Seminar on Network Security
Introduction of the topics and some material for the session of
Security in Mobile Networks andApplications
Tutors: Yki Kortesniemi and Hannu Kari
- Bluetooth
(Yki Kortesniemi)
Bluetooth is a new standard for short range wireless
networks. Intended uses include cable replacement, personal ad hoc
networks and data/voice access to cable networks. Bluetooth could be
used to implement mobile phones within an office or a home,
headphones, Internet connectivity to PDAs and laptop, keys to doors,
etc.
With this new technology come the questions of role amongst other
WLANs, security and the management of security, in particular with ad
hoc networks. How can we reliably authenticate a new device in our
network so that we can then authorise it to use our resources? How do
we manage access to our resources?
The paper can either present an analysis of the situation as a
whole, with an emphasis on the security, or concentrate on a
particular section of security. The emphasis is to be agreed on with
the tutor.
- Security of WAP services
(Hannu Kari)
- WAP (Wireless Application Protocol) is the new hot topic in
telecom world. It is said that this is the killer of the future (or
the killers are using WAP). but is WAP secure enough to trust
your money?
- What you can do with WAP if you do/don’t trust the operator/service
- Is there is risk of WAP viruses to your mobile phone?
-
Big brother is watching you
(Hannu Kari)
- You may trust the telecom operator but there are big brothers
watching you. What can be done in mobile networks? How you could
protect yourself?
- We have (in principle) privacy act for letters.
Should we have that also for electronic communication?
-
User data security
(Hannu Kari)
- What is the actual user data security in telecom networks compared with datacom networks
- Is the telecom network actually more secured than plain Internet?
- End to end security in telecom networks?
- Is there any difference to datacom?
-
Trust model
(Hannu Kari)
- I trust operator A, who trusts operator B, who trust operator C.
Does this mean that I automatically trust operator C?
- What if the trust is not 100%, but for example 98%? How this changes the system/behavior?
- I trust A with 99%, and it trusts B with 75% and it trusts 10%-ly C. So, what is my trust to C?
- What happens if the trust between networks/operators collapses?
-
Intruder scenarios
(Hannu Kari)
- Our intention is not to crack the telecom network but increase the
awareness of the potential risks what happens, if an intruder attacks
the system
- Actually we don’t care the operator’s risks (they are well analyzed), but the risks from the end user’s point of view in mobile networks
-loss of data/money/privacy/...
- Various intruder scenarios
- passive/active, man-in-the-middle, deny-of-service, infiltration, impersonation,
This page is maintained by
Network Security teaching staff,
The page has last been updated on
13.9.1999
URL: http://www.tcm.hut.fi/Opinnot/Tik-110.501/1999/mobile.html
|