Sinopsis
Mobile communications offer wireless connectivity that enables mobility and computing
in diverse communication environments. The large demands from social
markets are driving the growing development of mobile communications more
rapidly than ever before. Consequently, a large set of new advanced techniques has
emerged, brought about by a larger bandwidth, more powerful processing capability,
and advances in computing technology. Many new services are provided or will
be provided to potential users, and delivered with high-level quality by usage of
GSM, 3G networks, and wireless local area networks in public, home, and corporate
scenarios.
The exceptional growth in mobile and wireless communications gives rise to serious problems of security at the level of the customer, network operator, and service provider. The causes of such rise, typically due to the fragility of the wireless link nature, the mobility features, and the variety of the provided services, can be
classified into the following six categories:
1. The physical weaknesses and limitations of mobile communications: The entirely exposed environment of the wireless radio links and devices provides more opportunities of being subject to malicious attacks. A high error rate and unpredictable error behavior due to external interference, interoperation, and mobility can influence the characteristics of the system security.
2. The architecture limitations: Mobile communication protocols are built to provide large-scale communication and high bandwidth. However, due to the scarcity of the frequency spectrum, these protocols are confined to use limited resources. In addition, due to the nature of the security problems, these protocols are not able to handle large protection mechanisms without interacting with each other. The interaction can provide suitable points of access to hackers.
3. The complexity of services: Applications are becoming more complex than ever. They are more distributed, involve large sets of users, and use transactions and/or interactions that are structurally more complex. Mobile applications and services in areas such as military, health care, and business are xxvi Preface requiring communication continuity, distributed information collection, and high QoS requirements. All these requirements may be affected by viruses and other security attacks.
4. The user requirements: Services such as location-awareness services and context-based applications may bring mobile terminals easily in contact with possible threats of intruding privacy. Transactions, such as mobile payments, require strong security mechanisms that are able to provide authentication, authorization, and accounting.
5. The content of provided services: Most services, such as multimedia-based applications, are valuable not only to mobile subscribers but also to network operators and providers. Therefore, secure protective measures are needed at access control, content browsing, and delivery. Obviously, the simple migration of securing methods from wired communications to mobile environments
cannot satisfy the security requirements of anyone, besides hackers.
6. The evolution of hacking techniques: Hacking techniques are evolving tremendously in structure, nature, and complexity, inducing therefore new vulnerabilities and threats to protected operational systems. One cannot say that a security solution is able to protect a system without updates. Operators and service providers should be able to protect their assets, connections, and
services, even in the presence of infected terminals.
0 komentar:
Posting Komentar