Personal broadband >> Mobi iB >> Security & Technology
An application running within an end-user’s Mobi iB session traverses multiple networks; the wireless access network, a wired transport and ISP network and ultimately the application’s destination network. Mobi iB enables security to be provided locally within each of these domains as well as end-to-end security.
The basic air interface security concept is that Security is both “horizontal” and “vertical”, and the Air interface provides encryption and authentication.
The basic security functions required in a communications network are:
- Confidentiality to ensure that information is accessible only to authorized parties.
- Authentication to minimize man-in-the-middle attacks.
- Access control to ensure that only authorized users have access to the network.
The key features of Mobi iB Air Interface Security are as follows:
Mutual public key authentication of network and User Terminal that overcomes the problem of shared secret generation and exchange issues PKI mechanism ensures that only authorized base stations can obtain the keys and have access to the Mobi iB network.
RC-4 stream cipher with up to 192 bit key.Secure IV updates & key diffusion for robustness: A new secret key is created each time a secure channel is established.
User authentication restricts access to the Mobi iB network.Information is verified against a RADIUS database, which stores user profile and information.
- Network security
Different layers, network, transport and application, of security protocols are implemented in the Mobi iB system to enable and enforce end-to-end IP-centric security mechanism.
- Transport level security
is achieved using Secure Socket Layer (SSL) and Transport Layer Security (TLS).
- Application level security
is achieved by using PGP, Secure Shell (SSH) and Kerberos.
- Network layer security
is achieved by using IP security standards such as IP Security (IPSec). IPSec is used to encrypt the L2TP tunnels that bear multiple user sessions between them. IPSec is used to provide end-to-end network layer security. In this case, the Mobi iB user’s end user device such as a Laptop supports an IPSec client and the ISP supports an IPSec gateway. All traffic between the Mobi iB user and the ISP is secured by an IPSec tunnel between the user Laptop and the IPSec gateway.IPSec can be used to secure business Virtual Private Networks over Mobi iB. IPSec forms the underpinning of most secure VPN solutions.
Mobi iB technology is not a single technology but a complete, end-to-end, broadband, wireless IP solution. It connects end-users devices to content and service providers, and businesses to their customers, suppliers and employees. By enabling pervasive broadband wireless connectivity, business users and consumers have ubiquitous access to all of the IP applications that they already enjoy on the wired Internet.
End users employ a Mobi iB enabled modem that wirelessly transmits and receives the data traffic to Mobi iB base stations. This traffic is transported over a wide area network and routed through this network to the user's service provider of choice.
The key characteristics of Mobi iB - broadband access with always-on connectivity and the freedom to move - are akin to "mobile DSL" for the end user.