5G Security & Privacy
Total Page:16
File Type:pdf, Size:1020Kb
Load more
Recommended publications
-
An Assessment of Claims Regarding Health Effects of 5G Mobile Telephony Networks
An Assessment of Claims regarding Health Effects of 5G Mobile Telephony Networks C R Burger, Z du Toit, A A Lysko, M T Masonta, F Mekuria, L Mfupe, N Ntlatlapa and E Suleman Contact: Dr Moshe Masonta [email protected] 2020-05-11 Contents Preamble .............................................................................................................................. 2 1. Overview of 5G Networks .............................................................................................. 3 1.1 What are 5G networks? ............................................................................................... 3 1.2 What are the health effects of mobile networks? .......................................................... 6 1.3 What can we expect from 5G networks?...................................................................... 7 2. Summary Technical Data on 5G .................................................................................... 9 2.1 Which frequencies will be used for 5G in South Africa? .......................................... 9 2.2 A Brief Comparison of 4G and 5G ......................................................................... 11 3. Summary notes ............................................................................................................ 12 Preamble This document was produced by a team of researchers from the Next Generation Enterprises and Institutions, and Next Generation Health clusters of the CSIR. It is a response to media claims of links between 5G mobile telephone networks -
What Is the Impact of Mobile Telephony on Economic Growth?
What is the impact of mobile telephony on economic growth? A Report for the GSM Association November 2012 Contents Foreword 1 The impact of mobile telephony on economic growth: key findings 2 What is the impact of mobile telephony on economic growth? 3 Appendix A 3G penetration and economic growth 11 Appendix B Mobile data usage and economic growth 16 Appendix C Mobile telephony and productivity in developing markets 20 Important Notice from Deloitte This report (the “Report”) has been prepared by Deloitte LLP (“Deloitte”) for the GSM Association (‘GSMA’) in accordance with the contract with them dated July 1st 2011 plus two change orders dated October 3rd 2011 and March 26th 2012 (“the Contract”) and on the basis of the scope and limitations set out below. The Report has been prepared solely for the purposes of assessing the impact of mobile services on GDP growth and productivity, as set out in the Contract. It should not be used for any other purpose or in any other context, and Deloitte accepts no responsibility for its use in either regard. The Report is provided exclusively for the GSMA’s use under the terms of the Contract. No party other than the GSMA is entitled to rely on the Report for any purpose whatsoever and Deloitte accepts no responsibility or liability or duty of care to any party other than the GSMA in respect of the Report or any of its contents. As set out in the Contract, the scope of our work has been limited by the time, information and explanations made available to us. -
NSA Security-Enhanced Linux (Selinux)
Integrating Flexible Support for Security Policies into the Linux Operating System http://www.nsa.gov/selinux Stephen D. Smalley [email protected] Information Assurance Research Group National Security Agency ■ Information Assurance Research Group ■ 1 Outline · Motivation and Background · What SELinux Provides · SELinux Status and Adoption · Ongoing and Future Development ■ Information Assurance Research Group ■ 2 Why Secure the Operating System? · Information attacks don't require a corrupt user. · Applications can be circumvented. · Must process in the clear. · Network is too far. · Hardware is too close. · End system security requires a secure OS. · Secure end-to-end transactions requires secure end systems. ■ Information Assurance Research Group ■ 3 Mandatory Access Control · A ªmissing linkº of security in current operating systems. · Defined by three major properties: ± Administratively-defined security policy. ± Control over all subjects (processes) and objects. ± Decisions based on all security-relevant information. ■ Information Assurance Research Group ■ 4 Discretionary Access Control · Existing access control mechanism of current OSes. · Limited to user identity / ownership. · Vulnerable to malicious or flawed software. · Subject to every user©s discretion (or whim). · Only distinguishes admin vs. non-admin for users. · Only supports coarse-grained privileges for programs. · Unbounded privilege escalation. ■ Information Assurance Research Group ■ 5 What can MAC offer? · Strong separation of security domains · System, application, and data integrity · Ability to limit program privileges · Processing pipeline guarantees · Authorization limits for legitimate users ■ Information Assurance Research Group ■ 6 MAC Implementation Issues · Must overcome limitations of traditional MAC ± More than just Multi-Level Security / BLP · Policy flexibility required ± One size does not fit all! · Maximize security transparency ± Compatibility for applications and existing usage. -
An Access Control Model for Preventing Virtual Machine Escape Attack
future internet Article An Access Control Model for Preventing Virtual Machine Escape Attack Jiang Wu ,*, Zhou Lei, Shengbo Chen and Wenfeng Shen School of Computer Engineering and Science, Shanghai University, Shanghai 200444, China; [email protected] (Z.L.); [email protected] (S.C.); [email protected] (W.S.) * Correspondence: [email protected]; Tel: +86-185-0174-6348 Academic Editor: Luis Javier Garcia Villalba Received: 26 March 2017; Accepted: 23 May 2017; Published: 2 June 2017 Abstract: With the rapid development of Internet, the traditional computing environment is making a big migration to the cloud-computing environment. However, cloud computing introduces a set of new security problems. Aiming at the virtual machine (VM) escape attack, we study the traditional attack model and attack scenarios in the cloud-computing environment. In addition, we propose an access control model that can prevent virtual machine escape (PVME) by adapting the BLP (Bell-La Padula) model (an access control model developed by D. Bell and J. LaPadula). Finally, the PVME model has been implemented on full virtualization architecture. The experimental results show that the PVME module can effectively prevent virtual machine escape while only incurring 4% to 8% time overhead. Keywords: virtual security; virtual machine escape; access control; BLP model; PVME model 1. Introduction Cloud computing treats IT resources, data and applications as a service provided to the user through network, which is a change in the way of how data is modeled. Currently, the world’s leading IT companies have developed and published their own cloud strategies, such as Google, Amazon, and IBM. -
Guidelines on Mobile Device Forensics
NIST Special Publication 800-101 Revision 1 Guidelines on Mobile Device Forensics Rick Ayers Sam Brothers Wayne Jansen http://dx.doi.org/10.6028/NIST.SP.800-101r1 NIST Special Publication 800-101 Revision 1 Guidelines on Mobile Device Forensics Rick Ayers Software and Systems Division Information Technology Laboratory Sam Brothers U.S. Customs and Border Protection Department of Homeland Security Springfield, VA Wayne Jansen Booz-Allen-Hamilton McLean, VA http://dx.doi.org/10.6028/NIST.SP. 800-101r1 May 2014 U.S. Department of Commerce Penny Pritzker, Secretary National Institute of Standards and Technology Patrick D. Gallagher, Under Secretary of Commerce for Standards and Technology and Director Authority This publication has been developed by NIST in accordance with its statutory responsibilities under the Federal Information Security Management Act of 2002 (FISMA), 44 U.S.C. § 3541 et seq., Public Law (P.L.) 107-347. NIST is responsible for developing information security standards and guidelines, including minimum requirements for Federal information systems, but such standards and guidelines shall not apply to national security systems without the express approval of appropriate Federal officials exercising policy authority over such systems. This guideline is consistent with the requirements of the Office of Management and Budget (OMB) Circular A-130, Section 8b(3), Securing Agency Information Systems, as analyzed in Circular A- 130, Appendix IV: Analysis of Key Sections. Supplemental information is provided in Circular A- 130, Appendix III, Security of Federal Automated Information Resources. Nothing in this publication should be taken to contradict the standards and guidelines made mandatory and binding on Federal agencies by the Secretary of Commerce under statutory authority. -
A Novel View on Universal Mobile Telecommunication System (UMTS) in the Wireless and Mobile Communication Environment
Georgian Electronic Scientific Journal: Computer Science and Telecommunications 2010|No.1(24) A Novel View on Universal Mobile Telecommunication System (UMTS) in the Wireless and Mobile Communication Environment Dr.S.S.Riaz Ahamed Principal, Sathak Institute of Technology, Ramanathapuram,TamilNadu, India-623501. Email:[email protected] Abstract The Universal Mobile Telecommunication System (UMTS) is a third generation (3G) mobile communications system that provides a range of broadband services to the world of wireless and mobile communications. The UMTS delivers low-cost, mobile communications at data rates of up to 2 Mbps. It preserves the global roaming capability of second generation GSM/GPRS networks and provides new enhanced capabilities. The UMTS is designed to deliver pictures, graphics, video communications, and other multimedia information, as well as voice and data, to mobile wireless subscribers. UMTS also addresses the growing demand of mobile and Internet applications for new capacity in the overcrowded mobile communications sky. The new network increases transmission speed to 2 Mbps per mobile user and establishes a global roaming standard. UMTS allows many more applications to be introduced to a worldwide base of users and provides a vital link between today’s multiple GSM systems and the ultimate single worldwide standard for all mobile telecommunications, International Mobile Telecommunications–2000 (IMT–2000). Keywords: Code Division Multiple Access (CDMA), Radio Access Network (RAN), Base Station Subsystem (BSS),Network and Switching Subsystem (NSS), Operations Support System (OSS),Base Station Controller (BSC), Base Transceiver Station (BTS), Transcoder and Rate Adapter Unit (TRAU), Operation and Maintenance Centers (OMCS), Packet Data Networks (PDNS), Virtual Home Environment (VHE), Radio Network Systems (RNSS), Transmission Power Control (TPC), Subscriber Identity Module (SIM) 1. -
Multilevel Security (MLS)
Multilevel Security (MLS) Database Security and Auditing Multilevel Security (MLS) Definition and need for MLS – Security Classification – Secrecy-Based Mandatory Policies: Bell- LaPadula Model – Integrity-based Mandatory Policies: The Biba Model – Limitation of Mandatory Policies Hybrid Policies – The Chinese Wall Policy Definition and need for MLS Multilevel security involves a database in which the data stored has an associated classification and consequently constraints for their access MLS allows users with different classification levels to get different views from the same data MLS cannot allow downward leaking, meaning that a user with a lower classification views data stored with a higher classification Definition and need for MLS Usually multilevel systems are with the federal government Some private systems also have multilevel security needs MLS relation is split into several single-level relations, A recovery algorithm reconstructs the MLS relation from the decomposed single-level relations At times MLS updates cannot be completed because it would result in leakage or destruction of secret information Definition and need for MLS In relational model, relations are tables and relations consist of tuples (rows) and attributes (columns) Example: Consider the relation SOD(Starship, Objective, Destination) Starship Objective Destination Enterprise Exploration Talos Voyager Spying Mars Definition and need for MLS The relation in the example has no classification associated with it in a relational model The same example in MLS with -
Migration to 3G Technology Standards: Europe, Japan, South Korea, and the U.S. by Richard Nunno, International Bureau, FCC
Migration to 3G Technology Standards: Europe, Japan, South Korea, and the U.S. By Richard Nunno, International Bureau, FCC Revised July 21, 2003 For over a decade, the International Telecommunication Union (ITU) has been supporting the international effort to develop an advanced third-generation (3G) mobile telecommunications service that has a higher bandwidth than previous and existing mobile services and that subscribers can seamlessly use across international borders (known as global roaming). To that end, the ITU has identified spectrum and developed technical standards for International Mobile Telecommunications 2000 (IMT-2000), the official name for 3G services. The ITU’s World Administrative Radiocommunication Conference (WARC) in 1992 and World Radiocommunication Conference (WRC) in 2000 identified several bands of spectrum that could be used for 3G services. The mobile telecommunications industry has started delivering 3G services that provide broadband applications including voice, data, and video. As defined by the ITU, 3G signal transmission rates must be able to reach 2 megabits per second (Mbps) or higher for indoor (low mobility) wireless applications (more than 35 times faster than today’s 56 kilobits per second (kbps) dial-up PC modems). 3G rates may be slower (384 kbps) for pedestrian traffic, and 144 kbps for high mobility (vehicular) traffic.1 How each country is implementing 3G systems depends on a number of factors, such as the country’s 3G spectrum allocations, the standards it adopts for 3G (if it adopts any standards vs. letting the marketplace make the decision), and the country’s current mobile telephony system configuration. Because a great deal of information and analysis is already available on the spectrum-related issues surrounding 3G implementation, this report focuses only on the technology standards issues pertaining to 3G. -
Multilevel Adaptive Security System
Copyright Warning & Restrictions The copyright law of the United States (Title 17, United States Code) governs the making of photocopies or other reproductions of copyrighted material. Under certain conditions specified in the law, libraries and archives are authorized to furnish a photocopy or other reproduction. One of these specified conditions is that the photocopy or reproduction is not to be “used for any purpose other than private study, scholarship, or research.” If a, user makes a request for, or later uses, a photocopy or reproduction for purposes in excess of “fair use” that user may be liable for copyright infringement, This institution reserves the right to refuse to accept a copying order if, in its judgment, fulfillment of the order would involve violation of copyright law. Please Note: The author retains the copyright while the New Jersey Institute of Technology reserves the right to distribute this thesis or dissertation Printing note: If you do not wish to print this page, then select “Pages from: first page # to: last page #” on the print dialog screen The Van Houten library has removed some of the personal information and all signatures from the approval page and biographical sketches of theses and dissertations in order to protect the identity of NJIT graduates and faculty. ABSTRACT MULTILEVEL ADAPTIVE SECURITY SYSTEM by Hongwei Li Recent trends show increased demand for content-rich media such as images, videos and text in ad-hoc communication. Since such content often tends to be private, sensitive, or paid for, there exists a requirement for securing such information over resource constrained ad hoc networks. -
Looking Back: Addendum
Looking Back: Addendum David Elliott Bell Abstract business environment produced by Steve Walker’s Com- puter Security Initiative.3 The picture of computer and network security painted in What we needed then and what we need now are “self- my 2005 ACSAC paper was bleak. I learned at the con- less acts of security” that lead to strong, secure commercial ference that the situation is even bleaker than it seemed. products.4 Market-driven self-interest does not result in al- We connect our most sensitive networks to less-secure net- truistic product decisions. Commercial and government ac- works using low-security products, creating high-value tar- quisitions with tight deadlines are the wrong place to ex- gets that are extremely vulnerable to sophisticated attack or pect broad-reaching initiatives for the common good. Gov- subversion. Only systems of the highest security are suffi- ernment must champion selfless acts of security separately cient to thwart such attacks and subversions. The environ- from acquisitions. ment for commercial security products can be made healthy again. 3 NSA Has the Mission In 1981, the Computer Security Evaluation Center was 1 Introduction established at the National Security Agency (NSA). It was charged with publishing technical standards for evaluating In the preparation of a recent ACSAC paper [1], I con- trusted computer systems, with evaluating commercial and firmed my opinion that computer and network security is in GOTS products, and with maintaining an Evaluated Prod- sad shape. I also made the editorial decision to soft-pedal ucts List (EPL) of products successfully evaluated. NSA criticism of my alma mater, the National Security Agency. -
International Mobile Roaming Agreements”, OECD Digital Economy Papers, No
Please cite this paper as: OECD (2013-06-03), “International Mobile Roaming Agreements”, OECD Digital Economy Papers, No. 223, OECD Publishing, Paris. http://dx.doi.org/10.1787/5k4559fzbn5l-en OECD Digital Economy Papers No. 223 International Mobile Roaming Agreements OECD Unclassified DSTI/ICCP/CISP(2012)2/FINAL Organisation de Coopération et de Développement Économiques Organisation for Economic Co-operation and Development 03-Jun-2013 ___________________________________________________________________________________________ English - Or. English DIRECTORATE FOR SCIENCE, TECHNOLOGY AND INDUSTRY COMMITTEE FOR INFORMATION, COMPUTER AND COMMUNICATIONS POLICY Unclassified DSTI/ICCP/CISP(2012)2/FINAL Working Party on Communication Infrastructures and Services Policy INTERNATIONAL MOBILE ROAMING AGREEMENTS English - Or. English JT03340780 Complete document available on OLIS in its original format This document and any map included herein are without prejudice to the status of or sovereignty over any territory, to the delimitation of international frontiers and boundaries and to the name of any territory, city or area. DSTI/ICCP/CISP(2012)2/FINAL FOREWORD The Working Party on Communication Infrastructures and Services Policy (CISP) discussed this paper in June 2012. It agreed to recommend the paper for declassification to the Committee for Information, Computer and Communications Policy (ICCP). The ICCP Committee agreed to its declassification in October 2012. The document was prepared by Mr. Tony Shortall, Director of Telage. It is published -
International Mobile Roaming Services
REGULATORY AND MARKET ENVIRONMENT 2013 International Telecommunication Union R Telecommunication Development Bureau EPTEMBE Place des Nations S INTERNATIONAL MOBILE CH-1211 Geneva 20 Switzerland ROAMING SERVICES: www.itu.int FACILITATING COMPETITION AND PROTECTING USERS S R OTECTING USE COPY R ADVANCE VICES: FACILITATING COMPETITION AND P COMPETITION FACILITATING VICES: R OAMING SE R NATIONAL MOBILE NATIONAL R Printed in Switzerland SEPTEMBER 2013 NTE Geneva, 2013 09/2013 I Telecommunication Development Sector International mobile roaming services: Facilitating competition and protecting users September 2013 COPY ADVANCE This report has been prepared for ITU by Mr Dimitri Ypsilanti, under the direction of the Regulatory and Market Environment Division (RME), of the Telecommunication Development Bureau (BDT). This study has been developed based on desk research as well as using data from the ITU Tariff Policies Survey, ICTEye database (www.itu.int/icteye/). Please consider the environment before printing this report. ITU 2013 All rights reserved. No part of this publication may be reproduced, by any means whatsoever, without the prior written permission of ITU. International mobile roaming services: Facilitating competition and protecting users Table of contents Page 1 Introduction ........................................................................................................................ 1 1.1 Mobile devices are becoming the main tool for communications ................................... 1 1.2 Growth in international travel