Support of subscribers’ certificates in a hybrid WLAN-3G environment

Abstract

Third Generation Partnership Project (3GPP) has recently provided a cellular-WLAN interworking architecture as an add-on to 3GPP system specifications. This architecture can offer IP-based services, compatible with those obtainable by 3G packet switched domain, to a 3G subscriber who is connected via a WLAN. Following this approach, in this paper we propose extensions to current 3GPP specifications, implementing and experimenting with a hybrid WLAN-3G network architecture capable of supporting subscriber’s certificates. We focus on attribute certificates, which are of major importance for user authorization and, due to their temporary nature, entail minimum concern regarding revocation issues. We emphasise on the necessary public key infrastructure incorporation which requires minimum changes in 3G core network elements and signalling and provide a list of the potential threats, which can be identified in a presumable deployment. Apart from the description and requirements of the proposed WLAN-3G architecture, particular emphasis is placed on the experimental evaluation of the performance of two alternative test-bed scenarios, which shows that digital certificates technology is not only feasible to implement in present and future heterogeneous mobile networks, but also can deliver flexible and scalable services to subscribers, without compromising security.

Introduction

In the very near future, mobile users will want to access specific time-limited services, like buying something from an on-line store, settle down some stock transactions with a bank, or download a file from a protected site. This can be accomplished by using temporary or attribute short-lived certificates. Attribute Authorities (AA), or Certification Authorities (CA), bind the characteristics of an entity (called attributes) to that entity by signing the appropriate Attribute Certificate (AC) [1]. Attributes can specify group membership, role, security clearance, or other authorization information associated with the AC holder. Therefore, ACs are particularly well suited to control access to system resources and implement role-based authorization and access controls, accordingly [1], [2]. They can also effectively implement and support popular authorization mechanisms such as Role-Based Access Control (RBAC) [3].

ACs are theoretically similar to Privilege Access Certificates (PACs), as used in SESAME and Windows 2000 operating system. The use of ACs has been included into both the ANSI X9.57 standard and the X.509 standards and recommendations of both ITU-T [4] and ISO/IEC, as a better alternative to X.509 public key certificates (PKC), for carrying authorization information. AC-based authorization is also an extension to the IETF Transport Layer Security Protocol (TLS). The basic structure of an AC is shown in Fig. 1. One of the advantages of these temporary certificates having a short life is that they do not usually need to be revoked and will therefore need not be included in any Certificate Revocation List (CRL). If they are issued in respect of a pre-paid subscription service, they certainly not require any revocation at all. Finally, this mechanism can support non-repudiation services.

Another application area for ACs is mobile code technology, used by applications in wired and wireless computer networks in the last few years. Making code mobile means that programs or code segments are exchanged between computer networks and systems and the heterogeneity of platforms is hidden by a common language in which the program code is actually written [5]. A solution to protect the execution environment (e.g. mobile device), against potentially malicious mobile code is to authenticate the mobile code before it is actually executed. This approach is known as Shrink-Wrap. So, although it is not possible for someone to decide if a portion of mobile code contains malicious code, he can at least authenticate it. This can be very useful to a software developer who digitally signs the mobile code and distributes it together with the attribute certificate that is needed to verify the signature.

For example, let us consider a mobile Palm user who connects via GPRS in a mobile-portal and seeks for games. He wants to be sure that the gaming-code he decides to download is at least authentic. On the other hand, a developer who programs an application for specific phones wants to sign his code and put it along with the matching certificate in a mobile-portal. Therefore, he also needs to obtain an AC. In such an environment, we assume that there are many Attribute Authorities, which can issue that kind of certificates, certainly in collaboration with the service-offering parties. For example, if an organization already runs a directory service for public key certificates and related status information, this service can also be used to distribute ACs.

When implementing such scenarios with ACs, we need to examine interworking alternatives between the mobile core network and the necessary public key infrastructure (PKI) [6], [7]. Taking into account recent 3GPP specifications about WLAN-3G interworking [8], [9], [11], [12], [13] in a Beyond-3G (B3G) vision, we propose a hybrid WLAN-3G architecture to support ACs issuing. 3GPP does not assume any specific type of WLAN system, but for the purpose of this paper we presume that the WLAN is of the IEEE 802.11 type. The proposed architecture, which extends undergoing work by 3GPP, enables a Wi-Fi user, who is also a subscriber to a 3G mobile network operator, to move across WLAN segments administrated by different WLAN operators and to acquire on-demand ACs. Consequently, the user needs to know only his home 3G network operator, who is responsible of establish and maintain Roaming Agreements (RAs) with various intermediate visited 3GPP and ending WLAN operators. Additionally, we experiment with on-the-fly certificate generation, testing the performance of two prototype implementations. The measurements show that ACs issuing is attainable in terms of service time, while simultaneously can deliver flexible and scalable solutions to both future mobile operators and users. Finally, we list all possible impending threats suggesting, where applicable potential countermeasures.

The rest of the paper is organized as follows. In Section 2, we present and discuss a feasible interworking architecture between 3G core network and a PKI capable of providing certificates, under the assumption that the user may roam between different visited and probably heterogeneous network domains. Section 3 gives an overview of our experimental test bed and procedures, as well as a security risk analysis, while Section 4 presents the derived performance measurement results. The last section concludes the paper and points to future work.