Security in GPRS
Master thesis
Permanent lenke
http://hdl.handle.net/11250/137422Utgivelsesdato
2001Metadata
Vis full innførselSamlinger
Sammendrag
GPRS offers the user an “always on” connection to Internet and Intranet. Some of
the services may require high level of security. This can be financial transaction
over the Internet, or exchange of confidential documents from a company’s
Intranet to an employee. It is important to have strong focus on the security, so
companies and persons that demand high level of security can take advantage of
the services GPRS offered. What normally happens is that the services wins
against the security. This is in most cases adequate security for what a normal
subscriber requires.
This thesis covers which security functions that exists in GPRS, the threats it
meets, how to avoid attacks, and the consequences for the attacked part. The
thesis is also meant for the Ericsson AS’ employees as a supplement to their
knowledge about GPRS security issues.
The GPRS has inherited most of the security threats that exists in the GSM
system. In addition the GPRS encounter new and bigger challenges. This since
GPRS employs IP technology and it is connected to the Internet. Threats to the
GPRS are not only from the insecure public network, Internet. Attacks on the data
at the air interface, or operators handling of data that are transmitted or stored in
their network, can also be a threat.
Mobile terminals and GPRS equipment are the two main areas that need to be
protected from the GPRS point of view. This also includes protection of subscriber
information and other information that is stored in the GPRS network. Firewalls
and Border Gateways are used to protect the mobile terminals and the GPRS
equipment from external network and other operators network. The placements
of firewalls are complicated because of the different connections it has to handle,
and what routing procedure the GPRS operator uses. This thesis treats the
subject of placement of firewalls.
During the work with the thesis we got the possibility to participate and execute
tests on the GPRS system in order to evaluate its security. These tests were done
at Ericsson AS’s test lab in Grimstad, and we choose to focus the test on how the
new GPRS node in the operators network can be attacked. This thesis includes a
description and the results from the test.
The results from the test gives an indication on how difficult it is to get access to
the GPRS node, and what possibilities an intruder has if he gets access.
Beskrivelse
Masteroppgave i informasjons- og kommunikasjonsteknologi 2001 - Høgskolen i Agder, Grimstad
Utgiver
Høgskolen i AgderAgder University College