The Delft UMTS Testbed and End-user Security Features

Abstract

The advent of the UMTS mobile network technology and recent advances in wireless LANs create new possibilities for network and Internet access. This in turn may provide the basis for a range of new services, which itself will change the roles of existing mobile firms and new entrants. A significant challenge for the industry will be safeguarding user data and protecting network and end-user equipment from malicious attacks. These problems are currently the concern of desktop computer users and network administrators, who are struggling to keep ahead of the latest security threats. With the distributed nature of mobile devices it is likely that the management of network and end-user security will only become more complicated. To better understand this challenge this research has investigated the security features of a UMTS network testbed as well as the possibilities of integration with WLANs at Delft University of Technology in the Netherlands. In particular this research addresses the following questions from a user perspective: 1. What security features are theoretically available in UMTS handsets and are likely to be offered by UMTS network operators? 2. What factors are likely to influence end user acceptance of these features? 3. What role does security play in UMTS/ WLAN integration? In addition to addressing these questions this research also provided an opportunity to observe certain aspects of the relationship between the network operator and equipment manufacturer and handset providers, as well as the role of standards in the diffusion of a new technology. In what follows we first describe the Delft UMTS testbed. This description provides the context of the research as well as its limitations in terms of generalizability of results. This is followed by our findings, which are divided into security, industry relations and standards, and handset issues. Section 4 presents our conclusions and the report concludes with a series of appendices, which contain detailed information about UMTS standards and security features, WLAN technologies and WLAN & cellular network integration.