Skip to main content
SpringerLink
Log in

Access Security and Personal Privacy in Public Cellular Communication Systems: The Past, the Present and Beyond 2020

  • Chapter
  • First Online:
Globalization of Mobile and Wireless Communications

Part of the book series: Signals and Communication Technology ((SCT))

  • 1027 Accesses

Abstract

In order to predict the future one needs to understand the past and then interpolate as best as possible. We expect this to work reasonably well for a “2020 Scenario”, but we do not expect this approach to be valid for a “Beyond 2020” scenario.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 129.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 169.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 169.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    We make a clear distinction between the concept security service and methods to realize the service (the security methods and measures). That is, entity authentication is a security service. It may for instance be realized by a challenge-response security protocol (the method).

  2. 2.

    By data integrity we here specifically mean cryptographic data integrity and not transmission oriented data integrity. That is, the data is cryptographically protected against willful modification. Only an entity that has the correct cryptographic key will be able to modify the data. Note however that an intruder may be able to delete data (this may or may not be detectable by the legitimate parties).

  3. 3.

    These may well be due to service usage at higher layers. A subscriber with particular browsing habits or other similar measurable parameters will exhibit statistically distinguishable patterns that can be detected and traced at the physical radio layer. This would be a particular case of traffic flow based tracing (i.e., lack of traffic flow confidentiality).

  4. 4.

    Again, the decision should not normally be forwarded to the subscriber/user, but should be taken by the system (here the home operator) since subscriber/users are notoriously bad decision makers when it comes to assessing trust and risk [18].

  5. 5.

    Note that the relationship between the subscriber and home operator is asymmetric (the home operator have security jurisdiction over the subscriber in the traditional cellular architectures).

  6. 6.

    We here distinguish between cryptoanalytic attacks on the cryptographic primitive and attacks on the composition of primitives in the protocols. Incorrect use of cryptographic primitives may result in a weak protocol even if the cryptographic primitive itself isn’t broken. The opposite is also true, a provably secure protocol may be compromised by a weak cryptographic primitive (or from using inadequate key length etc).

  7. 7.

    Handover User Part and Mobile User Part respectively.

  8. 8.

    Then the famous problem P = NP will be resolved and forced into the P domain by quantum computations.

  9. 9.

    The SECOQC white paper provides a reasonable introduction to the field, without going into the details of quantum mechanics.

References

  1. 3GPP TS 33.106, 3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; 3G Security; Lawful Interception requirements (Release 6), 3GPP (2004)

    Google Scholar 

  2. 3GPP TS 33.102, 3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; 3G Security; Security architecture (Release 6) (Sophia Antipolis, Valbonne, France, December 2004)

    Google Scholar 

  3. D. Brin, The Transparent Society (Perseus books, Reading, MA, 1998)

    Google Scholar 

  4. S. Goldwasser, Multi Party Computations: Past and Present, in Proceedings of the Sixteenth Annual ACM Symposium on Principles of Distributed Computing (Santa Barbara, California, United States, ACM, 1997)

    Google Scholar 

  5. D. Dolev, A. Yao, On the security of public-key protocols. IEEE Trans. Inf. Theory 29(2), 198–208 (1983)

    Article  MATH  MathSciNet  Google Scholar 

  6. ETSI SR 002 180, Requirements for communications of citizens with authorities/organizations in case of distress (emergency call handling), ETSI (Sophia Antipolis, Valbonne, France, December 2003)

    Google Scholar 

  7. ETSI SMG, GSM TS 02.09 v6.0.1; Security aspects, ETSI (Sophia Antipolis, Valbonne, France, May 1999)

    Google Scholar 

  8. ETSI SMG, GSM TS 03.20 v6.0.1; Security related network functions, ETSI (Sophia Antipolis, Valbonne, France, July 1999)

    Google Scholar 

  9. ETSI SMG, GSM TS 02.17 v5.0.1; Subscriber Identity Modules (SIM); Functional characteristics, ETSI (Sophia Antipolis, Valbonne, France, April 1997)

    Google Scholar 

  10. EU Council/EU Parliament, Directive of the European Parliament and of the Council on the Retention of data Generated or Processed in Connection with the Provision of Publicly Available Electronic Communications Services or of Public Communications Networks and Amending (Directive 2002/58/EC, EU Directive, February 2006)

    Google Scholar 

  11. G.M. Køien, An introduction to access security in UMTS. IEEE Wireless Commun. Mag. 11(1), 8–18 (November 2004)

    Article  Google Scholar 

  12. M. Langheinrich, A privacy awareness system for ubiquitous computing environments. 4th international conference on ubiquitous computing (Ubicomp 2002), Springer, 2002

    Google Scholar 

  13. NMT-SIS, AUTHENTICATION REGISTER, Functional specification of an Authentication Register for NMT-900. The Post and Telegraph Administrations of Denmark, Finland, Norway and Sweden

    Google Scholar 

  14. Nordic PTTs, NMT Doc 450-1: System Description, Nordic PTTs, 1999, NMT Doc 450-1.

    Google Scholar 

  15. G. Rose, G.M. Køien, Access security in CDMA200, including a comparison with UMTS access security. IEEE Wireless Commun. Mag. 11(1), 19–25 (2004)

    Article  Google Scholar 

  16. SPECIFICATION FOR NMT-SIS KEY MANAGEMENT IN NMT-900 (1988-07-01). The Post and Telegraph Administrations of Denmark, Finland, Norway and Sweden

    Google Scholar 

  17. S.D. Warren, L.D. Brandeis, The Right to Privacy. Harv. Law Rev. IV(5) (Wadsworth, Belmont, CA, December 1890) (from “Ethical issues in the use of computers”, 172–183, 1985). ISBN: 0-534-04257-0.

    Google Scholar 

  18. R. West, The psychology of security. Commun. ACM 51(4), 34–40 (April 2008)

    Article  Google Scholar 

  19. G.M. Køien, V.A. Oleshchuk, Personal privacy in a digital world. Telektronikk 103(2), 4–19 (2007)

    Google Scholar 

  20. RFID and Privacy, G.M. Køien, Telektronikk 103(2), 4–9/77–83 (2007)

    Google Scholar 

  21. S. Garfinkel, A. Juels, R. Pappu, RFID Privacy; An overview over problems and proposed solutions. IEEE Secur. Priv. Mag. 3(3), 34–43 (2005)

    Article  Google Scholar 

  22. D. Boneh, M. Franklin, Identity based encryption from the Weil pairing. SIAM J. Comput. 32(3), 586–615 (2003)

    Article  MATH  MathSciNet  Google Scholar 

  23. IST ECRYPT (IST-2002-507932), ECRYPT Yearly Report on Algorithms and Keysizes (2006), Deliverable D.SPA.21, 29.February 2007

    Google Scholar 

  24. L.M. Adleman, Molecular computation of solutions to combinatorial problems. Science 266(11), 1021–1024 (1994)

    Article  Google Scholar 

  25. D. Boneh, C. Dunworth, R.J. Lipton, J. Sgall, On the Computational Power of DNA, DAMATH: Discrete Applied Mathematics and Combinatorial Operations Research and Computer Science 71, 1996

    Google Scholar 

  26. R. Alleaume et al., SECOQC White Paper on Quantum Key Distribution and Cryptography (22January 2007), www.secoqc.net

  27. G.M. Køien, Entity Authentication and Personal Privacy in Future Cellular Systems. Ph.D. thesis, Aalborg University, Denmark, April 2008

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Telenor R&I, Fornebu, Norway

    Geir M. Køien

  2. University of Agder, Grimstad, Norway

    Vladimir A. Oleshchuk

Authors
  1. Geir M. Køien
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Vladimir A. Oleshchuk
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Geir M. Køien .

Editor information

Editors and Affiliations

  1. Center for TeleInFrastruktur (CTIF), Aalborg University, Niels Jernes Vej 12, Aalborg, 9220, Denmark

    Ramjee Prasad

  2. Hewlett-Packard Labs, Salarpuria Arena, Hosur Main Road, Adugodi 24, Bangalore, 560 030, India

    Sudhir Dixit

  3. Qualcom, Laan van Diepenvoorde 17, Waalre, 5582 LA, Netherlands

    Richard van Nee

  4. Nokia, Keilalahdentie 2-4, Espoo, FI-00045, Finland

    Tero Ojanpera

Rights and permissions

Reprints and permissions

Copyright information

© 2011 Springer Science+Business Media B.V.

About this chapter

Cite this chapter

Køien, G.M., Oleshchuk, V.A. (2011). Access Security and Personal Privacy in Public Cellular Communication Systems: The Past, the Present and Beyond 2020. In: Prasad, R., Dixit, S., van Nee, R., Ojanpera, T. (eds) Globalization of Mobile and Wireless Communications. Signals and Communication Technology. Springer, Dordrecht. https://doi.org/10.1007/978-94-007-0107-6_6

Download citation

  • DOI: https://doi.org/10.1007/978-94-007-0107-6_6

  • Published:

  • Publisher Name: Springer, Dordrecht

  • Print ISBN: 978-94-007-0106-9

  • Online ISBN: 978-94-007-0107-6

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation