nach oben

Annals of Telecommunications

Erschienen in:

12.07.2019

A survey on authentication and access control for mobile networks: from 4G to 5G

verfasst von: Shanay Behrad, Emmanuel Bertin, Noel Crespi

Erschienen in: Annals of Telecommunications | Ausgabe 9-10/2019

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

The next generation of mobile networks, 5G, is expected to support a set of multiple requirements and use cases that will create an improved user experience. 5G will also be able to provide a high level of security by considering a variety of security aspects, such as authentication and access control mechanisms. The current protocol in 4G designed to address security is 4G AKA. It presents some weaknesses and vulnerabilities that negatively affect operators’ networks and their subscribers’ security. In designing an authentication and access control mechanism for 5G, it is crucial to evaluate both 4G AKA’s weaknesses and the new requirements of 5G. In this paper, we survey the vulnerabilities of the 4G AKA protocol, as well as the current 5G architectural answers brought by the 3GPP.

Vorheriger Artikel The controller placement problem for robust SDNs against malicious node attacks considering the control plane with and without split-brain

Nächster Artikel Embedded network design to support availability differentiation

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

3GPP (2017) Security Architecture, TS 33.102, Tech. Spec. 14.1.0

3GPP (2017) Security Architecture, TS 33.401, Tech. Spec. 15.1.0

3GPP (2017) Network Architecture, TS 23.002, Tech. Spec. 14.1.0

Cao J, Ma M, Li H, Zhang Y, Luo Z (2014) A survey on security aspects for LTE and LTE-A networks. IEEE Commun Surv Tutorials 16(1):283–302CrossRef

3GPP (2017) Security Architecture and Procedures for 5G System, TS 33.501, Tech. Spec. 995985

3GPP (2018) Numbering, Addressing and Identification, TS 23.003, Tech. Spec. 15.6.0

Forsberg D, Horn G, Moeller W-D, Niemi V (2012) LTE security. Wiley

Tsay J-K, Mjølsnes SF (2012) A vulnerability in the umts and lte authentication and key agreement protocols. In: International Conference on Mathematical Methods, Models, and Architectures for Computer Network Security, pp 65–76

Abdrabou MA, Elbayoumy ADE, El-Wanis EA (2015) LTE authentication protocol (EPS-AKA) weaknesses solution. In: Intelligent Computing and Information Systems (ICICIS), 2015 IEEE Seventh International Conference on, pp 434–441

10.

Park Y, Park T (2007) A survey of security threats on 4G networks. In: Globecom Workshops, 2007 IEEE, pp 1–6

11.

Abdo JB, Demerjian J, Ahmad K, Chaouchi H, Pujolle G (2013) EPS mutual authentication and crypt-analyzing SPAKA. In: Computing, Management and Telecommunications (ComManTel), 2013 International Conference on, pp 303–308

12.

Haddad ZJ, Taha S, Saroit IA (2017) Anonymous authentication and location privacy preserving schemes for LTE-A networks. Egypt Inform J 18:193–203CrossRef

13.

Li X, Wang Y (2011) Security enhanced authentication and key agreement protocol for LTE/SAE network. In: Wireless Communications, Networking and Mobile Computing (WiCOM), 2011 7th International Conference on, pp 1–4

14.

Franklin JV, Paramasivam K (2011) Enhanced authentication protocol for improving security in 3GPP LTE networks. In: Proc. International Conference on Information and Network Technology (ICINT 2011)

15.

Abdo JBB, Chaouchi H, Aoude M (2012) Ensured confidentiality authentication and key agreement protocol for EPS. In: Broadband Networks and Fast Internet (RELABIRA), 2012 Symposium on, pp 73–77

16.

Fouque P-A, Onete C, Richard B (2016) Achieving better privacy for the 3GPP AKA protocol, IACR Cryptology ePrint Archive, vol 2016, p 480

17.

Shaik A, Borgaonkar R, Asokan N, Niemi V, Seifert J-P (2015) Practical attacks against privacy and availability in 4G/LTE mobile communication systems, arXiv preprint arXiv:1510.07563

18.

Bhasker D (2013) 4G LTE security for mobile network operators. Cyber Secur Inf Sys Inf Anal Cent(CSIAC) 1(4):20–29

19.

Cichonski J, Franklin JM, Bartock M (2016) LTE architecture overview and security analysis. NIST Draft NISTIR, vol 8071

20.

Hamandi K, Sarji I, Chehab A, Elhajj IH, Kayssi A (2013) Privacy enhanced and computationally efficient HSK-AKA LTE scheme. In: Advanced Information Networking and Applications Workshops (WAINA), 2013 27th International Conference on, pp 929–934

21.

Khan MSA, Mitchell CJ (2014) Another look at privacy threats in 3G mobile telephony. In: Australasian Conference on Information Security and Privacy, pp. 386–396

22.

Degefa FB, Lee D, Kim J, Choi Y, Won D (2016) Performance and security enhanced authentication and key agreement protocol for SAE/LTE network. Comput Netw 94:145–163CrossRef

23.

Mavoungou S, Kaddoum G, Taha M, Matar G (2016) Survey on threats and attacks on mobile networks. IEEE Access 4:4543–4572CrossRef

24.

Choudhury H, Roychoudhury B, Saikia DK (2012) Enhancing user identity privacy in LTE,” in Trust, Security and Privacy in Computing and Communications (TrustCom), 2012 IEEE 11th International Conference on, pp 949–957

25.

Mjølsnes S, Tsay J-K (2012) Computational security analysis of the UMTS and LTE authentication and key agreement protocols

26.

Qiang L, Zhou W, Cui B, Na L (2014) Security analysis of TAU procedure in LTE network,” in P2P, Parallel, Grid, Cloud and Internet Computing (3PGCIC), 2014 Ninth International Conference on, pp 372–376

27.

Escudero-Andreu G, Raphael CP, Parish DJ (2012) Analysis and design of security for next generation 4G cellular networks. In: The 13th annual post graduate symposium on the convergence of telecommunications, networking and broad-casting (PGNET)

28.

3GPP (2009) Rationale and Track of Security Decisions in Long Term Evolved (LTE) RAN / 3GPP System Architecture Evolution, TR 33.821, Tech. Report. 1031871

29.

Hamandi K, Sarji I, Elhajj IH, Chehab A, Kayssi A (2013) W-AKA: privacy-enhanced LTE-AKA using secured channel over Wi-Fi. In: Wireless Telecommunications Symposium (WTS), 2013, pp 1–6

30.

Bikos AN, Sklavos N (2013) LTE/SAE security issues on 4G wireless networks. IEEE Secur Priv 11(2):55–62CrossRef

31.

Alt S, Fouque P-A, Macario-Rat G, Onete C, Richard B (2016) A cryptographic analysis of UMTS/LTE AKA. In: International Conference on Applied Cryptography and Network Security, pp 18–35

32.

Arapinis M et al (2012) New privacy issues in mobile telephony: fix and verification. In: Proceedings of the 2012 ACM conference on computer and communications security, pp 205–216

33.

Lee M-F, Smart NP, Warinschi B, Watson GJ (2014) Anonymity guarantees of the UMTS/LTE authentication and connection protocol. Int J Inf Secur 13(6):513–527CrossRef

34.

Othmen S, Zarai F, Obaidat MS, Belghith A (2013) Re-authentication protocol from WLAN to LTE (ReP WLAN-LTE) In: Global Communications Conference (GLOBECOM), 2013 IEEE, pp 1446–1451

35.

El Idrissi YEH, Zahid N, Jedra M (2012) Security analysis of 3GPP (LTE)—WLAN interworking and a new local authentication method based on EAP-AKA. In: Future Generation Communication Technology (FGCT), 2012 International Conference on, pp 137–142

36.

Mun H, Han K, Kim K (2009) 3G-WLAN interworking: security analysis and new authentication and key agreement based on EAP-AKA. In: Wireless Telecommunications Symposium, WTS 2009, 2009, pp 1–8

37.

Alliance N (2015) 5G white paper, Next generation mobile networks, white paper

38.

Schneider P, Horn G (2015) Towards 5G security. In: Trustcom/BigDataSE/ISPA, 2015 IEEE, vol 1, pp 1165–1170

39.

5G Ensure Project (2016) Deliverable D2.4 Security Architecture (draft)

40.

Li J, Wen M, Zhang T (2016) Group-based authentication and key agreement with dynamic policy updating for MTC in LTE-A networks. IEEE Internet Things J 3(3):408–417CrossRef

41.

Su W-T, Wong W-M, Chen W-C (2016) A survey of performance improvement by group-based authentication in IoT. In: Applied System Innovation (ICASI), 2016 International Conference on, pp 1–4

42.

Giustolisi R, Gerhmann C (2016) Threats to 5G group-based authentication. In: 13th International Conference on Security and Cryptography (SECRYPT 2016), 26–28 July 2016, Madrid, Spain

43.

Foukas X, Patounas G, Elmokashfi A, Marina MK (2017) Network slicing in 5G: survey and challenges. IEEE Commun Mag 55(5):94–100CrossRef

44.

Chatras B, Kwong UST, Bihannic N (2017) NFV enabling network slicing for 5G. In: Innovations in Clouds, Internet and Networks (ICIN), 2017 20th Conference on, pp 219–225

45.

Ordonez-Lucena J, Ameigeiras P, Lopez D, Ramos-Munoz JJ, Lorca J, Folgueira J (2017) Network slicing for 5G with SDN/NFV: concepts, architectures, and challenges. IEEE Commun Mag 55(5):80–87CrossRef

46.

Katsalis K, Nikaein N, Schiller E, Ksentini A, Braun T (2017) Network slices toward 5G communications: slicing the LTE network. IEEE Commun Mag 55(8):146–154CrossRef

47.

Rost P, Mannweiler C, Michalopoulos DS, Sartori C, Sciancalepore V, Sastry N, Holland O, Tayade S, Han B, Bega D, Aziz D, Bakker H (2017) Network slicing to enable scalability and flexibility in 5G mobile networks. IEEE Commun Mag 55(5):72–79CrossRef

48.

5G Ensure Project (2016) Deliverable D2.1 Use Cases

49.

5GPP (2017) 5G PPP Phase1 Security Landscape, white paper

50.

3GPP (2017) System Architecture for the 5G System, TS 23.501, Tech. Spec. 4356743

51.

3GPP (2017) Study of Security Aspects of the Next Generation System, TR 33.899, Tech. Report. 19482209

52.

Han C-K, Choi H-K (2014) Security analysis of handover key management in 4G LTE/SAE networks. IEEE Trans Mob Comput 13(2):457–468CrossRef

Titel: A survey on authentication and access control for mobile networks: from 4G to 5G
verfasst von: Shanay Behrad
Emmanuel Bertin
Noel Crespi
Publikationsdatum: 12.07.2019
Verlag: Springer International Publishing
Erschienen in: Annals of Telecommunications / Ausgabe 9-10/2019
Print ISSN: 0003-4347
Elektronische ISSN: 1958-9395
DOI: https://doi.org/10.1007/s12243-019-00721-x

Neuer Inhalt

Bildnachweise

VDI-Icon, Profil Icon, inhalt2, Springer Professional Modul/© Springer Fachmedien Wiesbaden GmbH, Die Gewinner und Laudatoren des Sustainability Award in Automotive 2024/© Uli Regenscheit | ATZlive, Search Icon, Banner Hanser, Sebastian Glenschek/© Hermes International, Dinko Eror/© Red Hat GmbH, Suresh Vittal/© Alteryx, Zeitschrift Wissensmanagement Cover, PatentFit-Logo/© Springer Fachmedien Wiesbaden GmbH, ATZ-Webinar: Prototypenfreie Entwicklung durch Offline- und Driver-in-the-Loop-HiL-Tests /© (c) VI-grade, chassis.tech plus 2023/© [M] ATZlive / TÜV SÜD PRODUCT SERVICE GMBH, adäsion-Webinar-Matinee/© krystiannawrocki_ Getty Images

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Weitere Artikel der Ausgabe 9-10/2019

The controller placement problem for robust SDNs against malicious node attacks considering the control plane with and without split-brain

Multi-cloud cooperative intrusion detection system: trust and fairness assurance

Techniques for smart and secure 5G softwarized networks

DAReSch: deadline-aware request scheduling for cloud storage services

Embedded network design to support availability differentiation

Algorithms for the design of 5G networks with VNF-based Reusable Functional Blocks

Neuer Inhalt

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.