This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.
In telecommunication systems, the security plays an essential role. Telecommunication systems are used for exchanging the data in various formats where users expect much security. In this paper, I wish to analyze a particular system called UMTS and investigate its security issues and explore it. The paper gives a comprehensive outline of the current threats to the UMTS in the Telecommunication systems and increased security features which have been delineated to meet these requirements and a general idea for the future enhancements for the improvement of the current system which is fighting against the threats giving an idea for the security aspects in Operations, Administration, Maintenance and Provisioning of the system considered.
The UNIVERSAL MOBILE TELECOMMUNICATION SYSTEM (UMTS) is an advancement of the GLOBAL SYSTEM FOR MOBILE COMMUNICATION (GSM). When the 1G technology was introduced there was not enough security and also very few security threats neither. Then 2G evolved from the 1st generation which was much secured and also reliable where GSM was used and it was very successful. Even now many countries are using the GSM technology. As the technologies evolve security was increased but security threats also increased simultaneously which is made the researchers to come to the next generation called 3G. UMTS works on the 3G technology which helps to overcome the security threats in the 2G such as eavesdropping and masquerading which was a big threat to it. The novel feature of the 2G is the SUBSCRIBER IDENTITY MODULE (SIM) which has all the details about the user and the security-related data that a user should have to make or receive a call. UMTS has a massive potential in answering to the challenge of sustaining heterogeneous traffic like audio, video, data and MMS communication with voice in all kind of environments [3GPP TR 33.900 (1.2.0), â€œA Guide to 3G Securityâ€Â, January 2000]. Even though 2G has many advantages it also have weaknesses, and hence UMTS security was addressed to its real and perceived weakness. The insubstantiality of the 2G technology is as follows
False base station attack
Encryption does not extend far enough to the core network
No provision for data integrity
User authentication and channel hijack depends upon the usage of encryption
Fraud and legal interception was not considered
UMTS is evolved to overcome these problems. The main objective of the UMTS architecture design is not to offer a complete security system, but to build a system such that it is flexible to face new challenges. The UMTS works on WCDMA (Wideband Core Division Multiple Access). The below diagram gives an outline of the basic structure of the 3G network
Fig 1: Basic architecture of 3G network [http://www.umtsworld.com/technology/system.htm]
This paper is organized as follow and analyzes the security threats in the UMTS system. Section 1 contains the Overview of the security aspect in UMTS. Section 2 contains the remedies for the security threats in UMTS. Section 3 gives an outline about the Operations, Administration, Maintenance and Provisioning of the system and Section 4 concludes the paper.
SECTION 1: OVERVIEW OF THE SECURITY ASPECTS IN UMTS
The security threats in the UMTS system are,
Eavesdropping: The intruder can listen to the signaling associated with other subscribers or their data connections [Niemi, Nyberg, 2003].
Fig 2: eavesdropping [https://www.owasp.org/images/4/48/Eavesdropping.jpg]
Impersonation of a user: The intruder interacts with the network as the actual subscriber.
Impersonation of the network: The intruder interacts with the subscriber as if he/she is receiving signals from the network.
Man-in-the-middle attack: The intruder put himself between two communicating subscribers (a user and the network), to enable him for many actions counting replaying, eavesdropping, deleting, re-ordering, modifying, and spoof signaling and the data user uses by using the modified BS/MS.
Fig 3: Man in the middle attack
Authentication vectors in the network: Enables the intruder to take control of a compromised authentication vector by conciliating network nodes or links. For the attacks the intruder needs an altered Mobile Station (MS) and/or an altered Base Station (BS). To be in detail with the different attacks the intruder can make out with the above capabilities can carry out against the UMTS system is explained as follows .
Denial Of Service (DOS)
The attacker with an altered MS can send a de-registration request to the subscribing network and can simultaneously send instructions to the Home Location Register (HLR) to do the same and also instead of sending a de-registration request, the attacker will be sending a location request from another area instead of the area the subscriber is situated at present resulting in the subscriber paged into the new area. When the attacker with an altered BS/MS puts himself/herself in-between the Serving Network (SN) and the subscriber target.
Catching the Identity
The subscriber has a personal identity though which he/she can subscribe can be traced by the attacker by using the altered BS and MS when the network asks the subscriber for their identity to send in a clear text in some cases. The attacker traces the identity both actively and passively.
Impersonation of the network resulting in eavesdropping
When a call setup is activated the ciphering capabilities of the MS will be modified by the attacker and it will be appearing to the network such that there is a genuine mismatch of the authentication algorithm and the ciphering. Due to this problem, the network will try to produce a solution by establishing an un-enciphered connection and hence the attacker cuts the connection and impersonates the network to the target subscriber.
Impersonation of the user
The attacker with an altered MS and BS pages the target subscriber for an incoming call, and make the user to set up a call which it allows to occur. The attacker modifies the signaling elements appearing to the service providing network that the subscriber wants to subscribe a mobile originated call. The attacker then disconnects the connection with the subscriber and makes fraudulent calls using the subscription of the genuine user. The attacker also modifies the ciphering capabilities of the MS to restrain the encryption. If the network does not enable the encryption mode for the subscriber the attacker can hijack the calls from and to the subscriber or even all the calls outgoing and incoming from the service provider.
These are all the various attacks against the 3G technology (UMTS) and in the next section I will elaborate about the remedies for the security threats against the attackers in the UMTS.
SECTION 2: REMEDIES FOR THE SECURITY THREATS IN UMTS
In this section I will be explaining about the remedies for the security threats mentioned above in the UMTS system.
Integrity Protection and Location Update: Integrity protection is the most important thing in the critical signaling. The service providing network verifies the de-registration request for replay and integrity. The location update request is also mandatory which will be protected against modification and replay. Hence the integrity proportion of critical signaling messages protect from the DOS attack because it is difficult to modify the signaling by attackers. However the system cannot prevent the attacker from relying on messages.
Usage of the Temporary Identities: The use of temporary identities called TMSI (Temporary Mobile Subscriber Identity) on radio interface which has a local significance which is combined with the LAI (Location Area Identifier) which protects from the attacker in the passive identity catching and it does not work much with the active identity catching. The user identity does not commence complete security.
Data Authentication and Replay Protection: Data authentication and replay protection is a mandatory command in cipher mode which allows the subscribers to check that security has not been suppressed. The configurability and visibility of security prevents the system from the attackers who try to observe the communication. At the initial stage of the 3G systems the RRC (Radio Resource Control) connection establishes after the MS sending its security capabilities to SRNC (Serving Radio Network Controller). This security capability is sent clearly which can be modified by the man-in-the-middle (attacker). But now in the recent times, the SRNC includes the security capabilities of MS which is a most important security mode command called air interface security command. This information helps MS to know that the security capabilities are together. The MS informs the service providing network about the security capabilities in a secure mode with a complete message which makes very hard for the attacker/intruder to intrude.
The sequence number which is present here helps guard against forced re use of a compromised authentication vector which protects from the impersonation of the network and subscriber.
SECTION 3: OUTLINE FOR OAMP
The security mechanism to manage the operations in the UMTS system is very easy compared to the previous generation technologies. Operations such as handover, management and escalation are very feasible here. The handover is very efficient in this system, such that the handover can take place from 3G to 2G if the 3G is not available. It gives better data rate than the previous generation technologies in outdoors such as in vehicle which is a witness for the better handover. The handover such as softer, soft, hard handover and also inter and intra-system handover takes place in UMTS [3GPP Technical Specification. 3GPP TS 23.009, V5.6.0, Third Generation Partnership Project; Handover Procedures. October 2003].
The fig. 4 below shows the comparison of data rate of UMTS with other technologies which explains that this system has better handover, because without good handover we could not achieve stable data rate while in outdoor as given in the diagram.
Fig 2: Comparison of data rates [http://cordis.europa.eu/infowin/acts/ienm/bulletin/11-1996/umts.html]
The WCDMA is responsible for the handover taking place in UMTS. The management in UMTS is also good because of its end-to-end solution. This helps in reducing the risks of failure which happens due to interoperability issues. The SGSN (Serving GPRS Support Node) is also a main reason for the better mobility management in the UMTS system [Johnson, 2008]. It is not only responsible for the management, but also responsible for delivery of data packets to and from the subscribers and mobile stations within the geographical area. Coming to the escalation it is feasible here as the other operations.
The administration is that, the operations held in the systems have to be formulated in a right way which depends upon administration team of the service providing network. The administration part mainly reflects the password authentication in the system, tools used and also the customer service reports. In this system the password authentication adds much security to the system as the authentication is given for both the subscriber and the service providing network.
The UMTS architecture is based on the system called AKA (Authentication and Key Agreement). The authentication password keys are stored in both USIM (Universal Subscriber Identity Module) and the AKA for integrity protection which uses 128 bits. The IMSI (International Mobile Subscriber Identity) is also responsible for the authentication passwords in this system [Kreher, Rudebusch, 2007]. The authentication is mandatory in good administration and hence this system is good in administration compared to the previous generation techniques. The customer services is also good in using the 3G technology as now many users use 3G phones with hardly some problems [(IJCNS) International Journal of Computer and Network Security, 137 Vol. 2, No.2, February 2010].
The maintenance mainly depends upon the service providing network. The maintenance deals with finding the faults in the equipments or even the base station and has to rectify it shortly without affecting the subscribers. In this system, the maintenance is simpler compared to the previous technologies as the rectification process can be done without affecting the network completely. Configuration and hardware alterations that are responsible for system deterioration should be formulated correctly and also network equipment configuration changes should be standardized.
The security mechanism is also important in the maintenance, because problems may also arrive due to the carelessness of the service provider.
The service providing network should be upgrading the services they provide for the subscribers periodically. The network introduces new services or creates new circuits setting up some new equipment and installing new hardware should be done without affecting the connections. The mandatory thing in the provisioning is that the system should be scalable. The UMTS gives much scalability than the previous generation technologies.
The further development of UMTS in future can be accommodating different radio access networks with short range wireless technologies which are connected to a common network.Â The union of speech and video for multi-user telecommunications which can be much enhanced for the subscribers. The economical issue in the UMTS is that it is cheaper when compared to its usage and performance. Installation and up gradation does not cost much. The main witness for this is the usage of 3G mobiles at present across the world with cheaper rates. The political issues in all countries will be their economy and if it is less, then it does not affect politically.
The 3G technologies are much advanced than the previous technologies and very reliable, such that it is being used still in spite of the arrival 4G technologies. [Muratore, 2001] This is because of the evolution of UMTS called EUMTS (Enhanced UMTS), which helps in the reduction of price per bit and also helps the system in running over flexible QOS (Quality of Service) enabled IP based access and core networks, making an efficient transmission system. This is the main reason for the user for relying on UMTS. As we saw before the WCDMA helps the mobile applications to perform with very high system capacity which is a mandatory step towards 4G. In this paper I have explained about the UMTS system and analyzed the security risks and its remedies with the political and economic issues concluding with the reason for opting UMTS.