0
6.0kviews
Explain security issues in wireless communications, typically for cellular networks

This question appears in Mumbai University > Mobile Communication and Computing subject

Marks: 10 M

Year: Dec 2015

1 Answer
0
52views

The various Security problems in mobile and wireless computing systems are:

Security Problems Description
Confidentiality Only the destined user must be allowed to read data. It should be hidden from all other parties. (Encryption is a method used to solve it)
Integrity Data integrity is concerned with the correctness of data. The data needs to have integrity or else user receives a manipulated message.
Spoofing A node can impersonate an address in a mobile ad hoc network
Availability Attacks similar to denial of service can block the availability of data at the user end. (E.g. an intermediate router can be configured to attack packets and stop them or re-route them.)
Non-repudiation It means that the sender cannot deny that he has send a message from his device.
Pre-keying In case of encrypted system, key exchange is necessary before the actual data transfer. Now if this key (esp. if private-key) is send via a wireless network, there can be an issue of key-trapping
Resource constraint An attack may sometimes cripple the resources available to a mobile system like limited battery, slower CPUs, exhausting memory due to caching, etc. Such resources may get drained or may sometimes be not be strong enough to fight back.
Intercepted Wireless signals, since being transferred via open-air can be intercepted.
Replaying After carefully analysing the authentication requests and client responses, an attacker can replay such a similar sequence again.
Stealing If a miscreant steals the user-id and password of a subscriber, or gets his SIM card, he/she will be able to enjoy the user’s subscriptions.
Mobility concerns When a MS moves from one cell to another, the connection will be routed though different paths which cannot be relied upon.
Eavesdropping Peeping into someone else’s conversation is called eavesdropping. (e.g. is phone tapping )

The various solutions that exist to solve the various problems affecting wireless communication are:

Direct Signalling We can use directed signals which are just sufficient to reach the user’s device and establish a proper-link with him.,This helps prevent security risks coming from other directions and also at farther distances in same line.
Hashing Hashing is a method employed to check the data integrity. A hash function is applied on the actual data resulting in some bits of data (integer value). In case of a manipulation by a third-party, the hash value will be altered.
MAC Message Authentication Code is a combination of hash and secret key. For extra added security
Encryption Encryption is conversion of code into a cipher text understood only by a person having the decryption key. It includes both the public key (used nowadays.) and private key method. Some examples are DES, AES, Ceaser-cipher, RSA etc.
Checksum or Parity These are the basic methods used for checking data integrity (counting the total 1’s or 0’s)
SSL A very famous feature used in today’s communication systems is SSL. SSL stands for secure socket layer. It is a protocol that runs between HTTP and TCP for secure transaction between client and Web server. Links using SSL protocols starts with HTTPS (https://www...) The sub layers of SSL include handshake and record protocols. SSL supports hash function MD5 and SHA, digital signatures, RSA, various encryption algorithms.
IPsec IPSec (internet protocol for security) contains various features for providing enhanced security. It includes an Authentication Header (AH- Packet Header focusing on Security) , Encapsulating Security Payload (for confidentiality purposes) and Internet Key Exchange (IKE) (for secure exchange of keys used for encryption)
RADIUS Remote Authentication Dial In User Service (RADIUS) is a networking protocol that provides centralized authentication, authorization, and Accounting (AAA) management for devices to connect and use a network service.
Please log in to add an answer.