Abstract
Current wireless network standards perform user authentication, signaling and data encryption, as well as message integrity protection, by utilizing only symmetric key methods. However, as mobile networks are evolving into full-IP and the communication is envisaged to change from second generation (2G) person-to-person model to fourth generation (4G) machine-to-machine model, there is greater demand to provide more flexible, reconfigurahle and scalable security mechanisms that can advance in a many-to-many trust relationship model. Employing public key methods in many-to-many schemes drops the requirement for a secure channel to transfer keys between two communication parties, thus providing the appropriate scalability to the whole system. With a large number of different network technologies and operators, expected in the future mobile communications environment, that should frequently and seamlessly interwork with each other, and a constantly increasing population of communication parties, capturing the full benefits of open channel key transfers and scaling public key methods requires Public Key Infrastructure (PKI). In this paper, we discuss and investigate different ways to take advantage of a proposed PKI system. From the network side, we investigate how PKI can provide future inter/intra mobile core network security, while from the user’s perspective we present solutions that far enhance authentication procedures and end-to-end communication model trust. We show that PKI offers the appropriate framework to overcome symmetric key based security inefficiencies, providing powerful solutions to protect both network core signaling and user’s data from potential intruders.
The original version of this chapter was revised: The copyright line was incorrect. This has been corrected. The Erratum to this chapter is available at DOI: 10.1007/978-0-387-35691-4_52
Chapter PDF
Similar content being viewed by others
References
GPP Technical Specification, MAP Application Layer Security, (TS 33.200 v. 5. 0. 0 ), March 2002
J.Arko, R. Blom, “The MAP Security Domain of Interpretation for Internet Security Association and Key Management Protocol”, draft-arkko-map-doi-07.txt, May 2002.
Wisely, D., Eardley, P., & Bumess, L., IP for 3G, Wiley, 2002.
Kent, S. & Atkinson. R., Security Architecture for the Internet Protocol, RFC 2401, Nov. 1998.
GPP Technical Specification, IP Network Layer Security, (TS 33.210 v.5. 1. 0 ), June 2002
GPP TSG, “Using PKI to provide network domain security”, Discussion Document S3–010622 SA WG3 Security — S3#21, Nov. 2001.
GPP TSG, “Security Services using Public Key Cryptography”, Discussion Document S3z&25 SA WG3 Security — S3#15bis, Nov. 2000.
Duane, N. & Brink, J., PKI Implementing and Managing E-Security, Berkeley, RSA press, 2001
Frankel, S., Demystifying IPsec Puzzle, Artech House, 2001.
Tiller, J., A Technical Guide to IPsec Virtual Private Networks, Auerbach CRC Press, 2000.
Thomas S., SSLandTLS essentials. New York, Wiley, 2000.
Maughan, D., et al, Internet Security Association and Key Management Protocol ( ISAKMP ), RFC 2408, Nov. 1998.
Khare R., “W* Effect Considered Harmful”, IEEE Internet Computing, Vol. 3, no 4, pp.82–92, July/Aug. 1999.
WAP forum WAP-217-WPKI, “Wireless Application Protocol Public Key Infrastructure Definition”, April 2001, www.wapforum.org/what/technical.htm RefTarget TargetType=“URL” Address=“www.wapforum.org/what/technical.htm”.
GPP Technical Specification, 3G Security Architecture, (TS 33.102 v.4.3.0), December 2001.
Kambourakis G., Rouskas A., & Gritzalis S., “Using SSL/TLS in Authentication and Key Agreement Procedures of Future Mobile Networks”, In the Proc. of the 411i IEEE Int’l Conf. on Mobile and Wireless Comm. Networks. (MWCN), pp. 152–156, 2002.
ASPeCT Project, Securing the future of Mobile Communications,http://www.esat.kuleuven.ac.be/cosic/aspect, 1999.
Gupta V. & Gupta S., “Securing the Wireless Internet”, IEEE Communications Magazine, Vol 39, no 4, pp. 69–74, Dec. 2001.
GPP TSG, “Support of certificates in 3GPP security Architecture”, Discussion Document S3–010353 SA WG3 Security — S3#19, July 2001.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 IFIP International Federation for Information Processing
About this paper
Cite this paper
Kambourakis, G., Rouskas, A., Gritzalis, S. (2003). Introducing PKI to Enhance Security in Future Mobile Networks. In: Gritzalis, D., De Capitani di Vimercati, S., Samarati, P., Katsikas, S. (eds) Security and Privacy in the Age of Uncertainty. SEC 2003. IFIP — The International Federation for Information Processing, vol 122. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-35691-4_10
Download citation
DOI: https://doi.org/10.1007/978-0-387-35691-4_10
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-4757-6489-5
Online ISBN: 978-0-387-35691-4
eBook Packages: Springer Book Archive