Security in GPRS
MetadataShow full item record
GPRS offers the user an “always on” connection to Internet and Intranet. Some of the services may require high level of security. This can be financial transaction over the Internet, or exchange of confidential documents from a company’s Intranet to an employee. It is important to have strong focus on the security, so companies and persons that demand high level of security can take advantage of the services GPRS offered. What normally happens is that the services wins against the security. This is in most cases adequate security for what a normal subscriber requires. This thesis covers which security functions that exists in GPRS, the threats it meets, how to avoid attacks, and the consequences for the attacked part. The thesis is also meant for the Ericsson AS’ employees as a supplement to their knowledge about GPRS security issues. The GPRS has inherited most of the security threats that exists in the GSM system. In addition the GPRS encounter new and bigger challenges. This since GPRS employs IP technology and it is connected to the Internet. Threats to the GPRS are not only from the insecure public network, Internet. Attacks on the data at the air interface, or operators handling of data that are transmitted or stored in their network, can also be a threat. Mobile terminals and GPRS equipment are the two main areas that need to be protected from the GPRS point of view. This also includes protection of subscriber information and other information that is stored in the GPRS network. Firewalls and Border Gateways are used to protect the mobile terminals and the GPRS equipment from external network and other operators network. The placements of firewalls are complicated because of the different connections it has to handle, and what routing procedure the GPRS operator uses. This thesis treats the subject of placement of firewalls. During the work with the thesis we got the possibility to participate and execute tests on the GPRS system in order to evaluate its security. These tests were done at Ericsson AS’s test lab in Grimstad, and we choose to focus the test on how the new GPRS node in the operators network can be attacked. This thesis includes a description and the results from the test. The results from the test gives an indication on how difficult it is to get access to the GPRS node, and what possibilities an intruder has if he gets access.
Masteroppgave i informasjons- og kommunikasjonsteknologi 2001 - Høgskolen i Agder, Grimstad
PublisherHøgskolen i Agder
Agder University College