[ieee 2009 5th asia-pacific conference on environmental electromagnetics (ceem 2009) - xian, china...
Post on 01-Oct-2016
216 views
TRANSCRIPT
Proceedings CEEM'2009/Xi'an
Information Integrity and Its Protection in Networks
Wu Lei and Song Xiao Ting
(CESEC Beijing China 100840)
Abstract
Integrity is an important aspect of
network security. Lack of integrity
could result in many problems. In this
article, the threats and requirements of
the integrity are summarized. Some
possible solutions to the integrity are
discussed.
Key words: information integrity,
security, integrity protection
Introduction
Information integrity in networks isreferred to completely keepingoriginal information flow architecturetransmitted between entities innetworks without being altered. Theintegrity may be breached due to somefactors: interferences includingself-interference and outsideinterferences; sudden changes inchannel transmission function fromthe variation of channel conditions;intruder intentional attacks innetworks and so on.
In this article we focus ondiscussion of intruder intentionalattacks scenario, which is an importantaspect of network security. Becausemost of existing networks and future
238
next-generation networks are digitized,the integrity is closely tied to wholetransmission procedure of user trafficdata and signaling messages betweenany entities in networks, so integrityprotection is a key topic in networkdesign.
From the integrity perspective, thereis the danger that information could bealtered when exchanged over insecurenetworks. Lack of integrity couldresult in many problems since theconsequences of using inaccurateinformation could be disastrous.Integrity controls must beimplemented to ensure thatinformation will not be altered in anyunexpected way.
Integrity protection ensures that thedata received at an entity is what wassent by the sender. In other words, itensures that the data has not beentampered with midway. Integrityprotection is applied to all signalingmessages. Particularly, in theheterogeneous accessing framework, itshould enhance integrity protection tothe signaling messages because of agreater risk of unlawful accessing andtampering with information thattravels between the various entities.
Major Integrity Threats
From an overview of the securitysituation of existing network operationand security issues faced by the
Proceedings
Next-Generation network, some keyintegrity threats can be summarized asfollows.
In a wireless network adversarieshaving the appropriate equipment canillegally access and use user's andmobile equipment's identities and thekeys used in security procedures toaccess networks. They may track theuser based on the user equipment'stemporary identity, signaling messages,and so on, and eavesdrop on the
. communication. They may also attackdirectly on the information integrity(signaling or user traffic) by replayiny,willful tampering with the systeminformation, and by modification of IPpacket contents. They may maliciouslymodify user equipment parameters tolock out the phone from normalservices either permanently or for anextended period of time. They canlaunch a denial-of-service (DoS)attack to block a legitimate user'saccess to the network.. If a networksupports a multihop relay transmissionmode, an adversary can capture a relaystation or deploy a corrupted relaystation.
Requirements for the Integrity
in Networks
Concerning to the integrity threatssummarized above and need ofnetwork operation in a secure manner,the key requirements for the integritycan be stated as follows.
It should ensure that any illegalidentification and tracking of any useris not possible. Both sides ofcommunication are sure they arecommunicating with the correct entity,
239
CEEM'2009/Xi'an
authorized to make that transaction.Any eavesdropping of exchanged datais not possible. Data received by anyentity cannot be tampered with.Inter-radio access technologyprocedures work as designed withoutallowing any security weakness of theother access technology tocompromise system security. Anyintrudes are not able to replay controlmessages already transmitted.Allowing/requiring dynamic setup ofall respected security associationshould be done as much as possible.So user identity confidentiality, mutualauthentication, data confidentiality,data integrity, and replay protectionbecome a must.
Some Possible Solutions to the
Information Integrity
From the integrity protection
perspective some of the articles
referenced by this paper proposed
various schemes, some useful ofwhich
are described as follows.
Firstly, it should establish four levers
security architecture
Levell: Network access security:
This level is mainly responsible for
protecting the radio-link and providing
users with security access. Its
mechanisms include the integrity
protection and ciphering.
Level 2: Network domain security.This level mainly protects the
Proceedings
wire-line networks and enables themto exchange data in a safe manner.
Level 3: User domain security. Herethe scope is between the USIM and themobile equipment. It would includethe mutual authentication of the USIMand the mobile equipment, before theycan access each other, using a secretPIN.
Level 4: Application domainsecurity. The level enablesapplications information exchanged inthe user equipment and the backendnetwork in a security manner.
In early networks the securitymechanism is mainly focused on themedium access control (MAC) layer.Apparently, this may not be sufficientto protect overall communications innetworks. It should enhance theoverall security at network levelbecause of increased risk of securitybreach due to all traffic whollyIP-based.
Secondly, it should enhance thekey management
Various keys play a critical role inthe working of the overall securitymechanism. They are responsible formonitoring the operation of thenetwork and quickly identifying apossible integrity attacks and threats.Their lifetimes, scope, hierarchy, andproperties shall be clearly definedright from the master key down to thevarious temporary keys (e.g.,Fig.l). Itshould setup a unique key for eachsession even for every packet if theoverhead can be reduced.Thirdly, secure routing
Multiple-radio, multiple-channel,multiple destinations and multi-pathrouting become a general trend inwireless networks, so it should be
240
CEEM'2009/Xi'an
taken them into account for overallnetwork integrity. In the multi-hoprelay networks multi-routing is aneffective way to protect the integrity.To address the secure routing issue,the emerging network codingtechnique should be applied because itcan provide the optimum solution andreduce the computation complexity formany problems.Fourthly, user identity confidentiality
Temporary identities should beassigned and used wherever possibleto avoid unnecessary exchange ofpermanent identities between entities,and the permanent identities shall bestored securely.Fifthly, mutual authentication
Not only the network authenticatessubscriber's equipment, but alsosubscribers authenticate the network,so efficiently distinguishing legitimateusers from intruders.Sixthly, data confidentiality
Application of ciphering onsignaling message and user dataensures the confidentiality of the datacommunicated over the radio link.
Application of integrity protectionto all signaling messages ensures thatthe data received at an entity is trulysent by the sender without tamperingwith midway. The basic methodologyis computing an integrity tag, which isappended to the message being sent;the same integrity tag is generated onthe receiving side too; the message isaccepted only when the tags match.Any change in the input parameters(including the original signalingmessage as well) to the algorithmaffect the output in an unpredictablemanner, so it protects the messagefrom tampering.
Proceedings CEEM'2009/Xi'an
USIMIAuC
UEIHSS
Figurel .3GPP Releease 8 evolved packet system key hierarchy [I].
Finally, using ARQIt can send a selective repeat
Automatic Repeat-ReQue (ARQ) toall signaling messages while findingout some abnormal informationtransmission between users andnetwork.
Conclusion
Information (including signalingmessages and user traffic data)integrity is a key factor of security innetworks. It should pay attention to theintegrity in network design. Whennetworks operate the integritymanagement plays an important role inthe networks security, especially thekey management is more crucial. Themethodology of the integritymanagement described in this papergives a guideline to researchers andengineers who concern this issue. Webelieve that the network security willbe further enhanced with accuratedesign of integrity protection andserious management in the future
241
Next-Generation network.
References
[1] Sankarn C.B, "Net work AccessSecurity in Next-Generation 3GPPSystems: A Tutorial," IEEECommun. Mag., vol. 47, no 2, pp84-91, Feb. 2009.
[2] Kejie Lu et al., "Asecure andService-Oriented Network ControlFramework for WiMAXNetwork," IEEE Commun. Mag.,vol. 45, no.5, pp 124-130, May.2007.
[3] Arnold Greenspan et al., "IEEE802.20: Mobile BroadbandWireless Access for theTwent-First Century," IEEECommun. Mag., vol. 46, no.7, pp56-63, July. 2008
[4] Stefano Galli and Oleg Logvinov,"Recent Developments in theStandardization ofPower LineCommunications within theIEEE," IEEE Commun. Mag., vol.46, no.7, pp 64-71, July. 2008.