Yoshihiro Ohba has divided security in 4G into Access Network security and Core Network security. For the access network security, a peer authentication mechanism across different link-layer technologies can be utilized for roaming. EAP (Extensible Authentication Protocol) is one such example of technology that can be recognized as unified PEA mechanism. For the core access network, security associations need be established between between a mobile and a middle box in the core network for different protocols such as Mobile IPv4/v6, SIP, Mobile IPv4/v6, SIP, IPsec IPsec, 802.21 MIH (Media, 802.21 MIH (Media-Independent Independent Handover) protocol. A single sign-on mechanism based on network access long term credentials may be needed to bootstrap security associations for different protocols.
Yu Zheng et al. have proposed trusted computing based security architecture for 4G networks: The security framework based on Trusted Mobile Platform (TMP) and PKI is mentioned to provide a considerable robust platform for user's access to sensitive service and data in the scenario of 4G systems. Over this framework, with the combination of password and biometric identification (BI) as well as public key-based identification, an efficient hybrid authentication and key agreement (HAKA) scheme is presented to resist the possible attacks, particularly the attacks on/from ME. Compared with 3G architecture and other security schemes for 4G mobile networks, architecture and corresponding HAKA has been mentioned to be more secure, scalable and convenient to support globe mobility and capable of being employed to handle the complicated security issues in 4G mobile networks.
No comments:
Post a Comment