This chapter analyzes the security architecture designed for the protection of the universal mobile telecommunication system (UMTS). This architecture is built on the security principles of second generation (2G) systems with improvements and enhancements in certain points in order to provide advanced security services. The main objective of the third generation (3G) security architecture is to ensure that all information generated by or relating to a user, as well as the resources and services provided by the serving network and the home environment are adequately protected against misuse or misappropriation. Based on the carried analysis the critical points of the 3G security architecture, which might cause network and service vulnerability are identified. In addition, the current research on the UMTS security and the proposed enhancements that aim at improving the UMTS security architecture are briefly presented and analyzed.
Key Terms in this Chapter
Temporary mobile subscriber identity (TMSI): TMSI is a randomly allocated number that is given to the mobile the moment it is switched on and serves as a temporary identity between the mobile and the network.
Wideband code division multiple access (WCDMA): WCDMA is a wideband spread-spectrum mobile air interface that utilizes the direct sequence code division multiple access (CDMA) signaling method to achieve higher speeds and support more users compared to the implementation of time division multiplexing (TDMA) used by 2G GSM networks.
Universal mobile telecommunications system (UMTS): UMTS is one of the 3G mobile phone technologies.
International mobile subscriber identity (IMSI): IMSI is a unique number associated with all UMTS network mobile phone users.
IP Security (IPsec): IPsec is a suite of protocols for securing IP communications by authenticating and/or encrypting each IP packet in a data stream.
Internet key exchange (IKE): IKE is a protocol used to set up a security association (SA) in the IPsec protocol suite.
Third generation (3G): 3G is a technology in the context of mobile phone standards. The services associated with 3G include wide-area wireless voice telephony and broadband wireless data, all in a mobile environment.
Universal subscriber identity module (USIM): USIM is an application for UMTS mobile telephony running on a UICC smart card which is inserted in a 3G mobile phone and stores user subscriber information and authentication information.