The candidate confirms that the work submitted is his own and the appropriate credit has been given where reference has been made to the work of others. I understand that failure to attribute material which is obtained from another source may be considered as plagiarism. (Signature of student)

Security Issues on Mobile Commerce over Third Generation/UMTS

Emir Rio Krishna

MSc. Information Systems (2000/2001)

i

SUMMARY This report summarises a literature research conducted from March to September 2000 involving an investigation of Third Generation (3G) mobile technology/UMTS, particularly the security for mobile commerce application. The project’s target readers will be high education (lecturers and students). The objectives include performing research study on the third generation/UMTS to allow a general understanding of the general framework of UMTS; analyse the security issues on mobile commerce (m-commerce) of UMTS technology; and develop a model (prototype) on m-commerce based on Wireless Application protocol (WAP) and Short Message Service (SMS). UMTS technology and m-commerce application are two things that cannot be separated in the future as the application evolves with technology. At present, mobile commerce application has been started with the emerging technology called WAP. However, the security of WAP technology is not secure enough. The security of WAP will further be detailed. So, how is the security for mobile commerce that developed in UMTS? The discussion will address this issue and identify the security features that built in 3G/UMTS technology. Moreover, the project will build a prototype of m-commerce scenario that centred on its security (particularly on authentication). The scenario will be given for the prototype. The objective of this prototype is to demonstrate that m-commerce scenario of authentication security is working. Some respondents will test the demonstration of the prototype and the questionnaires will be given and feedback is expected to develop the prototype further. By the end of the project, it is hoped that the readers understand the security issues of m-commerce application for the next generation mobile technology (UMTS) and security issues on WAP (second-generation system) that is derived from the prototype.

ii

ACKNOWLEDGEMENTS I would like to thank to God who helped me by His guidance, so that I could finish the project at the end. Gratitude goes to my parents who have given me a chance to study at University of Leeds, United Kingdom. I would like to express my deep thankfulness to my project supervisor, Prof. Peter Dew, who has given me the direction and guidance on this project. To my girlfriend, Tanassanee Sae-Han, who has provided me with her understanding, love and support both in good or bad situation. Last but not least, I want to give my appreciation to my friends: Christopher Liu, Chanming Du and Shamsul Bahrin and my MSc classmates for giving me inputs, criticisms and doing the questionnaires for my project.

iii

TABLE OF CONTENTS SUMMARY ...............................................................................................................i ACKNOWLEDGEMENTS.......................................................................................ii TABLE OF CONTENTS..........................................................................................iii CHAPTER 1..............................................................................................................6 INTRODUCTION.....................................................................................................6

1.1. Project Background....................................................................................6 1.2. Security Issues............................................................................................7 1.3. Objectives of the Project.............................................................................7 1.4. Research Methods......................................................................................8 1.5. Structure of the Report ...............................................................................8

CHAPTER 2............................................................................................................10 THIRD GENERATION MOBILE & UNIVERSAL MOBILE TELECOMMUNICATION SYSTEM .....................................................................10

2.1. Introduction...................................................................................................10 2.2. State of the Art of Mobile Communications...................................................10 2.3. What makes UMTS/Third Generation Different?..........................................11 2.4. Migration towards UMTS/Third Generation from User Perspective ..............11 2.5. Universal Mobile Telecommunication Systems (UMTS)...............................12

2.5.1. What is UMTS?......................................................................................12 2.5.2. Spectrum for UMTS...............................................................................13 2.5.3. Why do we need UMTS?........................................................................13 2.5.4. How and When?.....................................................................................14 2.5.5. What UMTS offers?...............................................................................15

2.6. Wireless Application Protocol (WAP) and Short Message Service (SMS) .....19 2.6.1. WAP Security.........................................................................................22 2.6.2. SMS.......................................................................................................23

2.7. Conclusion....................................................................................................23 CHAPTER 3............................................................................................................25 Mobile Commerce (M-Commerce) and Security Issues ...........................................25

3.1. Introduction...................................................................................................25 3.2. Mobile Commerce (M-Commerce)................................................................25 3.3. Mobile Commerce and Secure Socket Layer (SSL) .......................................27 3.4. Conclusion....................................................................................................30

CHAPTER 4............................................................................................................31 PROTOTYPE AND EVALUATION.......................................................................31

4.1. Introduction...................................................................................................31 4.2. Design Document of Prototype......................................................................31

4.2.1 Aims: ......................................................................................................31 4.2.2. Objectives: .............................................................................................31 4.2.3. The Scope...............................................................................................31 4.2.4. Requirements .........................................................................................32 4.2.5. Feasibility Study.....................................................................................32 4.2.6. Method...................................................................................................32 4.2.7. The Scenario ..........................................................................................32 4.2.8. Assumptions:..........................................................................................34 4.2.9. Building up the Prototype.......................................................................34 4.2.10. How to measure/testing the prototype?.................................................35 4.2.11. Evaluation Plan ....................................................................................35

iv

4.2.12. Practical Issues.....................................................................................36 4.3. Evaluation.....................................................................................................36 4.4. Conclusion....................................................................................................37

Chapter 5.................................................................................................................38 M-Commerce and UMTS Security...........................................................................38

5.1. Introduction...................................................................................................38 5.2. Securities on 3G/UMTS................................................................................38 5.3. New Security Features and the Security of New Service Features..................38 5.4. Overview of Security Architecture................................................................39 5.5. Five Security Features of UMTS...................................................................40

5.5.1. Network Access Security........................................................................40 5.5.1.1. User Identity Confidentiality............................................................40 5.5.1.2. Entity authentication........................................................................40 5.5.1.3. Confidentiality.................................................................................40 5.5.1.4. Data Integrity...................................................................................41 5.5.1.5. Mobile Equipment Identification .....................................................41

5.5.2. Network Domain Security ......................................................................41 5.5.2.1. Fraud Information Gathering System...............................................41

5.5.3. User Domain Security ............................................................................41 5.5.3.1. User-to-USIM Authentication..........................................................41 5.5.3.2. USIM-Terminal Link .......................................................................41

5.5.4. Application Security...............................................................................42 5.5.4.1. Secure Messaging between The USIM and The Network.................42

5.5.5. Security Visibility and Configurability ...................................................42 5.5.5.1. Visibility..........................................................................................42 5.5.5.2. Configurability ................................................................................42

5.6. Security Threats............................................................................................42 5.6.1 Unauthorised access to sensitive data (Violation to Confidentiality) ........43 5.6.2. Unauthorised manipulation of sensitive data (Violation of Integrity).......43 5.6.3. Disturbing or misusing network services (leading to denial of service or reduced availability).........................................................................................43 5.6.5. Unauthorised access to services.............................................................43

5.7. Conclusion....................................................................................................44 CHAPTER 6............................................................................................................45 CONCLUSION AND RECOMMENDATION ........................................................45

6.1. Conclusion....................................................................................................45 6.1.1. Objectives of the Project.........................................................................45 6.1.2. What are the security issues taken from the discussion (literature review)?........................................................................................................................46 6.1.3. The value of the prototype built, what I learnt from it? ...........................46

6.2. Recommendation ..........................................................................................47 REFERENCES........................................................................................................48 BIBLIOGRAPHY....................................................................................................49 APPENDIX A - PROJECT EXPERIENCE.............................................................51 APPENDIX B - OBJECTIVES AND DELIVERABLE FORM ...............................53 APPENDIX C - MARKING SCHEME AND HEADER SHEET FOR THE MARKED INTERIM REPORT...............................................................................55 APPENDIX D - THE WML CODES FOR THE PROTOTYPES.............................57 APPENDIX E - QUESTIONNAIRES AND FEEDBACK .......................................60

A. Questionnaires.................................................................................................60

v

B. Feedback .........................................................................................................60

6

CHAPTER 1

INTRODUCTION

1.1. Project Background Consider the scenario below: “Imagine you are out doing some errands on a weekend evening and want to get together with some friends for a movie and dinner. If it's a Saturday night, the chances are once you get to the theatre there will be long lines, sold out shows for the movie you want to see, and a bunch of other movies playing of which you've never heard. But you have an advantage over others. You pull out your new cell phone with its enhanced screen, which happens to double as your personal digital device. Using the snazzy wireless device, you not only can check the listing of all the movies at the theatre, you can view clips from the movies as well. Using this same device, you select the movie you want to see, buy the tickets online, and then use the instant messaging function to let your friends who are meeting you know which movie you have selected. Also, since you know that the restaurant across the street is going to be busy after the movie, you make reservations for you and your friends. After the show, once you and your friends get to the restaurant, you call up on your wireless phone the restaurant's discount coupon and pay for dinner - avoiding using cash or a credit card.” [http://www.ntia.doc.gov/ntiahome/threeg/3gintro.htm] Welcome to the world of Third Generation wireless (3G), where high-speed, broadband mobility meets the Internet.

The scenario above is one of examples in daily life applications that people should be able to do with Third Generation mobile technology in the near future. There will more applications that can be done with the future mobile systems. This is driven by the unprecedented growth of worldwide mobile wireless markets, the advances in communications technology, and the accelerated development of services taking place in fixed networks. There is an urgent introduction of a flexible and cost effective Third Generation Mobile Communications System.

UMTS presents many features of UMTS. One of the features is mobile commerce or m-commerce. M-commerce is one form of mobile business (m-business) applications. Mobile business applications cover m-commerce, m-entertainment, m-services, m-finance, etc. The definition of mobile commerce or m-commerce is: “The buying and selling of goods and services through wireless handheld devices such as cellular telephone and personal digital assistants (PDAs). Known as next-generation e-commerce, m-commerce enables users to access the Internet without needing to find a place to plug in. In the other hand, electronic commerce or e-commerce is defined as the buying and selling goods and services on the Internet, especially the World Wide Web.” [www.whatis.com]. Both m-commerce and e-commerce conduct buying and selling on the Internet, which includes payment of the transactions. Both electronic and mobile commerce needs to address the concerns of payment security of the transactions. The security includes

7

authenticating business actors, controlling access to resources such as web pages for registered or selected users, encrypting communications, and in general ensuring the privacy and effectiveness of transactions. Among the most widely used security technologies is the Secure Socket Layer (SSL), which is built into both of the leading web browsers (Internet Explorer and Netscape Navigator). Meanwhile mobile commerce with its emerging technology, Wireless Application Protocol (WAP), has its own security that called Wireless Transport Layer Security (WTLS). These two types of security will be discussed later in the next chapter.

1.2. Secur ity Issues The main focus of project is in third generation mobile technology, UMTS

security. However, SSL and WAP security issues will be in practically covered. The security within UMTS is the key issue to be investigated. The questions arise: Is UMTS security the same to second-generation technology? If it is different to previous mobile technology, are there new security features in its technology? The security issues in UMTS will be our main topic for this project. There will be a prototype that is built based on current available technologies (WAP/SMS) for the security matters in authentication scenario. How will the emerging technologies provide the security (authentication)? A design document of the prototype with its authentication scenario, which will be provided in the independent chapter, will address this issue. The project was chosen because the writer is interested in mobile phone technology and security of having transactions on the Internet, particularly for mobile commerce. On one hand, mobile commerce is still not a popular term and the project will explore the type of commerce that is believed will become popular in the future with the advanced mobile technology (UMTS). On the other hand, there is not much awareness of the new mobile technologies in the academic community. The report will acknowledge the community of the coming of third generation mobile systems as well as identify the security issues on UMTS as one of the product from third generation systems in Europe. In the project, a prototype of security system (authentication) will be built using Wireless Mark-up Language (WML) programme that might be useful in the future for the writer. So, how secure is UMTS for m-commerce? By the end of project, the reader should be aware of the state of UMTS technology with respect to m-commerce and security and all the issues that need to be faced.

1.3. Objectives of the Project The revised objectives of this project were to:

1. Perform a background research study on the concepts of third generation

(3G)/UMTS Mobile. This will allow a general understanding of the general framework of UMTS technology.

2. Describe and analyse the security issues on mobile commerce (m-commerce) of second-generation technology (WAP).

3. Describe and analyse the security issues on mobile commerce (m-commerce) of UMTS technology.

4. Develop a model (prototype) on m-commerce based on combination of WAP and SMS (typical scenario given).

8

5. Perform the background research study on Wireless Application Protocol (WAP) and Wireless Mark-up Language (WML). This will allow a general understanding to build the prototype.

At the end of the report, the objectives above should be met to construct a good project.

1.4. Research Methods There are two methods have been used in this project. The first method is

literature survey using data and information from books, journals, articles, bulletins from electronic media and non-electronic media. These sources will cover the discussion of the project. The sources will also cover the source for designing the prototype and learning new programming language (Wireless Mark-up Language) to build the prototype. The Internet and library will be the main sources for this method as the earlier is the robust data/information sources.

The prototype will be built from the knowledge from books and Internet sources. Respondents will test the prototype when it is ready. Related to respondents, the second research method will be questionnaire. The questionnaire will be given to MSc. classmates at University of Leeds as the respondents. The questionnaire is a set of questions with five ranges of answers (Strongly Agree; Agree; No Comment; Disagree; Strongly Disagree) for each question. Before the respondents can fill in the questionnaire, they have to test the prototype first. The questionnaire will be made as online questionnaire rather than paper questionnaire as the respondents have an access to the Internet. The answers from the questionnaire will be useful for the evaluation and the conclusion at the end of the project. The questionnaire and some answers from the respondents can be found in the appendices.

1.5. Structure of the Repor t The second chapter will discuss the state of the art of mobile communication,

including WAP and its security that will be a platform for the prototype. Mobile commerce will be described more as recognising the problem begins from this chapter. Moreover, the security based on Secure Socket Layer of Internet will be illustrated before pointing up to the security issues of UMTS with its features, which are different with security issues of second-generation systems. The discussion of the chapter should have answered the problem.

The third chapter will discuss the mobile commerce and its security issues. Mobile commerce in this chapter will be defined. Mobile commerce (m-commerce) has been conducted over the Internet. Secure Socket Layer that has been used for m-commerce will be addressed. The issues on security of m-commerce also will be examined.

The fourth chapter is a design document of prototype that is based on the emerging technologies (WAP). The prototype will give a good example of security issues that have been discussed in advance. The prototype is demonstrated for the matter of security (authentication). The focus of this chapter will be the security of WAP technology and the feasibility study of the authentication scenario. This chapter will address the evaluation of the prototype.

The fifth chapter will discuss mobile commerce and UMTS security. After knowing mobile commerce in emerging technologies and its securities. The chapter

9

will reveal the next generation mobile technology and its security for mobile commerce. The security features of UMTS technology and the threats to UMTS security will be identified.

The fifth chapter will conclude all chapters and give some recommendations for future development of the project.

10

CHAPTER 2

THIRD GENERATION MOBILE & UNIVERSAL MOBILE TELECOMMUNICATION SYSTEM

2.1. Introduction This chapter will discuss the evolving mobile technologies in brief from the first generation until the third generation. Especially to the third generation called UMTS, the discussion will go into depth, as the chapter will address UMTS foundation. The chapter will also deal with WAP and SMS as in the next two chapters; the prototype related to these technologies will be discussed further more. WAP as second-generation systems will have also be dealt particularly for its security.

2.2. State of the Ar t of Mobile Communications Technology is growing so fast throughout the years and so is the

telecommunication industry. The telecommunication industry, especially mobile phone industry has been evolving gradually at least for the last ten years. Mobile phone history started in 1978 for the first generation mobile - analog cellular system and in 1981 for NMT Nordic Mobile Telephone System was introduced [http://www.privateline.com/PCS/history8.htm], then followed by TACS and C-NETZ technology. The first generation technology has various types of system; thereby at that moment the technology focussed on how to make those systems compatible to each other especially when roaming happens. Second generation mobile arrived in 1987 officially to replace the first generation [http://www.cellular.co.za/gsmhistory.htm]. The second generation came firstly with GSM (Global System for Mobile Communications), which enables mobile phone to roam to between GSM mobile networks. Mostly GSM works in frequency 900 MHz and 1800 MHz (Asia and Europe), and 1900 MHz (America). The second-generation system that is digital-based concentrated on the quality of voice compared with its previous technology. WAP and SMS technology, which are still in second-generation systems, enriched the existing features of 2G technologies. These two technologies enable mobile phone not to receive voice only but data also. Even though at the stage, the speed of data rate is not reliable. The weakness in 2G technologies is the low speed of data rates. This weakness has been overcome in 2G+ technologies such as HSCSD (High Speed Circuit Switched Data) and GPRS (General Packet Radio Services) that enables multiple speed data rates of GSM technology. 2G+ is the stepping-stone towards third generation technologies like EDGE (Enhanced Data GSM Environment) and UMTS (Universal Mobile Telecommunication Systems). The latest one will be our main focus for its security factor. UMTS has superior in delivering data rates speed among available current mobile technologies. It offers up to 2Mbps data rates that make video on demand or streaming video is possible.

11

2.3. What makes UMTS/Third Generation Different? The combination of the inherent capabilities of UMTS/Third Generation will lead to a sharp increase in the number and variety of services available compared with current wireless and even most wire line communication systems. Data communication is expected to achieve a larger market share than a voice communications in the future. The Internet will be the one of major drivers in this development, leading to increased traffic form:

��Mobile users fulfilling their demands for goods, entertainment, and information.

��Teleworkers having remote access to services in the corporate network, irrespective of their location, to provide immediate on-site customer care.

More and more companies are using the Internet platform to organise and

optimise mobile access to the corporate network. The introduction of Voice over Internet Protocol (VoIP) in a corporate network environment leads to genuine integration of voice and data services. This single system platform for all services/applications in one network provides significant savings in capital costs and maintenance. It improves scalability and flexibility, reduces overall communications costs and allows enterprises to be more competitive.

2.4. M igration towards UMTS/Third Generation from User Perspective A few years in the future, there will be big changes in personal

communications, data networks, broadcasting and entertainment services compared with the services that exist at present. Many of the changes constitute a revolutionary shift from current business models and the underlying value chain. For example, because of huge data rates, users are able to do video conference on mobile phone with 2G+ technology like GPRS, EDGE, and UMTS.

People will take advantage in the early stages by having the General Packet Radio Services (GPRS) and Enhanced Data GSM Environment (EDGE) devices that both are the family of advanced mobile technology. These technologies may incorporate short radio and/or Wireless Application Protocol (WAP) capabilities within their features. The transition from 2G into 3G will be begun by multi-mode and multi-band devices that will be available in the near future time. Network operators and service providers will start offering their services, which mainly focus on UMTS/ 3G technology. These operators and service providers are trying to define natural migration to 3G. The factors that will be considered for the roll out of 3G will be the consistency of the tariff 3G networks and the 3G coverage areas. According to UMTS forum, this migration phase means the initial service quality may not be globally consistent.

The capabilities from Third Generation such as high bandwidth will give new prospects for traditional or Internet-based broadcasting organisations to start delivering content and providing interactivity to a new breed of mobile customers. Meanwhile, there will be an increased focus on local content and its creation and provision. According UMTS forum, “Internet Protocol (IP) will be one of the most significant enablers for the creation of these new opportunities because both IP and Third Generation are global platforms ensuring ubiquitous availability. All this means that:

12

1. Wireless communications will converge to IP world. 2. Broadcasting will grow closer to the Internet.”

Delivery of personalised information through both content and services, to the global citizen using a range of devices is one aspect of UMTS/Third Generation.

Figure 1. More advanced services as the market evolves

[UMTS Forum, repor t No. 11]

The picture above shows how services are expected to evolve from 2G to 3G and beyond. The near-term services are the triggers for the long-term services. The specification of the long-term services will require an understanding from the matured market, which will have been known through the experience from the near-term services.

For an example, the mobile business as one of the major applications in Third Generation/UMTS encompasses the sum of all services (such as mobile commerce and Intranet access) that provides combination of mobility and business. It needs to bear in mind that many issues will need to be solved for the long-term services like the creation of rich content and application software as well as legal aspects.

2.5. Universal Mobile Telecommunication Systems (UMTS)

2.5.1. What is UMTS? “UMTS is one of the major new Third Generation mobile systems being

developed within the framework which has been defined by the International Union (ITU) and known as IMT-2000.” [UMTS Forum, report 2]. UMTS has been an effort on research and development for the last ten years for the next generation mobile. The research and development shows that UMTS has the support of many major telecommunication operators and manufacturers because it represents a chance to create mass market for highly personalised and user-friendly mobile access to the information society.

UMTS is seeking to build on and extend the capability of today’s mobile, cordless and satellite technologies by providing better capacity, data rates, and much

13

more features and services by using an innovative radio access scheme and an enhanced core network.

2.5.2. Spectrum for UMTS It has been identified by the World Radio Conference that the frequency bands

for future IMT-2000 systems are 1885-2025 MHz and 2110-2200 MHz. From these bands, frequency of 1980-2010 MHz and 2170-2200 MHz, are intended to be used for the satellite part of these future mobile systems.

For the terrestrial part of UMTS (the UTRA air interface), Japan and Europe have taken decision to implement the paired frequency of 1920-1980 MHz and 2110-2170 MHz. Europe has also decided to implement UTRA in the unpaired bands 1900-1920 MHz and 2010-2025 MHz.

2.5.3. Why do we need UMTS? People in the early years of new millennium, specifically users of data and

multimedia telecommunication services have an expectation and demand of the availability or continuity of multimedia services when they are moving from one place to another. The expectation includes multimedia services that allow rich quality of audio, visual and text-based information in addition to “basic voice” .

Today’s mobile systems, in spite of the rapid changes, are still constrained in terms of data rate that they can offer and the flexibility to manipulate complex, yet user multimedia services. The unavailability of multimedia service gives an opportunity to the mobile radio. Users are offered something new – a mobile system capable of managing and delivering a much wider range of information services to the mass market.

The opportunities will arise from: ��An industry-wide and government commitment across the world. Many

industries will develop mobile technology that compatible to any systems that emerged across the world.

��A coordinated programme encompassing spectrum, standards, and technology. The standards for the technology such as spectrum have been designed to be used in the future for advanced mobile technology (refers to spectrum mentioned above).

��“Initial terrestrial and satellite services available in 2001 in major market with scale rollout and adoption by 2005” [UMTS Forum, report No.2]. The technology of terrestrial and satellite will be used to have a broad coverage area for the technology.

��Large amounts of spectrum already designated. The explanation refers to previous point above.

��Synergy of communications. IT and media working to bring about global opportunities for business and consumers, while creating new ways of doing business, entertaining and informing. The mobile technology is designed to have mobile business applications such as mobile commerce.

��“A substantial mass market, potentially worth ECU 45 billion in Europe alone by 2005” [UMTS Forum, report No. 2]. In 2005, Europe has big potential market for the technology.

14

2.5.4. How and When? The Third Generation/UMTS society has set the timescales for the

introduction of UMTS in order to meet the customers’ demands in the early 21st century. The target date for the launch of UMTS has been set to the year of 2002. The important issue is that the introduction of Third Generation/UMTS relies on many elements being in place including technology development, standardisation, API (Application Programming Interface) to a service creation environment. In 2002, UMTS expects its capabilities to be improved over time following its introduction phase. At the first beginning its launch, terrestrial UMTS will have the capability to send the data over the network up to 2 Mega bit per second and it is designed as an open system so it can incorporate with the new technologies when they become available. This open system approach is an advantage to UMTS because it allows UMTS to eventually increase its capability above that currently being standardised by IMT-2000 and ETSI. More or less, GSM, which is second-generation mobile systems, has evolved from its original capability. For example the current bandwidth of sending data of 9.6 Kbit/s to GPRS (General Packet Radio Service) that has data rate up to 115 Kb/s and then moving towards to EDGE technology (384 Kb/s).

UMTS is a potential advanced mobile telecommunication system among others. It is being designed for its flexibility above all for users, network operators and service developers and embodies many new and different concepts and technologies. The summary bellow tries to summarise some of key elements and features to seek the scope of UMTS.

15

Figure 2. Summary: What is UMTS?

2.5.5. What UMTS offers? The following are some services that UMTS offers to future mobile telecommunication users. 1. Ease of Use and Low Cost

The UMTS customers in the future absolutely prefer to have useful services, easy-to-use terminals and good value for money. With this statement, it means UMTS will offer:

��“Services, which are easy to use and customisable in order to fulfil individual user’s needs and preferences.

��Terminals and other equipments that are easy to access to UMTS services. ��The user’s costs for UMTS service are low to ensure mass market prices to

be competitive. ��A wide range terminals with low prices to be affordable to the mass

market, while supporting the UMTS’ capabilities.” [UMTS Forum, Report No. 2]

Far more than second generation

• Basic and advanced services. • Ever-increasing range of services built around virtual home environment. • Attractive multi-mode terminals for access to second and third generation

services. • Future proof for 21st century.

UMTS

• A full third generation global mobile and wireless systems. • 2 Mbit/s capability in diverse radio environments. • Highly personalised mass market. • New and innovative interactive and multimedia services.

UMTS access via…

• A full member of the IMT-2000 family. • ITU identified spectrum for both terrestrial and satellite radio. • UTRA, a revolutionary air interface optimised for both FDD and TDD

spectrum. UMTS networks and services

• Build on the footprint of the evolving GSM core network. • Are compatible with Internet Protocols. • Support convergence of fixed and mobile services. • Access via mobile or fixed, public or private networks.

Source: UMTS Forum Report No.2

16

2. New and Better Services Market studies say that UMTS service up to the year of 2005 will be speech as a dominant service for its existing fixed and mobile telephone networks, including GSM. Low cost and high quality speech will be users’ priorities. However, UMTS will increase its revenue through its customers who want to use multimedia service such as advanced data and information services from UMTS. The multimedia subscribers will grow strongly by the year of 2010 as forecasted by mobile telecommunication industry.

3. Fast access

One factor that makes a clear understanding that UMTS is a step forward from the second-generation mobile systems is its potential to support 2 Mbit/s data rates for users. This capability of large data rates together with the inherent Internet Protocol (IP) support of UMTS is a powerful combination to run multimedia services as well as wideband application such as video conferencing. As data rates will increase in the long term, it is not impossible for UMTS to be developed to support this demand. The increased data rates will be allocated to the provided appropriate spectrum available. In later phases of development, there will be convergence with even higher data rate using mobile wireless area network (LAN) such as microwave or infrared technologies providing data rates of e.g. 155 Mbit/s in indoor environments. For wireless data transmission, most current mobile phone system uses circuit switched technology. However, UMTS uses packet and circuit data transmission. This method of sending data transmission has several benefits to its users:

��Virtual connectivity to the network at all times. ��Alternative ways of billing, for example pay per bit. ��Asymmetric bandwidth in the links (uplink and downlink). As wanted by

emerging data services where one link carries simple commands and other carries the content rich bandwidth intensive traffic.

Third Generation/UMTS currently is being developed to offer data rate on demand, which means the network, will react flexibly to the user’s demand. The use of packet-oriented transport protocols such as Internet Protocol (IP) at the moment is under research to improve these capabilities. The combination between packet data and data rate on demand will remove technical barriers for user and make the operation cost of the systems much cheaper. There will be no hassle about the time to connect to the network, because UMTS is friendly and consistent environment. UMTS is stay connected anytime and anywhere.

4. Friendly and Consistent Environment The service of friendly and consistent environment from UMTS is based on the standardised capabilities, which are common to all UMTS user and radio environments. It means that an UMTS user will experience a consistent set of services even when he/she does roaming from his/her network to other UMTS operators. This type of service is known as “Virtual Home Environment” (VHE). The application of VHE to UMTS user will give a feeling that the user is in “home” even when roaming. VHE service will ensure the delivery of service provider’s total environment including for corporate user’s virtual work environment, independent user location or mode of access (satellite or terrestrial). In addition to that, VHE will also enable terminals to “negotiate” with the visited network, especially when you are browsing or downloading software, so that it

17

will provide “home-like” environment with full of security, transparently across a mix of access and core networks.

5. Mobility and Coverage

UMTS has been designed for future global communication systems, consisting terrestrial and global satellite components. The terminals that UMTS using is a multi-mode type terminals, which enable themselves to operate through second-generation systems such as GSM 900 and 1800 will further lengthen the reach of many services. In the long-term, there will be likely more networks using these terminals and other standards. The goal will be the real and true personal mobile communications device, with terminals able to roam between different networks. It means that a subscriber will be able to roam from private network into public network (pico/micro cellular), then into a wide area macro cellular network (that usually be a second generation network), and finally then to a satellite mobile network with minimal difficulties (the worst is if a break happens) during communication.

Figure 3. UMTS coverage is universal [UMTS Forum, Repor t No.2]

6. Radio technology for all environments.

UTRA, UMTS Terrestrial Radio Access system will support high spectral efficiency and service quality in all the physical environments in which wireless and mobile telecommunication take place. Nowadays, mobile users live in a multi-dimensional world, like moving between indoor or outdoor (urban), and rural environments with mobility from stationary through pedestrian and up to very high speeds. There are many different density environments including three dimensional in high-rise buildings. This UTRA is being prepared for all these environments.

18

In reality, probably UMTS users are unable to access at highest data rates at all times. For example, in a congested area because of radio propagation and economics operating network, the services will just only support lower data rates. Thus, UMTS users will have to subscribe to certain type quality of service in order to always be able to use the terminals and get the data rates desired. In the deployment phase, the network terminals will be installed at places where the traffic is very busy such as airports, railways, and bus station. However, in order to have full coverage for its users to use the service, UMTS is being designed to enable roaming with other networks. For instance, GSM system operated by the same operator or alternatively by roaming agreements. Roaming agreements mean other GSM system or Third generation system from different operator, which includes UMTS compatible satellite networks that will be able to offer global coverage effectively. For terrestrial private networks, usually they have included PABX and Centex systems for voice communication within organisations. In a progress of corporate intranet (known as virtual private networks based on web technology), the systems are becoming entirely comprehensive working environments for staff. Not only just reports and data that can be exchanged, but also service manuals, training presentations, financial sales data etc. It looks like current customers of intranets are the early customers for mobile multimedia service as generated by UMTS. It is hoped that access to service via fixed and mobile as well as seamless operation and roaming between private and public UMTS networks will support the UMTS users in the future.

7. UMTS services available globally by satellite

As discussed UMTS will use satellite technology to make available of global coverage service and the technology is expected to have an important role in the extension of UMTS coverage worldwide. The same services will be applied to terrestrial terminals and at the moment, to ensure roaming and handover between satellite and terrestrial networks will be efficient and effective, both technologies are being standardised.

Having known about UMTS, basically at the moment research are being conducted by several well known mobile phone manufacturers such as Nokia and Siemens for the UMTS prototype. The picture below illustrates one UMTS prototype from Siemens. The picture below illustrates one UMTS prototype from Siemens.

19

Up to this point, people should realise with the coming of UMTS in the near future and have a clear description for the benefits that UMTS users could gain from the efficiency of UMTS.

What about the security of UMTS as the security is the main issue of this project? The security of UMTS and its features and the threats to 3G/UMTS security will be discussed in the next chapter.

2.6. Wireless Application Protocol (WAP) and Shor t Message Service (SMS) The previous sub-chapter has highlighted the likely mobile technology known as Third Generation mobile (3G) and described in detailed in the Universal Mobile Telecommunications System (UMTS) for 3G developments in Europe. Mobile commerce (m-commerce) has been “touched” earlier, but the information on m-commerce will be addressed further after the discussion of WAP.

The project has the prototype that will be built based on the emerging technologies (WAP and SMS). The prototype is a prototype for authentication (one of security issues). The following discusses what WAP is? And followed by the discussion of WAP security. Moreover, SMS will be identified for its function to the prototype.

“WAP or Wireless Application Protocol is the standard for the presentation and delivery of wireless information and telephony services on mobile terminals.” [Tsalgatidou and Veijalainen, 2000]. WAP was developed by the WAP forum, and industry association founded by Nokia, Ericsson, Motorola and Unwired Planed in

Figure 4. Future UMTS terminal from Siemens (Siemens).

Figure 5. UMTS prototype designed by Nokia (Wapworld)

20

June 1997 with the goal to open Internet for wireless mobile access by creating a 2G+ (second-generation plus) network technology.

WAP was developed because people with high mobility need to get information from the Internet not only from their own personal computers or laptops but also from their PDA and mobile phones for the need to access Internet dynamically, WAP was created to fulfil this demand. Internet standards such as HTML (Hyper Text Mark-up Language), HTTP (Hyper Text Transfer Protocol), TLS (Transport Layer Security), TCP (Transmission Control Protocol) are inefficient over mobile networks. These standards require large amount of mainly text-based data to be sent. For example, standard HTML content cannot be effectively displayed on the tiny-sized screens of pocket-sized mobile terminals and pagers. WAP optimises this (HTML) standard for the unique constraints of the wireless environments, i.e. low bandwidth, high latency, and unstable connection. The WAP specifications define a lightweight protocol to minimise bandwidth requirements and to guarantee that a wide variety of wireless networks can run WAP applications. The lightweight protocol stack is designed to minimise required bandwidth and maximise the number of wireless network types that can deliver WAP content. As discussed before, the lightweight protocol stack of WAP is designed to minimise required bandwidth. WAP protocols contain many layers as follow:

Wireless Application Environment (WAE) Wireless Session Protocol (WSP)

Wireless Transaction Protocol (WTP) Wireless Transport Layer Security (WTLS)

Wireless Datagram Protocol (WDP) Bearers e.g. Data, SMS, USSD

Figure 6. WAP layered architecture [Source: Mobile L ifestreams.com, 2001]

1. Wireless Application Environment (WAE)

The WAE defines the user interface on the phone. This layer supports the bearers. To achieve this, the WAE contains Wireless Mark-up Language that allows WAP-based applications to be developed.

2. Wireless Session Protocol (WSP) The WSP is the sandwich layer that links the WAE to two session services. One connection oriented operating above the Wireless Transaction Protocol and the other is a connectionless service operating above the Wireless Datagram Protocol.

3. Wireless Transaction Protocol (WTP)

It is a part of TCP/IP protocols and runs on top of diagram services such as User Datagram Protocol (UDP). The WTP provides a simplified protocol that suitable for low bandwidth mobile stations. This layer offers tries to optimise the user experience by providing the information that is needed when it is needed – it can be confusing to received confirmation of delivery messages when you are expecting the information itself.

21

4. Wireless Transport Layer Security (WTLS) The WTLS incorporates security features that are based upon the established Transport Layer Security (TLS) protocol standard. It includes data integrity checks, privacy on the WAP gateway to client leg and authentication.

5. Wireless Datagram Protocol (WDP)

This layer allows WAP to be bearer independent by adapting the transport layer of the underlying bearer. The WDP presents a consistent data format to the higher layers of the WAP protocol stack thereby conferring the advantage of bearer independence to application developers.

6. WAP Bearers

WAP bearers include SMS, CSD, USSD, GPRS, etc. In this case, I only discuss the first bearer, the SMS, but the bearer is discussed later on as independent sub-section of this chapter.

[Point 1 to 6 is adapted from WAP Forum, 2000]

In WAP, the interface between the operator’s network and the Internet is

connected by the WAP gateway that includes HTML to WML filters, the HTTPS (HTTP Security) interface to an online web server as well interface to the WAP handset via the PSTN and GSM networks over circuit switched data. Requests from mobile device are sent as a URL through the operator’s network to the WAP gateway. The responses are sent from the web server to the WAP gateway in HTML, which are translated in WML and sent back to the mobile terminals over WSP/WTP (Wireless Session Protocol/Wireless Transaction Protocol). The diagram below tells how WAP system works.

Figure 7. How WAP works? [Source: Tsalgatidou and Veijalainen, 2000]

Some practical issues of WAP that need to be considered are the limited bandwidth available for users to use WAP technology; the size of the screen of mobile phone and the limited graphic user interface such as colour (green and black only on most current mobile phone) and pictures/graphics; the cost of WAP phone and airtime cost for network providers also gives weak point to the technology; and the most important

22

one, if WAP application is used for mobile commerce, we do not know how secure the technology and how does WAP security work? The following discussion addresses WAP security issue.

2.6.1. WAP Secur ity There are three parts to the WAP security model, as shown in the figure

below. On the right, the WAP gateway simply uses SSL to communicate securely with a web server, ensuring privacy, integrity, and server authenticity.

Figure 8. The WAP Secur ity Model [WAP Secur ity paper, 2000]

On the left side of the WAP security model above, the WAP gateway takes SSL-encrypted messages from the web and translates them for transmission over wireless networks using WAP’s WTLS security protocol. Messages from the handset to the web server are likewise converted from WTLS to SSL. “The need for translation between SSL and WTLS is incurred by the very nature of wireless communications: low bandwidth transmissions with high latency.” [WAP Security Paper, 2001]. Because SSL was designed for desktop and wired environments with robust processing capabilities connected to a relatively high-bandwidth and low-latency Internet connection, mobile phone users would be disappointed by the delays required to process SSL transactions. Furthermore, to put SSL functionality into handsets would raise mobile phone costs and destroy the low-cost pricing paradigm that is driving industry growth. WTLS was specifically design to conduct secure transactions without requiring desktop levels of processing power and memory in the handset. WTLS processes security algorithms faster by minimising protocol overhead and enables more data compression than traditional SSL solutions. As a result, WTLS can perform security well within the constraints of a wireless network. These optimisations mean that smaller, portable consumer devices can now communicate securely over the Internet. The translation between SSL and WTLS takes milliseconds and occurs in the memory of the WAP gateway, allowing for a virtual, secure connection between the two protocols. According to WAP security paper by netkraft.com, “suppliers of the WAP gateway and network operators take every measure possible to keep the WAP gateway itself secure by:

23

a) Ensuring that the WAP gateway never stores decrypted content on secondary media.

b) Using a process of decryption /re-encryption that is security conscious and optimised for speed so that the unencrypted content of a message is erased from the volatile internal memory of the WAP gateway as quickly as possible.

c) Securing the WAP gateway physically so that only authorised administrators have access to the system console.

d) Limiting administrative access to the WAP gateway so that it is not available to any remote site outside the carrier’s firewall.

e) Applying all other security precautions used to protect billing systems and the Home Location register to the WAP gateway.”

On the wireless side of the transaction (left side of the figure), the WAP gateway uses WTLS to provide privacy, integrity and authentication between itself and the WAP browser client. It is based on the Internet standard security protocol TLS 1.0, which in turn based on SSL 3.0, providing the functionality of a strong Internet security over a wireless airlink. WTLS goes beyond TLS 1.0 by incorporating new features such as datagram support, optimised handshake and dynamic key refreshing. WTLS and the WAP security model provide an extremely secure solution that leverages the best technologies from the Internet and wireless worlds. When WAP gateway is deployed in an operator environment according to standard operator security procedures, subscribers and content providers can be assured that their personal data and applications are secure.

2.6.2. SMS “ The Short Message Service (SMS) is the ability to send and receive text messages to and from mobile telephones. The text can comprise of words or numbers or alphanumeric combination. Each short message is up to 160 characters in length when Latin alphabets are used, and 70 characters when non-Latin alphabets such as Arabic and Chinese are used.” [www.success4sms.com]. Mobilesms.com indicates that “At a minimum, SMS benefits include the following: delivery of notification and alerts; guaranteed message delivery; reliable, low cost communication mechanism for concise information; ability to screen messages and return calls in a selective way; increased subscriber productivity.” Moreover, the SMS has sophisticated functionality with its enhanced benefits for the users: delivery of messages to multiple subscribers at a time; email generation; creation of user groups; and integration with other data and Internet-based applications.

The SMS in its function to the prototype is to give delivery of notification and alerts. The details of the prototype will be discussed in the design document of the prototype.

2.7. Conclusion The discussion has found that mobile technologies were started from analog mobile phone and improved by GSM for better service (voice). Thus, it was developed by WAP for data service. The data service then much improved for data rates by GPRS, EDGE, and UMTS that are known as third generation mobile technologies. UMTS will support data rates up to 2Mbps for video conference

24

application and other applications that needs high data rates transmission anytime and anywhere. WAP technology will be used in the prototype that will be addressed in chapter four. WAP security that was concerned for prototype model has identified the concerns of its WTLS and WAP gateway.

25

CHAPTER 3

Mobile Commerce (M-Commerce) and Secur ity Issues

3.1. Introduction Mobile commerce and security issues are the topics for this chapter. Mobile commerce has been popular and it is predicted to become succesful in the future after electronic commerce on the Internet. The chapter discusses mobile commerce for its definition and the key drivers behind the m-commerce successful prediction. The security issues in this chapter addresses the m-commerce security on the Internet.

3.2. Mobile Commerce (M-Commerce) The purpose is to investigate m-commerce and its security issues on the

Internet. Firstly, m-commerce needs to define. Mobile Commerce (m-commerce) basically is electronic commerce or e-commerce on the move. The electronic commerce itself is commerce/transactions that happened over the Internet.

According to one reference, the definition of m-commerce is: “Any type of

transaction of an economic value having at least at one end a mobile terminal and thus using the mobile telecommunications network.” [Tsalgatidou and Veijalainen, 2000]. It means any electronic commerce transactions performed by mobile customer via any fixed terminal, e.g. from a personal computer that is connected to the Internet via a modem and wired network are not included in this definition. Mobile terminal meant in the definition above is mobile phones, personal digital assistant (PDA), and other communicators that are physically mobile. M-commerce creates new business opportunities for people who involve in the field, such as content and service providers, especially to mobile network operators who play an active role in the m-commerce transaction and become more profitable and competitive. Mobile commerce application is taking an advantage of combination between mobile communications with existing electronic commerce services. This combination is predicted to be successful in the future, especially with the increase of mobile market. There are some key drivers that support the statement. The key drivers, which will increase the mobile market, are: ��Ubiquity

Ubiquity is the most obvious advantage of a wireless terminal. The wireless terminal in the form of smart phone or communicator can fulfil the demand of a real-time information and communication anywhere, anytime, independent of user’s location.

��Reachability This key driver is important for many people who want to get in touch and be available with others. With the existence of mobile terminal, a user can be contacted anytime anywhere.

��Security Probably this is the most important key driver of mobile terminal. Basically, mobile security technology has emerged in the form of SSL (Secure Socket

26

Layer) technology within a closed end-to-end system. The smart-card within the terminal that is called SIM (Subscriber Identification Module) card, provides authentication of the owner and enables higher security than currently is typically achieved in the fixed Internet environment.

��Convenience Convenience has been an attribute that gives a character to a mobile terminal. Nowadays mobile terminals can store data and easy to use.

The key driver is supported by the enhanced features that will become available on tomorrow’s mobile terminals that include:

�� Localisation

The localisation feature will add a significant value to mobile terminals. Knowing the mobile users physically will be an opportunity to offer other relevant services available from the network operator. For example, if a mobile user just arrives in England, he/she can expect to receive a message where to have nearest hotel to stay overnight and then he/she can proceed to book the hotel via the mobile terminal.

�� Instant Connectivity

Instant connectivity to the Internet from a mobile phone has become a reality as we can see from the WAP technology. The technology will move forward and evolve to the better service (data rate) and better shape (bigger micro-browser) such as GPRS or UMTS technology. Using those technologies will make information access from Internet easier and faster without booting a PC. Hence, accessing the Internet from a mobile phone will be the preferred way for people with high mobility.

�� Personalisation

Personalisation feature on today’s mobile phone to a limited extent has already been available. Nevertheless, the need for payment mechanisms, combined with the personalised information and transaction feeds from mobile portals, will shift to a new level of customisation, that finally makes the mobile terminal becomes “real” . If I refer go back to the example of a mobile user who just arrives in England, if he/she responds (say yes) to the hotel suggested from the network operator, afterwards he/she will be given a range of room prices that mostly match to variables he/she has input through the personalisation feature.

According to Durlacher Research Ltd, the key drivers such as ubiquity, reachability, security, and convenience are today’s key features and the other three drivers are tomorrow’s key drivers. More clearly, it is shown on the following diagram.

27

Ubiquity Reachability

Security Convenience

Today

Localisation Instant Connectivity

Personalisation

Tomorrow

Figure 9. Key Dr ivers of Mobile Terminals

[Source: Dur lacher Research L imited]

Those key drivers above have enabled mobile terminals to become an alternative way to do transactions online via Internet.

3.3. Mobile Commerce and Secure Socket Layer (SSL) As discussed before that mobile commerce is formed from electronic commerce but the different is m-commerce is on the move and e-commerce is not. One critical factor that also the main focus of the project is about the security issue. Is m-commerce secure? How secure compared to “ordinary” e-commerce? Before we can answer the question, lets review the security on ordinary e-commerce, which based on SSL (Secure Socket Layer) that can make security over the Internet (m-commerce is also conducted over the Internet). Today’s security solutions are trying to keep away the information from people that should not have access to the confidential data such as financial data. Security has a mission to protect critical information as such and provides peace of mind, makes sure every individual and corporation is safe conducting the business and exchanging information online. There are four concerns that security system can address: privacy, integrity, authenticity, and non-repudiation. Privacy assures only sender and the intended recipient can read the content of encrypted message. Guaranteeing privacy means a security solution must certain that no one can see, access or even use private information, such as addresses, credit card information, and any other important information as they are transmitted over the net. Integrity means any change in the content of the message between the time it is sent and the time it is received must be detectable. If there is an alteration during the transmission of the message being sent over the Internet, the system should be able to detect the alteration. Mostly, if an alteration detected, the system requests the message must be resent. Authentication ensures that all parties in a communication are who they claim to be. Authentication also provides a method for users that they are really communicating with the web site they are connected to. An example in the real life

28

involves presenting a driver’s license to verify that a consumer writing a cheque is the person on that cheque or presenting a corporate photo ID to prove that a telephone technician really works for the telephone company. Non-repudiation offers a way to guarantee that a part in the transactions cannot falsely claim they were not part of the transaction. We can see an example in the real world clearly that driver’s license ensures the identity of the driver (authentication), while the signature on the cheque ensures that the customer was in fact present and agreed to write the cheque (non-repudiation). On the Internet, the SSL protocol, digital certificates and either username/password or digital signatures are used together to supply all four types security above. In addition to the SSL, the SSL has a component called Public key cryptography, which is an encryption method in the SSL. It uses pairs of keys and mathematical algorithms to convert clear text into encrypted data and back again. The pair consists of a registered public key and a private key that is kept secret by its owner. A message encrypted with the public key can be decrypted only by someone with the private key. Likewise, a message encrypted with the private key can be decrypted by someone with the public key. Public key cryptography uses very advanced algorithms to encrypt small amounts of information but it is impractical to encrypt large quantities of data. Algorithms use a shared secret key between the communicating parties to encrypt most secure messages on the Internet. These algorithms are extremely very difficult to decrypt when the shared key contains a large number of bits. SSL using public key cryptography to exchange this key at the beginning of a secure data transmission, and hence it remains secret for the duration of the data transmission. The SSL uses public key cryptography, bulk encryption algorithms and shared key exchange techniques with intention to provide privacy over the Internet. To provide integrity, SSL uses hashing algorithms that create a small mathematical fingerprint of a message. If any part of the message is changed, the message needs to be resent because it does not match its fingerprint of the message. Anyone can generate key pairs of public key cryptography, so it is possible for a malicious party to put up an impostor web site and then falsify information in the transaction by providing a public key to a user. To prevent any unwanted situation, digital certificates are used to give an authenticated way to distribute public and private keys. “Digital certificates used as well as to authenticate the parties of an Internet conversations so that users and content providers can both be confident they know who they are communicating with” [Understanding WAP Security, 2000]. Moreover about digital certificates, there are two kinds of it, server certificates and client certificates. The former ones are used to authenticate that the web server is what it claims to be. Client or personal certificates are used to authenticate the identity of an individual user on the Internet. Importantly, the certificate itself is encrypted with the private key of a certificate authority, creating the independent binding of the public key and the certificate holder. Companies like VeriSign and RSA Security operate as certificate authority, providing a respected, independent resource to issue keys and certificate to their holders. For example, when a web browser requests a secure conversation with a web server, the server provides its server certificate. The browser authenticates the web server by confirming that a valid certificate authority encrypted the certificate. Thus, it uses the public key stored in the certificate to encrypt shared secret key to send to the web

29

server. The shared secret key is used to encrypt the rest of the conversation. The web browser and the web server can have secure conversation, which is private and authenticated and with guaranteed integrity by using server certificate. The figure below will explain how it works.

Figure 10. Diagram Interpretation from Scenar io above of Secur ing Conversation Using

Server Certificate

Please note that in the example above only server has been authenticated. The other certificate, client certificate, can be used to authenticate a user to the web server, but mostly on today’s applications, a simple username and password are used to authenticate the user of browser client. The remaining issue to address is non-repudiation. As with client authentication, now most web applications depend on entry of a user name and password to provide non-repudiation. Applications can request digital signature from a client, which requests that the user specifically authorise a transaction. The authorisation is then encrypted utilising the user’s private key from their client certificate. A digital signature is analogous to real signature on a cheque and serves the same purpose. Nowadays, good network security solutions require the content providers and clients manage and maintain their certificates and other security information carefully. A security solution called Public Key Infrastructure (PKI) manages the information so it is secure and easy to organise. PKI contains three functional components: the certificate authority to issue certificates; a repository for keys, certificates, and certificate revocation lists on an LDAP(Lightweight Directory Access Protocol)-enabled directory service; and a management function, typically implemented via a management console. If in a case a user loses his/her private key due to hardware failure or other problem, PKI can take an action to do key recovery. W.S. Whyte in his book, “Enabling eBusiness: Integrating, Technologies, Architecture and Applications.” summarised those security concerns above in a table form as shown below:

Web Browser , Request for secure

Conversation

Web Server , provides server certificates

Confirm valid cer tificate author ity encrypted the certificate

Public key stored in the certificate

Authenticates

Shared secret key: to encrypt the rest of conversation

Uses Send to

30

Confidentiality Only the legitimate parties can observe what is passed or stored.

Integrity Only legitimate processes are enacted and data is not corrupted, or if corrupted, the consequences are contained.

Availability Systems are proof against attack intended to destroy their ability to provide service.

Authority and accountability Only the correct people can use a resource, action a transaction and/or be reliably traced as such.

Figure 11. The cardinal points of secur ity (W.S.Whyte, 2001)

The definition of confidentiality of W.S. Whyte is similar to the definition of privacy in our discussion. The term availability can be related to integrity as if the content of data has been changed during the data transmission, it means the correct information is not available. Authority can be referred to the use of digital signatures for identification and accountability is the reliability to detect if the user has the right authorisation. Those security issues above that have been discussed are security issues on Internet that are used by the static terminal like Personal Computer and adopted by second-generation mobile technology, particularly WAP. This type of technology will be discussed in next chapter for its basic architecture and security issues within WAP technology. WAP technology will be described with SMS technology, as both will represent the technology used in the prototype of the project.

3.4. Conclusion The mobile commerce has been known as an electronic commerce on the move. Ubiquity, reachability, security, convenience are the today’s key drivers for enabling mobile commerce. There are more drivers for m-commerce that can be performed by next generation mobile technologies. These tomorrow’s drivers are localisation, instant connectivity, and personalisation. Mobile commerce security in electronic commerce on the Internet found that Secure Socket Layer (SSL) as the issue in its security. The security of SSL concerns with four concerns: privacy, integrity, authenticity, and non-repudiation. One author adds the security concerns with the factor of confidentiality, availability and accountability.

31

CHAPTER 4

PROTOTYPE AND EVALUATION

4.1. Introduction The chapter is divided into 2 main sections. The first one is the design document of the prototype and the second one is the evaluation, which will evaluate the prototype.

4.2. Design Document of Prototype

4.2.1 Aims: 1. The prototype will be built on the experiment based on current technologies

that are called Short Message Service (SMS) and Wireless Application Protocol (WAP). Both technologies are in the family of second-generation mobile telecommunication systems.

2. The prototype is a mock up prototype that can be used as an alternative to ask confirmation to electronic commerce (e-commerce) buyers in one side and to give the confirmation back to the systems.

4.2.2. Objectives: 1. To give clear understanding to reader how the scenario given for this

prototype is feasible and can be implemented in the future. 2. To show the reader how the system works for the authentication scenario by

describing the events in the sequence order.

4.2.3. The Scope 1. The prototype (as described by the scenario given) will be illustrated for

mobile or electronic commerce business on the Internet. For this prototype, I will use GOBYPLANES.COM (not real) as the name of the e-commerce company that will use the prototype.

2. The main focus is security. The prototype has two security issues. One is security for identity/authentication (the buyer has to confirm the purchase), and the other is the security of sending the username and password to the system.

3. The other focus is the feasibility study of the prototype for authentication via WAP phone.

4. The prototype demonstrates authentication scenario using WAP security technology.

5. Even the prototype is based on WAP technology, but the development of the prototype should be in the next generation of mobile technology such as GPRS, CDMA and UMTS.

32

4.2.4. Requirements 1. WAP editor, to make the WAP website. 2. WAP Server, the WML files will be uploaded to this server. In this case, free

WAP hosting at http://wap41.com will be used as the WAP server. 3. WAP Emulator, to access WAP website from the computer. 4. WAP mobile phone, also to access WAP website. 5. Pictures in wbmp file format (if applicable)

4.2.5. Feasibility Study As mentioned above, besides security issues, the other focus of the prototype is the feasibility study of authentication scenario. The feasibility study is taken for this prototype because it brings a number of benefits in combining WAP and SMS for mobile commerce application. The benefits are:

��Most electronic commerce applications will send a copy of detail of purchase to the buyer’s e-mail address but they do not ask for a confirmation to confirm that he/she is the owner of the credit card. This application will do that but it will send to the WAP phone instead of e-mail address. The purpose of asking confirmation is to avoid fraud/misuse of credit card by someone else.

��As it is a mobile phone, so that a request of confirmation sent by the e-commerce system will arrive faster to the buyer in term of mobile phone is mobile and light compared to a personal computers (PC) or laptop.

��Mobile phone is more private compared to PCs or laptops as the two latter technologies tend to be used by many people (e.g. one PC is used by one family). Opposite to that, mobile phone is usually used by one person.

4.2.6. Method The method is to mock-up a simple prototype to demonstrate inter-

working/collaboration between protocols (e-commerce, SMS and WAP) and implement it into a real system in the future. The scenario given illustrates functional statement of step-by-step process as a description from what the prototype is doing. It is hoped that in the future, the prototype will form a basis for further development into a real mobile commerce application by experts in this field.

4.2.7. The Scenar io The event starts when a user buys an airplane ticket online from

GOBYPLANES.COM using a personal computer or a laptop or any other devices that have access to Internet. For example, in the checkout stage of GOBYPLANES.COM, the user/buyer will have the details of his/her orders (such as names, address, e-mail address and a list of items ordered and the price) shown by the systems.

Normally, most of e-commerce websites will give a copy of purchasing confirmation, which is sent to his/her e-mail address. Different to others, GOBYPLANES.COM will send a copy of confirmation to a mobile phone that has WAP supported feature. The reasons of sending the copy to a WAP phone are because a (WAP) mobile phone is more private than a PC/laptop that can be used by many people especially in a

33

family; also the information, the copy sent by e-commerce system is much faster to receive by the a mobile phone than an e-mail address. The copy of purchasing confirmation is sent by Short Message Service (SMS) technology. This technology is second-generation mobile systems.

After receiving customer’s details and other information required, GOBYPLANES.COM system will send a text message (which contains a request to the customer to confirm his/her purchase) to its customer. The text message will appear in a customer’s (WAP) mobile phone: “ This text message comes to you because recently you just bought ticket(s) from GOBYPLANES.COM. We will be pleased if you can confirm your purchase by clicking on the link below. GOBYLANES.COM”

The link is provided with the text message. The link is a WAP website link that will bring the customer to the GOBYPLANES.COM WAP website which displays a company logo for 3 seconds and automatically directing to the company’s front page. When a customer clicks on the link, the WAP phone will go directly to the front page referred by the link. It should be remembered that the link (WAP website) could not be displayed by non-WAP mobile phone.

As discussed before, the link contains a WAP website which is written in WML (Wireless Mark-up Language). WML enables people/users to browse the website using their WAP phone or other wireless technology such as Personal Data Assistant (PDA) that has access to the Internet. The front page of GOBYPLANES.COM will contain text and picture. The picture will be displayed as WBMP format (Wireless Bitmap) on the mobile phone. It will be impossible to display the picture if it is not in WBMP format (for example in ordinary BMP format). The text of the front page will be: “ Welcome to GOBYPLANES.COM WAP website! If you just bought ticket(s) from us, please confirm your purchase on the link below. Confirm your purchase!” The picture will be put between the texts. The user should click on the link that will connect to the GOBYPLANES.COM confirmation page. The page itself will contain interfaces of text and few boxes that need to be filled by the user (username and password obtained when user registered to GOBYPLANES.COM). The text will say: “ You are in secure mode now. Please confirm your purchase by filling in the username and password below and click Proceed when you finish.” Username:

Password Proceed Please note that for the simulation, I have made “wapuser” as a default for the username and leave the password box blank.

wapuser

********

34

When a user click on “Proceed”, the system will check whether the password is correct or not. If the password is incorrect, the user will have a chance to fill the username and password three times, otherwise the confirmation cannot be processed. If the password is correct, then the system will return the some words: “The password is correct. Confirmation is accepted. Your ticket is being processed and will be sent to you in a few days. Thank you for using GOBYPLANES.COM service. We are waiting for your next visit!”

4.2.8. Assumptions: ��The prototype is a WAP website which is accessible by a WAP mobile phone

or phone emulator and other wireless devices. ��User/customer is a buyer. ��System is GOBYPLANES.COM electronic system including the process of

confirmation. ��This is mock-up prototype; it is not the real online prototype. ��Sending username and password to the system involves the security issues of

wireless technology (WAP), it has been discussed in previous chapter.

4.2.9. Building up the Prototype The prototype is written on Wireless Mark-up Language (WML) with WAPtor, which is freeware WAP editor from WAPdrive. The WML code is written in every page called card (card is also a file name). For this prototype, it contains of many cards which link one to another. These cards need to be uploaded to the server in order user to view the cards on his/her WAP phone. The server cannot be the ordinary server such as the server for HTML files. The server is a WAP server that enable user to access the WAP pages with the starting address of http://wap… The prototype is using free WAP server called wap41.com. The WML files are uploaded to this server. The knowledge of building WML codes is taken from books and the Internet sources. The writer learnt how to build the prototype, which should be written in WML codes by these two sources. For example, the following codes are the codes on the first card of the prototype.

35

Figure 12. An Example of WML Codes Taken from the First Card of the Prototype

The prototype in a real life should be able to check whether the username and password entered, are matched for a matter of security. This type of security needs WAP server with CGI (Common Gateway Interface) program supported. The CGI program enables to check username and password matched or not. The WAP server used for the prototype is not CGI program supported, so that checking and matching username and password cannot be demonstrated. The prototype is more concerned with the security issues of WAP when the data (username and password) is transmitted to the system. These security issues have been discussed earlier in this chapter.

4.2.10. How to measure/testing the prototype? The prototype, which is WAP websites, will be tested by some respondents (it

tends to be MSc. classmates). Testing the prototype is for its feasibility study for authentication scenario. The security issues of the prototype cannot be shown as the WAP server used is not CGI programme supported.

The prototype could be accessed by phone emulator and WAP phone. For testing purpose, phone emulator is more preferred as it cuts down the cost of the airtime of mobile phone. Testing will include whether the prototype works; the simplicity of interface. The feedback from testing will be useful for the evaluation part of my project. The evaluation itself will be discussed in the final chapter together with conclusion and suggestion.

4.2.11. Evaluation Plan Evaluation on the prototype will centre on the feasibility of the system. As discussed above, few people will test the prototype. The main question will be asked is: “Do people want this technology?” The question is raised because the technology used in building the prototype involves WAP which according to one research, it is used only by half of its owners [Vilstrup

<?xml version="1.0"?> <!-- created by WAPtor (http://www.wapdrive.net/) --> <!DOCTYPE wml PUBLIC "-//WAPFORUM//DTD WML 1.1//EN" "http://www.wapforum.org/DTD/wml_1.1.xml"> <wml> <card id="MainCard" title="SMS"> <p align="center"> This text message comes to you because recently you just bought ticket(s) from <b>GOBYPLANES.COM</b> <br/> <br/>We will be pleased if you can confirm your purchase by clicking on the link below. <br/><br/> <a href="http://wap41.com/emir975/card0.wml">GOBYPLANES.COM</a><br/><br/> </p> </card> </wml>

36

Interactive, July 2000]. Moreover, the friendly interfaces and their ease of use from prototype will be raised as additions to the main question. Besides evaluating the prototype, more importantly, the security issues on mobile commerce over UMTS will be evaluated.

4.2.12. Practical Issues Some practical issues of the system (concentrated on the security issues of WAP technology) have been discussed in earlier discussion.

4.3. Evaluation The Evaluation is centred on the evaluation of the prototype. The prototype is demonstrated through a scenario given in the design of the prototype. Some respondents have tested the prototype and questionnaires have been given to these respondents. The questionnaires were given to receive feedback on the prototype. The questionnaires and some respondents’ answers can be found in appendix E. The prototype was designed for m-commerce application with the focus on the security issues with WAP technology. The security issues of the prototype are an authentication that asks user to validate that he/she is the genuine person who is doing the transaction and the security when information entered by the user are sent to the system. The latter one has been discussed previously, as the security of WAP concerns with WTLS (Wireless Transport Layer Security). The earlier was demonstrated ‘ limitedly’ by the prototype. The requirements of this prototype such as WAP editor and WAP server were downloaded free from the Internet (freeware). WAP Emulators can be found on the Internet. WAP emulators as well as WAP phone are used to test the prototype. WAP server used in the prototype is not CGI programme supported, so that the authentication security cannot be revealed wholly. WAP editor is an editor to make/edit WML or WAP websites that is a language that compatible to Wireless technologies. Other computer language programmes that have ability to make websites such HTML or ASP cannot be used to build WAP websites as they have different standards such as the size of text-data based sent over the networks. As discussed before, questionnaires were given. Most of the feedbacks were positive and they like the prototype but there are still barriers that need to be overcome before the technology can be implemented into reality. Those barriers are the unpopularity of WAP, small screen size, slow data rates and reachability. The unpopularity of WAP was mentioned that only fifty one percent of WAP owner uses WAP function. The other forty nine percent are predicted not using WAP function because of other barriers discussed above. Small screen size makes the content displayed in WAP unclear. This barrier will be overcome by the next generation mobile such as GPRS, EDGE and UMTS. The screen size will be bigger than available presently (refers to the figure four and five of UMTS prototype from Siemens and Nokia). Slow data rates that take time to open every page of WAP website will be countered by next generation technology that offers huge data rates up to 2Mbits per second. Opening the pages of the WAP websites will be very fast. These advanced technologies also will provide reachability in anytime and anywhere, minimising the blank-spot problem that can interrupt the continuity of communication.

37

The prototype is based on WAP, which its security depends on WTLS and WAP gateway. Both components keep the transaction secure over the WAP phone. It has been realised that especially gateway needs special treatment (as discussed earlier in chapter two) to make the component secure. The prototype has a big potential for m-commerce in the future, but the technology used for the prototype should be the next generation technologies, especially to UMTS that its securities has been designed by the researchers. It can be assumed that people want this technology if the current barriers are firstly solved.

4.4. Conclusion This chapter has discussed the design of the prototype with concerns of its security in m-commerce application. The evaluation has evaluated the prototype. The prototype technology developed in the future (third generation systems, UMTS) is more preferred than the emerging technologies (WAP) because of data rates factor as one of the concerns.

38

Chapter 5

M-Commerce and UMTS Secur ity

5.1. Introduction Earlier, m-commerce has been discussed and the prototype has been built to

perform m-commerce scenario based on second-generation systems. The evaluation based on the prototype has been addressed. Also the WAP security has been discussed. The following addresses the security issues of mobile commerce on third generation mobile systems, UMTS and identifies its threats in possibility of breaking the security designed for UMTS.

5.2. Secur ities on 3G/UMTS Security issues on 3G securities or UMTS security basically are almost the

same with the second-generation mobile but UMTS security is more advanced in some cases. Advanced here means it the security of UMTS should cover the weaknesses of previous generation mobile security technology. In fact, UMTS security is an improvement of second-generation mobile security. For example, in UMTS security technology, the use of smart card technology will be introduced in order to recognise user identification; meanwhile the technology applied today (on GSM/2G technology), uses SIM card module that can be placed to any GSM mobile to identify the user to the network and permit access to services. For UMTS, it intends to make use of identity module called USIM (User Services Identity Module), where applications, digital signatures, certifications, encryption algorithms and any other type of data can be entered and stored. Flavio Muratore has opinion that “USIM card will permit the large-scale introduction of commercial and financial transactions via UMTS for applications such as e-commerce, home banking, and so forth.” [Muratore, 2001].

5.3. New Secur ity Features and the Secur ity of New Service Features “3G/UMTS security is designed to improve the security of second generation systems.” [UMTS; 3G Security; Security Principles and Objectives, 2001], therefore in UMTS security, there will be new security features and the security of new features introduced. “The new service features that will be secured cannot be listed at the time of writing as the research of security on new features is still being conducted.” [3GPP, 2001]. However, the environment in which these features are likely to be developed can be described. 3G securities will secure this environment. The environment in which new services will be developed (as given by [ETSI paper, 2001] can be characterised by (but is not limited to) the following aspects: ��There will be new and different providers of services. For example: content

providers, data service providers, HLR (Home Location Register) only service providers;

��3G mobile systems will be positioned as the preferred means of communication for users. They will be preferable to fixed line systems;

39

��There will be a variety of prepaid and pay-as-you-go services, which may be the rule rather than the exception. A long-term subscription between the user and network operator may not be the paradigm. (3G security will provide satisfactory security for such systems and will not content with insecure systems);

��There will be increased control for the user over their service profile (which they might manage over the Internet) and over the capabilities of their terminal (it will be possible to download new services and functions using systems such as MExE(Mobile Execution Environment) and SAT (SIM Application Toolkit));

��There will be active attacks on users. (In active attacks, equipment is used to impersonate parts of the network to actively cause lapses in security. In passive attacks, the attacker is outside the system and listens in, hoping security lapses will occur);

��Non-voice services will be as important as, or more important than, voice services;

��The terminal will be used as a platform for e-commerce and other applications. Multi-applications smartcards where the USIM is one application among many can be used with the terminal. The smartcard and terminal will support environments such as Java to allow this. The terminal may support personal authentication of the user using biometric methods (e.g. fingerprints or retina scan).

5.4. Overview of Secur ity Architecture

Figure 13. Overview of the security architecture

[Source: UMTS; 3G Security; Security Architecture]

The figure above shows the security architecture of 3G/UMTS. From the figure, five security groups are identified. Each of these feature groups meets certain threats, which will be discussed later. Those feature groups are defined [by ETSI, 2001] as follow:

�� Network access security (I) The set of security features that provide users with secure access to 3G services, and which in particular protect against attacks on the (radio) access link;

40

�� Network domain security (II) The set of security features that enable nodes in the provider domain to securely exchange signalling data, and protect against attacks on the wireline network;

�� User domain security (III) The set of security features that secure access to mobile stations.

�� Application domain security (IV) The set of security features that enable applications in the user and in the provider domain to securely exchange messages.

�� Visibility and configurability of security (V)

The set of features that enables the user to inform himself/herself whether a security feature is in operation or not and whether the use and provision of services should depend on the security feature.

5.5. Five Secur ity Features of UMTS

5.5.1. Network Access Secur ity 5.5.1.1. User Identity Confidentiality The following security features related to user identity confidentiality provided: “(a) user identity confidentiality: the property that the permanent user identity (IMSI = International Mobile Subscriber Identity) of a user to whom a services is delivered cannot be eavesdropped on the radio access link; (b) user location confidentiality: the property that the presence or the arrival of a user in a certain area cannot be determined by eavesdropping on the radio access link; (c) user untraceability: the property that an intruder cannot deduce whether different services are delivered to the same user by eavesdropping on the radio access link.” [3G-security architecture, 2001]. To achieve the aims, the user usually identified by a temporary identity by which he/she is known by the visited serving network. To avoid user traceability, the user should not be identified for a long period by means of the same temporary identity. In addition to fulfil those features, any signalling or user data that might reveal the user’s identity is ciphered on the radio access link. 5.5.1.2. Entity authentication The security features related to entity authentication will be user authentication, which is the property that serving network support the user identity of the user; and network authentication, the property that the user corroborates that he/she is connected to a serving network by the user’s Home Environment to provide him services, as this includes the guarantee that this authorisation is recent. To achieve the aims, it is suppose that entity authentication should occur at each connection set-up between the user and the network. 5.5.1.3. Confidentiality The security for confidentiality of data on the network access link cover: Cipher Algorithm Agreement, which is the property that the Mobile Station (MS) and Serving Network (SN) can securely negotiate the algorithm that hey shall use subsequently; Cipher Key Agreement, the feature that the MS and SN agree on a cipher key that they may use subsequently; Confidentiality of User Data, the feature

41

that user data cannot be overheard on the radio access interface; and Confidentiality of Signalling, the property which has same to previous feature but signalling data for this feature not user data. 5.5.1.4. Data Integrity The following security features are referred to integrity data on the network access layer: Integrity Algorithm Agreement, it is same function to Cipher Algorithm Agreement; Integrity Key Agreement has the same function to Cipher Key Agreement; Data Integrity and Origin Authentication of Signalling Data, the feature that receiving entity (MS or SN) is able to verify that signalling data has not been modified in an unauthorised way since it was sent by sending entity (SN or MS) and that the data origin of the signalling data received is indeed the one claimed. The first two features have the same function with the first two features of Confidentiality. 5.5.1.5. Mobile Equipment Identification “Even though IMEI is not a security feature, but it should not be deleted from UMTS security features as it will be useful for other purpose.” [ETSI, 2001].

5.5.2. Network Domain Secur ity 5.5.2.1. Fraud Information Gathering System “Most attributes will be provided that allow fraud information to be exchanged between 3G MS providers according to time constraints that yet have to be defined.” [UMTS Security Architecture, 2001].

5.5.3. User Domain Secur ity 5.5.3.1. User-to-USIM Authentication This attributes makes any properties, which have access to the USIM is restricted until USIM has authenticated the user. Thereby, it is ensured that access to USIM can be restricted to (a number of) authorised users. Therefore, user and USIM must share a secret (e.g. password) that is stored securely in USIM. The user can get access to the USIM if he/she is able to acknowledge the secret. “USIM is a key component of UMTS security.” [Prasad, 2001]. USIM is expected to control networks and services in UMTS technology. USIM is expected to have broader use than just authentication and storing personal data, as it might also be host to electronic payment systems and other applications. These expectations for USIM meet the barrier from the memory capacity of smartcards. However, some manufacturers announced memory ranges of up to 70 KB within next to years. Up to this writing, the current SIM memory (for GSM) can take up to 32 KB [www.smartcardcentral.com]. 5.5.3.2. USIM-Terminal L ink The feature works the same to the feature in C.1. If a USIM fails to know the secret, the access to the terminal will be denied.

42

5.5.4. Application Secur ity 5.5.4.1. Secure Messaging between The USIM and The Network USIM Application Toolkit provides the capability for operators or third party providers to create application applications that are resident on the USIM (similar to SIM Application Toolkit in GSM). It exists to secure messages that are transferred over the network to applications on the USIM with the level of security chosen by the network operator.

5.5.5. Secur ity Visibility and Configurability 5.5.5.1. Visibility Though the security features should be transparent to the user, due to user’s concerns and certain events, user visibility of the operation of security attributes should be provided. It yields indications that inform the user to the security-related events such as: Indication of access network encryption, property which the user is informed whether the confidentiality of user data is protected on the radio access link, especially if non-ciphered calls made; Indication of the level of security where user is informed on the level of security that is provided by the visited network, in particular when a user roams into another network with lower security level, e.g. 3G to 2G. 5.5.5.2. Configurability It is the property where the user can configure whether the use of service should depend on a security feature in operation. A service can be used if all security features that relevant to the service and required by configurations of the user, are in operation. The following configurability features are suggested: Enabling/disabling user-SIM authentication; Accepting/rejecting non-ciphered calls; Setting-up or not setting-up non-ciphered calls when ciphering is not enabled by the network; Accepting/rejecting the use of certain ciphering algorithms that are acceptable for use. In addition to those five security features above, there is one other key component for UMTS security. It is called Public Key Infrastructure (PKI). “PKI is public key cryptography that allows parties to communicate securely without prior exchange of secret key material.” [Prasad, 2001]. The supporting infrastructure for public key cryptography consists of a network of trusted third parties that provide management and certification services.

5.6. Secur ity Threats Having known that the security architecture and the security elements in early discussion, the following contents will identify the threats to the security of third generation mobile, detailing what threats achieve, how they are carried out and where in the system they could occur. It is possible to group these security threats in many different ways, in this project, the following categories have been considered:

43

5.6.1 Unauthor ised access to sensitive data (Violation to Confidentiality) ��Eavesdropping: An intruder intercepts messages without detection. ��Masquerading: An intruder hoaxes an authorised user into believing that they

are legitimate system to obtain confidential information from the user; or an intruder hoaxes a legitimate system into believing that they are an authorised user to obtain system service or confidential information.

��Traffic Analysis: An intruder observes the time, rate, length, source and the destination of messages to determine a user’s location or to learn whether an important business transaction is taking place.

��Browsing: An intruder searches data storage for sensitive information. ��Leakage: An intruder obtains sensitive information by exploiting processes

with legitimate access to the data. ��Inference: An intruder observes a reaction from a system by sending a query

or signal to the system.

5.6.2. Unauthor ised manipulation of sensitive data (Violation of I ntegr ity) ��Manipulation of messages: Messages may be deliberately modified, inserted,

replayed or deleted.

5.6.3. Disturbing or misusing network services (leading to denial of service or reduced availability)

��Intervention: An intruder may prevent an authorised user from using a service by jamming the user’s traffic, signalling, or control data.

��Resource exhaustion: An intruder may prevent an authorised user from using a service by overloading the service.

��Misuse of Privileges: A user or serving network may exploit their privileges to obtain unauthorised services or information.

��Abuse of Services: An intruder may abuse some special service or facility to gain an advantage or to cause disruption to the network.

5.6.4. Repudiation: A user or a network denies actions that have taken place.

5.6.5. Unauthor ised access to services ��Intruders can access services by masquerading as users or network entities. ��Users or network entities can get unauthorised access to services by

misusing their access rights.

The threats of UMTS security above need more concern from UMTS researchers in order to build a secure and reliability future mobile technology. The discussion of security issues of UMTS at this stage is adequate to be acknowledged by readers, especially from academics. To gain more information about UMTS security, it will be worth to see the bibliography at the back of the project.

44

5.7. Conclusion The security in UMTS technology that will secure m-commerce applications in the future contains of many features that grouped as five main group features: network access security, network domain security, user domain security, application domain security. M-commerce applications will also be guarded more securely by the application of USIM and PKI in UMTS security. Even though it looks like the UMTS security will be assumed secured, but the researchers have identified the threats that should be aware that could make the m-commerce application in UMTS becomes insecure.

45

CHAPTER 6

CONCLUSION AND RECOMMENDATION

6.1. Conclusion

6.1.1. Objectives of the Project The objectives that set in chapter 1 were:

1. Perform a background research study on the concepts of third generation (3G)/UMTS Mobile. This will allow a general understanding of the general framework of UMTS technology.

2. Describe and analyse the security issues on mobile commerce (m-commerce) of second-generation technology (WAP).

3. Describe and analyse the security issues on mobile commerce (m-commerce) of UMTS technology.

4. Develop a model (prototype) on m-commerce based on combination of WAP and SMS (typical scenario given).

5. Perform the background research study on Wireless Application Protocol (WAP) and Wireless Mark-up Language (WML). This will allow a general understanding to build the prototype.

The conclusion of: Objective 1: A full research of 3G/UMTS concept during the last six months has been conducted to make a comprehensive understanding of the new and coming mobile technology. The concept of 3G/UMTS can be found in chapter II of this project. The research sources are mostly from the Internet and the books. The Internet gives an access to the official organisations, which deal with UMTS technology such as UMTS forum, 3GPP (Third Generation Partnership Project), ETSI (European Telecommunications Standards Institutions). The difficulty came from the books as not many books have been written for this new technology. Objective 2: This objective is implemented in the prototype of m-commerce scenario, which uses WAP as its platform. WAP security has been discussed earlier in chapter two. The objective was met. Objective 3: This objective was again met in chapter five as it discussed all security features of UMTS technology and security threats, which might break the security of the technology. The security issues addressed in chapter five will be used in the future for m-commerce application. Objective 4: The prototype was developed based on WAP and SMS. The address to test the prototype is at http://wap41.com/emir975/card1.wml. The prototype is a typical scenario for security in authentication when a buyer just orders an item on the Internet (as it could happen on m-commerce). To make the prototype becomes “real online” , it needs a WAP server that is CGI program supported. The difficulty here is the WAP server used is not CGI program supported. For development in the future, this

46

difficulty should not be a problem. This objective to develop a prototype was fully met. Objective 5: In order to achieve the fourth objective, the fifth objective firstly had to be met. I did not find any difficulties to get sources to learn WAP and WML, as they are available on the Internet such as WAP forum and books from library such as Inside WAP by Pekka Niskanen.

6.1.2. What are the secur ity issues taken from the discussion (literature review)?

Generally the security issues (both 3G and 2G technologies) concern with four issues: privacy, integrity, authenticity, and non-repudiation. In practice, the encryption and its algorithm play the roles of these issues. The UMTS security, which is the main focus of the discussion, also uses encryption technique with more complex algorithm compared to second-generation algorithm. 3G securities basically enhanced the securities that 2G technologies have, but 3G securities still retains some security elements of 2G and adopted them to 3G technologies. In the discussion, it was mentioned clearly the elements meant. 3G/UMTS securities also correct the weaknesses of 2G securities, e.g. hijacking on the channel.

The discussion also addressed the new features of the UMTS security. The features were fully described for each function. The architecture of UMTS security as well as its security groups was also identified. The group features were explained into more details for its function and use. Moreover, even though the security in 3G technologies has been designed to be “the most secure” one, but the literature research also has categorised the security threats that might occur during the implementation of 3G technologies. These security threats were clarified in the discussion. The new features that make 3G securities special are the existence of USIM that provide much bigger storage in its smartcard and enables to store all information needed about the user and etc. Also, the feature of Public Key Infrastructure (PKI) that basically a public key cryptography, manages the information so it is secure and easy to organise. The two features will collaborate with other features to make the third generation applications such as m-commerce more secure.

6.1.3. The value of the prototype built, what I learnt from it? The prototype has shown a scenario for m-commerce with WAP technology.

The value of the prototype built will be a new system for e-commerce with authentication security as a central focus. The prototype was built with WML. WML is a new skill for the writer as an asset to find job in the future.

47

6.2. Recommendation The writer recommends readers, especially students who are interested in exploring and researching UMTS security, to get more data and information from the Internet, especially the organisations that deals with third generation systems. For future development, the prototype and its concept should be developed by the experts as one application that enable more secure m-commerce as the prototype concerns with authentication factor that could identify if the user is the right person.

48

REFERENCES Anonymous (2001), “Succes 4 WAP” White Paper White Paper, http://www.success4wap.com Durlacher Research Ltd (1999), Mobile Commerce Report, www.durlacher.com ETSI (2001), UMTS; 3G Security; Security Architecture, (3GPP TS 33.102 version 4.1.0 release 4). ETSI (2001), UMTS; 3G Security; The Threats. Muratore, F (2001), UMTS : mobile communications for the future, Chichester- Wiley. Net-Kraft Pvt.Ltd (1998), Short Message Service (SMS), Mobile and Wireless Division. Net-Kraft Pvt.Ltd (1998), Wireless Application protocol (WAP) Understanding Security, Mobile and Wireless Division. Niskanen, P (2001), Inside WAP: programming applications with WML and WMLScript, Addison-Wesley,Harlow. Prasad, R (2001), Towards a global 3G system : advanced mobile communications in Europe Vol.1, Boston London: Artech House. UMTS Forum: Report No. 2 (1998), The Path towards UMTS Technologies for the Information Society, UMTS Forum. UMTS Forum: Report No. 11 (2000), Enabling UMTS / Third Generation Services and Applications, UMTS Forum. Veijalanen, J. and Tsalgatidou, A., Electronic Commerce in a Mobile Computing Environment, Proceedings of IS 2000 Fukushima. "WIRELESS" INTERNET: What the 3G Challenge Means for U.S. Competitiveness, http://www.ntia.doc.gov/ntiahome/threeg/3gintro.htm Whyte, W S (2001), Enabling eBusiness : integrating technologies, architectures and applications, John Wiley – Chicester, New York.

49

BIBLIOGRAPHY Advanced Security for Personal Communications Technologies, http://www.esat.kuleuven.ac.be/cosic/aspect/ Buckingham, S (2001), “Success 4SMS” White Paper, Mobile Life Streams. Cooke, C et al, Migration/Evolution Towards UMTS - Security Issues, http://www.esat.kuleuven.ac.be/cosic/aspect/papers/A061_E2.htm European Telecommunication Standard Institute website, www.etsi.org Garfinkel, S and Spafford G (1997), Web security & commerce, Sebastopol:O’Reilly. Gupta, V (1998), Secure mobile networking, Pages 281-290, Mobile Networks and Applications, Volume 3, Issue 4, ACM Digital Library. Hansen, H (2000), Security of Mobile Systems from User’s Point of View, Department of Computer Science and Engineering, Helsinki University of Technology. Howard, Peter (1999), USECA: UMTS Security Architecture, http://citeseer.nj.nec.com/howard99useca.html Howell, R (1997), WAP Security, Concise Group Ltd. Kalden, R et al (2000), Wireless Internet Access based on GPRS, IEEEPersonal Communications, Vol: 7 (2), p 8-18 Karimi, H (1999), The Role of Technology in Mobile Commerce, http://www.karimi.mcommcentral.com. Morath, P (2001), Survival @ e-speed : a transformation guide for profitable internet and mobile commerce, Mc-GrawHill – London. Norris, M (2001), eBusiness essentials : technology and network requirements for mobile and online markets, Joh-Wiley and Sons, Chicester. Rockwell, B (1998), Using the Web to compete in a global marketplace, Wiley Computer Publication – New York. Siemens (2000), New Opportunities in Telecommunications with UMTS – Anticipating the Needs of a Mobile Society. Success 4 WAP White Paper, http://www.MobileLifestreams.com Third Generation Partnership project, www.3gpp.org

50

Treese, G W and Stewart L C (1998), Designing systems for Internet commerce, Addison-Wesley. Trintech (1999), Mobile Commerce White Paper, http://www.epaynews.com/downloads/tt_mcommerce.pdf Trust5 (2001), Mobile Commerce White Paper. Tsalgatidou, A and Veijalainen, J (2000), Mobile Electronic Commerce: Emerging Issues, Proceedings of EC-WEB 2000. Tsalgatidou, A. et al (2000), Challenges in Mobile Electronic Commerce, Proceedings of 3rd International Conference Innovation Through Electronic Commerce 2000. Tsalgatidou, A and Veijalainen, J, Requirements for Mobile E-Commerce, in E-Bussiness: Key Issues, Applications, Technologies, B. Stanford-Smith and P. Kidd (eds.), IOS Press, pp. 1037-1043. Proceedings of the E-business and E-work Conference, Madrid, Spain, 18-20 October 2000. UMTS Forum website, www.umts-forum.org UMTS Technical Details, http://www.cellular.co.za/umts_technical.htm VeriSign (2000), Building an E-Commerce Trust Infrastructure: SSL server Certificates and Payment Services, Technical brief. WAP Architecture Specification, http://www.wapforum.org/tech/documents/WAP-100-WAPArch-19980430-a.pdf WAP Forum Website, www.wapforum.org

51

APPENDIX A - PROJECT EXPERIENCE First of all, the project needs to be completed as a condition to obtain MSc. in Information Systems from School of Computing - University of Leeds. The initial work of project began during February 2001, to produce a project proposal outline of what I wanted to. This was accepted as I was allocated to the project with my own proposal (not from the projects offered by the School of Computing) and I was allocated to Prof. Peter Dew as my supervisor. I chose my project because I am strongly interested in doing something related to e-commerce or mobile telecommunications. This is related to my background is electrical engineering. I am also greatly concerned with the security in the e-commerce on the Internet and whether it is safe. I believe that a lot of people are still not sure if they are safe to do transactions over the Internet. This is one of my interests to do the project. I realised that the future mobile telecommunication is coming in the near future. I have put my interest to make my chance to read articles or journals related to 3G/UMTS technology. One application of UMTS technology is to the ability to do mobile commerce on the phone. I eagerly want to explore the security on this advanced mobile telecommunication. My target readers were higher education - both students and lecturers. In the first place, I was going to do the project by literature research wholly, but my supervisor asked me if I could make a prototype for a typical security for m-commerce. I took that as a challenge and after thinking for a while, I proposed my prototype as a feasibility study of authentication security and he agreed with my idea. The prototype was done by WML program. This is purely a new language and new skill for me. I found this program very interesting. I learnt the language from the references, mostly from books and the Internet tutorial. I am planning to enhance this new skill after I finish my project. I believe WML language will be useful for my searching for job in the future. In the first place, I was concerned with the limited time (3 months) given to do the project. I have done the project in my first degree, but the length of time given was longer, about 6 months. During the early stage, it was impossible to concentrate to the project, as I had to do coursework from my second semester. However, doing the project for 3 months time is not my first try since I have done the similar time to do a project of my MBA last year. It was a successful result and I seriously want to repeat the same success again for my project this year. During my literature research, I did not find significant problems in searching information or data for my project. Probably one particular problem is the availability of 3G/UMTS books in the library, but I covered this problem with the massive sources from the Internet about 3G/UMTS technology. I am good at using metasearch engines that available on the Internet. I recommend to use the following metasearch engines to search the information you want to find: Google at www.google.com; altavista at www.altavista.com. These two metasearch engines are the search engines that give me closest information I need. Furthermore, I used another metasearch engine that can search the information or data I am looking for, from many search engines (about 14 metasearch engines), the address is www.ixquick.com. At home I

52

downloaded a freeware called Copernic Basic that is similar to ixquick.com but it has more metasearch engines than ixquick. I am pleased with my supervisor, Prof. Peter Dew for his input and guidance throughout the project. Mostly we communicated by e-mail and meetings. The meetings are based on agreed date. During the project, I had a difficulty with media facilitated by the school of computing. Some of my documents just could not be printed out; I assume that the printers available for the MSc. students are not compatible with some documents, especially in pdf format. I could solve the problem with the help of my supervisor that asked to print from his office, which has different printer to the ones for us. In the future, hopefully support can notice and take action on the problem. My project needed software to build a prototype. Basically, the School of Computing will install the software if the requests from the students exist in sufficient time. I felt that it was difficult to get installed the software I need. Therefore I searched the freeware on the Internet and download it to my own computer. The freeware I had does not support one feature that I need to make the prototype works “real online” . This is the weakness of getting the freeware. I recommend for future students who need software for their project to approach your supervisor and supports to get the software installed and try to avoid getting the freeware from the Internet, as this will be only as a last attempt. One thing that my supervisor was worried about was if I could do a good time management to finish and submit the project at the submission date. Having set the time and plan, I managed to follow the plan and finish the project at the time determined. To set the plan and time scale is very important to keep you in track and follow the progress of the project. This activity is good to manage the time given to the project. Another issue, which is important to evaluate, is the comments from the supervisor and the assessor (as one mentioned in previous paragraph). It is very important to pay attention on the comments. I assume the comments are the weaknesses that need to be fulfilled satisfactorily. Having looked at the comments once more, I am sure that I have performed what the comments asked and it is very significant for future students to take notice on this. Being an overseas student whose primary language is not English; it is very easy to find the grammar and spelling mistakes in my project. My recommendation to international students is before submitting the project, please allow 2 weeks before submission date to have your grammar and spelling checked by your someone who is very good at English (British or someone from English speaking country is preferred). I hope my personal learning will be useful to readers, especially future students who are going to undertake project as I did.

53

APPENDIX B - OBJECTIVES AND DELIVERABLE FORM

School of Computer Studies MSC PROJECT OBJECTIVES AND DELIVERABLES

This form must be completed by the student, with the agreement of the supervisor of each project, and submitted to the MSc project co-ordinator (Mrs A. Roberts) by 22nd March 2001. A copy should be given to the supervisor and a copy retained by the student. Amendments to the agreed objectives and deliverables may be made by agreement between the student and the supervisor during the project. Any such revision should be noted on this form. At the end of the project, a copy of this form must be included in the Project Report as an Appendix.

Student: Emir Rio K rishna

Programme of Study: MSc. Information Systems

Supervisor: Prof. Peter M. Dew

Title of project: “ Security Issues on M-Commerce over 3G / UMTS”

______________________________________

External Organisation* : _______________________________________

* (if applicable)

AGREED MARKING SCHEME

Understand the Problem

Produce a Solution *

Evaluation Write -Up Appendix A TOTAL

%

20 40 20 15 5 100

* This category includes Professionalism (see handbook)

OVERALL OBJECTIVES (continue overleaf if necessary):

��Introducing 3G / UMTS Mobile. ��Introducing M-Commerce over mobile communication technology. ��Acknowledging the issues of M-Commerce, especially on the security issue. ��Producing a prototype based on combination of 2G (WAP) and SMS (Short

Text Messages) technology. ��Write up a report.

54

DELIVERABLE(s):

��A project report.

��Conducting literature research on mobile communication technology.

��Conducting literature research on M-Commerce (security issues).

��Prototype based on WAP and SMS using WML (WAP Mark-up Language).

Signature of student: Emir Rio Krishna Date: 29 March 2001

Signature of supervisor: Peter Dew Date: 29 March 2001

Agreed objectives and deliverables (continued):

Objectives: 1. Perform a background research study on the concepts of third generation

(3G)/UMTS Mobile. This will allow a general understanding of the general framework of UMTS technology.

2. Describe and analyse the security issues on mobile commerce (m-commerce) of second-generation technology (WAP).

3. Describe and analyse the security issues on mobile commerce (m-commerce) of UMTS technology.

4. Develop a model (prototype) on m-commerce based on combination of WAP and SMS (typical scenario given).

5. Perform the background research study on Wireless Application Protocol (WAP) and Wireless Mark-up Language (WML). This will allow a general understanding to build the prototype.

Deliverables:

1. A project report. 2. A project presentation. 3. A prototype.

Amendments to agreed objectives and deliverables: Date 20 June 2001 Amendment

55

APPENDIX C - MARKING SCHEME AND HEADER SHEET FOR THE MARKED INTERIM REPORT

56

57

APPENDIX D - THE WML CODES FOR THE PROTOTYPES

First Page (card1.wml) <?xml version="1.0"?> <!-- created by WAPtor (http://www.wapdrive.net/) --> <!DOCTYPE wml PUBLIC "-//WAPFORUM//DTD WML 1.1//EN" "http://www.wapforum.org/DTD/wml_1.1.xml"> <wml> <card id="MainCard" title="SMS"> <p align="center"> This text message comes to you because recently you just bought ticket(s) from <b>GOBYPLANES.COM</b> <br/> <br/>We will be pleased if you can confirm your purchase by clicking on the link below. <br/><br/> <a href="http://wap41.com/emir975/card0.wml">GOBYPLANES.COM</a><br/><br/> </p> </card> </wml> Second Page (card0.wml) <?xml version="1.0"?> <!-- created by WAPtor (http://www.wapdrive.net/) --> <!DOCTYPE wml PUBLIC "-//WAPFORUM//DTD WML 1.1//EN" "http://www.wapforum.org/DTD/wml_1.1.xml"> <wml> <card id="card0" ontimer="card2.wml"> <timer value="30"/> <p align="center"> <br/><br/> <b>GOBYPLANES.COM</b><br/> <small>by Emir Rio Krishna<br/> copyright @2001</small> </p> </card>

58

Continued…(second page/card0.wml) <card id="MainCard" title="Front Page"> <p align="center"> Welcome to <b>GOBYPLANES.COM</b> WAP website! <br/><br/> <img src="milair8.wbmp" alt="image "/><br/><br/> If you just bought ticket(s) from us, please confirm your purchase on the link below. <br/><br/> <a href="http://wap41.com/emir975/card3.wml">Confirm your purchase!</a> </p> </card> </wml> Third Page (card3.wml) <?xml version="1.0"?> <!-- created by WAPtor (http://www.wapdrive.net/) --> <!DOCTYPE wml PUBLIC "-//WAPFORUM//DTD WML 1.1//EN" "http://www.wapforum.org/DTD/wml_1.1.xml"> <wml> <card id="MainCard" title="Confirmation"> <p align="center"> You are in secure mode now. Please confirm your purchase by filling in the username and password below and click Proceed when you finish. <br/><br/> </p> <p align="left"> Username: <input type="text" name="name" emptyok="false" value="wapuser"/> Password: <input type="password" name="password" title="password"/> <br/> <a href="http://wap41.com/emir975/card4.wml">Proceed</a><br/><br/> </p> </card> </wml>

59

Fourth page (card4.wml) <?xml version="1.0"?> <!-- created by WAPtor (http://www.wapdrive.net/) --> <!DOCTYPE wml PUBLIC "-//WAPFORUM//DTD WML 1.1//EN" "http://www.wapforum.org/DTD/wml_1.1.xml"> <wml> <card id="MainCard" title="Thank You"> <p align="center"> The password is correct. Confirmation is accepted. Your ticket is being processed and will be sent to you in a few days.<br/><br/> Thank you for using <b>GOBYPLANES.COM</b> service. We are waiting for your next visit!<br/><br/> </p> </card> </wml>

60

APPENDIX E - QUESTIONNAIRES AND FEEDBACK

A. Questionnaires The project questionnaires can be found online at: http://cssql1/mscxerk/questionnaires1.asp (from School of Computing Computers –University of Leeds) or http://cssql1.leeds.ac.uk/mscxerk/questionnaires1.asp (from any other else). The following figure shows a snapshot from the online questionnaires.

B. Feedback Feedback are taken from the respondents. Ten questions were given in the questionnaires. Eight out of ten were straight forward answers (1=Strongly Agree, 2=Agree, 3= No Comment, 4= Disagree, 5=Strongly Disagree). The other two were open wide answers (opinions from respondents). The following tables show answers from five respondents.

61

RESPONDENTS No Questions

A B C D E

1 Do you think the scenario given is easy to understand? 2 2 3 4 1 2 Do you think the scenario given is feasible to

implement? 2 2 2 2 1

3 Do you think the step-by-step process of the prototype is easy and fast (user friendly)?

2 4 2 2 2

4 Do you think the interfaces (text and images) are clear and visible enough?

2 1 1 2 1

5 Do you think this confirmation system will help users from insecurity feeling of misuse of credit cards?

1 2 1 4 2

6 Do you think this system is suitable to implement in a PC or laptop (to e-mail address) as well as to WAP phone?

1 2 3 2 1

7 One of the processes from this prototype is sending username and password to the system. Do you think it is more secure to send this information through WAP phone compared with PC/laptops?

4 4 2 3 2

8 According to one research, WAP phone is only used by half of its owner. Do you think if the system is implemented, will it encourage people to use their WAP phone?

5 2 2 4 3

Question No. 9: From your point of view, how to improve the prototype from its current system (e.g. user friendly, step of processes, etc)? Answers Respondent A: The prototype seems to be ok. Respondent B: Some preliminary details of the reservation can be displayed e.g. from - to, day, time etc. Some referencenumber should also be given in case the customer needs to make any changes.You can also specify the exact number of days within which the tickets shall reach. Lastly, instead of writing "If you just bought ticket.....", you can write "you've just bought...". Omit "If". It might confuse the buyer. Respondent C: I guess it has too much steps in order to complete a transaction. It would be better if the number of steps can be minimised.

62

Continued…(answers from question no. 9) Respondent D: No Comment. Respondent E: I think that you could do the whole process on the WAP phone. So you could have the customer browsing and then paying for the tickets over the phone because the phone, like you say is more personal and private. Question No. 10: In your opinion, beside the security factor, what are the other factors that might limit the take up the current system? Answers Respondent A: People are not very comfortable using their WAP phones. That is the main problem of the telecommunication industry. Respondent B: Reachability, limited user segment, unpopularity of WAP. Respondent C: The speed of WAP. Screen size of WAP phone. Lack of mouse or trackball, or similar pointing devices will make the navigation more difficult. Respondent D: WAP is so limited in the services and information that it can provide. Rather use a PDA or laptop if I want access to information while I am mobile. Respondent E: The speed of the current WAP phones, it could take up some time (and cost) and therefore the customer may not be willing to buy this way.