7.6 The Security Challenge


Traditionally, security mechanisms developed in the IETF for IP networks are meant to provide security features end to end. There is no particular assumption of link-level security functionality. For example, Ethernet, which is one of the most widely used link-layer protocols, does not offer any link-level protection against eavesdropping and spoofing. So a malicious node can gain network access into an Ethernet segment and listen to the broadcasted Ethernet frames on that segment and introduce impersonated frames into the segment. Irrespective of the link-layer security features, IP packets can still be made secure by utilizing security features at the network, transport, or application layers . Without link-level security, unencrypted portions of the packets can be still vulnerable to snooping.

Security Terminology

The following security terms are introduced as defined in Security Architecture for the Internet [RFC 2401]:

  • Authentication: Mechanism to prove or disprove a certain user 's or device's claimed identity.

  • Confidentiality: Privacy protection that the data cannot be viewable by other parties other than the intended recipients.

  • Encryption: A mechanism commonly used to provide confidentiality.

  • Integrity checking: Ensuring that the data are not altered along the way from source to destination.

  • Non- repudiation : Ensuring that the data are originated from a sender to be able to prove for accountability and other reasons.

  • Key management: Securely distributing cryptographic keys between involved parties.

  • Security association: A cryptographic agreement between two parties for exchange of data.

While one needs a physical connection to gain access to a wired network, that is not the case for the wireless networks. Therefore, unless there are proper authentication and authorization mechanisms in place, anyone without proper security credentials within the wireless network domain can be a potential security threat in one form or another. Addressing this problem, all the widely accepted wireless standards offer some level of link-level security management. But these security features are limited only to the wireless segment. In addition, complete end-to-end security requires that a network, transport, or higher-level security mechanisms must be used.

7.6.1 Security in Wireless Networks

The handling of security in cellular networks is quite different from that of IP networks. All the security features, like authentication, authorization, encryption (ciphering), and nonrepudiation, are well defined for celullar use and they are handled at the network layer and tied to access-level functions to some extent. For circuit switched cellular networks, the MSC performs user authentication and authorization needed for access to cellular services. Ciphering is done over the radio between the mobile node and the BSC; the core network provides secure circuit switched connections extended to the PSTN.

In UMTS packet networks, the user is authenticated and authorized in a similar fashion at the time of registration. The packet network element in the core network performs the authentication procedures and provides a ciphering key for use to the MN. The packet data traffic is ciphered over the radio and is tunneled in the core network to a gateway element in the core network. There is no security for IP traffic outside the UMTS core network unless an IP-level security mechanism is adopted.

WLAN provides link-level authentication and confidentiality features through wired equivalent privacy (WEP). The authentication mechanism is only to bring the wireless link level to the same assumed physical standards of a physical link. End-to-end or user-to-user authentication may further need to be performed at higher protocol layers. Similarly, WEP provides encryption equivalent to the wired connection for the wireless link. Further, encryption mechanisms are needed at higher layers to guarantee end-to-end data confidentiality.

7.6.2 Security in Wireless IP Networks

Acknowledging the higher risk of security problems in wireless networks opens up new problems due to the inherent mobility functionality associated with wireless networks. While mobility is a great convenience to wireless users, it demands a lot of intelligence and complexity on the network side. Mobility provides that users can establish a wireless subscription with one service provider in their hometown and can roam nationally or internationally. This introduces a connection between roaming and security functionality that the users must be authenticated and authorized for gaining access to network services in the visiting network that they are currently roaming to. The user must provide credentials that are used to identify the home network where he or she belongs, and then the access is provided after performing the security functions. On the flip side, the security function also involves the home network to ensure that the user is a genuine user who has subscribed to its services.

There are numerous security protocols in use on the Internet. Specifically, taking mobility into consideration, IPSec (defined in RFC 2401) provides a robust security framework to satisfy the requirements of the wireless IP networks. It offers access control, connectionless integrity, data origin authentication, protection against replays (a form of partial sequence integrity), confidentiality (encryption), and limited traffic flow confidentiality. These security features are handled at the IP layer, offering protection for IP- and/or upper-layer protocols.

There are two traffic security protocols, the authentication header (AH) [RFC 2402] and the encapsulated security payload (ESP) [RFC 2406], that are used as part of the IPSec. AH provides connectionless integrity, data origin authentication, and an optional antireplay service. The ESP may provide confidentiality (encryption) and limited traffic flow confidentiality. It may also provide connectionless integrity, data origin authentication, and antireplay service. AH and ESP can be used individually or in combination with each other to provide a desired set of security services in IPv4 and IPv6.

A security association is uniquely identified by a triple consisting of a security parameter index (SPI), an IP destination address, and a security protocol (AH or ESP) identifier. Internet key exchange (IKE) is the default automated key management protocol to negotiate protocols and algorithms and to create security associations and generate authentication keys. A security policy database can be used as input data to the IKE.



IP in Wireless Networks
IP in Wireless Networks
ISBN: 0130666483
EAN: 2147483647
Year: 2003
Pages: 164

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net