MOBILE WiMAX SECURITY - PowerPoint PPT Presentation

About This Presentation
Title:

MOBILE WiMAX SECURITY

Description:

MOBILE WiMAX SECURITY Student Name: Claudia Cardenas Student ID: 41416538 Supervisor Number: Rajan Shankaran * * ITEC 810 Contents 2. Mobile WiMAX 1. – PowerPoint PPT presentation

Number of Views:80
Avg rating:3.0/5.0
Slides: 32
Provided by: Free171
Category:

less

Transcript and Presenter's Notes

Title: MOBILE WiMAX SECURITY


1
MOBILE WiMAX SECURITY
  • Student Name Claudia Cardenas
  • Student ID 41416538
  • Supervisor Number Rajan Shankaran

2
Contents
1. Introduction
3. Security Threats
5. Vulnerabilities Assessment
3
Introduction
  • Customers Demands
  • Greater e-commerce usage
  • High speed.
  • Mobility
  • Lower costs
  • Mobile Internet

4
Key Problems
5
Goals
6
Contents
1. Introduction
3. Security Threats
5. Vulnerabilities Assessment
7
Mobile WiMAX
  • Flexibility

8
Mobille WiMAX Architecture
9
Access Service Network
  • Base Station
  • Connection with the mobile subscriber
  • Maintain the connection.
  • Maintain the Status.
  • Traffic Scheduling
  • The Access Service Network Gateway (ASN-GW)
  • Collecting and forwarding the traffic.
  • AAA functionality
  • QoS Management

10
Mobile WiMAX Network Architecture
  • Different kind of users.
  • Different deployments.
  • Ability to grow.
  • Internetworking.
  • QoS for each service and connection.
  • IP and non-IP network are integrated


11
Protocol Layers
12
Contents
1. Introduction
3. Security Threats
5. Vulnerabilities Assessment
13
Security Threats
14
Threats to PHY Layer
  • Jamming Attack
  • Scrambling Attack
  • Water Torture Attack

15
Threats to MAC Layer
  • Threats to Mac Management message in Initial
    Network Entry
  • Threats to Access Network Security
  • Threats to Authentication

16
Contents
1. Introduction
3. Security Threats
5. Vulnerabilities Assessment
17
Security in Mobile WiMAX
18
Encryption Overview
  • It is only applied to the payload.
  • It is not applied to the MAC management messages.
  • SSs encryption capabilities are negotiated
    during registration process.
  • BS determines the encryption method to be used.

19
Authentication Overview
20
Authorization
21
Contents
1. Introduction
3. Security Threats
5. Vulnerabilities Assessment
22
Vulnerabilities Assessment
  • Lack of mutual authentication.
  • It could be the cause of impersonation.
  • This vulnerability is mitigated IEEE 802.16e by
    including the mutual authentication

23
Weak encryption algorithms.
  • It could lead an integrity and confidentiality
    problem.
  • IEEE 802.16e not only supports DES-CBC, but also,
    several modes of AES that make the encrypting
    communications more secure

24
Interjection of reused TEKs.
  • This characteristic makes easier perform a replay
    attack.
  • Valuable information and the traffic encryption
    key could be disclosed to unauthorized parties
  • IEEE802.16e introduces AES-CCM.
  • It offers per packet randomization.
  • Each data packed include its own unique packet
    number

25
Unencrypted management messages
  • These messages are not encrypted, so they are
    susceptible to eavesdropping attacks.
  • IEEE 802.16e-2005 offers integrity protection for
    specific unicast management messages
  • However this digest is not appended to initial
    network entry management messages

26
Other Results
  • Three way TEK exchange and the authorization
    process.
  • No one vulnerability was found Datta,2005.
  • The key management protocol was analysed by
    Yaksel and once again this software could not
    find any security hole.
  • The Multi-Broadcast Service (MBS)
  • The protocol is secure on its own. (Kao,2006)

27
Initial Network Entry
28
Proposed Solution
  • SS ? KMC SS, nonce1Kss
  • KMC ? SS KsKss, KsKbs, nonce1, H(KsKss,
    KsKbs, nonce1)
  • SS ? BS KsKbs, nonce2,H(KsKbs, nonce2)
  • BS ? SS rand2Ks
  • SS ? BS rand2-1Ks

29
Contents
1. Introduction
3. Security Threats
30
Conclusion
  • The best aspirant technologies to serve the
    broadband demands on wireless access.
  • In terms of the PHY layer most of these attacks
    can be counteracted by using different signals
    and proper configuration of the protocol.
  • Some of MAC flaws have been fixed by the enhanced
    security of IEEE 802.16e but not all of them.
  • The lack of encryption of MAC management messages
    that can affect the initial network entry
    process.
  • A solution based on the key session and the key
    management centre was proposed.
  • Further studies and simulations should be done in
    order to assess the different solutions offered.

31
Thank You !
Write a Comment
User Comments (0)
About PowerShow.com