UMTS security

UMTS security

The Universal Mobile Telecommunications System (UMTS) is one of the new ‘third generation’ 3G mobile cellular communication systems. UMTS builds on the success of the ‘second generation’ GSM system. One of the factors in the success of GSM has been its security features. New services introduced in UMTS require new security features to protect them. In addition, certain real and perceived shortcomings of GSM security need to be addressed in UMTS.

Entity authentication

UMTS provides mutual authentication between the UMTS subscriber, represented by a smart card application known as the USIM (Universal Subscriber Identity Module), and the network in the following sense 'Subscriber authentication': the serving network corroborates the identity of the subscriber and 'Network authentication': the subscriber corroborates that he is connected to a serving network that is authorised, by the subscribers home network, to provide him with services.

ignalling data integrity and origin authentication


*Integrity algorithm agreement: the mobile station and the serving network can securely negotiate the integrity algorithm that they use.
*Integrity key agreement: the mobile and the network agree on an integrity key that they may use subsequently; this provides entity authentication.

User traffic confidentiality

*Ciphering algorithm agreement: the mobile and the station can securely negotiate ciphering algorithm that they use.

*Cipher key agreement: the mobile and the station agree on a cipher key that they may use.
*Confidentiality of user and signalling data: neither user data nor sensitive signalling data can be overheard on the radio access interface.

Network domain security

The term ‘network domain security’ in the 3G covers security of the communication between network elements. In particular, the mobile station is not affected by network domain security. The two communicating network elements may both be in the same network administrated by a mobile operator or they may belong to two different networks.

MAPSEC

The basic idea of MAPSEC can be described as follows. The plaintext MAP message is encrypted and the result is put into a ‘container’ in another MAP message. At the same time a cryptographic checksum, i.e. a message authentication code covering the original message, is included in the new MAP message. To be able to use encryption and message authentication codes, keys are needed. MAPSEC has borrowed the notion of a security association (SA) from IPsec.

IP multimedia system security

The IP multimedia subsystem (IMS) is a core network subsystem within UMTS. It is based on the use of the Session Initiation Protocol (SIP)26 to initiate, terminate and modify multimedia sessions such as voice calls, video conferences, streaming and chat. SIP is specified by the Internet Engineering Task Force (IETF)27. IMS also uses the IETF Session Description Protocol (SDP)28 to specify the session parameters and to negotiate the codecs to be used. SIP runs on top of different IP transport protocols such as the User Datagram Protocol (UDP) and the Transmission Control Protocol (TCP). A 3G IMS subscriber has one IP multimedia private identity (IMPI) and at least one IP multimedia public identity (IMPU). To participate in multimedia sessions, an IMS subscriber must register at least one IMPU with the IMS. The private identity is used only for authentication purposes.


Wikimedia Foundation. 2010.

Игры ⚽ Поможем решить контрольную работу

Look at other dictionaries:

  • AKA (security) — AKA stands for the Authentication and Key Agreement. It is a security protocol used in 3G networks.AKA is also used for one time password generation mechanism for Hypertext Transfer Protocol (HTTP) Digest access authentication. The HTTP… …   Wikipedia

  • GSM — For other uses, see GSM (disambiguation). The GSM logo is used to identify compatible handsets and equipment GSM (Global System for Mobile Communications, originally Groupe Spécial Mobile), is a standard set developed by the European… …   Wikipedia

  • Архитектура системы безопасности в сетях LTE — Архитектура системы безопасности в сетях LTE  это структура сотовой сети стандарта LTE, описанная в технических спецификациях 3GPP TS 33.401[1] и 3GPP TS 33.402[2], которая включает набор методов, позволяющих обеспечить безопасную связь… …   Википедия

  • List of Nokia products — This list is incomplete; you can help by expanding it. The following is a list of products branded by Nokia Corporation. This list concentrates on the modern Nokia products.[1] Most Nokia phones will show their model number if the user types… …   Wikipedia

  • 3G — is the third generation of mobile phone standards and technology, superseding 2.5G. It is based on the International Telecommunication Union (ITU) family of standards under the IMT 2000 [Clint Smith, Daniel Collins. 3G Wireless Networks , page… …   Wikipedia

  • Liste der Telekommunikationsstandards — Liste von Standards und Richtlinien aus der Telekommunikation. Inhaltsverzeichnis 1 ETSI 1.1 Nomenklatur 1.1.1 derzeit gültige Nomenklatur 1.1.2 vorherige Nomenklatur …   Deutsch Wikipedia

  • Alteon — Nortel Logo de Nortel Networks Corporation Création 1895 à Montréal …   Wikipédia en Français

  • Alteon WebSystems — Nortel Logo de Nortel Networks Corporation Création 1895 à Montréal …   Wikipédia en Français

  • Bay networks — Nortel Logo de Nortel Networks Corporation Création 1895 à Montréal …   Wikipédia en Français

  • Corporation Nortel Networks — Nortel Logo de Nortel Networks Corporation Création 1895 à Montréal …   Wikipédia en Français

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”