Atjaunināt sīkdatņu piekrišanu

E-grāmata: Security of Mobile Communications

3.50/5 (4 ratings by Goodreads)
  • Formāts: 630 pages
  • Izdošanas datums: 27-Jul-2009
  • Izdevniecība: Auerbach
  • Valoda: eng
  • ISBN-13: 9780849379420
Citas grāmatas par šo tēmu:
  • Formāts - PDF+DRM
  • Cena: 71,37 €*
  • * ši ir gala cena, t.i., netiek piemērotas nekādas papildus atlaides
  • Ielikt grozā
  • Pievienot vēlmju sarakstam
  • Šī e-grāmata paredzēta tikai personīgai lietošanai. E-grāmatas nav iespējams atgriezt un nauda par iegādātajām e-grāmatām netiek atmaksāta.
Security of Mobile CommunicationsPalielināt
  • Formāts: 630 pages
  • Izdošanas datums: 27-Jul-2009
  • Izdevniecība: Auerbach
  • Valoda: eng
  • ISBN-13: 9780849379420
Citas grāmatas par šo tēmu:

DRM restrictions

  • Kopēšana (kopēt/ievietot):

    nav atļauts

  • Drukāšana:

    nav atļauts

  • Lietošana:

    Digitālo tiesību pārvaldība (Digital Rights Management (DRM))
    Izdevējs ir piegādājis šo grāmatu šifrētā veidā, kas nozīmē, ka jums ir jāinstalē bezmaksas programmatūra, lai to atbloķētu un lasītu. Lai lasītu šo e-grāmatu, jums ir jāizveido Adobe ID. Vairāk informācijas šeit. E-grāmatu var lasīt un lejupielādēt līdz 6 ierīcēm (vienam lietotājam ar vienu un to pašu Adobe ID).

    Nepieciešamā programmatūra
    Lai lasītu šo e-grāmatu mobilajā ierīcē (tālrunī vai planšetdatorā), jums būs jāinstalē šī bezmaksas lietotne: PocketBook Reader (iOS / Android)

    Lai lejupielādētu un lasītu šo e-grāmatu datorā vai Mac datorā, jums ir nepieciešamid Adobe Digital Editions (šī ir bezmaksas lietotne, kas īpaši izstrādāta e-grāmatām. Tā nav tas pats, kas Adobe Reader, kas, iespējams, jau ir jūsu datorā.)

    Jūs nevarat lasīt šo e-grāmatu, izmantojot Amazon Kindle.

Written for technicians and designers, this work brings together policies, practices, and guidelines needed to address security issues related to wireless sensor networks, satellite services, mobile e-services, and inter-system roaming and interconnecting systems. It details the major mobile standards for securing mobile communications, and examines the architectures able to provide data confidentiality, authentication, integrity, and privacy in various wireless environments. The book also seeks to define the roles and responsibilities of network operators, service providers, and even customers in securing mobile communications. Boudriga is affiliated with the University of the 7th of November at Carthage, Tunisia. Annotation ©2009 Book News, Inc., Portland, OR (booknews.com)

The explosive demand for mobile communications is driving the development of wireless technology at an unprecedented pace. Unfortunately, this exceptional growth is also giving rise to a myriad of security issues at all levels—from subscriber to network operator to service provider.

Providing technicians and designers with a critical and comprehensive resource, Security of Mobile Communications brings together the policies, practices, and guidelines needed to identify and address the security issues related to today’s wireless sensor networks, satellite services, mobile e-services, and inter-system roaming and interconnecting systems. It details the major mobile standards for securing mobile communications and examines the architectures able to provide data confidentiality, authentication, integrity, and privacy in various wireless environments.

This book will serve as an invaluable resource for those looking to identify and ameliorate security issues. Professor Noureddine Boudriga, an internationally recognized authority, goes beyond analysis, standards, and guidelines to define the roles and responsibilities that network operators, service providers, and even customers need to fulfill to assure our mobile communications are as secure as they are prolific.

Preface xxv
Acknowledgments xxxi
About the Author xxxiii
SECTION I BASIC TECHNIQUES FOR MOBILE COMMUNICATIONS AND SECURITY
1 Threats, Hacking, and Viruses in Mobile Communications
3
1.1 Introduction to Mobile Communications
3
1.1.1 Security and Privacy in Mobile Communications
5
1.1.2 Basic Security Requirements
6
1.1.2.1 End User Perspective
6
1.1.2.2 Communication Provider Perspective
7
1.1.2.3 For Governments
7
1.2 Basics of Mobile Communications
8
1.2.1 Infrastructure-Based Wireless Networks
9
1.2.1.1 Cellular Network Security
10
1.2.1.2 WLAN Security
10
1.2.1.3 Virtual Private Networks
11
1.2.1.4 Mobile IP
11
1.2.2 Infrastructureless Networks
12
1.2.2.1 Distributing Encryption Keys in Infrastructureless Wireless Networks
13
1.2.2.2 Routing Security in Infrastructureless Wireless Networks
14
1.2.3 Heterogeneous Wireless Networks
15
1.3 Wireless Vulnerabilities and Threats
17
1.3.1 WLAN Vulnerabilities and Threats
18
1.3.2 Cellular System Vulnerabilities and Threats
18
1.3.3 Application-Based Threats
19
1.3.3.1 Content-Based Threats
19
1.3.3.2 Mixed Application
20
1.4 Attacks in Mobile Environments
21
1.4.1 Typical Attacks
21
1.4.1.1 Class of Illicit Use Attacks
21
1.4.1.2 Wireless Spoofing
22
1.4.1.3 Ma n-in-the-M iddle Attacks
22
1.4.1.4 Denial of Service Attacks
22
1.4.2 Distributed DoS Attacks in Mobile Communications
24
1.4.2.1 Targeted Environments
25
1.4.2.2 Defending against DDoS Attacks
26
1.5 Mobile Malware
27
1.5.1 Basics on Malware
27
1.5.2 Examples of Mobile Malware
30
1.6 Prevention Techniques in Mobile Systems
32
1.6.1 Firewall in Mobile Communication
32
1.6.2 Encryption-Based Mechanisms for Prevention
34
1.6.2.1 WLAN Authentication Flaws
35
1.6.2.2 Wireless Ad Floc Authentication Flaws
36
1.6.2.3 Cellular Authentication Flaws
37
1.7 Intrusion Detection in Wireless Communications
38
1.7.1 Wireless Detection Approaches
39
1.7.1.1 Mobile Profiles Construction
39
1.7.1.2 Monitoring Wireless Devices
39
1.7.1.3 Radio Frequency Fingerprinting (RFF)
40
1.7.2 Cluster-Based Detection in Ad Hoc Networks
41
References
42
2 Access Control and Authentication in Mobile Communications
45
2.1 Wireless System Security
45
2.2 Cryptography Basics
46
2.2.1 Symmetric Cryptography
47
2.2.1.1 Classification of Symmetric Cryptosystems
48
2.2.1.2 Encrypting with A ES
49
2.2.2 Asymmetric Cryptography
51
2.2.2.1 Encrypting with RSA
53
2.2.2.2 Encrypting with ElGamel
54
2.2.3 Symmetric vs. Asymmetric Cryptography
55
2.3 Insecurity of Cryptosystems
56
2.3.1 Insecurity of Secret Cryptosystems
56
2.3.2 Insecurity of Public Cryptosystems
57
2.3.2.1 Attacks Based on Small Private Keys
57
2.3.2.2 Attacks Based on Small Public Exponents
58
2.3.2.3 Cycling Attacks
58
2.3.2.4 Message Concealing
58
2.4 Digital Signature
59
2.4.1 The RSA Signature Scheme
60
2.4.2 The DSA Signature Scheme
61
2.4.3 Message Digest
62
2.5 Authentication
63
2.5.1 Weak Authentication Schemes
65
2.5.1.1 Password-Based Authentication
65
2.5.1.2 PIN-Based Authentication
67
2.5.2 Strong Authentication Schemes
67
2.6 Attacks against Authentication in Mobile Wireless Networks
72
2.6.1 Common Attacks
72
2.6.2 Common Guidelines for Protection
74
2.7 Authorization and Access Control in Mobile Communication
75
2.7.1 Access Control
75
2.7.2 Certificate-Based Authorization
77
2.8 Key Distribution and Management
80
2.8.1 Beller-Yacobi Protocol
80
2.8.2 Aziz-Diffie's Protocol
81
2.8.3 ASPeCT Protocol
82
References
83
3 Common Techniques for Mobile Communications Security
85
3.1 Introduction
85
3.2 Securing Network Protocols
86
3.2.1 IPsec Processing
87
3.2.1.1 Outgoing Traffic Processing
88
3.2.1.2 Incoming Traffic Management
90
3.2.2 IPsec Limitations
91
3.2.2.1 Limitations of Expressive Power
92
3.2.2.2 Limitations of Application Control
92
3.2.2.3 Limitations of the Authorization Procedures
92
3.2.2.4 Limitations of the SAD and SPD Protection
93
3.2.2.5 Application-Specific Security Solutions
93
3.3 Attacks on IPsec
94
3.3.1 Destination Address Rewriting-Based Attack
94
3.3.2 Attacks Based on IP Options Processing
96
3.3.3 Attacks Based on Protocol Field Manipulation
96
3.3.4 Proposal Attack
96
3.3.5 Oracle ESP Padding Attack
97
3.4 Transport Protocols Security
98
3.4.1 SSL/TLS Features
98
3.4.2 Security Limitations of SSL/TLS
101
3.4.3 WTLS
102
3.4.3.1 Record Protocol
102
3.4.3.2 Change Cipher Spec Protocol
103
3.4.3.3 Alert Protocol
103
3.4.3.4 Handshake Protocol
104
3.4.4 Security Features of WTLS
105
3.4.4.1 Authentication
105
3.4.4.2 Data Integrity
106
3.4.5 SSH
107
3.5 Attacks against Transport Security Services
109
3.5.1 Attacks against SSL and TLS
109
3.5.1.1 Cipher Suite Rollback Attack
110
3.5.1.2 Dropping Change Cipher Specification Messages
110
3.5.1.3 Key-Exchange Algorithm Rollback Attack
110
3.5.2 Attacks against WTLS
111
3.5.2.1 Predictable IVs
111
3.5.2.2 35-Bit DES Encryption
112
3.5.2.3 Unauthenticated Alert Messages
112
3.6 Public Key Infrastructure
112
3.6.1 PKI Components
113
3.6.1.1 End Entity
113
3.6.1.2 Public Key Certificate (PKC, or just Certificate)
114
3.6.1.3 Certification Authority (CA)
114
3.6.1.4 Certificate Repository (CR)
115
3.6.1.5 Certificate Revocation List (CRL) Issuer
115
3.6.1.6 Registration Authority (RA)
115
3.6.2 PKI Functions
116
3.6.2.1 Registration
116
3.6.2.2 Initialization
117
3.6.2.3 Certificate Generation
117
3.6.2.4 Certificate Update
118
3.6.2.5 Revocation
118
3.6.2.6 Key Pair Management
118
3.6.2.7 Cross-Certification
119
3.6.3 Wireless PKI
119
3.6.3.1 WPKI Requirements
120
3.6.3.2 An Example of WPKI Architecture
121
References
125
4 Smart Card Security: The SIM/USIM Case
127
4.1 Introduction
127
4.2 Basic on Smart Cards
129
4.2.1 Components of a Smart Card
130
4.2.2 Smart Card Applications
132
4.2.3 Security of Smart Cards
135
4.3 Smart Card and Communication
136
4.3.1 Communication with the Terminal
136
4.3.2 Subscriber Identity Module
138
4.3.3 The Smart Card in UMTS
139
4.4 Attacks against Smart Cards
140
4.4.1 Invasive Attack Techniques
140
4.4.1.1 Removing the Chip from the Card Attacks
141
4.4.1.2 Reverse Engineering Attacks on the Chipset
141
4.4.1.3 Microprobing Attack
141
4.4.1.4 Semi-Invasive Attacks
142
4.4.2 Non-Invasive Attacks
142
4.4.2.1 Differential Fault Analysis (DFA)
145
4.4.2.2 Data Remanence
146
4.5 Security of Log Files in Smart Cards
147
4.5.1 Modeling the Log File Manager in Smart Cards
148
4.5.1.1 The Threat Model
148
4.5.1.2 The Event Model
149
4.5.1.3 The Entity Model
150
4.5.2 Secure Logs in Untrusted Environment
150
4.5.2.1 First Scenario
152
4.5.2.2 Second Scenario
153
4.5.2.3 Third Scenario
154
4.5.3 Partitioning Attack
154
4.6 Forensics and SIM/USIM Cards
156
4.6.1 SIM Card Investigation
157
4.6.2 SIM Card Files Investigation
159
References
161
SECTION II ATTACK AND PROTECTION TECHNIQUES IN MOBILE COMMUNICATION NETWORKS
5 Security of GSM Networks
165
5.1 Introduction
165
5.2 GSM Mobility Scheme
166
5.2.1 GSM Infrastructure
166
5.2.1.1 The Mobile Station (MS)
166
5.2.1.2 The Base Station Subsystem (BSS)
168
5.2.1.3 Mobile Services Switching Center (MSC)
168
5.2.1.4 The Operation and Support System (OMC)
168
5.2.1.5 Home Location Register (HLR)
168
5.2.1.6 Visitor Location Register (VLR)
168
5.2.1.7 Authentication Center (AuC)
169
5.2.1.8 Equipment Identity Register (EIR)
169
5.2.2 Mobility Management
169
5.2.3 Protocol Architecture
171
5.2.3.1 Physical Layer
171
5.2.3.2 Data Link Layer
172
5.2.3.3 Message Layer
172
5.3 GSM Security Model
173
5.3.1 Security Requirements
174
5.3.1.1 Protection of Call-Setup Information and Communication Services
174
5.3.1.2 Privacy of User-Location, Calling Patterns, and User-Data
174
5.3.1.3 Replication and Clone Resistant Design
175
5.3.1.4 Equipment Identifiers
175
5.3.2 GSM Security Model
175
5.3.2.1 Anonymity
176
5.3.2.2 Authentication
177
5.3.2.3 Confidentiality
178
5.4 Basic Attacks on GSM
179
5.4.1 GSM Security Flaws
179
5.4.2 Impersonation Attacks
180
5.4.3 Attacks against Anonymity
181
5.4.3.1 Passive Monitoring
181
5.4.3.2 Active Monitoring
182
5.4.4 Attacks on the Authentication Algorithm
183
5.4.4.1 Cloning Based on Physical Access to the SIM
184
5.4.4.2 Cloning Attacks over the Air
185
5.5 GSM Encryption Algorithms
186
5.5.1 Algorithm A5/2
187
5.5.2 Algorithm A5/1
189
5.6 Advanced Attacks on GSM
190
5.6.1 Attacks against Confidentiality
190
5.6.1.1 Brute-Force Attacks
191
5.6.1.2 Cryptanalysis-Based Attacks on A5/1
192
5.6.2 Cryptanalysis Attacks on A5/2
193
5.6.2.1 Using A5/2 Cryptanalysis to Target the Confidentiality of A5/1 and A5/3
193
5.6.2.2 The Known Plaintext Attack
195
5.6.3 Denial of Service Attacks
196
5.6.3.1 Physical Intervention-Based Denial of Service Attacks
196
5.6.3.2 Logical Intervention-Based Denial of Service Attacks
197
5.7 Improving GSM Security
197
5.7.1 Improving Authentication Protection
198
5.7.2 Other Improvements
199
5.7.2.1 GSM—Newer A3/A8 Implementation
199
5.7.2.2 GSM—A5/3 Ciphering
200
5.7.2.3 Protecting against Distributed DoS Attacks
200
References
202
6 Security of 3G Networks
203
6.1 Introduction
203
6.1.1 Security Challenges
205
6.1.2 Security Threats
206
6.1.3 Retention of 2G Robust Features
207
6.2 The 3G Networks
208
6.2.1 Network Architecture
208
6.2.1.1 The Mobile Station (MS)
209
6.2.1.2 The Access Network (UTRAN)
210
6.2.1.3 The Core Network (CN)
211
6.2.2 UMTS Security Architecture
213
6.3 Network Access Security
214
6.3.1 User Identity Confidentiality
214
6.3.2 Authentication and Key Agreement
216
6.3.3 Data Confidentiality and Integrity Protection of Signaling Messages
219
6.4 Network Domain Security
220
6.4.1 IP-Based Protocol
221
6.4.2 SS7-Based Protocols
221
6.4.3 Traditional Network Security Features
222
6.5 User, Application, and Visibility Domain Security
224
6.5.1 Application Domain Security
224
6.5.2 Security of Visibility and Configurability Domain
225
6.6 Security Functions
226
6.6.1 Integrity and Confidentiality Algorithms
226
6.6.2 The KASUMI Block Cipher
228
6.7 Security Features of 3G Networks
229
6.7.1 Mitigating 2G Weaknesses
229
6.7.1.1 Denial of Service
229
6.7.1.2 Identity Catching
230
6.7.1.3 Impersonation of the Network Attacks
230
6.7.1.4 Eavesdropping on User Data
232
6.7.1.5 Attacks Aiming at the Impersonation of the User
233
6.7.2 New Security Features and the Security of New Service
234
6.8 Attacks on 3G Networks
235
6.8.1 Classification of Attacks on 3G Networks
237
6.8.2 Examples of Attacks
239
6.8.2.1 Attacks Targeting the Call Forwarding Service
239
6.8.2.2 Attacks Targeting the Client Billing Service
240
6.8.2.3 Attacks Targeting the Location Based Instant Message System
241
References
242
7 Wireless Local Area Network Security
245
7.1 Introduction
245
7.2 Basics on WLANs
249
7.2.1 The 802.11 MAC Layer
250
7.2.2 Basic Authentication and Encryption
253
7.3 Defeating the WEP Protocol
254
7.3.1 WEP Design Issues
254
7.3.2 WEP Vulnerabilities
256
7.3.3 Defeating Shared-Key Authentication
257
7.3.3.1 Attacks against Key Distribution
258
7.3.3.2 Passive WEP Decryption
258
7.4 Attacks Targeting WLANs
260
7.4.1 Denial of Service Attacks
261
7.4.2 Man-in-the-Middle Attacks
262
7.4.2.1 Eavesdropping
262
7.4.2.2 Manipulation
263
7.4.3 Message Modification and Injection
263
7.4.4 Message Decryption
265
7.4.4.1 IP Redirection
265
7.4.4.2 Reaction Attacks
266
7.5 WiFi Protected Access
267
7.5.1 WPA Design Issues
267
7.5.2 WPA Vulnerabilities
271
7.6 IEEE 802.11i and WiFi Protected Access 2
273
7.6.1 IEEE 802.11i Design Issues
273
7.6.1.1 Temporal Key Integrity Protocol (TKIP)
274
7.6.1.2 Counter-Mode/CBC-MAC Protocol (CCMP)
276
7.6.1.3 Port-Based Authentication Protocol (802.1x) and Key Management
277
7.6.2 WPA2 and 802.11i Vulnerabilities
280
References
282
8 Security of Ad Hoc Networks
285
8.1 Introduction
285
8.2 Ad Hoc Networking
286
8.2.1 Ad Hoc Network Uses
288
8.2.2 Routing in Mobile Ad Hoc Networks
289
8.2.2.1 Routing Information Update Mechanism
290
8.2.2.2 Use of Temporal Information for Routing
290
8.2.2.3 Topology Information Organization
291
8.2.2.4 Utilization of Specific Resources
291
8.2.3 Cluster-Based Ad Hoc Networks
292
8.3 Major Routing Protocols in Ad Hoc Networks
293
8.3.1 The Optimized Link State Routing Protocol (OLSR)
293
8.3.2 Dynamic Source Routing (DSR)
294
8.3.3 Ad Hoc On-Demand Distance Vector Routing (A0DV)
295
8.3.4 Destination-Sequenced Distance Vector Protocol (DSDV)
296
8.4 Attacks against Ad Hoc Networks
296
8.4.1 Attacks against the Network Layer
297
8.4.1.1 Incorrect Traffic Generation
297
8.4.1.2 Incorrect Traffic Relaying
299
8.4.2 A Case Study: Attacks against OLSR
301
8.4.2.1 Incorrect Traffic Generation
301
8.4.2.2 Incorrect Traffic Relaying
302
8.5 Securing Ad Hoc Networks
303
8.5.1 Security Challenges
304
8.5.2 Network Layer Security
305
8.5.2.1 Message Authentication Primitives
306
8.5.3 Securing Ad Hoc Routing
307
8.5.3.1 Source Routing
307
8.5.3.2 Distance Vector Routing
308
8.5.3.3 Link State Routing
308
8.5.4 Securing Packet Forwarding
308
8.6 Authentication in Ad Hoc Networks
310
8.6.1 Light-Weight Authentication Model
310
8.6.2 Timed Efficient Stream Loss-Tolerant Authentication
311
8.7 Key Management
312
8.7.1 The Resurrecting Duckling
312
8.7.2 Secure Key Distribution
313
8.7.3 Distributed Key Management
314
8.7.4 Self-Organized Public Key Infrastructure
315
8.8 Intrusion Detection in Ad Hoc Networks
316
8.8.1 Intrusion Detection Techniques
318
8.8.2 Node Cooperation for Detection
320
8.8.2.1 Watchdog and Pathrater
320
8.8.2.2 CONFIDANT
321
8.8.2.3 CORE
322
References
322
SECTION III SECURITY OF NETWORK-BASED SERVICES IN MOBILE COMMUNICATIONS
9 Inter-System Roaming and Internetworking Security
327
9.1 Introduction
327
9.2 Roaming
329
9.2.1 Establishing Temporary Residence Abroad
329
9.2.2 Roaming Modeling
331
9.3 Roaming Authentication and Key Agreement
334
9.3.1 Roaming Procedures
335
9.3.2 Roaming across Different Access Technologies
338
9.4 Inter-Provider Roaming within the GSM and UMTS
339
9.4.1 GSM Intra-Provider Roaming
339
9.4.2 UMTS Inter-Provider Roaming
341
9.4.3 Roaming Between GSM and UMTS
342
9.4.3.1 Scenario 1 (A SIM-Equipped MS Roaming to UMTS)
343
9.4.3.2 Scenario 2 (A USIM-Equipped MS Roaming to GSM)
344
9.4.3.3 Scenario 3 (SIM/USIM-Equipped MS Roaming to a Mixed-Mode Network)
345
9.5 Man-in-the-Middle Attack on UMTS
345
9.6 Inter-Provider Handover
348
9.6.1 Basic Handover Phases
350
9.6.2 Hard and Soft Networked-Initiated Handover
351
9.6.2.1 First-Order Handover with the HN as Anchor
351
9.6.2.2 krh-Order Handover with the HN as Anchor
353
9.6.2.3 Handover with the FN as Anchor
355
9.6.3 Hard and Soft Mobile-Initiated Handover
356
9.6.3.1 HN Anchor-Based Handover
356
9.6.3.2 FN Anchor-Based Handover
358
9.7 The Security Solutions
358
9.7.1 Full Authentication between MS and DSTk
358
9.7.2 Pre-Authentication between MS and DSTk
360
9.8 Attacks against Inter-Provider Handover
361
References
366
10 Securing Mobile Services
367
10.1 Introduction
367
10.2 Basics on E-Services
369
10.2.1 Actors, Models, and Tools of E-Services
370
10.2.2 E-Service Composition
372
10.3 M-Services Discovery
375
10.3.1 Discovery Architectures
375
10.3.2 Discovery Functions
377
10.3.2.1 Configuration Discovery
377
10.3.2.2 Service Registration
378
10.3.2.3 SD Discovery
378
10.3.2.4 Configuration Update
378
10.3.3 Matching and Location Management
379
10.4 Basic Examples of M-Services and Challenges
380
10.4.1 Common E-Service
380
10.4.1.1 Real-Time Stock M-Service
380
10.4.1.2 Virtual Bank Account M-Service
381
10.4.2 Challenges in Security of M-Services
382
10.4.2.1 Brokering
383
10.4.2.2 Reliability
384
10.4.2.3 Monitoring
384
10.4.2.4 Compositions
385
10.4.2.5 Discovery Security
385
10.5 M-Government
386
10.5.1 Monitoring Security States in M-Government
387
10.5.2 Monitoring Tools
389
10.6 M-Commerce
391
10.6.1 Technical Challenges in M-Commerce
393
10.6.2 Security Issues in M-Commerce
395
10.6.2.1 The Disconnected Cases
395
10.6.2.2 The Connected Cases
396
10.7 M-Service Message Protection Mechanisms
397
10.7.1 Security Needs
398
10.7.2 SOAP Message Security
399
10.8 Securing Registry for M-Services
401
10.8.1 ebXML Registry Security
402
10.8.2 Service-Side Protection of Registries
403
References
405
11 Security of Mobile Sensor Networks
407
11.1 Introduction
407
11.2 Wireless Sensor Networks
409
11.2.1 WSN Features
410
11.2.2 Power Scarcity
412
11.2.3 Routing Protocols
413
11.3 Security Issues of WSNs
415
11.3.1 Trust and Threats in WSN
416
11.3.2 WSN Security Challenges
416
11.3.2.1 Resource Limitations
417
11.3.2.2 Data Loss
418
11.3.2.3 Uncontrollable Behavior
418
11.3.2.4 Routing
419
11.3.3 WSN Security Requirements
420
11.3.3.1 Data Confidentiality
420
11.3.3.2 Data Integrity
420
11.3.3.3 Data Freshness
420
11.3.3.4 Availability
421
11.3.3.5 Self-Organization
421
11.3.3.6 Time Synchronization
422
11.3.3.7 Secure Localization
422
11.3.3.8 Authentication
423
11.3.3.9 Key Distribution
423
11.4 Attacks against WSNs
424
11.4.1 Denial of Service Attacks
424
11.4.2 Traffic Analysis Attacks
425
11.4.3 Worm hole Attacks
425
11.4.4 Sybil Attack
426
11.4.5 Blackhole/Sinkhole Attack
427
11.4.6 Attacks against Privacy
428
11.5 Attacks against Specific Sensor Network Protocols
429
11.5.1 TinyOS Beaconing Protocol
429
11.5.2 Directed Diffusion Protocol
430
11.5.3 Geographic Routing
432
11.6 Countermeasures against Attacks
433
11.6.1 Key Management Fundamentals
433
11.6.1.1 Key Establishment
434
11.6.2 WSN and Public Key Cryptography
435
11.6.3 DoS Countermeasures
436
11.6.4 Detecting Node Replication Attacks
436
11.7 Mobile Target Tracking Using WSNs
437
11.7.1 Coverage Approaches
437
11.7.2 Architectural Issues
439
11.7.3 Target Tracking Protocols
440
11.7.3.1 Information-Driven Dynamic Sensor Collaboration for Tracking Applications
440
11.7.3.2 Tracking Using Binary Sensors
441
11.8 Key Exchange in WSN
442
11.8.1 Pair-Wise Key Pre-Distribution Schemes
442
11.8.2 Element-Based Key Pre-Distribution Solutions
443
11.8.2.1 Master Key-Based Schemes
444
11.8.2.2 Random Key-Chain Based Key Pre-Distribution Solutions
444
11.8.3 Key Distribution in Hierarchical WSN
445
11.8.3.1 Pair-Wise Key Distribution Schemes (PKDS)
445
11.8.3.2 TESLA-Based Solutions
446
References
446
12 Security of Satellite Services
449
12.1 Introduction
449
12.2 Examples of Satellite Networks
454
12.2.1 Communication Satellite Systems
454
12.2.1.1 Globalstar
454
12.2.1.2 The Iridium System
454
12.2.1.3 The Inmarsat System
455
12.2.2 Mobile Satellite Broadcast
455
12.2.2.1 Sirius Satellite Radio
456
12.2.2.2 XM Satellite Radio
456
12.2.3 Global Navigation Satellite Systems
456
12.2.3.1 GPS
457
12.2.3.2 Galileo
457
12.3 Reliable Transport in Mobile Satellite Communications
458
12.3.1 TCP Flow Control in Satellite Communications
459
12.3.2 Enhancing TCP Protocol
461
12.4 Packet Routing in Non-GEO Networks
464
12.4.1 Predictive Routing Protocols
466
12.4.2 QoS-Based Routing in LEO Satellite Networks
467
12.5 Mobility and Location Management in Satellite Networks
469
12.5.1 Location Management in Satellite Networks
469
12.5.2 Handover Management in LEO Networks
471
12.5.2.1 Link Layer Handover
472
12.5.2.2 Network Layer Handover
473
12.6 Attacks against Satellite Networks
474
12.6.1 Threats
474
12.6.1.1 Insider Attacks
475
12.6.1.2 Threats against Communication Privacy
475
12.6.1.3 Packet Modification Attack
475
12.6.1.4 Sending Forged Commands
476
12.6.1.5 Traffic Analysis
476
12.6.2 Denial of Service in Satellite Networks
477
12.7 Securing Satellite Networks
479
12.7.1 IPsec-Like Solution
480
12.7.2 Securing HTTP Sessions over Satellite Networks
481
References
482
SECTION IV PROTECTION TECHNIQUES FOR MOBILE APPLICATIONS
13 Security of Mobile Payments
487
13.1 Introduction
487
13.2 Issues of E-Payment
487
13.2.1 Electronic Payment Basics
488
13.2.2 Security Requirements
491
13.3 Overview of Electronic Payment Systems
492
13.3.1 Credit Card-Based Payments
492
13.3.1.1 SSL-Based Payment Systems
492
13.3.1.2 SET-Based Payments
494
13.3.1.3 Alternatives to SET-Based Payment
496
13.3.2 Electronic Checks, Transfer, and Cash
496
13.4 Privacy and Anonymity in Electronic Payment
498
13.4.1 Privacy and Anonymity Basics
498
13.4.2 Mechanisms for Unconditional Privacy and Anonymity
499
13.4.3 Conditional Anonymity in Payment Systems
500
13.5 Mobile Payment Systems
502
13.5.1 Proxy-Based Solutions
505
13.5.1.1 Three-Domain SET Approach
505
13.5.1.2 Dai and Zhang's Scheme
506
13.5.2 Agent-Based Solutions
507
13.5.3 Non-Proxy-Based Solutions
508
13.5.3.1 Paybox
508
13.5.3.2 The Kim's Electronic Cash
509
13.6 Analysis of Existing Mobile Payment Systems
510
13.6.1 Analysis Parameters
510
13.6.2 Case Study: Analysis of a GSM-Based Payment System
512
13.6.2.1 System Architecture
512
13.6.2.2 Security Analysis of the Application
513
13.7 Mobile Agents and Mobile Payment
514
13.7.1 Securing Mobile Agents against Malicious Hosts
514
13.7.2 Securing Payment Transactions in Untrusted Hosts
516
13.8 Multiparty Mobile Micropayment Systems
518
13.8.1 Micro-Payment Requirements
519
13.8.2 Chain-Based Micro-Payment
520
13.8.2.1 Payment Chain Purchase
521
13.8.2.2 Assembling a Pricing Contract
521
13.8.2.3 Making Payments
522
13.8.2.4 Redeeming Tokens
523
References
525
14 Security of Mobile Voice Communications
527
14.1 Introduction
527
14.2 Basics on VoIP
532
14.2.1 Basic Signaling Protocols
532
14.2.1.1 SIP Overview
532
14.2.1.2 H.323 Overview
533
14.2.2 Comparing the Basic Signaling Protocols
536
14.2.2.1 Comparing the Functionality
536
14.2.2.2 Quality of Service
538
14.2.3 Voice Transport
539
14.3 Security Issues in VoIP
540
14.3.1 Security Provided by H323
541
14.3.2 Security Provided by SIP
542
14.3.3 Key Management
543
14.3.3.1 SDES
543
14.3.3.2 ZRTP
544
14.3.3.3 Multimedia Internet Keying
546
14.4 Mobility Issues
546
14.4.1 Handover Issues
547
14.4.1.1 SIP Handoff
547
14.4.1.2 Mobile IP Handoff
547
14.4.1.3 Hybrid Handoff
548
14.4.2 IP Mobility Support
549
14.5 The Security Threats to Mobile VoIP
551
14.5.1 Basic Threats to Mobile VoIP
551
14.5.1.1 Abuse of Access
551
14.5.1.2 Denial of Service
552
14.5.1.3 Eavesdropping Threats
552
14.5.1.4 Masquerading Threats
553
14.5.1.5 Obtaining Control of an End System
553
14.5.1.6 Attacking User's Privacy
554
14.5.2 Security Requirements for Mobile VoIP
554
14.6 Attacks on the Key Exchange
555
14.6.1 Attack on SDES/SRTP
555
14.6.2 Attacks on ZRTP
557
14.6.2.1 Denial of Service
557
14.6.2.2 Authentication
557
14.6.3 Security of MIKEY
559
14.6.3.1 Secrecy
559
14.6.3.2 Denial of Service
560
14.7 Secure Real-Time Protocol
560
14.7.1 SRTP Packet
561
14.7.2 Message Authentication and Integrity
561
14.7.3 Key Derivation
562
14.7.4 Cryptographic Context
562
14.7.5 Packet Processing
562
14.7.6 Predefined Algorithms
563
14.8 Securing Mobile VoIP
563
14.8.1 Encapsulation Format
563
14.8.2 Cryptographic Transforms
563
14.8.3 Session Key Generation Mechanism
564
References
564
15 Security of Multimedia Communications
567
15.1 Introduction
567
15.2 Transmission Issues of Mobile Multimedia
571
15.2.1 Transport Error Protection
571
15.2.2 Congestion Control for Multimedia
573
15.2.3 QoS Control of Mobile Multimedia
574
15.3 Securing Copyright in Mobile Networks
576
15.3.1 Copyright Requirements
576
15.3.2 Watermarking
578
15.3.3 Digital Fingerprinting
580
15.4 Major Watermarking Techniques
583
15.4.1 Image Watermarks
583
15.4.1.1 Least Significant Bit Modification (LSB)
584
15.4.1.2 Correlation-Based Techniques
584
15.4.1.3 Frequency Domain Watermarks
585
15.4.2 Video Watermarking
587
15.5 Attacks against Mobile Multimedia
589
15.5.1 Attack Classification
589
15.5.2 Attacks Targeting Fingerprinting Schemes
591
15.5.2.1 Single-User Attacks
591
15.5.2.2 Multimedia Collusion Attacks
592
15.5.3 Attacks Targeting Watermarking Schemes
593
15.5.3.1 Synchronization Attacks
593
15.5.3.2 StirMark Attack
594
15.5.3.3 Unauthorized Embedding Attacks
594
15.5.3.4 Scrambling Attacks
595
15.5.3.5 Unauthorized Removal
595
15.6 Countermeasures against Watermarking Attacks
595
15.6.1 General Rules
596
15.6.2 Countermeasures against Collusion Attacks
596
15.6.3 Countermeasures against Ambiguity Attacks
596
15.6.4 Countermeasures against Embedding Attacks
597
15.6.5 Use of Attack-Resilient Block-Based Watermark Decoder
597
15.6.6 Preventing Unauthorized Detection
599
15.7 Security of Mobile Multimedia Multicasting Schemes
599
15.7.1 Securing Multicasting Schemes
599
15.7.2 Authentication of Multimedia Content
601
References
602
Index 605
Professor Noureddine Boudriga is an internationally known scientist/academic. He received his Ph.D. in algebraic topology from the University of Paris (France) and his Ph.D. in computer science from the University of Tunis (Tunisia). He is currently a professor of telecommunications at the University of Carthage, Tunisia, and the director of the Communication Networks and Security Research Laboratory (CNAS).





Dr. Boudriga is the recipient of the Tunisian Presidential Award in Science and Research (2004). He has served as the general director and founder of the Tunisian National Digital Certification Agency. He has been very actively involved in research and has authored or co-authored many chapters and books, including more than 250 published journal and conference papers. Prof. Boudriga is the President of the Tunisia Scientific Telecommunications Society.
Biežāk uzdotie jautājumi par e-grāmatām Biežāk uzdotie jautājumi par e-grāmatām
Permanent link: https://www.kriso.lv/db/97808493794202e.html
Keywords: