Wireless Local Area Network (WLAN)

Chapter 4
 WLAN
Technology
 802.11 standard is defined as a WLAN technology

 Provide networking for a building or campus

environment
 802.11 wireless medium is a perfect fit for local area

networking simply because of the range and speeds that

are defined by the 802.11 standards
 Majority of 802.11 wireless network deployments are a

velaible like LANs that provide access at businesses and

homes.
 ---- WLAN technology
 WLANs typically use multiple 802.11 access points

connected by a wired network at backbone

 Uses shared medium, all wireless devices have equal access

to the medium
 Uses half duplex

 WLAN reduces physical wires so it's a versatile way of

communication and minimize cost required.

 WLAN also reduces the value of ownership.

 It's easier to connect or remove workstation.

 Wireless LAN standards
Standards specify the RF spectrum used, data rates, how

the information is transmitted etc

IEEE 802.11 standard governs the WLAN environment

The four amendments of IEEE 802.11 standard that describe

different characteristics for wireless communication are

802.11a

802.11b

802.11g

802.11n
 802.11a
Uses 5 GHz RF spectrum band

Not compatible with 2.4 GHz spectrum, i.e. 802.11b/g/n

devices
Range is approximately 33% that of the 802.11 b/g

Maximum data rate 54mbps

Relatively expensive to implement compared to other

technologies
Increasingly difficult to find 802.11a compliant equipment

Has 12 to 23 clean channels depending on the country

 802.11b
Operate on 2.4GHz to 2.4835GHz radio band
Maximum data rate 11mbps.
Range of approximately 46 m (150 ft) indoors/96 m (300
ft.) outdoors
Have 3 clean channels

802.11g
2.4 GHz technologies
Maximum data-rate increase to 54 Mbps
Same range as the 802.11b
Backward compatible with 802.11b
Have 3 clean channels
 802.11n
 Uses multiple-input, multiple-output (MIMO) technology.

 MIMO is a wireless technology that uses multiple transmitters and

receivers to transfer more data at the same time.

 2.4 GHz technologies (draft standard specifies support for 5 GHz)

 Extends the range and data throughput because it uses multiple receiving

& transmitting antenna

 Backward compatible with existing 802.11g and 802.11b equipment

(draft standard specifies support for 802.11a)

 Range it cover 250 m

 Maximum data rate 540mbps

 Wireless LAN Components

all components within the WLAN adhere to the

standard, or are at least compatible with the

standard
 Components that must be considered in a WLAN include:

a wireless client or STA,

an Access Point,

 a Wireless Bridge and

an antenna.
 Wireless client
Any host device that can participate in a wireless

network.
Can either be stationary or mobile

referred to as a STA, short for station

Examples include: Desktops if equipped with the

proper wireless NIC and software, laptops, PDAs,

printers, projectors, storage devices and digital
cameras.
 ACCESS POINT

Controls access between a wired and a wireless network

Acts as a media converter accepting the Ethernet frames

from the wired network and converting them to 802.11

compliant frames before transmitting them on the
WLAN and vice versa
Support wireless connections within a limited area,

known as a cell or Basic Service Set (BSS)

 Wireless Bridge
 Used to connect two wired networks through a wireless link
 Allows long-range point-to-point connections between networks
 Using wireless bridge RF frequencies, networks 40km(25miles)
or more apart can be connected without the use of wires
 Bridge is very important to connect networks in uncomforted
area such as rivers.
Antennas
 Used on APs and Wireless bridges
 It is important to radiate and receive signals from and to the
device.
 Increases the output signal strength from a wireless device
 Receives wireless signals from other devices such as STAs
 …Antennas
Increase in signal strength from an antenna is known as
the gain
Higher gains usually translate into increased
transmission distances.
Types of antenna according to the way they radiate the
signal.
Directional: concentrates the entire signal strength into
one direction and achieve great transmission distance.
Used in wireless bridges
Omni-directional: designed to emit signal equally in all
directions.
 Used in APs
 WLANs and the SSID
SSID is stands to Service set Identifier
It is the name of the network for a particular area called cell
SSID is used to make sure that the wireless components are
connected to the appropriate network
SSID is a case sensitive, alpha-numeric string (32
characters)
It is used to tell the wireless devices to which WLAN they
belong to and with which other devices they can
communicate
All wireless devices in a WLAN must be configured with
the same SSID in order to communicate.
Basic forms of WLAN installation
Ad-hoc
Infrastructure mode

Ad-hoc mode
 Is the simplest form of a wireless network
 Created by connecting two or more wireless clients together in a
peer-to-peer network
 Does not include AP
 All the clients are equal
 Good for small network
 Used to exchange files and information b/n devices without the
expense and complexity of purchasing and configuring an AP
 The area covered by this network is called IBSS (Independent
Basic Service Set )
 INFRASTRUCTURE MODE
Used in larger networks which require a single device that
controls communications in the wireless cell.
Uses AP to control who can talk and when
Individual STAs can not communicate directly with each
other.
To communicate each device must obtain permission from
the AP
The AP ensures that all STAs have equal access to the
medium
The area covered by a single AP is known as BSS or Cell
BSS is the smallest building block of a WLAN
To expand the coverage area, it is possible to connect
multiple BSSs through a Distribution System. This forms an
ESS(extended service set)
BSSs must overlap by ~10% to allow movement b/n the
cells without loss of signal.
This allows the client to connect to the second AP before
disconnecting from the first AP.
 Wireless Channel

 A way to control conversation b/n sender and receiver in

wireless network
 Channels are created by dividing up the available RF
spectrum
 Each channel is capable of carrying a different
conversation.
 Multiple APs can function in close proximity to one
another as long as they use different channels for
communication
 each wireless conversation use separate channel.
 Wireless technology uses CSMA/CA access method to ensure
that collisions do not occur
 CSMA/CA creates a reservation on the channel for use by a
specific conversation.
 While a reservation is in place, no other device may transmit
on the channel thus possible collisions are avoided.
 Channel Reservation Process
 Request To Send (RTS)
 Clear To Send(CTS): it is a broadcast message
 Data
 ACK (Acknowledgement): broadcast message
 CONFIGURING THE ACCESS POINT
Once the choice of wireless standard, layout and channel
assignment have been made it is time to configure the AP.
Most integrated routers offer both wired and wireless
connectivity and serve as the AP in the wireless network.
Basic configuration settings such as passwords, IP
addresses, and DHCP settings are the same whether the
device is being used to connect wired or wireless hosts.
Basic configuration tasks, such as changing the default
password, Network Name, should be conducted before the
AP is connected to a live network.
GUI of LINKSYS Access Point
 WIRELESS MODE
Wireless Network Mode determines the type of technology
that must be supported.
Most home AP devices can support various modes, mainly
802.11B, 802.11G and 802.11N.
Although these all use the 2.4 GHz range, each uses a
different technology to obtain its maximum throughput.
The type of mode enabled on the AP depends on the type
of host connecting to it.
If only one type of host connects to the AP device, set the
mode to support it.
If multiple types of hosts will connect, select Mixed mode.
 Service Set Identifier(SSID)
The SSID is used to identify the WLAN.

All devices that wish to participate in the WLAN must use

the same SSID.

To allow easy detection of the WLAN by clients, the SSID

is broadcast.
It is possible to disable the broadcast feature of the SSID. If

the SSID is not broadcast; wireless clients will not be

connected , so it needs manually configured.
 Wireless Channel
Wireless channel specifies the channel over which
communication will occur. The choice of channel for an
AP must be made relative to the other wireless networks
around it.
Adjacent BSSs must use non-overlapping channels in
order to optimize throughput.
Most APs now offer a choice to manually configure the
channel or allow the AP to automatically locate the least
congested channel or locate the one that offers maximum
throughput.
 r 4
p te
c h a
o f
n d ?
E
CHAPTER FIVE
WLAN SECURITY
 Why people attack WLANs?

 Ease of connectivity and the transmission of information through

the air makes WLAN vulnerable to interception and attacks.
 The attacker does not need physical connection to any of your
devices to access your network
 The attacker can access your network from any location your
wireless signal reaches.
 Once they have access to your network
 The attacker can use internet service for free,

 access computer to damage files,

 steal personal and private information

 Network resources can also be damaged

 upload data such as viruses, Trojan horse applications,

keystroke loggers, or remote control applications.

 Wireless Attacks and Cyber Security

Wireless Attacks commuted on WLAN

 Rogue Wireless Devices
 Eavesdropping
 Encryption Cracking
 Authentication Attacks
 MAC Spoofing
 Wireless Hijacking
 Denial of Service (DoS)
 Social Engineering
2
 Rogue Wireless Devices

 A rouge access point is basically an access point that has been added to one's
network without one's knowledge. One totally has no idea that it is there.
 A rogue access point is any unauthorized Wi-Fi device that is not under the
management of the proper network administrators
 is a potential open and unsecured gateway straight into the wired infrastructure
 example, if a user visits a banking website and tries to deposit money into an
account, a rogue access point can redirect the deposit to an attacker's account.

3
 Eavesdropping attack
 An eavesdropping attack, hackers listen in on data that flows
through the network.
 This gives them access to things like passwords, identifying
details, and credit card numbers.
 An eavesdropping attack occurs when a hacker intercepts,
deletes, or modifies data that is transmitted between two
devices.
 Eavesdropping, also known as sniffing or snooping, relies on
unsecured network communications to access data in transmit
between devices.
 example of eavesdrop is to listen to your neighbors'
argument through a vent in your apartment.

33
 Eavesdropping

 Access to wireless transmissions is available to anyone within listening range, and therefore strong

encryption is mandatory.

 Casual eavesdropping is sometimes referred to as WLAN discovery using programs such as

inSSIDer, NetStumbler, and iStumbler. Also known as War driving i.e. the act of looking for

wireless networks, usually while in a moving vehicle using programs like NetStumbler.

(harmless)

 Malicious eavesdropping, the unauthorized use of 802.11 protocol analyzers to capture wireless

communications (illegal).

 802.11 protocol analyzers used by network administrators for analyzing and troubleshooting

their own wireless networks

 (WIDS) cannot detect malicious eavesdropping

 Any clear text communications such as email, FTP, Web pages, instant messages, VoIP packets

and Telnet passwords can be captured if no encryption is provided.

34
 Authentication attack

What is authentication ?
 Authentication is the process of verifying the identity of a

person or device.
 Authentication attack allows an attacker to guess a person's user

name, password, credit card number, or cryptographic key by

using an automated process of trial and error.
 It is a simple yet reliable tactic for gaining unauthorized access

to individual accounts and organizations' systems and networks.

 hackers take advantage of the fact that most users have multiple

accounts and tend to use the same user name and password for
each.
 Example: use club name, his name etc as user name and
password
35
 MAC Spoofing

What is a MAC spoofing attack?

 A MAC spoofing attack consists of changing the MAC address of a
network device.
 As a result, an attacker can redirect data sent to a device to another
device and gain access to this data.
 Wi-Fi vendors often provide MAC filtering capabilities on their Aps
 MAC spoofing can be achieved by editing the wireless card’s MAC
address in Device Manager or by performing a simple edit in the
Registry. Or using third-party software utilities.

36
 Wireless Hijacking

 Also known as the evil twin attack.

 The attacker configures access point software on a laptop, effectively turning a Wi-Fi

client card into an access point.

 The access point software is configured with the same SSID that is used by a public

hotspot access point.

 The attacker then sends spoofed disassociation or deauthentication frames, forcing

users associated with the hotspot AP to roam to the evil twin AP. At this point, the

attacker has effectively hijacked wireless clients at layer 2 from the original AP

 an RF jammer can also be used to force any clients to roam to an evil twin AP.

37
 Wireless hijacking

 This occurs in situations where the attacker configures their

laptop to broadcast as a wireless access point, using the
same SSID as a public hotspot.
 They then sit back and unsuspecting victims end up connecting
to it, thinking it is the genuine public hotspot.

38
 Some cyber crime committed using WLAN

Cyber terrorism
 An act of terrorism committed by the use of cyberspace
or computer network
 For instance, a straightforward advertisement on the
Internet, that there will be bomb attacks in certain places
 A cyber terrorist is someone who intimidates or forces
the government or organization to spread his social
objectives by initiating a computer-based attack hostile
to computers,
 network and the information stored on them

5
 Salami Attacks

 Salami attacks are utilized for the payment of financial crimes

 When small attacks add up to one major attack that can go undetected
due to the nature of this type of cyber crime,
 For instance, programmer make a hack and gain little money in each
transaction from a bank.
Denial of service attack (DoS):
 Preventing accessing the system or accounts like email by sending
unwanted data and make stress the system.
 Flooding a computer resource with more requests than that computer
can handle
6
 Virus/Worm Attacks

 Viruses are those programmers that attach themselves to

a computer or a file and then move themselves to other
files and to other computers connected on a network
 They generally affect the data on a computer, either by
modifying or deleting it
 Worms, unlike viruses do not require the host to attach
them
 Worms make functional replica of themselves and do
this repeatedly till they consume all the available space
on the computer’s memory

8
 Cyber Squatting

 Cyber squatters call their domain name like to be popular service

provider’s domain name so as to attract their users and take
advantage of the name factor.
 Which is done purposely using similar domain name to attrack
customers of other that have popular domain name.
 Example Addis needs to similar with Addidas,
 Albaba needs to similar with alibaba,
 Macrosoft needs to similar with Microsoft

9
 Cyber Smearing

 The intentional violation of another person’s right to his good

name.
 For instance, somebody distributes information assassinating his
character on a website or sends e- mails with malicious
information to every friend of that person.
 disturb some once good behavior using social media

11
 3.3.1 WLAN Security

Wireless networking require special security features and implementation methods

to help protect your WLAN from attacks.
Some of Security measure taken to prevent our network from attacker are as
Follow.
 Limiting Access to a WLAN
 MAC Address Filtering
 Authentication on a WLAN
 Open Authentication
 Pre-shared keys (PSK)
 Extensible Authentication Protocol (EAP)
 Encryption on a WLAN
 Wired Equivalency Protocol (WEP)
 Wi-Fi Protected Access (WPA)

 Traffic filtering on a WLAN

 Intrusion Monitoring
 Wireless Intrusion Detection System(WIDS)
 44
 5.3.1 Limiting Access to a WLAN

 One way to limit access to your wireless network is to control exactly which devices can
gain access to your network.
 This can be accomplished through filtering of the MAC address.

MAC Address Filtering

 MAC address filtering uses the MAC address to identify which devices are allowed to
connect to the wireless network.
 Before filtering MAC address the device must connect to the network to get MAC address.
 When a wireless client attempts to connect, or associate, with an AP it will send MAC
address information.
 If MAC filtering is enabled, the wireless router or AP will look up its MAC address a
preconfigured list.
 The network admin can limit users by prevent or make allow to access the service
13
 Cont.

 MAC addresses of all devices that should have access to the network be
included in the database before connection attempts occur.
 Preventing user from connecting into the network avoiding from database

46
 Authentication on a WLAN

 Another way to control who can connect is to implement

authentication.
 Authentication is the process of permitting entry to a network.
 It verify that the device attempting to connect to the network is
trusted.
 The use of a username and password is a most common form of
authentication.
 Authentication, if enabled, must occur before the client is
allowed to connect to the WLAN.
 There are three types of wireless authentication methods: open
authentication, PSK and EAP.

47
 Open Authentication

 By default, wireless devices do not require authentication.

 Some business need open authentication that makes all clients are able
to associate regardless of who they are.
 This is referred to as open authentication.
 Open authentication mostly used in public wireless networks such as
wireless network used in schools and restaurants.
 It can also be used on networks where authentication will be done by
other means once connected to the network.
 Other wise use strong and complex password to protect unauthorized
user accessing your device
48
 Cont.

 Pre-shared keys (PSK)

 With PSK both the AP and client must be configured with the same key
or secret word.
 The AP sends a random string of bytes to the client.
 The client accepts the string, encrypts it (or scrambles it) based on the
key, and sends it back to the AP.
 The AP gets the encrypted string and uses its key to decrypt (or
unscramble) it.
 If the decrypted string received from the client matches the original
string sent to the client, the client is allowed to connect.
49
 Extensible Authentication Protocol (EAP)

 EAP provides mutual, or two-way, authentication as well as user

authentication.
 When EAP software is installed on the client, the client communicates with
a backend authentication server such as Remote Authentication Dial-in User
Service (RADIUS).
 This backend server functions separately from the AP and maintains a
database of valid users that can access the network.
 When using EAP, the user, not just the host, must provide a username and
password which is checked against the RADIUS database for validity.
 If valid, the user is authenticated.

50
 5.3.3 Encryption on a WLAN

 Authentication and MAC filtering may stop an attacker from

connecting to a wireless network but it will not prevent them
from being able to intercept transmitted data.
 Since there are no distinct boundaries on a wireless network,
and all traffic is transmitted through the air, it is easy for an
attacker to intercept, or sniff the wireless frames.
 Encryption is the process of transforming data so that even if it
is intercepted it is unusable.

51
 Wired Equivalency protocol (WEP)

 Wired Equivalency protocol(WEP) is an advanced security

feature that encrypts network traffic as it travels through the air.
 WEP uses pre-configured keys to encrypt and decrypt data.
 A WEP key is entered as a string of numbers and letters and is
generally 64 bits or 128 bits long.
 In order for WEP to function, the AP, as well as every wireless
device allowed to access the network must have the same WEP
key entered.
 Without this key, devices will not be able to understand the
wireless transmissions.

52
 …Wired Equivalency Protocol (WEP)

 WEP is a great way to prevent attackers from intercepting data.

 However, there are weaknesses within WEP, including the use
of a static key on all WEP enabled devices.
 There are applications available to attackers that can be used to
discover the WEP key.
 These applications are readily available on the Internet.
 Once the attacker has extracted the key, they have complete
access to all transmitted information.

14
 Wi-Fi Protected Access (WPA)

 WPA also uses encryption keys from 64 bits up to 256 bits.

 However, WPA, unlike WEP, generates new, dynamic keys each
time a client establishes a connection with the AP.
 WPA changes its encryption code every time specified on group
update key in Access point.
 For this reason, WPA is considered more secure than WEP
because it is significantly more difficult to crack.

54
 Wireless Intrusion Detection System(WIDS)

 A wireless intrusion detection system (WIDS) monitors the

radio spectrum for the presence of unauthorized,
rogue access points and the use of wireless attack tools.
 The system monitors the radio spectrum used by wireless LANs,
and immediately alerts to a systems administrator whenever a
rogue access point is detected.
 Conventionally it is achieved by comparing the MAC address of
the participating wireless devices.

55
 Wireless Intrusion Prevention System (WIPS)

 Wireless Intrusion Prevention System (WIPS)

 Wireless intrusion prevention system (WIPS) is a network device
that monitors the radio spectrum for the presence of unauthorized
access points (intrusion detection), and can automatically take
countermeasures (intrusion prevention).
 The primary purpose of a WIPS is to prevent unauthorized
network access to local area networks and other information assets
by wireless devices.
 These systems are typically implemented as an overlay to an
existing Wireless LAN infrastructure, although they may be
deployed standalone to enforce no-wireless policies within an
organization.
 Some advanced wireless infrastructure has integrated WIPS
capabilities.
56
 cont
 The following types of threats can be prevented by a good WIPS:
 Rogue access points – WIPS should understand the difference between
rogue APs and external (neighbor’s) APs
 Misconfigured AP
 Client mis-association
 Unauthorized association
 Ad hoc networks
 MAC spoofing
 Evil twin attack
 Denial-of-service attack

57
 i v e
r F
pt e
c ha
of
nd
E

58
 CHAPTER SIX
Mobile (cellular) network
 6.1. Mobile Network

 A cellular network or mobile network is a communication network where the

last link is wireless.
 A cell is a geographical area that defines the cellular coverage zone created by
the base station of a mobile network. The base station, also known as a cell
tower,
 These cells together provide radio coverage over larger geographical areas.
 User equipment (UE), such as mobile phones, is therefore able to
communicate even if the equipment is moving through cells during
transmission.
 Cellular networks give subscribers
 able to move across one cell to an other

 Cover larger geographical coverage area and

 Cells in a Network
 A cell is a geographical area covered by the frequency emitted by a base station
in a cellular network.
 the terms “cellular network” and “cellular phone.” means that a mobile phone
network is divided into thousands of overlapping geographic areas, known as
cells.
 A typical cellular network can be designed as a hexagonal cells, as shown in
Figure 6.1, each with its own base station at the center.
 The cells slightly overlap at the edges to ensure that users always remain within
range of a base station.
 (You don’t want a dropped call when you’re driving between base stations.)

Figure 6.1. Cells in a cellular network.

2
 Cont

 The cells in a cellular network vary in size, depending on how many calls are
conducted within that geographic area.
 The smallest cells, which might cover only a few city blocks, are those where
there’s the heaviest population density, and thus the largest demand for service.
 The largest cells are most often in rural areas with a smaller population per
square mile.

62
 Types Of Cells

 The different types of cells are given different names according to their size and
function:
 Macro cells: Macro cells are large cells that are usually used for remote or sparsely
populated areas. These may be 10 km or possibly more in diameter.
 Micro cells: Micro cells are those that are normally found in densely populated areas
which may have a diameter of around 1 km.
 Pico cells: Pico cells are generally used for covering very small areas such as
particular areas of buildings, or possibly tunnels where coverage from a larger cell in
the cellular system is not possible.
 Obviously for the small cells, the power levels used by the base stations are much

lower and the antennas are not position to cover wide areas.
 In this way the coverage is minimized and the interference to adjacent cells is

reduced.
 Selective cells: Sometimes cells termed selective cells may be used where full 360
degree coverage is not required. They may be used to fill in a hole in the coverage in
the cellular system, or to address a problem such as the entrance to a tunnel etc.
 Umbrella cells: umbrella cell is sometimes used where a heavily used road crosses an
area where there are microcells.
63
 Frequency reuse
 The key characteristic of a cellular network is the ability to re-
use frequencies to increase both coverage and capacity.
 As shown above, adjacent cells must use different frequencies;
however there is no problem with two cells sufficiently far apart
operating on the same frequency.
 The elements that determine frequency reuse are the reuse
distance and the reuse factor.
 The reuse distance, D is calculated as:
 Where R is the cell radius and N is the number of cells per
cluster. Cells may vary in radius from 1 to 30 kilometers. The
boundaries of the cells can also overlap between adjacent cells
and large cells can be divided into smaller cells

64
 6.2. Cellular network Structure

 Cellular network contains a number of different elements from the base

transceiver station (BTS) itself with its antenna back through a base station
controller (BSC), and a mobile switching centre (MSC) to the location
registers (HLR and VLR) and the link to the public switched telephone
network (PSTN).

Figure 6.2.Basic mobile communication structure

65
 Components of Cellular Network

 Mobile Station (MS)

 A Mobile Station is a device used by a mobile user to access the mobile
network.
 The MS typically consists of the mobile telephone equipment and a
Subscriber Identity Module (SIM).

66
 Subscriber Identity Module (SIM)

 The Subscriber Identity Module is a smartcard that is necessary to make use

of a mobile phone.
 The SIM is the key used to identify and authenticate the mobile
subscriber.
 On the SIM is also contain memory available for personalized data, such as
a telephone book and messages.
 The subscriber is identified with an IMSI, International Mobile Subscriber
Identity, and a telephone number.
 The SIM made a clear separation between a mobile phone and a subscriber
possible.
 The subscriber can make use of any mobile phone under his own account if
the SIM card is put in the phone.
 There are two different sizes available, a credit card size and a small size
that is of the size of the chip that is on most credit cards. Nearly all phones
use the small version.

67
 Base Station (BS) or Base Transceiver Station (BTS)

 The Base Transceiver Station (BTS) is a term used to denote a

base station in GSM terminology.
 A BTS is a radio transmitter/receiver which consists of an antenna
and the radio equipment necessary to communicate by radio with a
Mobile Station (MS).
 Each BTS covers a defined area, known as a cell.
 The BTS enables cellular devices to make direct communication with
mobile phones.
 A BTS is under control of a BSC, which is in turn under control of a
MSC (Mobile Switching Centre).
68
 … Base station
 The base station at the center of each group of cells functions as
the hub for those cells.
 RF signals are transmitted by an individual phone and received
by the base station, then re-transmitted from the base station to
another mobile phone.
 Transmitting and receiving are done over two slightly different
frequencies.
 Base stations are connected to one another via central switching
centers which track calls and transfer them from one base
station to another as callers move between cells;
 the handoff is (ideally) is used in adjacent base station.

69
 Base Station Control (BSC)

 The Base Station Controller (BSC) is in control of and

supervises a number of Base Transceiver Stations (BTS).
 The BSC is responsible for the allocation of radio resources to a
mobile call and for the handovers that are made between base
stations under its control.
 Other handovers are under control of the MSC.
 The base station controller (BSC) coordinates with the MSC to
interface with the landline-based PSTN, visitor location register
(VLR), and home location register (HLR) to route the calls
toward different base center controllers.

70
 Mobile Switching Center (MSC)

 The Mobile Switching Centre (MSC) is a telephone exchange

that makes the connection between mobile users within the
network,
 Connect mobile users to the public switched telephone network
and from mobile users to other mobile networks.
 The MSC also administers handovers to neighboring base
stations, keeps a record of the location of the mobile
subscribers, is responsible for subscriber services and billing.

71
 Roaming
 Roaming is the ability for a customer of mobile
communications to automatically make and receive telephone
calls,
 send and receive data, or

 access other services while travelling outside the

geographical coverage area of the home network, by means

of using a network of another operator.
 Roaming can be either national roaming or international
roaming.
 National roaming means that mobile subscribers make use of another
network in geographical areas where their own operator does not have
coverage.
 International roaming is used when mobile subscribers travel abroad and
make use of the network of an operator in the foreign country
72
 Home Location Register (HLR)

 The Home Location Register is a database from a mobile

network in which information from all mobile subscribers is
stored.
 The HLR contains information about the subscriber’s identity,
his/her telephone number, the associated services and general
information about the location of the subscriber.
 The exact location of the subscriber is kept in a
Visitor Location Register.

73
 Visitor Location Register (VLR)

 VLR is a database which contains the exact location of all

mobile subscribers currently present in the service area of MSC
 Visitor Location Register (VLR) is a database that contains
information about the subscribers roaming within a mobile
Switching Center (MSC) location area.
 The primary role of VLR is to minimize the number of queries
that MSCs have to make to the home location register, which
holds permanent data regarding the cellular networks
subscriber.

74
 Public Switched Telephone Network

 The public switched telephone network (PSTN) refers to the

international telephone system that uses copper wires to carry
analog voice data.
 It consists of a collection of individual telephones that are
hardwired to a public exchange.

75
 6.3.1. Creating a Secure Environment

 For end-to-end security you have to consider the entire

environment, including enterprise access, middle-tier
components, and client applications.
 End-to-end security means that the transmission of data is
secure along the entire path from the sender to the receiver—
usually the client application to the enterprise server.
 In this section we examine five objectives involved in creating a
secure mobile or cellular environment.
 Understanding these objectives and the impact they have on
mobile application development is crucial for creating secure
applications.

76
 Authorization

 Authorization is the process of determining the user's level of

access
 whether a user has the right to perform certain actions.
 Once a user is authenticated, the system can determine what that
party is permitted to do.
 Access control lists (ACLs) are often used to help determine this.
 For example, all users may have read-only access to a set of data,
while the administrator, or another trusted source, may also have
write access to the data.
77
 The three pillar of security of a system

 Confidentiality, integrity and availability, also known as the

CIA triad, is a model designed to guide policies for
information security within an organization.
 Confidentiality, integrity, availability is not only cellular system
but also it is the pillar of every functional system
 Confidentiality is about maintaining data privacy, making sure
it cannot be viewed by unwanted parties.
 Confidentiality measures are designed to prevent sensitive
information from unauthorized access attempts.
 Most often, when people are worried about the security of a
system.
 The most common way of preventing this intrusion is by
encrypting the data.
78
 Cont
 Data Integrity involves maintaining the consistency, accuracy and
trustworthiness of data over its entire lifecycle.
 Data integrity is assurance that the data in question has not been altered or
corrupted in any way during the transmission from the sender to the
receiver.
 Data must not be changed in transit, and steps must be taken to ensure data
cannot be altered by unauthorized people.
 This can be accomplished by using data encryption in combination with a
cryptographic checksum
 Which prevents data deletion and modification or ensure that the original
data rich in to its destination.
 Availability means information should be consistently and readily
accessible for authorized parties.
 This involves properly maintaining hardware and technical infrastructure 79
 Non-repudiation

 Nonrepudiation is about making parties accountable for

transactions in which they have participated.
 It involves identifying the parties in such a way that they cannot
deny their involvement in the transaction.
 To accomplish this, each transaction has to be signed with a
digital signature that can be verified and time-stamped by a
trusted third party.

80
 6.3.3. Security Technologies

 Companies need to understand the technologies that are

available to help them minimize security risks.
Cryptography
 The term is derived from the Greek word kryptos, which means
hidden.
 the art of writing or solving codes.
 Cryptography is the study of secure communications
techniques that allow only the sender and intended recipient
of a message to view its contents.
 Cryptography provides for secure communication in the
presence of malicious third-parties—known as adversaries.
Encryption uses an algorithm and a key to transform an input
(i.e., plaintext) into an encrypted output (i.e., ciphertext).
81
 Data Encryption

 The one application of any cryptographic system is encryption,

 It is the process of taking a regular set of data, called plaintext,
and converting it into an unreadable form, called ciphertext.
 Encryption allows you to maintain the privacy of sensitive data,
even when accessed by unauthorized users.
 The only way the data can be read is by transforming it back to
its original form using a process called decryption.
 The method of encryption and decryption is called an algorithm
or cipher.

82
 Digital certificate

 Digital certificate are electronic credentials that are used to

assure the online identities of individual, computers or other
entities in the network.
 the certificate itself also has to be verified to ensure that it
represents the claimed entity (a person or organization).
 This is accomplished using a trusted third party called a
certificate authority (CA).
 Example of CA is IEEE
 One common example is when creating email, require
third part checker may be phone no

83
 Biometrics
 Biometrics provides a wide range of techniques for authenticating an
individual based on his or her unique physical characteristics.
 Such techniques include fingerprint identification, face recognition, voice
recognition, or iris and retina scanning.
 Using biometric techniques, you can ensure that the identification token is
definitely unique.
 biometric systems are growing in popularity due to increased security
concerns among all users.
 While this use of biometrics does improve security, this type of
authentication does have some drawbacks.
 Many of these systems are somewhat intrusive and therefore not widely
accepted by users.
 Some biometric technique can control personal activity without individual
interest.

84
 digital signature

 a digital code (generated and authenticated by public key

encryption) which is attached to an electronically transmitted
document to verify its contents and the sender's identity.
 Example sign with your name in bank with draw

85
Other Security Measures

Firewall
 Firewalls are the most common form of security implemented
within organizations.
 A firewall is a security device in the form of computer hardware
or software.
 It can help protect your network by acting as an intermediary
between your internal network and outside traffic.
 A Firewall is a network security device that monitors and filters
incoming and outgoing network traffic based on an
organization's previously established security policies.

86
 Virtual Private Networks (VPNs)

 A VPN allows a company to turn a public network (most

commonly the Internet) into a private network.
 VPN technology is currently being used to help overcome the
wireless LAN security problems by providing a direct link
through a WLAN past the corporate firewall.

87
 se x
t e r
hap
f c
d o
En

88