METHODS FOR ENSURING DATA SECURITY IN MOBILE STANDARDS
Abstract
The analysis of mobile communication standards is carried out, the functional structure and interfaces of interaction between the structural elements of the cellular network are considered. To understand the principle of communication according to the GSM standard, a block diagram of a mobile switching center (MSC), base station equipment (BSS), control and service center (MCC), mobile stations (MS) is presented. The main algorithms for ensuring the confidentiality and security of mobile subscribers' data, in different types of standards, as well as the vulnerabilities of information flows are considered. In particular, the following dangerous types of attacks have been identified, to which mobile network subscribers are sensitive: sniffing; leakage of personal data; leakage of geolocation data; spoofing; remote capture of SIM-card, execution of arbitrary code (RCE); denial of service (DoS). It is established that the necessary function of the mobile network is the identification of subscribers, which is performed by IMSI, which is recorded in the SIM card of the subscriber and the HLR of the operator. To protect against spoofing, the network authenticates the subscriber before starting its service. In the case of subscriber identification, the subscriber and the network operator are protected from the effects of fraudulent access. In addition, the user must be protected from eavesdropping. This is achieved by encrypting the data transmitted over the radio interface. Thus, user authentication in UMTS, as well as in the GSM network, is carried out using encryption with a common key using the "hack-response" protocol (the authenticating party sends a random number to the authenticated party, which encrypts it according to a certain algorithm using a common key and returns the result back).
Keywords
Mobile Communication; Radio Communication Equipment; Encryption; Authentication
References
Al-Tawil K., Akrami A.: A new authentication protocol for roaming users in GSM networks. Proceedings IEEE International Symposium on Computers and Communications (Cat. No. PR00250) 1999, 93–99, [http://doi.org/10.1109/ISCC.1999.780775]. DOI: https://doi.org/10.1109/ISCC.1999.780775
Bakhovskyy P. et al.: Stages of the Virtual Technical Functions Concept Networks Development. D. Cagáˇnová et al. (eds.), Advances in Industrial Internet of Things, Engineering and Management. EAI, Springer Innovations in Communication and Computing, 2021, 119–135 [http://doi.org/10.1007/978-3-030-69705-1_7]. DOI: https://doi.org/10.1007/978-3-030-69705-1_7
Cai Y. et al.: Modulation and Multiple Access for 5G Networks. IEEE Communications Surveys & Tutorials 20(1), 2018, 629–646, [http://doi.org/10.1109/COMST.2017.2766698]. DOI: https://doi.org/10.1109/COMST.2017.2766698
Chen W. et al.: NFC Mobile Transactions and Authentication Based on GSM Network. Second International Workshop on Near Field Communication, 2010, 83–89, [http://doi.org/10.1109/NFC.2010.15]. DOI: https://doi.org/10.1109/NFC.2010.15
Deng L. et al.: Mobile network intrusion detection for IoT system based on transfer learning algorithm. Cluster Comput 22, 2019, 9889–9904 [http://doi.org/10.1007/s10586-018-1847-2]. DOI: https://doi.org/10.1007/s10586-018-1847-2
Gupta A., Jha R. K.: A Survey of 5G Network: Architecture and Emerging Technologies. IEEE Access 3, 2015, 1206–1232, [http://doi.org/10.1109/ACCESS.2015.2461602]. DOI: https://doi.org/10.1109/ACCESS.2015.2461602
Hongfeng Z. et al.: A Novel and Provable Authenticated Key Agreement Protocol with Privacy Protection Based on Chaotic Maps towards Mobile Network. International Journal of Network Security 18(1), 2016, 116–123.
Melnyk V. et al.: Design and implementation of interdomain communication mechanism for high performance data processing. Eastern-European Journal of Enterprise Technologies 1(9), 2016, 10–15, [http://doi.org/10.15587/1729-4061.2016.60629]. DOI: https://doi.org/10.15587/1729-4061.2016.60629
Melnyk V. et al.: Implementation of the simplified communication mechanism in the cloud of high performance computations. Eastern-European Journal of Enterprise Technologies 2(86), 2017, 24–32, [http://doi.org/10.15587/1729-4061.2017.98896]. DOI: https://doi.org/10.15587/1729-4061.2017.98896
Pekh P. et al.: Generators of Some Kinds Random Erlang Numbers and Estimation of Their Complexity. 10th International Conference on Advanced Computer Information Technologies, ACIT 2020, 306–310, [http://doi.org/10.1109/ACIT49673.2020.9208831]. DOI: https://doi.org/10.1109/ACIT49673.2020.9208831
Pham Q. et al.: A Survey of Multi-Access Edge Computing in 5G and Beyond: Fundamentals, Technology Integration, and State-of-the-Art. IEEE Access 8, 2020, 116974–117017, [http://doi.org/10.1109/ACCESS.2020.3001277]. DOI: https://doi.org/10.1109/ACCESS.2020.3001277
Ren Y. et al.: Dynamic Auto Scaling Algorithm (DASA) for 5G Mobile Networks. 2016 IEEE Global Communications Conference (GLOBECOM), 2016, 1–6, [http://doi.org/10.1109/GLOCOM.2016.7841759]. DOI: https://doi.org/10.1109/GLOCOM.2016.7841759
Růzičková M. et al.: The estimation of the dynamics of indirect control switching systems. Tatra Mountains Mathematical Publications 48(1), 2011, 197–213, [http://doi.org/10.2478/v10127-011-0018-0]. DOI: https://doi.org/10.2478/v10127-011-0018-0
Saad W. et al.: A Vision of 6G Wireless Systems: Applications, Trends, Technologies, and Open Research Problems. IEEE Network 34(3), 2020, 134–142, [http://doi.org/10.1109/MNET.001.1900287]. DOI: https://doi.org/10.1109/MNET.001.1900287
Satsyk, V. et al.: Reduction of Server Load by Means of CMS Drupal. 10th International Conference on Advanced Computer Information Technologies ACIT 2020, 523–528, [http://doi.org/10.1109/ACIT49673.2020.9208874]. DOI: https://doi.org/10.1109/ACIT49673.2020.9208874
Shafi M. et al.: 5G: A Tutorial Overview of Standards, Trials, Challenges, Deployment, and Practice. IEEE Journal on Selected Areas in Communications 35(6), 2017, 1201–1221, [http://doi.org/10.1109/JSAC.2017.2692307]. DOI: https://doi.org/10.1109/JSAC.2017.2692307
Tkachuk A. et al.: Basic Stations Work Optimization in Cellular Communication Network. D. Cagánová et al. (eds.), Advances in Industrial Internet of Things, Engineering and Management. EAI, Springer Innovations in Communication and Computing 2021, 1–19 [http://doi.org/10.1007/978-3-030-69705-1_1]. DOI: https://doi.org/10.1007/978-3-030-69705-1_1
Toroshanko Y. et al.: Control of Traffic Streams with the Multi-Rate Token Bucket. International Conference on Advanced Information and Communications Technologies – AICT 2019, 352–355, [http://doi.org/10.1109/AIACT.2019.8847860]. DOI: https://doi.org/10.1109/AIACT.2019.8847860
Wu L., Lin Y.: Authentication Vector Management for UMTS. IEEE Transactions on Wireless Communications 6(11), 2007, 4101–4107, [http://doi.org/10.1109/TWC.2007.060245]. DOI: https://doi.org/10.1109/TWC.2007.060245
Xu L. et al.: A Comprehensive Operation and Revenue Analysis Algorithm for LTE/5G Wireless System Based on Telecom Operator Data. IEEE SmartWorld, Ubiquitous Intelligence & Computing, Advanced & Trusted Computing, Scalable Computing & Communications, Cloud & Big Data Computing, Internet of People and Smart City Innovation, 2019, 1521–1524, [http://doi.org/10.1109/SmartWorld-UIC-ATC-SCALCOM-IOP-SCI.2019.00274]. DOI: https://doi.org/10.1109/SmartWorld-UIC-ATC-SCALCOM-IOP-SCI.2019.00274
Zhang Y., Fujise M.: An improvement for authentication protocol in third-generation wireless networks. IEEE Transactions on Wireless Communications 5(9), 2006, 2348–2352, [http://doi.org/10.1109/TWC.2006.1687756]. DOI: https://doi.org/10.1109/TWC.2006.1687756
Lutsk National Technical University, Faculty of Computer and Information Technologies, Department of Electronics and Telecommunications Ukraine
https://orcid.org/0000-0003-4677-5170
Lutsk National Technical University, Faculty of Computer and Information Technologies, Department of Electronics and Telecommunications Ukraine
https://orcid.org/0000-0001-9085-7777
Lutsk National Technical University, Faculty of Computer and Information Technologies, Department of Electronics and Telecommunications Ukraine
https://orcid.org/0000-0002-3918-4527
Lutsk National Technical University, Faculty of Computer and Information Technologies, Department of Electronics and Telecommunications Ukraine
https://orcid.org/0000-0003-3705-1541
Lutsk National Technical University, Faculty of Computer and Information Technologies, Department of Electronics and Telecommunications Ukraine
https://orcid.org/0000-0002-3768-8959
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
