Wireless Communications Security

Solutions for the Internet of Things

Inbunden, Engelska, 2016

Av Jyrki T. J. Penttinen, Jyrki T. J. (Nokia Siemens Networks) Penttinen

1 539 kr

Beställningsvara. Skickas inom 7-10 vardagar

Fri frakt för medlemmar vid köp för minst 249 kr.

This book describes the current and most probable future wireless security solutions. The focus is on the technical discussion of existing systems and new trends like Internet of Things (IoT). It also discusses existing and potential security threats, presents methods for protecting systems, operators and end-users, describes security systems attack types and the new dangers in the ever-evolving Internet. The book functions as a practical guide describing the evolvement of the wireless environment, and how to ensure the fluent continuum of the new functionalities, whilst minimizing the potential risks in network security.

Produktinformation

Utgivningsdatum2016-11-11
Mått173 x 246 x 23 mm
Vikt635 g
FormatInbunden
SpråkEngelska
Antal sidor336
FörlagJohn Wiley & Sons Inc
ISBN9781119084396

Tillhör följande kategorier

Jyrki Penttinen has worked in mobile telecommunications with network operators and manufacturers since 1994. He has theoretical knowledge and operational experience of end-to-end architectures and functioning of major mobile communications systems, including GSM/GPRS/EDGE, UMTS/HSPA and LTE/LTE-A with their respective evolution paths. He has worked in research and operational activities in both radio and core network domains, including planning, optimization, measurements, system architectures and services. He joined Giesecke & Devrient Mobile Security team in 2014, currently focusing on the security solutions and future trends of the industry.

About the Author xiiPreface xiiiAcknowledgements xvAbbreviations xvi1 Introduction 11.1 Introduction 11.2 Wireless Security 21.2.1 Background and Advances 21.2.2 Statistics 21.2.3 Wireless Threats 41.2.4 M2M Environment 91.3 Standardization 101.3.1 The Open Mobile Alliance (OMA) 101.3.2 The International Organization for Standardization (ISO) 121.3.3 The International Telecommunications Union (ITU) 141.3.4 The European Telecommunications Standards Institute (ETSI) 141.3.5 The Institute of Electrical and Electronics Engineers (IEEE) 151.3.6 The Internet Engineering Task Force (IETF) 161.3.7 The 3rd Generation Partnership Project (3GPP) 161.3.8 The 3rd Generation Partnership Project 2 (3GPP2) 251.3.9 The GlobalPlatform 251.3.10 The SIMalliance 261.3.11 The Smartcard Alliance 271.3.12 The GSM Association (GSMA) 271.3.13 The National Institute of Standards and Technology (NIST) 281.3.14 The National Highway Transportation and Safety Administration (NHTSA) 281.3.15 Other Standardization and Industry Forums 281.3.16 The EMV Company (EMVCo) 291.3.17 The Personal Computer/Smartcard (PC/SC) 291.3.18 The Health Insurance Portability and Accountability Act (HIPAA) 291.3.19 The Common Criteria (CC) 291.3.20 The Evaluation Assurance Level (EAL) 301.3.21 The Federal Information Processing Standards (FIPS) 311.3.22 Biometric Standards 311.3.23 Other Related Entities 321.4 Wireless Security Principles 321.4.1 General 321.4.2 Regulation 331.4.3 Security Architectures 331.4.4 Algorithms and Security Principles 331.5 Focus and Contents of the Book 36References 382 Security of Wireless Systems 422.1 Overview 422.1.1 Overall Security Considerations in the Mobile Environment 422.1.2 Developing Security Threats 432.1.3 RF Interferences and Safety 452.2 Effects of Broadband Mobile Data 462.2.1 Background 462.2.2 The Role of Networks 472.2.3 The Role of Apps 502.2.4 UE Application Development 522.2.5 Developers 552.2.6 The Role of the SIM/UICC 562.2.7 Challenges of Legislation 572.2.8 Updating Standards 582.2.9 3GPP System Evolution 582.3 GSM 592.3.1 The SIM 602.3.2 Authentication and Authorization 622.3.3 Encryption of the Radio Interface 632.3.4 Encryption of IMSI 652.3.5 Other GSM Security Aspects 652.4 UMTS/HSPA 662.4.1 Principles of 3G Security 662.4.2 Key Utilization 682.4.3 3G Security Procedures 692.5 Long Term Evolution 712.5.1 Protection and Security Principles 712.5.2 X.509 Certificates and Public Key Infrastructure (PKI) 712.5.3 IPsec and Internet Key Exchange (IKE) for LTE Transport Security 722.5.4 Traffic Filtering 732.5.5 LTE Radio Interface Security 742.5.6 Authentication and Authorization 782.5.7 LTE/SAE Service Security – Case Examples 792.5.8 Multimedia Broadcast and Multicast Service (MBMS) and enhanced MBMS (eMBMS) 832.6 Security Aspects of Other Networks 912.6.1 CDMA (IS‐95) 912.6.2 CDMA2000 932.6.3 Broadcast Systems 942.6.4 Satellite Systems 942.6.5 Terrestrial Trunked Radio (TETRA) 952.6.6 Wireless Local Area Network (WLAN) 962.7 Interoperability 1022.7.1 Simultaneous Support for LTE/SAE and 2G/3G 1022.7.2 VoLTE 1052.7.3 CS Fallback 1052.7.4 Inter‐operator Security Aspects 1062.7.5 Wi‐Fi Networks and Offload 1062.7.6 Femtocell Architecture 108References 1093 Internet of Things 1123.1 Overview 1123.2 Foundation 1133.2.1 Definitions 1133.2.2 Security Considerations of IoT 1153.2.3 The Role of IoT 1153.2.4 IoT Environment 1173.2.5 IoT Market 1203.2.6 Connectivity 1213.2.7 Regulation 1223.2.8 Security Risks 1233.2.9 Cloud 1283.2.10 Cellular Connectivity 1293.2.11 WLAN 1333.2.12 Low‐Range Systems 1333.3 Development of IoT 1403.3.1 GSMA Connected Living 1403.3.2 The GlobalPlatform 1413.3.3 Other Industry Forums 1413.4 Technical Description of IoT 1423.4.1 General 1423.4.2 Secure Communication Channels and Interfaces 1433.4.3 Provisioning and Key Derivation 1443.4.4 Use Cases 144References 1484 Smartcards and Secure Elements 1504.1 Overview 1504.2 Role of Smartcards and SEs 1514.3 Contact Cards 1534.3.1 ISO/IEC 7816‐1 1544.3.2 ISO/IEC 7816‐2 1554.3.3 ISO/IEC 7816‐3 1554.3.4 ISO/IEC 7816‐4 1574.3.5 ISO/IEC 7816‐5 1574.3.6 ISO/IEC 7816‐6 1574.3.7 ISO/IEC 7816‐7 1574.3.8 ISO/IEC 7816‐8 1574.3.9 ISO/IEC 7816‐9 1584.3.10 ISO/IEC 7816‐10 1584.3.11 ISO/IEC 7816‐11 1584.3.12 ISO/IEC 7816‐12 1584.3.13 ISO/IEC 7816‐13 1584.3.14 ISO/IEC 7816‐15 1584.4 The SIM/UICC 1594.4.1 Terminology 1594.4.2 Principle 1594.4.3 Key Standards 1604.4.4 Form Factors 1614.5 Contents of the SIM 1644.5.1 UICC Building Blocks 1644.5.2 The SIM Application Toolkit (SAT) 1674.5.3 Contents of the UICC 1684.6 Embedded SEs 1684.6.1 Principle 1684.6.2 M2M Subscription Management 1694.6.3 Personalization 1724.6.4 M2M SIM Types 1734.7 Other Card Types 1744.7.1 Access Cards 1744.7.2 External SD Cards 1754.8 Contactless Cards 1754.8.1 ISO/IEC Standards 1754.8.2 NFC 1764.9 Electromechanical Characteristics of Smartcards 1784.9.1 HW Blocks 1784.9.2 Memory 1784.9.3 Environmental Classes 1794.10 Smartcard SW 1814.10.1 File Structure 1814.10.2 Card Commands 1834.10.3 Java Card 1844.11 UICC Communications 1844.11.1 Card Communications 1844.11.2 Remote File Management 185References 1865 Wireless Payment and Access Systems 1885.1 Overview 1885.2 Wireless Connectivity as a Base for Payment and Access 1885.2.1 Barcodes 1895.2.2 RFID 1915.2.3 NFC 1925.2.4 Secure Element 1965.2.5 Tokenization 1985.3 E‐commerce 2005.3.1 EMV 2005.3.2 Google Wallet 2005.3.3 Visa 2015.3.4 American Express 2015.3.5 Square 2015.3.6 Other Bank Initiatives 2015.3.7 Apple Pay 2015.3.8 Samsung Pay 2025.3.9 MCX 2025.3.10 Comparison of Wallet Solutions 2025.4 Transport 2035.4.1 MiFare 2045.4.2 CiPurse 2045.4.3 Calypso 2045.4.4 FeliCa 2055.5 Other Secure Systems 2055.5.1 Mobile ID 2055.5.2 Personal Identity Verification 2055.5.3 Access Systems 206References 2066 Wireless Security Platforms and Functionality 2086.1 Overview 2086.2 Forming the Base 2086.2.1 Secure Service Platforms 2096.2.2 SEs 2096.3 Remote Subscription Management 2106.3.1 SIM as a Basis for OTA 2106.3.2 TSM 2126.3.3 TEE 2136.3.4 HCE and the Cloud 2166.3.5 Comparison 2196.4 Tokenization 2196.4.1 PAN Protection 2196.4.2 HCE and Tokenization 2216.5 Other Solutions 2216.5.1 Identity Solutions 2216.5.2 Multi‐operator Environment 222References 2227 Mobile Subscription Management 2237.1 Overview 2237.2 Subscription Management 2237.2.1 Development 2237.2.2 Benefits and Challenges of Subscription Management 2257.3 OTA Platforms 2267.3.1 General 2267.3.2 Provisioning Procedure 2277.3.3 SMS‐based SIM OTA 2277.3.4 HTTPS‐based SIM OTA 2307.3.5 Commercial Examples of SIM OTA Solutions 2317.4 Evolved Subscription Management 2327.4.1 GlobalPlatform 2337.4.2 SIMalliance 2337.4.3 OMA 2337.4.4 GSMA 235References 2408 Security Risks in the Wireless Environment 2428.1 Overview 2428.2 Wireless Attack Types 2438.2.1 Cyber‐attacks 2438.2.2 Radio Jammers and RF Attacks 2448.2.3 Attacks against SEs 2458.2.4 IP Breaches 2458.2.5 UICC Module 2468.3 Security Flaws on Mobile Networks 2478.3.1 Potential Security Weaknesses of GSM 2478.3.2 Potential Security Weaknesses of 3G 2548.4 Protection Methods 2548.4.1 LTE Security 2548.4.2 Network Attack Types in LTE/SAE 2558.4.3 Preparation for the Attacks 2568.5 Errors in Equipment Manufacturing 2598.5.1 Equipment Ordering 2598.5.2 Early Testing 2608.6 Self‐Organizing Network Techniques for Test and Measurement 2648.6.1 Principle 2648.6.2 Self‐configuration 2658.6.3 Self‐optimizing 2668.6.4 Self‐healing 2668.6.5 Technical Issues and Impact on Network Planning 2668.6.6 Effects on Network Installation, Commissioning and Optimization 2678.6.7 SON and Security 268References 2689 Monitoring and Protection Techniques 2709.1 Overview 2709.2 Personal Devices 2719.2.1 Wi‐Fi Connectivity 2719.2.2 Firewalls 2719.3 IP Core Protection Techniques 2729.3.1 General Principles 2729.3.2 LTE Packet Core Protection 2729.3.3 Protection against Roaming Threats 2759.4 HW Fault and Performance Monitoring 2769.4.1 Network Monitoring 2779.4.2 Protection against DoS/DDoS 2779.4.3 Memory Wearing 2779.5 Security Analysis 2789.5.1 Post‐processing 2789.5.2 Real‐time Security Analysis 2789.6 Virus Protection 2799.7 Legal Interception 2819.8 Personal Safety and Privacy 2839.8.1 CMAS 2839.8.2 Location Privacy 2859.8.3 Bio‐effects 286References 28710 Future of Wireless Solutions and Security 28810.1 Overview 28810.2 IoT as a Driving Force 28810.3 Evolution of 4G 28910.4 Development of Devices 29110.4.1 Security Aspects of Smartcards 29110.4.2 Mobile Device Considerations 29110.4.3 IoT Device Considerations 29210.4.4 Sensor Networks and Big Data 29310.5 5G Mobile Communications 29410.5.1 Standardization 29410.5.2 Concept 29510.5.3 Industry and Investigation Initiatives 29710.5.4 Role of 5G in IoT 297References 297Index 299