smartening the environment using wireless sensor networks in a developing country al-sakib khan...
Post on 23-Dec-2015
214 Views
Preview:
TRANSCRIPT
Smartening the Environment using Wireless Sensor Networks in a Developing Country
Smartening the Environment using Wireless Sensor Networks in a Developing Country
Al-Sakib Khan PathanDepartment of Computer ScienceInternational Islamic University Malaysia
Wireless Network Security
3G, 4G Wireless PAN/LAN/MAN
Wireless Network Security
3G, 4G Wireless PAN/LAN/MAN
UTM, 23 May 2012
Guided and Unguided Media
• All types of communications need some kind of medium.
• The information is encoded in a signal that is carried through a medium.– Quality depends on the characteristics of the
medium.
• Two main groups of transmission media, namely the guided medium and the wireless medium.
2UTM, 23 May 2012
Guided and Unguided Media
• For the guided medium, there is a physical path (such as a cable) for electromagnetic wave propagation.
• For the wireless medium, the electromagnetic wave is transmitted through air, water, or vacuum (space).
• A wireless medium is also called an unguided medium.
3UTM, 23 May 2012
Wireless LAN
• A wireless LAN or WLAN is a wireless local area network that uses radio waves as its carrier.
• The last link with the users is wireless, to give a network connection to all users in a building or campus.
• The backbone network usually uses cables.
4UTM, 23 May 2012
Wireless Network? Security?
5UTM, 23 May 2012
Source: http://www.pinellascomputers.com/wp-content/uploads/2011/07/wireless-networking-wifi-internet-setup.jpg
Wireless Network Features
• Wireless networks are treated as having more vulnerabilities than wired networks because of their – shared nature– naturally broadcasted states– unclear perimeters– invisible access
6UTM, 23 May 2012
What other “Wireless”?
• 3G Wireless Networks– 3G or 3rd generation mobile
telecommunications is a generation of standards for mobile phones and mobile telecommunication services fulfilling the International Mobile Telecommunications-2000 (IMT-2000) specifications by the International Telecommunication Union.
– Application services include wide-area wireless voice telephone, mobile Internet access, video calls and mobile TV, all in a mobile environment.
7UTM, 23 May 2012
What other “Wireless”?
• 4G Wireless Networks– In telecommunications, 4G is the fourth generation
of cell phone mobile communications standards. It is a successor of the third generation (3G) standards.
– 4G system provides mobile ultra-broadband Internet access, for example to laptops with USB wireless modems, to smartphones, & to other mobile devices.
– Conceivable applications include amended mobile web access, IP telephony, gaming services, high-definition mobile TV, video conferencing, 3D television.
8UTM, 23 May 2012
3G Wireless
9UTM, 23 May 2012
Source: http://www.topglobalusa.com/images/j041.gif
A Cell Tower
10UTM, 23 May 2012
3G and WiFi
11UTM, 23 May 2012
S: http://www.cryptech.com.au/wp-content/uploads/2010/03/difference-between-3g-mobile-broadband-and-wifi-wireless-network.png
What they have in Common?
• Wireless unguided medium.• Potential threat from anybody within the
range of wireless coverage/communication.
• Attenuation.• Distortion during signal propagation.• Noises.
• Do all of these impact security?
12UTM, 23 May 2012
Security Viewing Angles
• Viewing Angle 1– (a) Key Management– (b) Secure Routing – (c) Secure Services– (d) Intrusion Detection Systems (IDS) [outsider, insider]
• Viewing Angle 2– (a) Physical security– (b) Deployment security (sparse or dense, etc.) – (c) Topological security (cluster/flat, hierarchy/tree, etc.)– (d) Wireless communication security– (e) Data security
13UTM, 23 May 2012
Security Viewing Angles
• Viewing Angle 3: Holistic Security– (a) Application layer security– (b) Transport layer security– (c) Network layer security– (d) Data link layer security– (e) Physical layer security
• Holistic Security? – Still open research issue!
14UTM, 23 May 2012
Main Security Aspects
• Authentication• Authorization• Privacy/Confidentiality• Integrity• Non-repudiation
15UTM, 23 May 2012
3G Security: Background
• One of the aspects of GSM that has played a significant part in its global appeal is its set of security features
• GSM was the first public telephone system to use integrated cryptographic mechanisms
• GSM security model has been adopted, modified and extended for DECT, TETRA and 3GPP
16UTM, 23 May 2012
3GPP
• The 3rd Generation Partnership Project (3GPP) is a collaboration between groups of telecommunications associations, known as the Organizational Partners.
• The initial scope of 3GPP was to make a globally applicable 3G mobile phone system specification based on evolved Global System for Mobile Communications (GSM) specifications within the scope of the International Mobile Telecommunications-2000 project of the ITU.
17UTM, 23 May 2012
3GPP Security Principles
• Ensure that 3G security builds on the security of GSM where features that have proved to be needed and that are robust shall be adopted for 3G
• Ensure that 3G security improves on the security of second generation systems by correcting real and perceived weaknesses
• Ensure that new 3G security features are defined as necessary to secure new services offered by 3G
18UTM, 23 May 2012
3G Security Objectives
• Ensure that– information generated by or relating to a user is
adequately protected against misuse or misappropriation.
– the resources and services provided are adequately protected against misuse or misappropriation.
– the security features standardized are compatible with world-wide availability.
– the security features are adequately standardized to ensure world-wide interoperability and roaming between different serving networks.
19UTM, 23 May 2012
3G Security Objectives
• Ensure that– the level of protection afforded to users and
providers of services is better than that is provided in contemporary fixed and mobile networks (including GSM).
– the implementation of 3GPP security features and mechanisms can be extended and enhanced as required by new threats and services.
20UTM, 23 May 2012
3G Requirements Capture
• Based on the threat analysis, a comprehensive list of security requirements were captured and categorized
• The security requirements help identify which security features need to be introduced in order to counteract the threats
• The requirements capture has led to the identification of additional security features beyond those retained from GSM
21UTM, 23 May 2012
3G Security Arch: Background
22UTM, 23 May 2012
Source:Peter Howard , Vodafone, UKPresentation Slides
3G R99 Security Features (beyond GSM)
• Protection against active attacks on the radio interface– New integrity mechanism added to protect critical
signaling information on the radio interface– Enhanced authentication protocol provides
mutual authentication and freshness of cipher/integrity key towards the user
• Enhanced encryption– Stronger algorithm, longer key– Encryption terminates in the radio network
controller rather than the base station
23UTM, 23 May 2012
3G R99 Security Features (beyond GSM)
• Core network security– Some protection of signaling between network
nodes
• Potential for secure global roaming– Adoption of 3GPP authentication by TIA TR-45 /
3GPP2
24UTM, 23 May 2012
3G Security Architecture
25UTM, 23 May 2012
Home Environment (HE)Serving Network (SN)Access Network (AN)Mobile Terminal (MT)Terminal Equipment (TE)User Services Identity Module (USIM)
3G Network Architecture
26UTM, 23 May 2012
Circuit/ SignalingGateway
2G/2.5G2G
IN Services
Call Agent
FeatureServer(s)
RNC
3G
Data + Packet Voice
Circuit Switch
CircuitNetwork
Packet Network(Internet)
Packet Gateway
Radio Access Control
Voice
Mobility Manager
IP CoreNetwork
IP RAN
Intelligent Network (IN)Radio Network Controller (RNC)IP Radio Access Network (IP RAN)
Source: Presentation Slides of Myagmar, Gupta: UIUC, USA, 2001
Improved Security Features, 1
• Network Authentication– The user can identify the network
• Explicit Integrity– Data integrity is assured explicitly by use of
integrity algorithms– Also stronger confidentiality algorithms with
longer keys
• Network Security– Mechanisms to support security within and
between networks
27UTM, 23 May 2012
Improved Security Features, 2
• Switch Based Security– Security is based within the switch rather than
the base station
• IMEI Integrity– Integrity mechanisms for IMEI (International
Mobile Equipment Identity) provided from the start
• Secure Services– Protect against misuse of services provided by
SN and HE
28UTM, 23 May 2012
Improved Security Features, 3
• Secure Applications– Provide security for applications resident on
USIM
• Fraud Detection– Mechanisms to combating fraud in roaming
situations
• Flexibility– Security features can be extended and
enhanced as required by new threats and services
29UTM, 23 May 2012
Improved Security Features, 4
• Visibility and Configurability– Users are notified whether security is on and
what level of security is available– Users can configure security features for
individual services
• Compatibility– Standardized security features to ensure world-
wide interoperability and roaming– At least one encryption algorithm exported on
world-wide basis
30UTM, 23 May 2012
Improved Security Features, 5
• Lawful Interception– Mechanisms to provide authorized agencies
with certain information about subscribers
31UTM, 23 May 2012
Problems of 3G Security, 1
• IMSI (International Mobile Subscriber Identity) is sent in cleartext when allocating TMSI (Temporary Mobile Subscriber Identity) to user.
• The transmission of IMEI (International Mobile Equipment Identity) is not protected; IMEI is not a security feature.
• A user can be enticed to camp on a false BS. Once the user camps on the radio channels of a false BS, the user is out of reach of the paging signals of SN.
32UTM, 23 May 2012
Problems of 3G Security, 2
• Hijacking outgoing/incoming calls in networks with disabled encryption is possible. The intruder poses as a man-in-the-middle and drops the user once the call is set-up.
33UTM, 23 May 2012
4G Security?
• Two issues are at the forefront of 4G development:– the verification of users and – the limitation of network access in the
heterogeneous architecture.
• Other vulnerabilities involve providers utilizing different systems and the basis of user-centered design, which allows users to select their preferred connection method.
34UTM, 23 May 2012
Wireless PAN
• WPAN?– A wireless personal area network (WPAN) is a
personal area network - a network for interconnecting devices centered around an individual person's workspace - in which the connections are wireless.
• IrDA (Infrared Data Association)• Bluetooth• Wireless USB• Z-Wave• ZigBee• Body Area Network
35UTM, 23 May 2012
Wireless LAN/MAN
• WLAN?– Wireless connected LAN.
• WMAN?– A metropolitan area network (MAN) is a computer
network that usually spans a city or a large campus. A MAN usually interconnects a number of local area networks (LANs) using a high-capacity backbone technology, such as fiber-optical links, and provides up-link services to wide area networks (or WAN) and the Internet. Wireless Version!!
36UTM, 23 May 2012
What About Security?
• Common solutions may work in each type of network.
• Basic wireless security barriers are present but based on characteristics and network settings, things may be different and may demand specific security measures.
• Based on different standards, different security requirements are met.
37UTM, 23 May 2012
What About Security?
Two security services are mainly emphasized:
• Authentication– Shared Key Authentication
• Privacy/Confidentiality (Encryption)– Wired Equivalence Privacy
• Other aspects are often requirement specific.
38UTM, 23 May 2012
WLAN Security?
• 802.11 standard specifies the operating parameters of wireless local area networks (WLAN)– History: 802.11, b, a, g, i
• Minimal security in early versions.• Original architecture not well suited for
modern security needs.• 802.11i attempts to address security
issues with WLANs.
39UTM, 23 May 2012
IEEE 802.11b
• Wired Equivalent Privacy (WEP)– Confidentiality
• Encryption– 40-bit keys (increased to 104-bit by WEP2)– Based on RC4 algorithm
• Access Control– Shared key authentication + Encryption
• Data Integrity– Integrity checksum computed for all messages
40UTM, 23 May 2012
IEEE 802.11b
• Vulnerabilities in WEP– Poorly implemented encryption
• Key reuse, small keys, no keyed MIC
– Weak authentication– No key management– No interception detection
41UTM, 23 May 2012
IEEE 802.11b: Attacks
• Successful attacks on 802.11b– Key recovery - AirSnort– Man-in-the-middle– Denial of service– Authentication forging– Known plaintext– Known ciphertext
42UTM, 23 May 2012
IEEE 802.11i
• IEEE 802.11i-2004 or 802.11i, implemented as WPA2 (Wi-Fi Protected Access II), is an amendment to the original IEEE 802.11.
• The draft standard was ratified on 24 June 2004
• Later amendments in 2007 and 2012!
43UTM, 23 May 2012
Original IEEE 802.11i
• Security Specifications– Improved Encryption
• CCMP (AES), TKIP (Temporal Key Integrity Protocol), WRAP (Wireless Robust Authenticated Protocol)
– 2-way authentication– Key management– Ad-hoc network support– Improved security architecture
44UTM, 23 May 2012
802.11i Authentication
45UTM, 23 May 2012
802.11 Encryption
46UTM, 23 May 2012
802.11i: Potential Weaknesses
• Hardware requirements– Hardware upgrade needed for AES (Advanced
Encryption Standard) support• Strength of TKIP and WRAP questionable in the long term
– AS (auth. server) needed for 2-way authentication
• Complexity– The more complex a system is, the more likely it may
contain an undetected backdoor
• Patchwork nature of “fixing” 802.11b
47UTM, 23 May 2012
Connecting WLAN – Control?
• Options:– May be connected securely (WPA2, 802.11i, etc.)– If unsecured, connect to your secure systems
securely:• VPN – Virtual Private Network• SSL connections to secure systems
– Be careful not to expose passwords– Watch for direct attacks on untrusted networks
48UTM, 23 May 2012
802.11i Improvements
• 802.11i appears to be a significant improvement over 802.11b from a security standpoint
• Vendors are nervous about implementing 802.11i protocols due to how quickly WEP was compromised after its release
• Time will tell how effective 802.11i actually is• Wireless networks will not be completely secure
until the standards that specify them are designed from the beginning with security in mind
49UTM, 23 May 2012
Remarks – WLAN Security
• Wireless LAN Security also could be benefited by the advancements of security measures for other networks.
• The main reason that WLANs are attacked is due to their availability for long time and the medium used, where anybody can try to join in.
• All these apply to PAN and MAN as well!!
50UTM, 23 May 2012
References
[1] Marius Popovici, Daniel Crisan, Zagham Abbas, "Wireless Networks", http://ftp.utcluj.ro/pub/users/cemil/rlc/Wireless%20Networks.ppt
[2] Peter Howard, "3G Security Overview", Presentation Slides, Vodafone, UK
[3] http://www.3gpp.org/ftp/Specs/html-info/FeatureOrStudyItemFile-60150.htm
[4] Colin Blanchard, "Security for the Third Generation (3G) Mobile System", Network Systems & Security Technologies.
[5] Myagmar, Gupta , “3G Security Overview”, Presentation Slides of UIUC 2001.
[6] Kim W. Tracy, "Wireless LAN Security", NEIU, University Computing www.neiu.edu/~ncaftori/355/Wireless.ppt
51UTM, 23 May 2012
THANK YOU
52UTM, 23 May 2012
Questions and Answers
sakib.pathan@gmail.com , sakib@iium.edu.my
http://staff.iium.edu.my/sakib/
???53UTM, 23 May 2012
http://staff.iium.edu.my/sakib/ndclab
top related