secure application deployment with gprs/edge/umts paper begins with an overview of gprs/edge/umts...

Download Secure Application Deployment with GPRS/EDGE/UMTS  paper begins with an overview of GPRS/EDGE/UMTS security that ... GTP General Packet Radio Service (GPRS) Tunneling Protocol HLR Home Location Register

Post on 09-Mar-2018

212 views

Category:

Documents

0 download

Embed Size (px)

TRANSCRIPT

  • Cingular Wireless Developer Program 2005 Cingular Wireless LLC. All rights reserved.

    Secure Application Deployment with GPRS/EDGE/UMTS devCentral White Paper

    Document Number 12792 Revision 6.0 Revision Date 03/28/05

  • devCentral White Paper ii 03/28/05 12792 Rev. 6.0 2005 Cingular Wireless LLC

    Legal Disclaimer

    This document and the information contained herein (collectively, the "Information") is provided to you (both the individual receiving this document and any legal entity on behalf of which such individual is acting) ("You" and "Your") by Cingular Wireless II, LLC, on behalf of itself and its affiliates ("Cingular") for informational purposes only. Cingular is providing the Information to You because Cingular believes the Information may be useful to You. The Information is provided to You solely on the basis that You will be responsible for making Your own assessments of the Information and are advised to verify all representations, statements and information before using or relying upon any of the Information. Although Cingular has exercised reasonable care in providing the Information to You, Cingular does not warrant the accuracy of the Information and is not responsible for any damages arising from Your use of or reliance upon the Information. You further understand and agree that Cingular in no way represents, and You in no way rely on a belief, that Cingular is providing the Information in accordance with any standard or service (routine, customary or otherwise) related to the consulting, services, hardware or software industries. CINGULAR DOES NOT WARRANT THAT THE INFORMATION IS ERROR-FREE. CINGULAR IS PROVIDING THE INFORMATION TO YOU "AS IS" AND "WITH ALL FAULTS." CINGULAR DOES NOT WARRANT, BY VIRTUE OF THIS DOCUMENT, OR BY ANY COURSE OF PERFORMANCE, COURSE OF DEALING, USAGE OF TRADE OR ANY COLLATERAL DOCUMENT HEREUNDER OR OTHERWISE, AND HEREBY EXPRESSLY DISCLAIMS, ANY REPRESENTATION OR WARRANTY OF ANY KIND WITH RESPECT TO THE INFORMATION, INCLUDING, WITHOUT LIMITATION, ANY REPRESENTATION OR WARRANTY OF DESIGN, PERFORMANCE, MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT, OR ANY REPRESENTATION OR WARRANTY THAT THE INFORMATION IS APPLICABLE TO OR INTEROPERABLE WITH ANY SYSTEM, DATA, HARDWARE OR SOFTWARE OF ANY KIND. CINGULAR DISCLAIMS AND IN NO EVENT SHALL BE LIABLE FOR ANY LOSSES OR DAMAGES OF ANY KIND, WHETHER DIRECT, INDIRECT, INCIDENTAL, CONSEQUENTIAL, PUNITIVE, SPECIAL OR EXEMPLARY, INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF BUSINESS PROFITS, BUSINESS INTERRUPTION, LOSS OF BUSINESS INFORMATION, LOSS OF GOODWILL, COVER, TORTIOUS CONDUCT OR OTHER PECUNIARY LOSS, ARISING OUT OF OR IN ANY WAY RELATED TO THE PROVISION, NON-PROVISION, USE OR NON-USE OF THE INFORMATION, EVEN IF CINGULAR HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH LOSSES OR DAMAGES.

  • devCentral White Paper iii 03/28/05 12792 Rev. 6.0 2005 Cingular Wireless LLC

    Revision History

    All marks, trademarks, and product names used in this document are the property of their respective owners.

    Date Revision Description 05/13/03 1.0 Document released. 09/05/03 2.0 New devCentral template applied to document 9/17/03 3.0 Adds references to EDGE. 9/23/03 4.0 Updated Section 1.3, Resources, to include links to referenced

    documentation. 07/16/04 5.0 Updated for new IP/APN services, WAP 2.0 and UMTS. 03/28/05 6.0 Updated to Cingular-branded template.

  • devCentral White Paper iv 03/28/05 12792 Rev. 6.0 2005 Cingular Wireless LLC

    Table of Contents

    1. Introduction .............................................................................................................................................1 1.1 Audience.......................................................................................................................................1 1.2 Contact Information ......................................................................................................................1 1.3 Resources.....................................................................................................................................2 1.4 Terms and Acronyms....................................................................................................................3

    2. GPRS/EDGE/UMTS Security Overview.................................................................................................5

    3. User Authentication ................................................................................................................................9

    4. Network Access Authentication ............................................................................................................10

    5. Encryption.............................................................................................................................................11 5.1 Comparison with CDPD..............................................................................................................13

    6. GPRS/EDGE/UMTS Network Infrastructure ........................................................................................14 6.1 Cingular Wireless Network .........................................................................................................14 6.2 Roaming Scenario ......................................................................................................................14

    7. IP Address Management ......................................................................................................................17

    8. Security Options for Custom Access Point Names (APNs)..................................................................19 8.1 IP Addressing Options for Custom APNs...................................................................................20 8.2 Firewall Options for Custom APNs .............................................................................................21

    9. Commercial Connectivity Services .......................................................................................................23

    10. Customer-Supplied VPN ......................................................................................................................25

    11. WAP Security........................................................................................................................................27

    12. Other Security Topics ...........................................................................................................................36 12.1 Short Message Service (SMS) ...................................................................................................36 12.2 Digital Rights Management ........................................................................................................36 12.3 RIM Blackberry Security .............................................................................................................36 12.4 Application-Level Security ..........................................................................................................37 12.5 SSL-Based Security....................................................................................................................37

    Figures Figure 1: End-to-End Security with GPRS/EDGE .................................................................................... 8 Figure 2: GPRS/EDGE Protocol Diagram Showing Encryption ............................................................. 12 Figure 3: GPRS/EDGE Roaming............................................................................................................ 15 Figure 4: Fixed-End Connectivity Options .............................................................................................. 24 Figure 5: WAP1 Security Architecture .................................................................................................... 28

  • devCentral White Paper v 03/28/05 12792 Rev. 6.0 2005 Cingular Wireless LLC

    Table of Contents

    Figure 6: WAP2 Security Architecture .................................................................................................... 31 Figure 7: WAP Protocols as Deployed (on networks formerly owned by AT&T Wireless)..................... 32

    Tables Table 1: Terms and Acronyms ................................................................................................................ 3 Table 2: Security Implications of Different IP Addresses ...................................................................... 18 Table 3: Security-Related Options and Implications for Custom APNs ................................................ 19 Table 4: Supported WTLS Protocols (for the networks formerly owned by AT&T Wireless) ................ 29 Table 5: Supported SSL Protocols (for the networks formerly owned by AT&T Wireless) ................... 30 Table 6: Recommended SSL Certificate Authorities (for use with networks formerly owned by AT&T

    Wireless ................................................................................................................................... 33

  • devCentral White Paper 1 03/28/05 12792 Rev. 6.0 2005 Cingular Wireless LLC

    Secure Application Deployment with GPRS/EDGE/UMTS

    1. Introduction

    This paper explains how you can securely deploy applications that use the GPRS/EDGE and UMTS networks formerly owned by AT&T Wireless. Unlike the vulnerabilities found with some other popular wireless technologies, GPRS/EDGE/UMTS networks employ robust security architecture with comprehensive security mechanisms. This paper describes these in the following security-related areas:

    Security mechanisms available with GPRS/EDGE/UMTS techno

Recommended

View more >