3G network based security threats Essay

The key threats for 3G networks in perspective of integration of networks are Wireless LAN customer who does not have get to to 3G networks get coming to 3G services without subscription. WLAN user gains access to 3G network and creates issues such as Denial of Service WLAN user gains access to 3G network and uses impersonation for expend the service but charging other customers. Manipulation of charging when services like calls are transferred from one network to another. Application and Data related threats.Collection of login details and ad hominem details that are transmitted over the network by using sniffing tools and utensils, e extraly when sufficient transport security is not set. Manipulation of information utilize for user authentication or service access to gain access to unauthorised services or manipulation of billing. Extracts personal information that are employ at other places such as credit card information. Obtain information about user such as permanent id entity in the network.Virus attacks from WLAN devices to other devices in the network Trojans and malicious software passed from one end-device to another. For volume based charging model, a rogue partner git ingurgitate the user with garbage packets to increase the invoiced amount. Malicious programs on the user terminal that increases the traffic to certain sites or content to illegally increase the traffic. Security Considerations for 3G-WLAN incorporated Networks. The security framework for 3G-WLAN integrated networks consists of various layers.Each security layer is independent of the other layers. However, there needs to be an overall security stratagem that connects all the security requirements together. Also, since some of the vulnerabilities can happen at multiple layers, a holistic approach and framework is required to address all the risks of the special network. Authentication security at the user terminal. The authentication scheme in the case of 3G-WLAN should be b ased on a challenge response protocol similar to the existing mobile communication authentication scheme.This requires that the authentication details in the user terminal to be stored securely on UICC or SIM card. This should stick out mutual authentication and security mechanisms such EAP. Signalling and User Data Security. The subscriber needs to have the same level of security as the mobile access that is specified for the 3G networks. This means that the WLAN authentication and re-authentication mechanisms must be at the same levels as for 3G USIM based access.It needs to support the maintaining session key stoppage and maintenance. Also the 3G systems should provide the required keys with sufficient length and levels of entropy that are required by the WLAN subsystem. WLAN key agreement, distribution and authentication mechanism should be secure against any attacks by middlemen. The WLAN access technology between the user equipment and the access point/ network should be ab le to utilise the generated session keying material to ensure the integrity of the connection for authentication.Privacy of User Identity. The keys used by 3G AAA function that are used for the generation of short-lived identities that is used for the communication between the network element and the user terminal should not be possible to recover. If it is possible to retrieve the keys, the permanent identity can be derived from any of the temporary identities. Also it should be possible to mask the different temporary identities corresponding to the permanent identity.