(INDIRA) Call Girl Meerut Call Now 8617697112 Meerut Escorts 24x7
Gprs security threats and solutions
1. A SEMINAR REPORT ON
“GPRS SECURITY THREATS AND
SOLUTION”
PRESENTED BY
SYED JAUWAD
GUIDED BY
Miss. Sarita Agrawal
2. TOPICS COVERED ….
• INTRODUCTION
• GPRS CORE NETWORK NETWORK ARCHITECTURE
• CLASSIFICATION OF SECURITY SREVICES
• DATA SERVICES ON Gp AND Gi INTERFACE
• THREATS ON Gp INTERFACE
• THREATS ON Gi INTERFACE
• SECURITY SOLUTION FOR THE Gp INTERFACE
• Gp NETWORK SOLUTION
• SECURITY SOLUTION FOR THE Gi INTERFACE
• Gi NETWORK SOLUTION
• DEPLOYING GPRS SECURITY SOLUTION ON
NETSCREEN SECURITY SYSTEM
• CONCLUSION
3. INTRODUCTION
DEFINATION OF GPRS
PROVIDE AN OPPORTUNITY
BENEFITS FROM GPRS
CONNECTED TO EXTERNAL DATA
OPERATOR PROTECTS NETWORK
FROM EXTERNAL NETWORK
5. CLASSIFICATION OF SECURITY SERVICESCLASSIFICATION OF SECURITY SERVICES
INTEGRITYINTEGRITY
CONFIDENTIALITYCONFIDENTIALITY
AUTHENTICATIONAUTHENTICATION
AUTHORIZATIONAUTHORIZATION
AVAILABILITYAVAILABILITY
6. DATA SERVICES ON THE Gp AND Gi INTERFACESDATA SERVICES ON THE Gp AND Gi INTERFACES
DATA SERVICES ON GpDATA SERVICES ON Gp
GTPGTP
BGPBGP
DNSDNS
DATA SERVICES ON GiDATA SERVICES ON Gi
MS SENT OUT TOWORDS INTERNETMS SENT OUT TOWORDS INTERNET
TRAFIC SENT OUT FROM GGSN ON GiTRAFIC SENT OUT FROM GGSN ON Gi
INTERFACEINTERFACE
7. THREATS ON Gp INTERFACETHREATS ON Gp INTERFACE
AVAILABILITYAVAILABILITY
o DNS FLOODDNS FLOOD
o GTP FLOODGTP FLOOD
o SPOOFED GTP PDP CONTEXT DELETESPOOFED GTP PDP CONTEXT DELETE
o BAD BGP ROUTING INFORMATIONBAD BGP ROUTING INFORMATION
AUTHENTICATION AND AUTHORIZATIONAUTHENTICATION AND AUTHORIZATION
o SPOOFED CREATE PDP CONTEXT REQUESTSPOOFED CREATE PDP CONTEXT REQUEST
o SPOOFED UPDATE PDP CONTEXT REQUESTSPOOFED UPDATE PDP CONTEXT REQUEST
8. THREATS ON Gi INTERFACETHREATS ON Gi INTERFACE
AVAILABILITYAVAILABILITY
o Gi BANDWIDTH SATURATIONGi BANDWIDTH SATURATION
o FLOODING ON MSFLOODING ON MS
CONFIDENTIALITYCONFIDENTIALITY
o NO PROTECTION OF DATA FROM AN MSNO PROTECTION OF DATA FROM AN MS
o CAN BE SEEN BY THIRD PARTY IF IP SECURITY IS NOTCAN BE SEEN BY THIRD PARTY IF IP SECURITY IS NOT
BEING USEDBEING USED
INTEGRITYINTEGRITY
o DATA SENT OVER NETWORK CAN CHANGE BYDATA SENT OVER NETWORK CAN CHANGE BY
INTERMEDIARIES IF HIGHER SECURITY IS NOT USEDINTERMEDIARIES IF HIGHER SECURITY IS NOT USED
9. SECURITY SOLUTION FOR THE Gp INTERFACESECURITY SOLUTION FOR THE Gp INTERFACE
INGRESS AND EGRESS PACKET FILTERINGINGRESS AND EGRESS PACKET FILTERING
STATEFUL GTP PACKET FILTERINGSTATEFUL GTP PACKET FILTERING
GTP TRAFFIC SHAPPINGGTP TRAFFIC SHAPPING
IMPLEMENT IPSEC TUNNELS WITH ROMINGIMPLEMENT IPSEC TUNNELS WITH ROMING
PARTNERSPARTNERS
11. SECURITY SOLUTION ON THE Gi INTERFACESECURITY SOLUTION ON THE Gi INTERFACE
LOGICAL TUNNELS FROM THE GGSN TOLOGICAL TUNNELS FROM THE GGSN TO
CORPPORATE NETWORKCORPPORATE NETWORK
TRAFFIC RATE LIMITINGTRAFFIC RATE LIMITING
INGRESS AND EGRESS PACKET FILTERINGINGRESS AND EGRESS PACKET FILTERING
13. DEPLOYING GPRS SECURITY SOLUTIONDEPLOYING GPRS SECURITY SOLUTION
ON NETSCREEN SECURITY SYSTEMON NETSCREEN SECURITY SYSTEM
GTP stateful packet filteringGTP stateful packet filtering
GTP security policies includingGTP security policies including
GTP management and logging featuresGTP management and logging features
High availability fail over includingHigh availability fail over including
Virtual router supports to separateVirtual router supports to separate
intranet destined trafficintranet destined traffic
14. CONCLUSIONCONCLUSION
GPRS promises to benefit mobile data users
greatly by providing always on higher
bandwidth connections than are widely
available today. In order to be successful,
data connections must be secure and be
available all the time from anywhere.