أمن المعلومات

/
: :
4 : 4/2003/ 26 : :
28/4/2003 :

. "
G3
"
"IMT-2000 2000
"" .

.

.

.

.
.

.
.

.
.

.
. .
.
:

Mobile Computing

.
.

WAP
.
:

. .
:
. .
.
G1 analog
. 1980 .
AMPS .FDMA
G2 :
. 9.6 .
1990 .
CDMA
GSM

.TDMA Paging Cordless
Phone Cellular Phone
.
G2:5 .
2005
.
GPRS EDGE 384 .
2000 .
.
G3
2 .
WCDMA
) EDGE GSM 384 (
2002 2005 .
.
(
" IMT-2000" 2000 "ITU
CDMA2000
UMTS WCDMA .

:
.

.
2 .
.
2 .
.

.

.
G4 2010
. 20
.
:

. .
WAP I-mode
) (
.
""
.
Wireless Application Protocol " " .
"
" .
WAP

.

.
.
) (3 "" .
proxy server .
WAP proxy server Gateway encoder
decoder "" WML
"" WWW HTML "" .
.

.
HTML WML
.

www .
WML MMM WAP
.

.
:

.
.
.
:
.
. (
) .(1 :
(:Mobile station (MS .

(Subscriber Identity Module (SIM
.
.
International Mobile Equipment Identity IMEL SIM
International Mobile Subscriber Identity IMSI
IMIS IMEI
.
**** (Station System (BSS
. **** (Transceiver Station (BTS
**** (Station Controller (BSC BTS

. .
BSC MSC

Handover
( .
.
:Switching System
.
.
(Mobile Switching Center (MSC

PSTN ISDN MSC (Home Location Register (HLR
(Visitor Location Register (VLR .
) HLR
( .
VLR
. .
.
. Authentication Center
((AUC

.
(Equipment Identity Register (EIR
IMEL
.
(An Operation and Support System (OSS
. .

.
Cellular BTS
Cell
BTS BSC BSC MSC
ISMI .K
HLR MSC MS
MSC . MSC
MS VLR MSC VLR MS MSC .
AUC .
:
GSM
(
.
(
.
: GSM :

Authentication : . )
( A3 =<
. .
Encryption : .
A8 =< A5
=< . .
Confidentiality :
IMSI .
.
SIM :
.
Secure Application Layer :
.
Transparency : .
.
Minimized Trust : HE ..SN
: GSM
Active Attacks : BTS .

.
Key Transmission :
.
Limited Encryption Scope :
BTS
.
Channel Hijack : .
.
Implicit Data Integrity :
.
Unilateral Authentication : .
.
Weak Encryption Algorithms :
. 128 .
Unsecured Terminal :
.
Lawful Interception & Fraud : .
Lack of Visibility :
HE SN .
Inflexibility : .
:

:
.

.
.
:

.

.

.

.

.

.

. :

Home Environments
.Serving Network

.

:
Mutual Authentication .
AKA
.
.
Explicit Integrity :
.
Network Security : .

Switch **** Security :
. .

IMEI : IMEI
.
Strong Encryption Algorithms
.
Secure Services : HE .SN
USIM : SIM .

PIN .
Secure Applications USIM
Fraud Detection .
Flexibility : .
Visibility & Configurability :
.

.
.
Compatibility : Interoperability
.
Lawful Interception :
.
User Confidentiality : IMIS
. TMSI VLR
IMSI .TMSI
Date Integrity and Confidentiality :
AKA .
.

.
.
:
IMSI TMSI .
IMEI .
- .
.
.
:
.
.
.
.
:

.
.

.
G3

.

.

.

.
.

. .
.

.

.
.

".."
""
.

.
:

.
:
. 1 :

.
. 2 : .
.
. 3 :
.
. 4 : .
.
.
:
: .

.
. :
.1

.
. 2

.
. 3
.
. 4
.
. 5

.
. 6
.
. 7

" "

.
. 8

.
. 9

.
:

:
. 1
.
.2 .
. 3 .
.4 .
. 5
.
. 6
WTLS SSL

.
. 7
.

.
:

"" .
:

.

.

.

. "

.

.
: " "
.
.1

.
.2 " "
:
. :
.1 .
. 2 .
. 3
.
. 4
.
.5 .
.6 .
.7 .
. 8 "
.
.9 .
. 10
.
. 11
.
.12 .
.13 .
. 14
4 .
. :
:
.1 .
.2 .
.3 .

.4 SSL
.
. 5
.
. 6

.
.7 .
.8 .
.9 .
.10 .
.11 Cookies File ""
.
. 12 .
. 13
.
.14 .
.15 .
.16 .
:

.
.

.
: "
" .

.
:
: Privacy

.
: Integrity

.
: Authenticity

.
: Non-Repudiation

.
:
. 1
.
. 2
.
.3 .
. 4
.
. 5
.
.6 Cyber Forensics
.
:

.

.
.
.
: .

. .
. .

. .
.

.
.

.

.

:
. 1
.
.
. 2 .
. 3 .
. 4 .
: .
. 5 :

.
.

) .( 4
.

.

.
.
.
.
.
.
.

.
.
. 1 " " .2001

.2 " ."2000
.3 " " .2001
Bounds Nadine M. Dart Susan. "The Beginning to your CM solution." 26 Nov .4
:2001. URL
http://www.sei.cmu.edu/legacy/scm/paper/CM_Plans/CMPlans.MasterToC.html28
.Feb 2002
Fraser B. "Site Security Handbook." September 1997. .5
.URL:http://www.zvon.org/tmRFC/RFC2196/Output/chapter2.html 24 Feb 2002
.Security Complete. San Francisco: Cybex 2001. 17-40 .6
.http://www.ericson/org .7
./http://www.itu.int .8
.http://www.ac.com/ecommerce/mcommerce_trends.html .9
.Pehrson.WAP. The Catalyst of the Mobile Internet. Ericson/ Review No.1200 .10
./http://www.nttdocomo.com .11
/http://www.wapforum.org .12
Sandra K. Miller Facing the Challenge of Wireless Security. Computer pp.16-18 .13
.July 2001
U. Varshney R.J. Vetter and R. Kalakota Mobile Commerce: A New Frontier .14
.Computer pp. 32-38 Oct.2000
.3G TS 33.120 Security Principles and Objectives .15
.http://www.arib.or.jp/IMT-2000/ARIB-spec/ARIB/21133-310. PDF
.Redl Weber Oliphant "An Introduction to GSM" Artech House 1995 .16
.3G TR 33.900 A Guide to 3rd Generation Security .17
.ftp://ftp.3gpp.org/TSG_SA/WG3_Security/_Specs/33900-120.pdf

.

.

.
.
.
Abstract
The mobile wireless networks represent the next technology trends. The arrival of
third Generation (3G) wireless networking technologies has opened up a new horizon
for the provision of timely and effective mobile wireless data services. The 3G offers
the promise of the internet connectivity video conferencing and worldwide roaming in
a small handled terminal in any place and at any time. This paper provides an over
view of 3G technologies starting with the previous generation. It then describes their
security aspects. In the process we focus on the current generation security features
and the 3G security objectives and features. Next some risks facing the information
security and some proposed solutions will be mentioned. Finally the idea of security
.policy and its importance in protecting the information will b e presented

أمن المعلومات

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

أمن المعلومات

Uploaded by

Copyright:

Available Formats

/

Active Attacks : BTS .

. 1 " " .2001

You might also like