3G-WLAN convergence. Vulnerability, attacks possibilities and security model

In this paper we present the vulnerability, threats and attacks for Third Generation (3G) networks converged with WLAN and propose the security model addressing the roaming and non-roaming security scenarios. Many threats against 3G network resources can be realised by attacking the WLAN access network, therefore it is important to identify the security requirements for 3G-WLAN inter-working and choose a security solution that is robust and dynamic to different levels of WLAN access network. The proposed architecture is based on the Extensible Authentication Protocol (EAP) for USIM Authentication & Key Agreement (AKA) and authorization procedures, and secure tunnel establishment using IKEv2 (Internet Key Exchange) Protocol to minimize security threats. We will also discuss the termination of fake or forge WLAN session to protect the user confidential information on vulnerable wireless link. The development is part of Secure Service Provisioning (SSP) Framework of IP Multimedia System (UAS) at 3Gb Testbed of Fokus Fraunhofer.