Abstract
In order to predict the future one needs to understand the past and then interpolate as best as possible. We expect this to work reasonably well for a “2020 Scenario”, but we do not expect this approach to be valid for a “Beyond 2020” scenario.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
We make a clear distinction between the concept security service and methods to realize the service (the security methods and measures). That is, entity authentication is a security service. It may for instance be realized by a challenge-response security protocol (the method).
- 2.
By data integrity we here specifically mean cryptographic data integrity and not transmission oriented data integrity. That is, the data is cryptographically protected against willful modification. Only an entity that has the correct cryptographic key will be able to modify the data. Note however that an intruder may be able to delete data (this may or may not be detectable by the legitimate parties).
- 3.
These may well be due to service usage at higher layers. A subscriber with particular browsing habits or other similar measurable parameters will exhibit statistically distinguishable patterns that can be detected and traced at the physical radio layer. This would be a particular case of traffic flow based tracing (i.e., lack of traffic flow confidentiality).
- 4.
Again, the decision should not normally be forwarded to the subscriber/user, but should be taken by the system (here the home operator) since subscriber/users are notoriously bad decision makers when it comes to assessing trust and risk [18].
- 5.
Note that the relationship between the subscriber and home operator is asymmetric (the home operator have security jurisdiction over the subscriber in the traditional cellular architectures).
- 6.
We here distinguish between cryptoanalytic attacks on the cryptographic primitive and attacks on the composition of primitives in the protocols. Incorrect use of cryptographic primitives may result in a weak protocol even if the cryptographic primitive itself isn’t broken. The opposite is also true, a provably secure protocol may be compromised by a weak cryptographic primitive (or from using inadequate key length etc).
- 7.
Handover User Part and Mobile User Part respectively.
- 8.
Then the famous problem P = NP will be resolved and forced into the P domain by quantum computations.
- 9.
The SECOQC white paper provides a reasonable introduction to the field, without going into the details of quantum mechanics.
References
3GPP TS 33.106, 3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; 3G Security; Lawful Interception requirements (Release 6), 3GPP (2004)
3GPP TS 33.102, 3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; 3G Security; Security architecture (Release 6) (Sophia Antipolis, Valbonne, France, December 2004)
D. Brin, The Transparent Society (Perseus books, Reading, MA, 1998)
S. Goldwasser, Multi Party Computations: Past and Present, in Proceedings of the Sixteenth Annual ACM Symposium on Principles of Distributed Computing (Santa Barbara, California, United States, ACM, 1997)
D. Dolev, A. Yao, On the security of public-key protocols. IEEE Trans. Inf. Theory 29(2), 198–208 (1983)
ETSI SR 002 180, Requirements for communications of citizens with authorities/organizations in case of distress (emergency call handling), ETSI (Sophia Antipolis, Valbonne, France, December 2003)
ETSI SMG, GSM TS 02.09 v6.0.1; Security aspects, ETSI (Sophia Antipolis, Valbonne, France, May 1999)
ETSI SMG, GSM TS 03.20 v6.0.1; Security related network functions, ETSI (Sophia Antipolis, Valbonne, France, July 1999)
ETSI SMG, GSM TS 02.17 v5.0.1; Subscriber Identity Modules (SIM); Functional characteristics, ETSI (Sophia Antipolis, Valbonne, France, April 1997)
EU Council/EU Parliament, Directive of the European Parliament and of the Council on the Retention of data Generated or Processed in Connection with the Provision of Publicly Available Electronic Communications Services or of Public Communications Networks and Amending (Directive 2002/58/EC, EU Directive, February 2006)
G.M. Køien, An introduction to access security in UMTS. IEEE Wireless Commun. Mag. 11(1), 8–18 (November 2004)
M. Langheinrich, A privacy awareness system for ubiquitous computing environments. 4th international conference on ubiquitous computing (Ubicomp 2002), Springer, 2002
NMT-SIS, AUTHENTICATION REGISTER, Functional specification of an Authentication Register for NMT-900. The Post and Telegraph Administrations of Denmark, Finland, Norway and Sweden
Nordic PTTs, NMT Doc 450-1: System Description, Nordic PTTs, 1999, NMT Doc 450-1.
G. Rose, G.M. Køien, Access security in CDMA200, including a comparison with UMTS access security. IEEE Wireless Commun. Mag. 11(1), 19–25 (2004)
SPECIFICATION FOR NMT-SIS KEY MANAGEMENT IN NMT-900 (1988-07-01). The Post and Telegraph Administrations of Denmark, Finland, Norway and Sweden
S.D. Warren, L.D. Brandeis, The Right to Privacy. Harv. Law Rev. IV(5) (Wadsworth, Belmont, CA, December 1890) (from “Ethical issues in the use of computers”, 172–183, 1985). ISBN: 0-534-04257-0.
R. West, The psychology of security. Commun. ACM 51(4), 34–40 (April 2008)
G.M. Køien, V.A. Oleshchuk, Personal privacy in a digital world. Telektronikk 103(2), 4–19 (2007)
RFID and Privacy, G.M. Køien, Telektronikk 103(2), 4–9/77–83 (2007)
S. Garfinkel, A. Juels, R. Pappu, RFID Privacy; An overview over problems and proposed solutions. IEEE Secur. Priv. Mag. 3(3), 34–43 (2005)
D. Boneh, M. Franklin, Identity based encryption from the Weil pairing. SIAM J. Comput. 32(3), 586–615 (2003)
IST ECRYPT (IST-2002-507932), ECRYPT Yearly Report on Algorithms and Keysizes (2006), Deliverable D.SPA.21, 29.February 2007
L.M. Adleman, Molecular computation of solutions to combinatorial problems. Science 266(11), 1021–1024 (1994)
D. Boneh, C. Dunworth, R.J. Lipton, J. Sgall, On the Computational Power of DNA, DAMATH: Discrete Applied Mathematics and Combinatorial Operations Research and Computer Science 71, 1996
R. Alleaume et al., SECOQC White Paper on Quantum Key Distribution and Cryptography (22January 2007), www.secoqc.net
G.M. Køien, Entity Authentication and Personal Privacy in Future Cellular Systems. Ph.D. thesis, Aalborg University, Denmark, April 2008
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer Science+Business Media B.V.
About this chapter
Cite this chapter
Køien, G.M., Oleshchuk, V.A. (2011). Access Security and Personal Privacy in Public Cellular Communication Systems: The Past, the Present and Beyond 2020. In: Prasad, R., Dixit, S., van Nee, R., Ojanpera, T. (eds) Globalization of Mobile and Wireless Communications. Signals and Communication Technology. Springer, Dordrecht. https://doi.org/10.1007/978-94-007-0107-6_6
Download citation
DOI: https://doi.org/10.1007/978-94-007-0107-6_6
Published:
Publisher Name: Springer, Dordrecht
Print ISBN: 978-94-007-0106-9
Online ISBN: 978-94-007-0107-6
eBook Packages: EngineeringEngineering (R0)