., & Stavrakakis, I. (2006). A generic characterization of the overheads imposed by IPsec and associated cryptographic algorithms.Computer Networks,50(17), 3225–3241.

    Article  Google Scholar 

  28. IEEE Std 802.11 (1999).Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) specifications.

  29. IEEE Std 802.11X (2004).Port based network access control.

  30. IEEE Std 802.11i (2004).Wireless Medium Access Control (MAC) and Physical Layer (PHY) specifications: Medium Access Control (MAC) security enhancements.

  31. ETSI TS 100 922 (v7.1.1) (1999).Subscriber Identity Modules (SIM) functional characteristics, Jul. 1999.

  32. 3GPP TS 22.100 (v3.7.0) (2001).UMTS phase 1 release ’99, Oct. 2001.

  33. 3GPP Tdoc S3-0304 (2003).Cipher key separation or A/Gb security enhancements. SA3#29, Jul. 2003.

  34. 3GPP TS 23.234 (v7.3.0) (2006).3GPP system to WLAN interworking; system description. Release 7, Sep. 2006.

  35. 3GPP TS 33.234 (v7.2.0) (2006).3G security; WLAN interworking security; system description. Release 7, Sep. 2006.

Download references

Author information

Authors and Affiliations

  1. Security Group, Communication Networks Laboratory, Department of Informatics and Telecommunications, University of Athens, Panepistimioupolis, Ilisia, PC 15784, Athens, Greece

    Christos Xenakis & Christoforos Ntantogian

Authors
  1. Christos Xenakis

    You can also search for this author inPubMed Google Scholar

  2. Christoforos Ntantogian

    You can also search for this author inPubMed Google Scholar

Corresponding author

Correspondence toChristos Xenakis.

Rights and permissions

About this article

Access this article

Subscribe and save

Springer+ Basic
¥17,985 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price includes VAT (Japan)

Instant access to the full article PDF.

Advertisement

[8]ページ先頭
©2009-2025 Movatter.jp