by
Andreas Bonnard*
Table
of Contents
Trust is the Key to Mobile Business......
1
Security and Privacy for wireless data services still in its
infancy........
1
Mobile business must
follow example set by security standards in wireline e-business
1
Mobile business lagging
behind in terms of security..
2
No PKIs in mobile
business for some time to come..........
2
Security – the picture
remains blurred...
3
Customer trust paramount
for mobile business...
3
Mobile Web Privacy
Needs.........
3
Summarized Security and
Privacy Requirements.................
4
The
analysts agree: WAP (Wireless Application Protocol) and the new mobile
communications generation GPRS (General Packer Radio System) will lead to a
surge in mobile participation in e-commerce. Durlacher expects the European
market for mobile business to skyrocket from just 3 billion at present to 30
billion in the year 2003. In its “Wireless Internet” study ARC forecasts that
there will be more mobile than wireline participants in e-commerce by the end
of 2002.
However,
even if each new analyst forecast for mobile business tops the last, none of
them will become reality unless security in WAP communications is brought into
line with the standards set in wireline e-business as soon as possible. Almost
all security gaps in wireline e-business have now been closed by an industry
standard. Version 3 of SSL (Secure Socket Layer) secures the encryption
processes and the related keys for two-way partner/system authentication. Both
symmetrical and asymmetrical encryption methods (a combination of public and
private keys) are used for this two-way authentication. Interfaces to
certification authorities defined in SSL 3.0 allow a neutral party to check
whether the e-business participant is the lawful owner of the key on the basis
of a certificate. For the secure transmission of the e-business data,
including credit card and account numbers and PINs and TANs, SSL 3.0 then uses
symmetrical encryption with a key of up to 160 bits in length. Time stamps and
synchronized transaction numbers, again defined in SSL 3.0, prevent
information sent during e-business data transfer from being resent by third
parties unnoticed.
Provided
that companies engaged in e-business implement them, all these security
mechanisms help to build consumer confidence because
Ø they guarantee
the authenticity of the sender;
Ø they ensure
data integrity as the transferred data cannot be modified by unauthorized
third parties;
Ø data remain
confidential because they cannot be read by unauthorized third
parties;
Ø data cannot be
resent by unauthorized third parties during transfer.
Nonetheless,
there are still potential risks in wireline e-business involving such aspects
as the generation, handling and storage of keys and the choice of encryption
methods and key lengths. Both of these fields are still in need of
standardization. In addition, e-business providers and participants also have
to rely on the trustworthiness of certification authorities that are
responsible for checking and certifying the authenticity of the keys used.
Overall, however, the security framework for safe e-business communications is
in place.
The present
security framework for mobile business providers and participants is much less
auspicious. There are already immanent security gaps on the network level.
While wireline connections using standards such as the IETF’s (Internet
Engineering Task Force) IPsec and TLS (Transport Layer Security) ensure a
secure connection between the PC and Web server, GSM/GPRS communication can
only offer encryption of the data between the mobile phone and the
transmitter. UMTS will have the same security level. All individuals and
systems having access to the network elements and transmission links thus
automatically have access to the business data. As a result, data could
potentially be viewed and manipulated not only by employees of
telecommunications network operators but also to an increasing degree by
service providers.
This
makes the need for mobile business providers and customers to close the wide
security gap between the mobile phone and the WAP gateway, i.e. the supplier
of WML (Wireless Markup Language) pages, on an application level, all the more
urgent. The problem is that the current W3C (World Wide Web Consortium)
standard, WAP 1.1, which uses WTLS
(Wireless Transport Layer Security), merely offers two security levels between
the WAP phone and the WAP gateway. Level 1 only permits encryption of the
transferred data using a method comparable to the first version of SSL (Secure
Socket Layer). How the encryption processes and the related keys for the
two-way authentication of partners/systems are to be secured is also not
defined by WTLS. And what would be the point? Level 2 only supports server
certificates which tell the mobile business participants whether they are
connected to the right WAP gateway. The client certificates for two-way
authentication of the WAP gateway and WAP phone are therefore lacking. Nor
does WTLS regulate key management, which means that this process is not
transparent for the mobile business participant. And it gets worse: most
mobile phones in the market are only WAP 1.0 compatible and will remain so.
This is because the manufacturers have not even included a software update
option in their mobile phones, preferring instead to sell new WAP 1.1
compatible mobile phones.
WAP
1.2 will see the introduction of client certificates in mobile phones, which
will allow two-way authentication between the WAP gateway and the mobile
phone. This two-way authentication will be performed by the WIM (Wireless
Identification Module) in WAP 1.2. This standard, which is soon to be adopted,
will also define the choice of various encryption methods and key lengths. It
will be some time, however, until secure WAP 1.2 compatible mobile phones
become sufficiently established in the market. Manufacturers will continue to
market their WAP 1.1 compatible mobile phones before the combination of WAP
1.2 compatible mobile phones and GPRS transmission technology allows secure
mobile business communication to take foot in the market. This will not occur
before the end of 2001.
A
suitable interface to a PKI (Public Key Infrastructure) will be required in
practice in order to reach the level of security of wireline e-business. This
infrastructure will allow the use of digital signatures - the legal equivalent
of a personal signature for the conclusion of a mobile business transaction -
for the purpose of authentication. The reason why PKIs have got off to a late
start in mobile business is that in the WAP 1.2 standard the key is installed
in the mobile phone without protection instead of being protected on the SIM
(Subscriber Identity Module) card. This opens the door to manipulation of
security applications, especially for mobile phones that have their own RAM,
processor and memory. Successful pilot projects using keys contained in the
SIM card have been running for about a year in Scandinavia. At the same time,
manufacturers such as Sonera SmartTrust, AcrossWireless and Brokat are fast
becoming the driving force behind PKI compatible mobile business. Seen
overall, however, this process is still in its infancy.
Alternatively,
the encryption process could be performed securely by a PKI on a chip card
integrated in the mobile phone. But again, this will be left to the WAP 1.3
standard. Manufacturers will not begin to include a second slot that can be
used to address the chip card in their mobile phones until this standard has
been adopted. This is unlikely to happen any earlier than
mid-2002.
Until
the widely acclaimed mobile business reaches safe waters, providers and
participants alike will have to make do with an obscure conglomeration of
security mechanisms and a lower level of security. The providers of mobile
banking services are a good example. The financial services provider
Comdirect, for instance, has stated that it does not use WTLS. Sparda Bank,
1822 direkt, Consors and Direkt Anlage Bank say that their mobile banking
solutions operate on the basis of WTLS. However, for WTLS to work, the
institutes stress that customers have to use new WAP 1.1 compatible mobile
phones of certain manufacturers or providers such as Viag Interkom. But even
if WTLS works for new mobile phones, mobile business participants at all these
institutes still have to make do with a lean version of WTLS. Only the
transferred data are encoded often using just a 40-bit key
agreed with the customer. This procedure leaves the customer in the dark over
key management.
At
present, mobile business poses a security problem for the customer especially
when the provider decides to outsource such services. The WAP gateway is then
located at the service provider, which means that WTLS-secured communication
ends after half the distance. A secure connection from the gateway to the
provider’s application server then has to be established via a fixed line. The
incoming data also have to be decrypted by the WAP gateway and then
reencrypted using the TLS Internet standard for wireline transfer. The problem
is that there are no binding rules for this procedure. In addition, this
encryption/decryption logic calls for a hermetically sealed WAP gateway – and
the customer can never be sure how well the service provider actually protects
this gateway. With this constellation there can be no talk of end-to-end
security that really deserves this name.
Against this
backdrop and in view of the forthcoming establishment of UMTS technology it is
obvious that mobile business providers and service providers will have to
start showing greater commitment to the issue of security in order for WAP
services to appeal to consumers. If anything, greater commitment is required
because WTLS and WIM leave too much scope for implementation, e.g. with
respect to the choice of encryption methods, key lengths and the design of key
management. WTLS does not even prescribe authentication. Last but not least,
the course towards mobile business and PKIs has to be charted at an early
stage.
Just what level
of security is required in each case and what means can be used to achieve
added security can only be determined through testing and certification by an
independent auditing firm. This neutral certification of an appropriate level
of security will open the door to the mobile business market. Ultimately,
business using this means of communication will stand or fall with the degree
of trust that consumers place in its security.
Considering
the existing security features and the means in mobile business to actively
locate the mobile handheld there is a strong need for privacy of end users.
Many business models in mobile business are based on the intensive usage of
location information. User profiles showing moving history data can lead to an
exposure to threatening scenarios. Therefore, standardization bodies,
governments and industries should develop technologies which give the end user
the choice to actively accept on a transaction basis the usage of location
specific information. Mobile service providers should agree to accept
restrictions on the usage of user location information.
In
summary the following security and privacy requirements can be formulated on
behalf of our clients:
• Secure
Key Management
• Real
End-to-End Security
• Filtering
Tools at Mobiles (Personal Mobile Firewalls)
• Public
Key Infrastructure compliant to law
• Digital
Signatures Compliant to Law
• Mutual
authentication mandatory
• Strong
Encryption
• Application
Specific Security Choices
• Industry
restrictions on usage of location specific user data
• Means
for anonymous usage of mobile data services
• Mandatory
certification of security and privacy means of mobile services by independent
trusted third parties (e.g. technology oriented international audit
firms).
*Andreas
Bonnard is a Manager in the field of Telecommunications with the Technology
Risk Consulting Practice of Arthur Andersen in Eschborn/Frankfurt am Main.
Contact: andreas.bonnard@de.arthurandersen.com