Extensible Authentication (EAP) Protocol Integrations in the Next Generation Cellular Networks

Authentication is an important part of the authentication authorization and accounting (AAA) schemes and the extensible authentication protocol (EAP) is a universally accepted framework for authentication commonly used in wireless networks and point-to-point protocol (PPP) connections. The main focus of this chapter is the technical details to examine how EAP is integrated into the architecture of next generation networks (NGN), such as in worldwide interoperability for microwave access (WiMAX), which is defined in the IEEE 802.16d and IEEE 802.16e standards and in current wireless protocols, such as IEEE 802.11i. This focus includes an overview of the integration of EAP with IEEE 802.1x, remote authentication dial in user service (RADIUS), DIAMETER, and pair-wise master key version (2PKv2).

Security and Privacy Approaches for Wireless Local and Metropolitan Area Networks (LANs & MANs)

Wireless communications are becoming ubiquitous in homes, offices, and enterprises with the popular IEEE 802.11 wireless local area network (LAN) technology and the up-and-coming IEEE 802.16 wireless metropolitan area networks (MAN) technology. The wireless nature of communications defined in these standards makes it possible for an attacker to snoop on confidential communications or modify them to gain access to home or enterprise networks much more easily than with wired networks. Wireless devices generally try to reduce computation overhead to conserve power and communication overhead to conserve spectrum and battery power. Due to these considerations, the original security designs in wireless LANs and MANs used smaller keys, weak message integrity protocols, weak or one-way authentication protocols, and so forth. As wireless networks became popular, the security threats were also highlighted to caution users. A security protocol redesign followed first in wireless LANs and then in wireless MANs. This chapter discusses the security threats and requirements in wireless LANs and wireless MANs, with a discussion on what the original designs missed and how they were corrected in the new protocols. It highlights the features of the current wireless LAN and MAN security protocols and explains the caveats and discusses open issues. Our aim is to provide the reader with a single source of information on security threats and requirements, authentication technologies, security encapsulation, and key management protocols relevant to wireless LANs and MANs.

Fault Tolerant Topology Design for Ad Hoc and Sensor Networks

Fault tolerance is one of the premier system design desiderata in wireless ad hoc and sensor networks. It is crucial to have a certain level of fault tolerance in most of ad hoc and sensor applications, especially for those used in surveillance, security, and disaster relief. In addition, several network security schemes require the underlying topology provide fault tolerance. In this chapter, we will review various fault tolerant techniques used in topology design for ad hoc and sensor networks, including those for power control, topology control, and sensor coverage.

Access Security in UMTS and IMS

Motivated by the requirements for higher data rate, richer multimedia services, and broader radio range wireless mobile networks are currently in the stage evolving from the second-generation (2G), for example, global system for mobile communications (GSM), into the era of third-generation (3G) or beyond 3G or fourth-generation (4G). Universal mobile telecommunications system (UMTS) is the natural successor of the current popular GSM (http://www.3gpp.org) code division multiple access 2000 (CDMA2000) is the next generation version for the CDMA-95, which is predominantly deployed in North America and North Korea. Time division-sychrononous CDMA (TD-SCDMA) is in the framework of 3rd generation partnership project 2 (3GPP2) and is expected to be one of the principle wireless technologies employed in China in the future (http://www.3gpp.org; 3G TS 35.206). It is envisioned that each of three standards in the framework of international mobile telecommunications- 2000 (IMT-2000) will play a significant role in the future due to the backward compatibility, investment, maintenance cost, and even politics.

Multimedia Encryption and Watermarking in Wireless Environment

In a wireless environment, multimedia transmission is often affected by the error rate; delaying; terminal’s power or bandwidth; and so forth, which brings difficulties to multimedia content protection. In the past decade, wireless multimedia protection technologies have been attracting more and more researchers. Among them, wireless multimedia encryption and watermarking are two typical topics. Wireless multimedia encryption protects multimedia content’s confidentiality in wireless networks, which emphasizes on improving the encryption efficiency and channel friendliness. Some means have been proposed, such as the format-independent encryption algorithms that are time efficient compared with traditional ciphers; the partial encryption algorithms that reduce the encrypted data volumes by leaving some information unchanged; the hardware-implemented algorithms that are more efficient than software based ones; the scalable encryption algorithms that are compliant with bandwidth changes; and the robust encryption algorithms that are compliant with error channels. Compared with wireless multimedia encryption, wireless multimedia watermarking is widely used in ownership protection, traitor tracing, content authentication, and so forth. To keep low cost, a mobile agent is used to partitioning some of the watermarking tasks. To counter transmission errors, some channel encoding methods are proposed to encode the watermark. To keep robust, some means are proposed to embed a watermark into media data of low bit rate. Based on both watermarking and encryption algorithms, some applications arise, such as secure multimedia sharing or secure multimedia distribution. In this chapter, the existing wireless multimedia encryption and watermarking algorithms are summarized according to the functionality and multimedia type; their performances are analyzed and compared; the related applications are presented; and some open issues are proposed.

Architecture and Protocols for Authentication, Authorization, and Accounting in the Future Wireless Communications Networks

The architecture, and protocols for authentication, authorization, and accounting (AAA) are one of the most important design considerations in third generation (3G)/fourth generation (4G) telecommunication networks. Many advances have been made to exploit the benefits of the current systems based on the protocol remote authentication dial in user service (RADIUS)protocol, and the evolution to migrate into the more secure, robust, and scalable protocol Diameter. Diameter is the protocol of choice for the IP multimedia subsystem (IMS) architecture, the core technology for the next generation networks. It is envisioned that Diameter will be widely used in various wired and wireless systems to facilitate robust and seamless AAA. In this chapter, we provide an overview of the major AAA protocols RADIUS and Diameter, and we discuss their roles in practical 1xEV-DO network architectures in the three major network tiers: access, distribution, and core. We conclude the chapter with a short summary of the current and future trends related to the Diameter-based AAA systems.

Vulnerability Analysis and Defenses in Wireless Networks

This chapter shows that the security challenges posed by the 802.11 wireless networks are manifold and it is therefore important to explore the various vulnerabilities that are present with such networks. Along with other security vulnerabilities, defense against denial of service attacks is a critical component of any security system. Unlike wired networks where denial of service attacks has been extensively studied, there is a lack of research for preventing such attacks in wireless networks. In addition to various vulnerabilities, some factors leading to different types of denial of service (DoS) attacks and some defense mechanisms are discussed in this chapter. This can help to better understand the wireless network vulnerabilities and subsequently more techniques and procedures to combat these attacks may be developed by researchers.

Security Architectures for B3G Mobile Networks

The integration of heterogeneous mobile/wireless networks using an IP-based core network materializes the beyond third generation (B3G) mobile networks. Along with a variety of new perspectives, the new network model raises new security concerns, mainly, because of the complexity of the deployed architecture and the heterogeneity of the employed technologies. In this chapter, we examine and analyze the security architectures and the related security protocols, which are employed in B3G networks focusing on their functionality and the supported security services. The objectives of these protocols are to protect the involved parties and the data exchanged among them. To achieve these, they employ mechanisms that provide mutual authentication as well as ensure the confidentiality and integrity of the data transferred over the wireless interface and specific parts of the core network. Finally, based on the analysis of the security mechanisms, we present a comparison of them that aims at highlighting the deployment advantages of each one and classifies the latter in terms of: (1) security, (2) mobility, and (3) reliability.

Bluetooth Devices Effect on Radiated EMS of Vehicle Wiring

The electromagnetic energy source used by wireless communication devices in a vehicle can cause electromagnetic compatibility problems with the electrical and electronic equipment on board. This work is focused on the radiated susceptibility (electromagnetic susceptibility [EMS]) issue and proposes a method for quantifying the electromagnetic influence of wireless radio frequency (RF) transmitters on board vehicles. The key to the analysis is the evaluation of the relation between the electrical field emitted by a typical Bluetooth device operating close to the automobile’s electrical and electronic systems and the field level specified by the electromagnetic compatibility (EMC) directive 2004/104/EC for radiated susceptibility tests. The chapter includes the model of a closed circuit structure emulating an automobile electric wire system and the simulation of its behaviour under electromagnetic fields’ action. According to this a physical structure is designed and implemented, which is used for laboratory tests. Finally, simulated and experimental results are compared and the conclusions obtained are discussed.

Evaluating Security Mechanisms in Different Protocol Layers for Bluetooth Connections

Security is always an important factor in wireless connections. As with all other existing radio technologies, the Bluetooth standard is often cited to suffer from various vulnerabilities and security inefficiencies while attempting to optimize the trade-off between performance and complementary services including security. On the other hand, security protocols like IP secure (IPsec) and secure shell (SSH) provide strong, flexible, low cost, and easy to implement solutions for exchanging data over insecure communication links. However, the employment of such robust security mechanisms in wireless realms enjoins additional research efforts due to several limitations of the radio-based connections, for example, link bandwidth and unreliability. This chapter will evaluate several Bluetooth personal area network (PAN) parameters, including absolute transfer times, link capacity, throughput, and goodput. Experiments shall employ both Bluetooth native security mechanisms, as well as the two aforementioned protocols. Through a plethora of scenarios utilizing both laptops and palmtops, we offer a comprehensive in-depth comparative analysis of each of the aforementioned security mechanisms when deployed over Bluetooth communication links.