<<

. 49
( 132 .)



>>

Internet
Mobile
network
WAP Server
WAP gateway


Figure 5.44 WTLS security model


5.9.1.2 Wireless transport layer security (WTLS)

The protocol was developed to allow WAP devices to gain secure access to a WAP
gateway. The security model for WTLS is shown in Figure 5.44.
The data transfer between the mobile station and the WAP gateway is secured using
WTLS. From the WAP gateway to the WAP server the connection is secured using TLS.
It is the WAP gateway™s responsibility to authenticate the WAP server and make sure
it has a correct digital certi¬cate that generates the appropriate signatures. WTLS oper-
ates in a similar manner to TLS in terms of messages sent and services provided but
is not as secure for the following reasons. WTLS allows support for weak encryption
algorithms and even allows the user to switch off encryption. This is due to the limited
processing capability of some WAP handsets. Also, the con¬guration for WTLS is vul-
nerable to being attacked at the WAP gateway, since in the change from one encryption
mechanism to another, the information is momentarily in plain text. With the introduc-
tion of WAP 2.0 a new model for security has been implemented. This is illustrated in
Figure 5.45.
In this case the WAP transport protocols “ wireless session protocol (WSP), wireless
transaction protocol (WTP) and wireless datagram protocol (WDD) “ have been replaced
by standard IP protocols (HTTP, TCP and IP). This is possible because of the introduction
of GPRS. The original WAP protocols were designed to be replacements for IP protocols
and optimized for a wireless link.


WAE WAE

HTTP HTTP

TLS TLS

TCP* TCP* TCP TCP

IP IP IP IP

Mobile
WAP proxy WAP Server
Station

Figure 5.45 WAP 2.0 security
230 IP APPLICATIONS FOR GPRS/UMTS


Since GPRS is designed to manage data transfer over the wireless link, many of the
original WAP transport functions are somewhat redundant. Notice on the connection
between the mobile station and the WAP proxy the TCP protocol has been replaced with
TCP*. This is the version of the standard TCP protocol that has been optimized for
wireless transmission, as was explained in Section 5.5.


5.9.2 Virtual private networks and IP security (IPSec)
Looking at Figure 5.46, one can see that the two networks are connected together via
the Internet. The data leaving network 1 is encrypted by the ¬rewall, carried securely
across the Internet and then decrypted at ¬rewall 2. This type of con¬guration is called
a virtual private network (VPN) since even though the data is being transferred over a
public network, its privacy is maintained through the use of encryption. It is also possible
to connect a mobile user onto the VPN. In the diagram the mobile terminal is connected
via the VPN to networks 1 and 2. The applications running on the mobile terminal and
within workstations A and B see no difference in terms of their operation: it is as if they
are connected to the network directly. This is not possible with SSL because protocols
such as UDP are not supported. This would, for example, preclude the use of protocols
such as DNS being carried over the VPN. The whole idea of VPN access is that it is
transparent and the two networks can be connected without modifying the software in the
client or server machines.
VPN solutions are also used for operators to provide secure links between the GGSN
and a corporate client™s intranet. This allows the operator to offer its GPRS network as
a mobile extension to the existing ¬xed-line services of the corporate customer, while
providing secure access to the corporate network. In addition to the VPN, only permitted
users would be allowed to connect to the de¬ned access point for the corporate by con¬g-
uration in both the HLR and GGSN. Initially this GPRS corporate connection will usually




Server 1
LAN2
Internet
Firewall 1
LAN1

Firewall 2

Server 2
A B

GPRS

Mobile
Terminal
IPSEC
stack

Figure 5.46 Virtual private networks
5.9 IP SECURITY 231


terminate at a laptop, using the GPRS device essentially as a data ˜modem™. However,
this situation will gradually change as GPRS devices become more powerful, supporting a
wider range of standard IP applications, and also as GPRS access becomes more routinely
incorporated into PDAs. With programmable and Java-enabled GPRS devices emerging,
this expands the scope of corporate mobile services to include client“server and other
enterprise applications.


5.9.2.1 IP security (IPSec)
To allow for encryption at the IP layer a protocol called IPSec was developed. IPSec is
not simply a VPN solution since it also allows for encrypted and authenticated traf¬c to
be sent end-to-end as well as within VPN tunnels. Its main application, however, is VPNs
and it is supported by a number of vendors, including Checkpoint in its VPN-1/Firewall-1
product. IPSec has been designed to provide security and negotiated compression for IPv4
and IPv6. In common with most security solutions, the following services are de¬ned:

• authentication
• integrity
• privacy
• protection against replays
• compression.

IPSec provides security services within IP packets and therefore can provide security for
all IP application protocols. There are two protocols de¬ned within IPSec: authentication
header (AH) and the encapsulating security payload (ESP). The protocols are designed
to be algorithm-independent and this modularity permits selection of different sets of
algorithms without affecting the other parts of the implementation. However, a standard
set of default algorithms has been speci¬ed to enable interoperability on the Internet.


5.9.2.2 Security associations
IPSec services are based upon a mechanism called security associations. A security asso-
ciation (SA) is a simplex ˜connection™ that provides security services to the traf¬c carried
by it. SAs are fundamental to IPsec, and both AH and ESP make use of them. Since an
SA is simplex, to secure bidirectional communication between two hosts, or between two
security gateways, two SAs (one in each direction) are required.
An SA is uniquely identi¬ed by the following:

• security parameter index (SPI). This in turn can be associated with key data, encryption
and authentication algorithms;
• IP destination address;
• a security protocol (AH or ESP) identi¬er.
232 IP APPLICATIONS FOR GPRS/UMTS


An SA provides security services to a traf¬c stream through the use of AH or ESP
but not both together. If both AH and ESP protection is applied to a traf¬c stream, then
two SAs are created to provide protection to the traf¬c stream. Although the destination
address may be a unicast address, an IP broadcast address or a multicast group address,
currently IPSec SA management mechanisms are only de¬ned for unicast SAs.


5.9.2.3 Authentication header

The IP authentication header (AH) is de¬ned in RFC 2402 and provides data integrity,
source address authentication and an anti-replay service. AH provides authentication for
the upper-layer protocols and for some of the IP header. It is not possible to provide
authentication for all of the IP header ¬elds since some of these will change en route
and the sender cannot always predict what these values will be. AH can be applied on its
own, in conjunction with ESP, or in a nested fashion through the use of tunnel mode.


5.9.2.4 Encapsulating security payload protocol

The ESP protocol is de¬ned in RFC 2406 and provides con¬dentiality through encryption.
Like AH, ESP can also provide authentication; however, ESP does not cover the IP
header ¬elds unless those ¬elds are ¬rst encapsulated using ESP (tunnel mode). Both
con¬dentiality and authentication are optional, but at least one of them must be selected.
The ESP header is inserted after the IP header and before the upper-layer protocol header
(transport mode) or before an encapsulated IP header (tunnel mode). Both of these modes
are described below.


5.9.2.5 AH and ESP modes of operation

AH and ESP can be applied individually or in combination with each other to provide a
set of security services in IPv4 and IPv6. Each protocol can also support two modes of
operation:

• transport mode
• tunnel mode.

In transport mode the protocols provide protection primarily for upper-layer protocols;
in tunnel mode, the protocols are applied to tunnelled IP packets.


Transport mode
A transport mode security association is usually between two host machines as shown in
Figure 5.47.
5.9 IP SECURITY 233


IP Hdr AH or ESP Data
Secure Data




IP
ta
Da




H
dr
SP ata
rE




AH
D
o
H cure




or
A




Se

ES Da
Se Internet
r Gateway




cu
d




P
Gateway
H




re

D
IP




at
a
ta
Host Station Host Station
Local Area Network Local Area Network


Figure 5.47 IPSec transport mode security association

<<

. 49
( 132 .)



>>