fmc fixed mobile convergence wh t ab what about security
play

FMC (Fixed Mobile Convergence) Wh t Ab What About Security? t S - PowerPoint PPT Presentation

Feb 14, 2023 •155 likes •463 views

FMC (Fixed Mobile Convergence) Wh t Ab What About Security? t S it ? Vancouver June 2008 Vancouver June 2008 Franck Veysset, Orange Labs Firstname.lastname at orange-ftgroup dot com research & development Agenda Introduction

  1. FMC (Fixed Mobile Convergence) Wh t Ab What About Security? t S it ? Vancouver – June 2008 Vancouver June 2008 Franck Veysset, Orange Labs Firstname.lastname at orange-ftgroup dot com research & development

  2. Agenda � Introduction - FMC? � WIFI-SIP overview � UMA overview � Femtocell overview � iWLAN Architecture � Security? "Technology overview ( not FTGroup network strategy )" Technology overview ( not FTGroup network strategy ) France Telecom Group FIRST 2008 p 2 research & development

  3. WiFi-SIP, UMA, FMC… , , � New needs – new offers � Simplify the current situation (PSTN GSM VoIP phones at home !!) � Simplify the current situation (PSTN, GSM, VoIP phones at home !!) � Use of a single phone (wireless) • At home and on the road � Enhance quality / coverage at home • WiFi: Use your own A.P. at home – improve cellular coverage WiFi U A P t h i ll l • Handover GSM/WIFI? � Higher data rate -> new services? � Lowers communication costs (at least from the customer point of view) • Good for ARPU and market shares � One phone = increase reachability � Different technologies are available � Different technologies are available � WiFi-SIP � UMA (GAN) � Femtocell / picocell � Others… O France Telecom Group FIRST 2008 p 3 research & development

  4. FMC? � Fixed to Mobile Convergence � First tests: Denmark, 1997 – PSTN/GSM � Single number, one messaging system Single number one messaging system � No handover � First “real” offers in 2005 – UMA based � BT with “Fusion”, Bluetooth based at its beginning � In France, “emergence” of FMC? � After Triple play offers, quadruple play is becoming the standard… • Twin / beautifulphone (Dual phone GSM/WiFi SIP?) by n9uf Cegetel • Free phone (GSM/WiFi SIP) • Unik (GSM/UMA, Orange) France Telecom Group FIRST 2008 p 4 research & development

  5. FMC (2/2) � Real FMC possible with WiFi wide adoption � Low-power WiFi chips L WiFi hi � Phone (and WiFi) needs to be always on France Telecom Group FIRST 2008 p 5 research & development

  6. Other “technologies” exist… � More or less in use � Don’t provide handover p � Bluetooth VoIP � Bluetooth dongle (Siemens) � Bluetooth dongle (Siemens) � Dedicated WiFi phone � Netgear Skype WiFi Phone g yp • Netgear SPH101 � Other parternships between pure internet players and manufacturers � SIM reader on fixed phone (to import contact list!) France Telecom Group FIRST 2008 p 6 research & development

  7. Wi-Fi SIP (Session Initiation protocol) (Session Initiation protocol) France Telecom Group FIRST 2008 p 7 research & development

  8. SIP: Intro � Internet World � SIP is an IETF standard (2002) � SIP provides signaling SIP id i li � Voice transport relies on RTP � WiFi-SIP very similar to genuine VoIP-SIP WiFi SIP very similar to genuine VoIP SIP � On the terminal � SIP and RTP stack: signaling and stream � Add IP and WIFI stack � This is a WiFi SIP-phone � SIP: just add another application on your Wi-Fi terminal � Disjoined from GSM access Di j i d f GSM � No handover (except with GSM “private extensions”) France Telecom Group FIRST 2008 p 8 research & development

  9. Wi-Fi SIP Overview Home gateway SIP serveur Gateway / MGC SIP+RTP SIP+RTP SS7+voice France Telecom Group FIRST 2008 p 9 research & development

  10. SIP Security � Authentication � At best id and password (http digest) � Strong authentication is possible but not mandatory (read: not used…) Strong authentication is possible but not mandatory (read: not used ) • Need to be supported by terminals and servers � Confidentiality � Usually: Clear text… (RTP…) Usually: Clear text (RTP ) � It is possible to use SRTP (and SIP TLS) but… � Therefore relies on Wi-Fi security (critical path) � Strong lack of security functionalities � Strong lack of security functionalities � Does low cost means lack of functionalities? � Sip design & security (IETF way…) � Wi-Fi security is then critical Wi Fi it i th iti l � WEP only? � France Telecom Group FIRST 2008 p 10 research & development

  11. UMA (Unlicensed Mobile Access) (Unlicensed Mobile Access) France Telecom Group FIRST 2008 p 11 research & development

  12. UMA: Intro � From the telco world � UMA Consortium (Alcatel, BT, Cingular, Ericsson, Motorola, Nokia, Nortel, RIM Siemens Sony Ericsson etc ) RIM, Siemens, Sony Ericsson, etc.) � UMA not a standard, but specifications pushed into 3GPP (GAN) � Provides an alternative access to 2G/3G services � On the terminal � IPsec stack: to reach the UMA platform � UMA stack: GSM packet encapsulation in IP (includes RTP…) � And of course IP+WiFi stack � SIM (USIM) for crypto (authentication, encryption…) � UMA: alternative access to GSM network UMA lt ti t GSM t k � Full access (Voice, GPRS, SMS…) France Telecom Group FIRST 2008 p 12 research & development

  13. http://www.umatechnology.org/ France Telecom Group FIRST 2008 p 13 research & development

  14. UMA Overview France Telecom Group FIRST 2008 p 14 research & development

  15. UMA Functional Architecture France Telecom Group FIRST 2008 p 15 research & development

  16. UMA Security � Authentication � Authentication relies on the SIM/USIM • IKEv2 and EAP-SIM / EAP-AKA (mutual) + X509 (server side) • Then genuine GSM authentication (A3/A8) � Encryption � Wi-Fi security for domestic link � IPsec between terminal and UNC � Warning: NULL encryption possible on IPsec link France Telecom Group FIRST 2008 p 16 research & development

  17. Femtocell France Telecom Group FIRST 2008 p 17 research & development

  18. Principles � Femtocells are low-power wireless access points that operate in p p p licensed spectrum to connect standard mobile devices to a mobile operator’s network using residential DSL or cable broadband connections (cf femtoforum.org) � New way to connect to 2G/3G network � Increase telco. coverage I t l � IP connection to core network � Any 2G/3G handset supported France Telecom Group FIRST 2008 p 18 research & development

  19. Femtocell Architecture (3G) France Telecom Group FIRST 2008 p 19 research & development

  20. Femtocell Security � No standardization yet (Work in progress) � Femtoforum 3GPP � Femtoforum, 3GPP… � Authentication � User and/or network authentication rely on the SIM/USIM • Genuine GSM/UMTS world… � What about the *cell authentication? Usim? � Encryption � Idem, genuine GSM/UMTS functionalities � Questions: Iub+ / A/Gb interfaces? � BSC/RNC connected to the internet? � IPsec on Iub+ link? � Security of customer’s RNC (thee *cell) is the key point France Telecom Group FIRST 2008 p 20 research & development

  21. iWLAN France Telecom Group FIRST 2008 p 21 research & development

  22. I-WLAN Architecture France Telecom Group FIRST 2008 p 22 research & development

  23. I-WLAN Security Packet Data 3GPP AAA HLR/AuC Gateway server SA IKEv2 negotiation EAP cellular methods (EAP-AKA) Authentication vectors IPsec tunnel establishment � Security similar to UMA S it i il t UMA � PDG located in a different place than in 3GPP architecture (PDG in the core network) France Telecom Group FIRST 2008 p 23 research & development

  24. I-Wlan Issues � For now, data only services , y � IPsec gateway on internet � Attacks always possible � Attacks always possible � Specific attacks on IKE v2, EAP-xxx… fuzzing for example � When the user is connected, access only to Wi interface � Almost identical to genuine GPRS access � Core network should not be reachable Core network should not be reachable � But the technology still looks quite immature France Telecom Group FIRST 2008 p 24 research & development

  25. Problems, security issues? France Telecom Group FIRST 2008 p 25 research & development

  26. Quick Analysis � Not exhaustive � New technology… stay tuned for more information � Implementation proprietary � GAN conformity still to be confirmed � SIP: relies on provider implementation / architectural choices � SIP: relies on provider implementation / architectural choices � Cell: also relies on provider implementation and tech choices � I-WLAN: lack of standardization France Telecom Group FIRST 2008 p 26 research & development

  27. WiFi AP… � First thing: needs for a Wi-Fi access point � Open, WEP, WPA? � WiFi always on? � This might have strong impact on your security Thi i ht h t i t it � Corporate case: deploy or reuse existing Wi-Fi network � Mix voice and data on the same network? � With uncontrolled internet access ? France Telecom Group FIRST 2008 p 27 research & development

  28. Authentication (SIP, EAP…) ( ) � SIP authentication � May rely on clear text � or HTTP digest � MD5 is not particularly “on the rise”… � Brute force attack is feasible on low entropy passwords • 40 Millions MD5 per second on a Bi-Xeon (mdcrack) • More than 100M on well choosen hard (PS3…) � EAP-AKA or EAP-SIM authentication EAP AKA EAP SIM th ti ti � Looks quite healthy � Tamper resistant hardware is definitively a plus France Telecom Group FIRST 2008 p 28 research & development

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Restricted mobility or restricted competition? Fixed-mobile convergence and universal access

Restricted mobility or restricted competition? Fixed-mobile convergence and universal access

Session 5B: Convergence Restricted mobility or restricted competition? Fixed-mobile convergence and universal access in Brazil Mrcio Aranha Hernn Galperin Franois Bar Marina Villela 1 Region gion 1 1 Local Region gion 2 2

134 views • 10 slides
fixed-mobile convergence Jean-Pierre Bienaim Secretary General, 5G Infrastructure Association

fixed-mobile convergence Jean-Pierre Bienaim Secretary General, 5G Infrastructure Association

5G in Europe: challenges, developments, fixed-mobile convergence Jean-Pierre Bienaim Secretary General, 5G Infrastructure Association http://5g-ppp.eu/ CERCLE CREDO, 3 MAI 2018, PARIS 04/05/2018 1 Summary 4G/5G industry developments

537 views • 30 slides
MWC 17 Collaboration Mobile Convergence Cisco & Ericsson Collaboration Mobile Convergence -

MWC 17 Collaboration Mobile Convergence Cisco & Ericsson Collaboration Mobile Convergence -

MWC 17 Collaboration Mobile Convergence Cisco & Ericsson Collaboration Mobile Convergence - CMC Cisco and Ericsson partner to deliver industry Cisco VoWi-Fi Ericsson leading Mobile Collaboration solutions. & Collaboration VoLTE

393 views • 22 slides
Collaboration Mobile Convergence In partnership with Enterprise communication TREND

Collaboration Mobile Convergence In partnership with Enterprise communication TREND

Collaboration Mobile Convergence In partnership with Enterprise communication TREND collaborate anywhere The world goes mobile Users want flexibility at work 9b mobile subscriptions by 2022, of which more 1.9b people in the global mobile

73 views • 6 slides
The Future Begins Today Creating the French Champion in Very High Speed Fixed Mobile

The Future Begins Today Creating the French Champion in Very High Speed Fixed Mobile

The Future Begins Today Creating the French Champion in Very High Speed Fixed Mobile Convergence 7 April 2014 Disclaimer This presentation contains statements about future events, projections, forecasts and expectations that are

191 views • 7 slides
CS 528 Mobile and Ubiquitous Computing Lecture 11: Mobile Security and Mobile Software

CS 528 Mobile and Ubiquitous Computing Lecture 11: Mobile Security and Mobile Software

CS 528 Mobile and Ubiquitous Computing Lecture 11: Mobile Security and Mobile Software Vulnerabilities Emmanuel Agu Mobile Security Issues Introduction So many cool mobile apps Access to web, personal information, social media, etc

1.05k views • 55 slides
What, exactly, is different or new about MOBILE mobile security? SECURITY TECHNOLOGIES 2017

What, exactly, is different or new about MOBILE mobile security? SECURITY TECHNOLOGIES 2017

What, exactly, is different or new about MOBILE mobile security? SECURITY TECHNOLOGIES 2017 Dan S. Wallach , Rice University tl;dr The computers inside the computer Every chip has one or more CPUs inside; they have exploitable bugs

1.23k views • 87 slides
Latest Trends in Mobile Security By M K Chaithanya C-DAC Hyderabad Outline Introduction

Latest Trends in Mobile Security By M K Chaithanya C-DAC Hyderabad Outline Introduction

Latest Trends in Mobile Security By M K Chaithanya C-DAC Hyderabad Outline Introduction Statistics of Mobile Usage Current State of Mobile Security Recent Attacks Various Mobile Threats Security & Privacy

1.03k views • 57 slides
Mobile network security issues A very short overview of some mobile security issues.

Mobile network security issues A very short overview of some mobile security issues.

Mobile network security issues A very short overview of some mobile security issues. Mobile access is expected to become the main access method. Services and mobile commerce (mCommerce) are expected to become a major business.

818 views • 20 slides
Vodafone Fixed/Convergence Open Office 19-20 September 2017 Disclaimer By reading these slides

Vodafone Fixed/Convergence Open Office 19-20 September 2017 Disclaimer By reading these slides

Vodafone Fixed/Convergence Open Office 19-20 September 2017 Disclaimer By reading these slides you agree to be bound by the following conditions. The presentation also contains certain non-GAAP financial information. The Groups management

591 views • 56 slides
CS 528 Mobile and Ubiquitous Computing Lecture 9a: Mobile Security and Mobile Software

CS 528 Mobile and Ubiquitous Computing Lecture 9a: Mobile Security and Mobile Software

CS 528 Mobile and Ubiquitous Computing Lecture 9a: Mobile Security and Mobile Software Vulnerabilities Emmanuel Agu Announcement Course Evaluations Now online Will be available from Friday, Dec 7 Will also allow students to do

864 views • 50 slides
Mobile Device and Platform Security Part II John Mitchell Two lectures on mobile security

Mobile Device and Platform Security Part II John Mitchell Two lectures on mobile security

CS 155 Spring 2018 Mobile Device and Platform Security Part II John Mitchell Two lectures on mobile security Introduction: platforms and trends Threat categories Physical, platform malware, malicious apps Defense

1.17k views • 93 slides
"3G and Beyond: The Convergence of Mobile Telephony and Computing" SFM-05: Moby

"3G and Beyond: The Convergence of Mobile Telephony and Computing" SFM-05: Moby

"3G and Beyond: The Convergence of Mobile Telephony and Computing" SFM-05: Moby University of Urbino Bertinoro, 28 April 2005 Matteo Magotti Vodafone Italy Technology Evolution Data Transmission Technology Roadmap Max Trx Speed

1.04k views • 73 slides
The Future Begins Today Creating the French Champion in Very High Speed 17 March 2014 Fixed

The Future Begins Today Creating the French Champion in Very High Speed 17 March 2014 Fixed

Numericable Group Company presentation July 2013 The Future Begins Today Creating the French Champion in Very High Speed 17 March 2014 Fixed Mobile Convergence Disclaimer This presentation contains statements about future events,

459 views • 16 slides
Mobile Device and Platform Security John Mitchell Two lectures on mobile security Introduction:

Mobile Device and Platform Security John Mitchell Two lectures on mobile security Introduction:

Spring 2018 CS 155 Mobile Device and Platform Security John Mitchell Two lectures on mobile security Introduction: platforms and trends Threat categories n Physical, platform malware, malicious apps Defense against physical theft Thurs

1.28k views • 64 slides
Terrestrial Workshop SRME 19 Albania Notification for Fixed and Mobile : Exercises SRME-19 -

Terrestrial Workshop SRME 19 Albania Notification for Fixed and Mobile : Exercises SRME-19 -

Terrestrial Workshop SRME 19 Albania Notification for Fixed and Mobile : Exercises SRME-19 - Workshop, Albania Tirana, 24 to 27 June 2019 Services (1/2) Fixed service: a radiocommunication service between specified fixed points RR1.20

704 views • 26 slides
RUNNING SvSAN ON THE NEW CISCO ISR 4461 AND UCS E-SERIES With Craig Collier and Ian McLaughlin

RUNNING SvSAN ON THE NEW CISCO ISR 4461 AND UCS E-SERIES With Craig Collier and Ian McLaughlin

RUNNING SvSAN ON THE NEW CISCO ISR 4461 AND UCS E-SERIES With Craig Collier and Ian McLaughlin Hosted by Kelynn Renals MAKING THE COMPLEX SIMPLE CONFIDENTIAL ENTERPRISES FACE DIFFICULTIES IN EDGE DEPLOYMENT 2 CONFIDENTIAL CISCO AND STORMAGIC

366 views • 8 slides
Chapter 1 Welcome to Linux Dr. Marjan Trutschl marjan.trutschl@lsus.edu Louisiana State

Chapter 1 Welcome to Linux Dr. Marjan Trutschl marjan.trutschl@lsus.edu Louisiana State

Chapter 1 Welcome to Linux Dr. Marjan Trutschl marjan.trutschl@lsus.edu Louisiana State University, Shreveport, LA 71115 Introducing Shells History of UNIX and GNU-Linux Heritage of Linux: UNIX What Is So Good About Linux? Overview

336 views • 15 slides
(01204423) Sensor Node Programming II (UART and Radio) Chaiporn Jaikaeo chaiporn.j@ku.ac.th

(01204423) Sensor Node Programming II (UART and Radio) Chaiporn Jaikaeo chaiporn.j@ku.ac.th

Network Kernel Architectures and Implementation (01204423) Sensor Node Programming II (UART and Radio) Chaiporn Jaikaeo chaiporn.j@ku.ac.th Department of Computer Engineering Kasetsart University Outline UART communication Single-hop

410 views • 19 slides
Reverse Engineering Outernet Daniel Estvez 27 December 2016 33rd Chaos Communication Congress,

Reverse Engineering Outernet Daniel Estvez 27 December 2016 33rd Chaos Communication Congress,

Reverse Engineering Outernet Daniel Estvez 27 December 2016 33rd Chaos Communication Congress, Hamburg Daniel Estvez Reverse Engineering Outernet 33C3 1 / 40 Brief info about speaker Currently finishing a PhD in pure Mathematics Also

673 views • 44 slides
NDS2 Secure storage, sharing and publishing of data in the NDS Maciej Brzeniak,

NDS2 Secure storage, sharing and publishing of data in the NDS Maciej Brzeniak,

NDS2 Secure storage, sharing and publishing of data in the NDS Maciej Brzeniak, Supercomputing Dept. of PSNC, www.psnc.pl TF-Storage meeting @Dubrovnik, Sep., 26-27th 2012 Project funded by: NCBiR for 2011-2013 under KMD2 project (no.

769 views • 21 slides
The Communications Market Report 2016 4 August 2016 Agenda Introduction Jane Rumble, Director

The Communications Market Report 2016 4 August 2016 Agenda Introduction Jane Rumble, Director

Ofcom analyst briefing The Communications Market Report 2016 4 August 2016 Agenda Introduction Jane Rumble, Director of Market Intelligence Market overview Jessica Rees, Researcher, Market Research The audio-visual industries Stefan

782 views • 60 slides
The Formally Verified seL4 Microkernel High-Assurance Foundation for MCS Gernot Heiser |

The Formally Verified seL4 Microkernel High-Assurance Foundation for MCS Gernot Heiser |

The Formally Verified seL4 Microkernel High-Assurance Foundation for MCS Gernot Heiser | gernot.heiser@data61.csiro.au | @GernotHeiser RTCSA Keynote, Aug20 https://trustworthy.systems What Is Needed For Mixed-Criticality? During a

539 views • 29 slides
An ultra-low-cost antenna array frontend for GNSS application Thuan D. Nguyen, Vinh T. Tran Tung

An ultra-low-cost antenna array frontend for GNSS application Thuan D. Nguyen, Vinh T. Tran Tung

International Collaboration Centre for Research and Development on Satellite Navigation Technology in South East Asia An ultra-low-cost antenna array frontend for GNSS application Thuan D. Nguyen, Vinh T. Tran Tung H. Ta, Letizia Lo Presti

333 views • 15 slides

More recommend