A Pattern Language for Mobility Management [1] Petri Jokela

Transcription

1 A Pattern Language for Mobility Management [1] Petri Jokela

2 2G systems (GSM, D-AMPS) D Visited network Home network HLR VLR VLR HLR AuC AuC

3 A Pattern Language for Mobility Management!Wireless and mobile user s problems user s location security over wireless link!patterns divided into two categories architectural elements functions!motivation for this pattern language shows interactions between entities generating different scenarios related to mobile systems

4 Patterns for Mobility Management Architectural elements Functional behaviors Home and Visitor Databases Temporary identification Paging Authentication Security Database Ciphering Location registration

5 Home and Visitor databases Visited network Home network HLR VLR VLR HLR AuC AuC

6 Home and Visitor databases!context mobile users => changing location!problem how to enable user mobility?!forces mobile user s identification has no location information operators must maintain information about!own customers!currently visiting customers essential information: home, current and previous location services obtained from the current visited location area

7 Home and Visitor databases!solution two types of repositories: home and visited location updated with the location registration!resulting Context location registration updates the current location home and visitor databases provide information for security database for authentication and ciphering calculations

8 Security database Visited network Home network HLR VLR VLR HLR AuC AuC

9 Security database!context sensitive information handled in security functions location management functions handle authentication!problem how to securely handle user s sensitive information?!forces security mechanisms rely on secresy of their keys and algorithms home and visited database information vulnerable to attacks and failures secure information cannot be stored in the visitor database only (there is only temporary information)

10 Security database!solution create a database for secure information!can be accessed only by functions involved in security management process!does not transmit any sensitive information: performs the ciphering and the authentication calculations itself!home and visitor databases contain complementary information!resulting context ciphering and authentication functions use secure information stored in the security database to guarantee privacy and security to the mobile user

11 Temporary identification Visited network Home network 1. TI inquiry OR 2. TI assignment VLR VLR HLR AuC

12 Temporary identification! Context protection of user communication over the air interface!power on the MS!Travelling to a new location!incoming call to a mobile user! Problem how to protect user s identity when it is sent over the air interface?! Forces all information sent over radio interface can be listened by others many MSs using simultaneously a control channel: not protected user moving to a dedicated channel: short time when user s real identity is unknown

13 Temporary identification!solution assign a temporary identification to the MS dynamically allocated by the network: location area information + a digit string stored in the visitor database TI assignment: incoming call or changing location TI inquiry: power on or outgoing call!resulting context user identity is protected from eavesdroppers authentication and ciphering can be performed

14 Authentication Visited network Home network 1. requests auth 2. MS responses 3. verifies - VLR/HLR/AuC 4. Response to MS VLR VLR HLR AuC

15 Authentication! Context temporary identification has been requested by the MS ciphering protects traffic transmission could have been intercepted before TI and ciphering! Problem how to prevent unauthorized or fraudulent access to cellular netwoks?! Forces unprotected user information can be captured MS with false identity: bills to wrong persons passwords only good in protecting access to terminals robust authentication, no subscriber intervention, no exchange of keys and algorithms over the air interface

16 Authentication!Solution perform authentication using information in the MS and in the security database (keys and encryption algorithms) INPUT: random value from the network, secret key number, electronic serial number (MS id, in HLR), user s id number!resulting context protection agains unauthorized usage!secure environment provided for the user!related patterns authenticator [2] sender authentication, signature, secrecy with sender authentication, secrecy with signature [3]

17 Ciphering Visited network Home network 1. ciphering mode negotiation 2. ciphering data 3. deciphering data 3. VLR HLR AuC

18 Ciphering!Context idle mode: common channels dedicated channels after temporary identification!user information (voice, data), user-related signaling, system-related signaling!problem how to protect the privacy of the communication over an insecure channel?!forces clear text sending can be eavesdropped digital systems provide encryption when same data is encrypted, they must be different

19 Ciphering!Solution phone in dedicated mode: apply encryption ciphering key calculated from a random number, a computatino algorithm and a secret key MS and all databases responsible for storing inputs and calculating operations!resulting context enhanced privacy is provided in addition, authentication should be performed!related patterns secure-channel communication [3] information secrecy [3]

20 Paging Visited network Home network 1. paging request 2. paging response VLR HLR 2. AuC 1.

21 Paging!Context MS in a visited location, current location maintained in home and visited database!problem how to reach the MS and route the call to it?!forces the precise location of the MS must be known the dialed number does not have location information home and visited databases have information about the current location area the smaller cells, the more information transmitted

22 Paging!Solution send paging request to cells under the current location area MS responses: the exact location is now known!resulting context authentication and ciphering can follow paging provides a balance between the amount of location information to be exchanged and the number of needed paging messages

23 Location Registration Visited network Home network 1. VLR registration 2. HLR registration VLR 2. VLR HLR 1. AuC

24 Location Registration!Context user changes location authentication has been successfully performed!problem how to keep up-to-date information about the current location area of the MS?!Forces visitor database has a limited capacity accuracy of the location information is necessary the location information in the previous visitor database is no longer up-to-date, when user moves

25 Location Registration!Solution location registration to both the home database and current visited database!resulting context current location area is stored in the new visitor database old information is deleted from the previous visitor database the user can make and receive calls!related patterns parameter database [4]

26 Future work!hybrid networks (cellular, IP)

27 References![1] Andrade, R., Logrippo, L., Bottomley, M., Coram, T., A Pattern Language for Mobility Management In: Proceedings of Pattern Language of Programs (PLoP 2000), August 13-16, 2000.![2] Brown, F. L. Jr., DiVietri, J., Villegas, G. D., Fernandez, E. D., The Authenticator Pattern In: Proceedings of Pattern Language of Programs (PLoP 99), August 15-18, 1999.![3]Braga,A.M.,Rubira,C.M.F.,Dahab,R., Tropyc: A Pattern Language for Cryptographic Software, PLoPD4, N.D. Harrison, B. Foote, and H. Rohnert, eds., Addison-Wesley, , 2000.

28 References![4] Utas, G., A Pattern Language of Feature Interaction In: Feature Interaction in Telecommunications and Software System V, IOS Press, 1998.