Security measures of mobile infrastructures have always been important from the early days of the creation of cellular networks. Nowadays, however, the traditional security schemes require a more fundamental approach to cover the entire path from the mobile user to the server. This fundamental approach is so-called end-to-end (E2E) security coverage. The main focus of this chapter is to discuss such architectures for IEEE 802.16e (Mobile-WiMAX) and major third generation (3G) cellular networks. The E2E implementations usually contain a complete set of algorithms, protocol enhancements (mutual identification, authentications, and authorization), including the very large-scale integration (VLSI) implementations. This chapter discusses various proposals at the protocol level.
Key Terms in this Chapter
Code Division Multiple Access (CDMA): CDMA is also a 2.5G technology offering codes for multiplexing various cell calls. Therefore it does not divide the channel into time slots (time domain multiple access [TDMA]) or frequency bands (frequency division multiple access [FDMA]). Instead, CDMA encodes data with codes associated with every channel; therefore they do not have any overlaps in time or frequency bands. CDMA is a major improvement in cellular technologies.
Global System for Mobile Communications (GSM): GSM is the most popular standard and one of the oldest technologies still used for cellular networks throughout the world. GSM is considered a 2G cellular technology with digital integration.
Customer-Premises Equipment (CPE): End communication device that local subscribers communicate to. Through CPE, the information transmitted to and from all local subscribers are transmitted back to the centre.
Pairwise Master Key (PMK): PMK is used in peer-to-peer communication schemes for sharing a master key that would last the entire session. This is mainly used for data encryption and integrity.
Initialization Vector (IV): IV is a block of bit streams that is attached to every security data to produce a unique and independent stream for encryption.
Privacy Key Management (PKM): PKM is a private key scheme used with EAP and TLS for providing E2E security schemes for wireless technologies.
Authentication, Authorization, and Accounting (AAA): AAA is an access control scheme, overseeing the auditing framework and policy enforcement for commercial access and computing systems.
Transport Layer Security (TLS): TLS is used mostly in client/server applications, which require endpoint authentication and communications privacy, particularly over the Internet. This is mostly done using cryptographic measures.
General Packet Radio Service (GPRS): GPRS is an extension to GSM technology, which offers higher data rates compared to GSM. GPRS is considered a 2.5G technology.
Virtual private network (VPN): VPN is a communications tunnel uses a pre-existing (and often unsecure, such as the Internet) network to connect a remote user to a corporate network. The information is tunneled, encapsulated, and encrypted when passes through the unsecure network. Once the information reaches the destination, it is decapsulated and decrypted.
Worldwide Interoperability for Microwave Access (WiMAX): WiMAX, which has been defined by the WiMAX Forum, formed in 2001. WiMAX is also known as IEEE 802.16 standard, officially titled; WirelessMAN and is an alternative to DSL (802.16d) and cellular access (802.16e).
Mobile Subsciber Station (MSS) = Mobile Station (MS): These are end-user devices.
Third and Fourth Generation (3G/4G): 3G/4G cellular networks are used in the context of mobile standards. The services associated with 3G are capable of transferring both voice and non-voice data simultaneously. Though not official yet, the 4G, however, will be fully IP-based converging wired and wireless access technologies. It is expected to reach bandwidth within a few hundred mega bit per second offering E2E QoS.1
End-to-End (E2E): E2E security covers the system’s security functionality and performance from one end to the other and back.