Professional Documents
Culture Documents
Thesis Asma Alazeib
Thesis Asma Alazeib
Declaration
Herewith, I declare that I have written this thesis myself and no other sources than listed in the references have been used.
Acknowledgements
I would like to thank first and foremost my supervisors in Alcatel SEL AG, Dr. Stephan Rupp and Andreas Diehl for all their help, support, follow ups and encouragement. I thank them for the weekly meetings held, for all the guidance and assistance and for all the times they were there whenever I needed advice and support. I would also like to thank Prof. Klaus Schnemann and Prof. Wolfgang Meyer for supervising me at the Hamburg University of Technology during my master thesis and for their help and support. Special thanks also goes to Franz Josef Banet and Matthias Duspiva who were always there to answer my questions, spent several hours clarifying my doubts, and whom supported me throughout my thesis. Never ending thanks also goes to the former Telematics group of Alcatel SEL AG, now the mm-lab company for being my entrance point in Alcatel and for making the company feel like home, for all the moral support, encouragement and for always being there for me in every case. Special thanks go to Lothar Krank, Ronald Prestin, Martin Geiger, Bernd Herrmann, Michael Meiser, Wolfgang Schffer, Michael Koch, Horst Idler, Gerald Sander, Claus Hirdes, Andreas Streit and Sandra Steege. Warm wishes go to all my friends that Ive encountered during my stay in Germany, each person has made a positive influence in my life and in very special and different ways. I thank them for the making me see life from other aspects and whom have greatly contributed to the person I am today. Last but not least, I would like to thank all my family members for believing in me and for their encouragement.
Table of Contents Declaration......................................................................................................................................1 Acknowledgements........................................................................................................................2 1 Introduction...............................................................................................................................10 1.1 Restructuring Telecommunication Networks...............................................................12 1.1.1 Physical Consolidation of Subscriber Data ...........................................................13 1.1.2 Logical Consolidation of Subscriber Data .............................................................13 1.1.3 Harmonization of Interfaces....................................................................................13 2 Authentication in Wireless Networks ....................................................................................16 2.1 Security in wireless networks...........................................................................................16 2.2 Introduction to Authentication.......................................................................................17 2.3 Introduction to GSM networks ......................................................................................18 2.3.1 GSM Network Components....................................................................................19 2.3.1.1 Radio Subsystem ................................................................................................19 2.3.1.2 Base Station Subsystem.....................................................................................19 2.3.1.3 Network and Switching Subsystem.................................................................20 2.3.2 Visited Access/Core Network, Operator Home Network .................................21 2.3.3 Numbers and Identities ............................................................................................21 2.3.3.1 International Mobile Subscriber Identity .......................................................21 2.3.3.2 Mobile Subscriber Integrated Services Digital Network Number..............22 2.4 Security in GSM Networks..............................................................................................24 2.4.1 GSM Authentication .................................................................................................24 2.4.2 Security Algorithms in GSM....................................................................................26 2.4.2.1 A3 Algorithm......................................................................................................26 2.4.2.2 A5 Algorithm......................................................................................................27 2.4.2.3 A8 Algorithm......................................................................................................27 2.5 Introduction to UMTS networks....................................................................................28 2.5.1 UMTS Network Components .................................................................................29 2.5.1.1 User Equipment.................................................................................................29 2.5.1.2 UMTS Terrestrial Radio Access Network .....................................................29 2.5.1.3 Core Network.....................................................................................................30 2.6 Security in UMTS networks.............................................................................................31 2.6.1 UMTS Authentication ..............................................................................................32 2.6.1.1 UMTS Authentication Vector..........................................................................34
2.6.1.2 USIM Authentication ........................................................................................36 2.6.2 Security Algorithms in UMTS .................................................................................37 2.7 Introduction into the Internet Protocol Multimedia Sub-System in UMTS networks....................................................................................................................................38 2.7.1 Identities in the IMS system.....................................................................................40 2.7.1.1 Private User Identities.......................................................................................40 2.7.1.2 Public User Identities ........................................................................................40 2.7.1.3 Public Service Identities....................................................................................41 2.8 Introduction to Wireless Local Area Networks............................................................42 2.9 Security in WLAN networks ...........................................................................................43 2.9.1 802.11 ..........................................................................................................................43 2.9.2 Wired Equivalent Privacy.........................................................................................43 2.9.3 Wi-Fi Protected Access ............................................................................................44 2.10 WLAN Security Architecture ........................................................................................44 2.10.1 802.1X .......................................................................................................................44 2.10.2 Authentication, Authorization and Accounting Server .....................................46 2.10.3 Certificate Based Authentication...........................................................................47 2.10.3.1 Public Key Infrastructure ...............................................................................47 2.10.4 Password Based Authentication............................................................................48 2.10.5 Extensible Authentication Protocol .....................................................................48 2.10.5.1 Lightweight Extensible Authentication Protocol........................................49 2.10.5.2 EAP Transport Layer Security.......................................................................49 2.10.5.3 Protected Extensible Authentication Protocol............................................50 2.10.5.4 EAP- Subscriber Identity Module.................................................................51 3 Ontologies and the Semantic Web.........................................................................................55 3.1 The Semantic Web ............................................................................................................55 3.2 Ontologies ..........................................................................................................................56 3.2.1 Origin ..........................................................................................................................56 3.2.2 Definition....................................................................................................................57 3.2.2.1 In Philosophy .....................................................................................................57 3.2.2.2 In Artificial Intelligence ....................................................................................57 3.2.3 Ontology Approaches...............................................................................................58 3.2.3.1 Description Logics.............................................................................................58 3.2.3.2 Frame-based .......................................................................................................58
3.2.3.3 Predicate Logic...................................................................................................59 3.2.4 The Web Ontology Language..................................................................................59 3.2.4.1 OWL Lite ............................................................................................................60 3.2.4.2 OWL DL.............................................................................................................60 3.2.4.3 OWL Full ............................................................................................................61 3.2.5 OWL Language Constructs .....................................................................................61 3.2.5.1 Classes..................................................................................................................61 3.2.5.2 Properties ............................................................................................................62 3.2.5.3 Operators ............................................................................................................65 3.2.6 Ontology Tools..........................................................................................................66 3.2.6.1 Protg.................................................................................................................66 3.2.6.2 RenamedABox and Concept Expression Reasoner Professional...............66 3.2.6.3 Graphical Visualization .....................................................................................67 3.2.7 Protg-OWL Concepts ...........................................................................................67 3.2.8 Ontology Development............................................................................................68 3.2.8.1 Why Develop an Ontology ..............................................................................68 3.2.8.2 Steps in Developing an Ontology ...................................................................69 4 An Ontology for Generic Wireless Authentication.............................................................72 4.1 Class Overview ..................................................................................................................72 4.2 Ontology Classes and Subclasses....................................................................................73 4.2.1 The Algorithm class ..................................................................................................73 4.2.2 The AuthenticationMethod class ............................................................................74 4.2.3 The AuthenticationType class .................................................................................74 4.2.4 The Certificate class ..................................................................................................75 4.2.5 The CertificateComponent class .............................................................................75 4.2.6 The Code class ...........................................................................................................76 4.2.7 The DataBase class....................................................................................................76 4.2.8 The Identity class.......................................................................................................76 4.2.9 The Key class .............................................................................................................77 4.2.10 The Network class...................................................................................................78 4.2.11 The Number Class ..................................................................................................78 4.2.12 The Service class......................................................................................................79 4.2.13 The UserData class..................................................................................................80 4.2.14 The Subscriber class................................................................................................81
4.3 Disjoint Classes..................................................................................................................81 4.3.1 The Algorithm class disjoints ..................................................................................82 4.3.2 The AuthenticationMethod class disjoints ............................................................82 4.3.2.1 The EAP-SIM subclass .....................................................................................82 4.3.2.2 The EAP-TLS subclass .....................................................................................83 4.3.2.3 The LEAP subclass ...........................................................................................83 4.3.2.4 The PEAP subclass ...........................................................................................83 4.3.3 The AuthenticationType class disjoints .................................................................84 4.3.3.1 The CertificateBased subclass ..........................................................................84 4.3.3.2 The ChallengeResponse subclass ....................................................................84 4.3.3.3 The MutualAuthentication subclass................................................................84 4.3.3.4 The NetworkAuthentication subclass.............................................................84 4.3.3.5 The PasswordBased subclass ...........................................................................84 4.3.3.6 The UserAuthentication subclass ....................................................................85 4.3.4 The Certificate class disjoints...................................................................................85 4.3.5 The CertificateComponent class disjoints .............................................................85 4.3.5.1 The IssuerName, SerialNumber, Signature, Subject, ValidFrom, ValidTo and PublicKey subclasses ..............................................................................................85 4.3.5.2 The SignatureAlgorithm subclass ....................................................................85 4.3.6 The Code class disjoints ...........................................................................................86 4.3.7 The Database class disjoints ....................................................................................86 4.3.8 The Identity class disjoints .......................................................................................86 4.3.9 The Key class disjoints..............................................................................................86 4.3.9.1 The DerivedKey subclass .................................................................................86 4.3.9.2 The GeneratedKey subclass .............................................................................86 4.3.9.3 The StaticKey subclass......................................................................................87 4.3.10 The Network class disjoints...................................................................................87 4.3.11 The Number class disjoints....................................................................................87 4.3.12 The Service class disjoints ......................................................................................87 4.3.12.1 The BasicService subclass...............................................................................87 4.3.12.2 The SupplementaryService subclass..............................................................87 4.3.12.3 The MultimediaService subclass....................................................................87 4.3.13 The UserData class disjoints..................................................................................88 4.4 Inconsistencies from Disjoint classes.............................................................................88
4.5 Class Properties .................................................................................................................89 4.5.1 hasIdentity isIdentityOf .......................................................................................89 4.5.2 hasNetworkIdentity isNetworkIdentityOf.......................................................89 4.5.3 hasUserName isUserNameOf ...........................................................................89 4.5.4 hasAuthenticationMethod isAuthenticationMethodOf ..................................89 4.5.5 hasAuthenticationType isAuthenticationTypeOf ............................................90 4.5.6 hasCertificate isCertificateOf ..............................................................................90 4.5.7 hasPassword isPasswordOf .................................................................................90 4.5.8 hasBasicService isBasicServiceOf .......................................................................90 4.5.9 hasSupplementaryService isSupplementaryServiceOf .....................................90 4.5.10 hasDatabase isDatabaseOf ................................................................................90 4.5.11 hasChallenge isChallengeOf .............................................................................91 4.5.12 hasSecretKey isSecretKeyOf.............................................................................91 4.5.13 hasExpectedResponse isExpectedResponseOf .............................................91 4.5.14 hasTriplets isTripletsOf .....................................................................................91 4.5.15 hasInput isInputOf.............................................................................................91 4.5.16 hasOutput isOutputOf.......................................................................................91 4.5.17 hasNumber isNumberOf...................................................................................92 4.5.18 hasSubscriber isSubscriberOf ...........................................................................92 4.5.19 Stores isStoredIn .................................................................................................92 4.5.20 hasAlgorithm isAlgorithmOf ...........................................................................92 4.6 Identification of a new is-a relationship.........................................................................92 4.7 Initial ontology tests and reasoning................................................................................93
4.8 Property Restrictions and Defining Classes ..................................................................94 4.8.1 Restrictions defining the f1 class.............................................................................94 4.8.2 Restrictions defining the EAP-SIM class...............................................................96 4.8.3 Restrictions defining the Subscriber class..............................................................98 4.8.4 Restrictions defining the IMSI class .......................................................................99 4.9 Asserted and Inferred Hierarchy.................................................................................. 101 5 Installation and Testing......................................................................................................... 102 5.1 Installation Guidelines................................................................................................... 102 5.2 Loading the Ontology ................................................................................................... 102 5.3 Encountered Problems.................................................................................................. 103 5.3.1 Enumerated Classes ............................................................................................... 103 5.3.2 Defining values for properties instead of individuals........................................ 104 5.3.3 allValuesFrom, someValuesFrom and Disjoint classes .................................... 105 5.3.4 Defining Cardinalities ............................................................................................ 106 6 Summary and Conclusions ................................................................................................... 107 6.1 Summary.......................................................................................................................... 107 6.2 Further research.............................................................................................................. 108 6.3 Areas of application ....................................................................................................... 109 References .................................................................................................................................. 110 Abbreviations............................................................................................................................. 116 Appendix A................................................................................................................................ 120 Appendix B ................................................................................................................................ 123
Table of Figures Figure 1: Current status of telecommunication networks......................................................11 Figure 2: Distributed Subscriber Data ......................................................................................12 Figure 3: Physical and Logical Consolidation of Data............................................................14 Figure 4: GSM Network Architecture ......................................................................................18 Figure 5: IMSI Number Format ................................................................................................22 Figure 6: MSISDN Number Format.........................................................................................23 Figure 7: Authentication in GSM Networks............................................................................24 Figure 8: UMTS Network Architecture....................................................................................28 Figure 9: Authentication in UMTS Networks .........................................................................32 Figure 10: UMTS Authentication Vector .................................................................................34 Figure 11: USIM Authentication ...............................................................................................36 Figure 12: IMS Subsystem Architecture ...................................................................................38 Figure 13: WLAN Overview ......................................................................................................42 Figure 14: WLAN Security Architecture ..................................................................................44 Figure 15: EAP-SIM Architecture .............................................................................................51 Figure 16: EAP-SIM Authentication.........................................................................................53 Figure 17: Overview of Asserted Ontology Hierarchy...........................................................72 Figure 18: Disjoint Classes..........................................................................................................81 Figure 19: Incorrect disjoint definition - Inconsistent class ..................................................88 Figure 20: Ontology tests and reasoning results......................................................................93 Figure 21: f1 Class Restrictions..................................................................................................94 Figure 22: EAP-SIM Class Restrictions....................................................................................96 Figure 23: Subscriber Class Restrictions...................................................................................98 Figure 24: IMSI Class Restrictions ............................................................................................99 Figure 25: Asserted and Inferred Hierarchy.......................................................................... 101 Figure 26: Enumerated Classes and OWL-FULL Error..................................................... 104 Figure 27: Defining a value for an Object Property - OWL FULL Error ....................... 105 Figure 28: Integration of Future domains ............................................................................. 109
10
1 Introduction
The increase in network complexity in telecommunication systems has given rise to the need of restructuring telecommunication networks. Today networks are structured in such a way, that the introduction of new network elements and network services significantly increase the complexity of networks for network operators. Thus making it difficult to deploy and integrate new services and domains into existing networks, as well as complicating the maintenance and management of such networks. Examples for telecommunication networks are mobile and wireless networks. The original architecture for mobile networks was based on supporting the mobility of phone calls. The extension of such networks and the difficulty of maintaining such extensions were not put into consideration while designing these networks. Today several network domains exist in mobile and wireless networks. Each domain brings along with it new services, features and applications. And each domain requires the introduction of new network elements, thus further contributing to the complexity of networks. Each network element requires its own independent set of services, applications and subscriber data. As well as interfaces and protocols to communicate with each other. Subscriber data is required for the new network elements existing within the network, which is sometimes redundant across the different nodes. Each network node owns its own subscriber profile (data), which is sometimes replicated and distributed across the network. This complicates access to data and makes it impossible to obtain and maintain a complete profile of a specific network subscriber, since all data related to a subscriber is distributed along the network. Managing the network elements becomes difficult and operating expenses involved for network planning and maintenance of such networks also increases. Another problem that arises from the current architecture of networks today is the integration of several networks and domains (e.g. the integration of UMTS and WLAN networks). The current architecture was not designed to support the integration of new networks and services. The never-ending extensions of these networks will only make it impossible in the future to maintain such networks.
11
The
following
points
summarize
the
problems
that
arise
from
the
way
telecommunication networks are structured today: Several domains Several network elements within each domain Inaccessible data due to vendor specific systems for the network elements Separate set of subscriber data for each network element Redundant subscriber data across the network elements Several protocols and interfaces to communicate between the nodes Increased complexity Increased expenses
The following figure illustrates the current status in telecommunication networks today:
Domain 2 Domain 1
Node 4 Node 4 Node 2 Node 2
Node 3
Domain 4
Node 4 Node 2
Domain 3
Node 4 Node 2
For the purpose of this thesis the restructuring of the GSM, UMTS and WLAN domains are considered. In particular the authentication specific data related to a certain subscriber is modelled for the next generation profile register.
12
13
Three approaches considered for the simplification of telecommunication networks today, and that complement each other are the following: Physical Consolidation of Subscriber Data Logical Consolidation of Subscriber Data Harmonisation of Interfaces
14
This thesis concentrates on the Logical Consolidation of Subscriber data, in specific authentication specific data for GSM, UMTS and WLAN networks. In order to create a logical model for subscriber data it is important to choose an appropriate modelling language for modelling the data stored in the subscriber profiles [61]. Relational models are not sufficient to describe the data for the logical model, the Unified Modelling Language (UML) focuses on the operational properties and run time data, the Extensible Markup Language (XML) and XML schema provide and define the structure of data, the Resource Description Framework (RDF) and RDF Schema define the data model for objects and the relationship between objects. It also provides a terminology for expressing classes and properties. The appropriate method evaluated for modelling the logical data was using the Semantic Web to provide meaning for the data. The most suitable language evaluated for the description of the data was the Web Ontology Language (OWL), which supports sharing and distribution of knowledge, a richer vocabulary for modelling and which focuses on the structural properties of a domain [49][52]. The thesis is organized in the following manner: this chapter provides an introduction to the thesis and the motivation behind the work performed. Chapter two provides an overview of GSM, UMTS and WLAN networks. The main focus of this chapter is the
15
authentication procedures for each network. Chapter three describes the Semantic Web, ontologies (a knowledge based used to model the data), the Web Ontology Language and the tools needed to model an ontology. Chapter four describes the ontology created with the Protg Tool. The ontology provides the definition of classes, the properties and the relationships between the classes. Chapter five describes the installation requirements needed to create the ontology, how the ontology can be loaded and a list of errors during testing the consistency of the ontology. The summary of the work achieved, the conclusions and open issues are described in Chapter 6.
16
Authentication is used to prove the identity of a certain entity requesting access to a network. This is used so that the network operator is able to verify that the mobile subscriber in the case of GSM and UMTS networks is really who he/she claims to be. This reduces the possibility for mobile identity impersonation [6] [7]. Encryption is used to ensure the confidentiality of data. Data integrity guarantees that the data is not modified or destroyed in any way, thus sensitive signalling information and data are protected against eavesdropping attacks. Anonymity is another security aspect that protects user identity, making it hard to track the whereabouts of a certain user. Anonymity is achieved using temporary identities [6].
17
The scope of this thesis only addresses the authentication procedures of mobile and wireless networks, specifically GSM, UMTS and WLAN networks. Other security aspects are not within this scope.
18
RSS
NSS
BSS
BTS HLR AuC MS Mobile Device BSC Visited Access Network MSC VLR Visited Core Network Home Network
The GSM network comprises of three subsystems, namely the Radio Subsystem (RSS), the Network and Switching Subsystem (NSS) and the Operation Subsystem (OSS) [1] [4]. The OSS is not discussed in this thesis.
19
The Mobile Equipment (ME) is the actual mobile device a user uses to establish calls and other telephony services. The ME communicates with the radio channel and provides various services to the user of the mobile device.
2.3.1.1.1.2 Subscriber Identity Module
The Subscriber Identity Module (SIM) [3] is located inside the ME and contains subscriber specific data. This data is used for identifying a subscriber to the network via the International Mobile Subscriber Identity (IMSI). Authentication specific data is also stored inside the SIM (e.g. algorithms, secret key), which are later used for key generation [4] [6]. Two security services are implemented for the SIM card. The first security mechanism for the SIM is access control, which controls a user from accessing the card and the information and services provided upon card access. This is provided via a secret Personal Identification Number (PIN), which the user has to enter before gaining access to the SIM. The second security mechanism provided is the network challenge and response mechanism described in section (2.4.1).
20
2.3.1.2.1 Base Transceiver Station The Base Transceiver Station (BTS) takes care of the communication with the mobile station, and is responsible for radio specific functions (sending and receiving) [4] 2.3.1.2.1 Base Station Controller The Base Station Controller (BSC) is responsible for the switching between several BTSs, and for the switching of radio channels. The BSC provides the necessary control functions and physical links between the Network Subsystem (NSS), via the Mobile Switching Center (MSC) and the BTS [1] [3] [4].
21
outside their home network. Certain administrational data is replicated in the VLR from the HLR in order to provide service provisioning and call control. Information about the visiting subscriber is retrieved from the HLR and stored in the VLR as a temporary record [1] [2] [3] [4]. 2.3.1.3.4 Authentication Center) The Authentication Center (AuC) is a register that is logically part of the HLR. Authentication specific data for a given subscriber is stored in the AuC. It is responsible for storing the secret key of a subscriber (section 2.4.1). Other tasks of the AuC include the generation of authentication parameters needed for authentication and encryption, proving the identity of a subscriber and providing protection mechanisms for a subscribers SIM card [1] [3] [4].
22
The IMSI is made up of three codes: Mobile Country Code (MCC) Mobile Network Code (MNC) 2 digits Mobile Station Identification Number (MSIN) 10 digits o HLR-Number o Subscriber Number (SN) MCC MNC MSIN
The Mobile Country Code is a three digit code, specifying a list of predefined mobile country codes that identify a mobile station in mobile networks. The MCC for Germany, for example is 262 and each country has its own respective MCC. The Mobile Network Code is the code, which identifies the home network of the mobile subscriber. E.g. in Germany the codes 01, 02 and 03 are used to identify the T-Mobile, Vodafone and E-Plus networks respectively. This code is 2 digits in Europe and 3 in North America. The Mobile Station Identification Number is a unique identifier, consisting of 10 digits that identify a mobile subscriber to the network. The MSIN consists of two parts, the first part represents the logical HLR address (HLR-Number) and consists of two digits and the second part is an identifier representing the subscriber number (SN) [2] [10] [11].
23
National Destination Code (NDC) Subscriber Number (SN) o HLR-Number (HLR#) o Individual Subscriber Number (ISN) CC NDC SN(HLR# + ISN)
The CC is consists of 1 3 digits and represents the code for the country. The NDC is consists of 2 3 digits and indicates the type of telephone number being called. In the case of mobile networks it indicates the code for the specific operator, E.g. 179 for the O2 network operator. The CC and the NDC together are used of routing purposes. The SN is a 10 digit number and consists of two parts; the HLR number representing the logical address of the HLR and the ISN, which is a number assigned to the subscriber [2] [10] [12].
24
In GSM networks Authentication is achieved by a challenge-response type of authentication (described in section 2.4.1), and by the encryption of the radio channel, which also guarantees confidentiality. Anonymity is achieved by the use of temporary identities (i.e. the Temporary Mobile Subscriber Identity TMSI), which is a temporary identity assigned to the IMSI [5] [6]. Only the Authentication part will be described in this thesis.
25
GSM authentication is a challenge-response type of authentication. The mobile station initiates the authentication procedure, by issuing an authentication request. The home network generates a response and sends a challenge to the mobile station, in order to calculate the same response. If both responses generated from the home network and the mobile station match, then authentication is achieved, and access to the network is granted. Below a detailed description of the authentication procedure and the components involved in authentication are given. A new mobile subscriber is given a SIM card, in which relevant information about a subscriber is stored. The SIM card contains the necessary keys and algorithms needed for the authentication procedure, which enables a subscriber to connect to the home network. A secret key referred to as Ki is stored in the SIM card of the mobile subscriber, and in the Authentication Center of the home network of the mobile operator. This key remains secret and is never transmitted from the AuC or SIM card. The Ki is a unique 128-bit key. The whole authentication procedure depends on the privacy/secrecy of this key. The concept behind the challenge-response type of authentication is to prove that the secret key, stored in the SIM card of the mobile station is the same as the key stored in the AuC. The authentication procedure begins when a mobile station, requests access to the network. This is achieved via an authentication request, in which the mobile device sends out the IMSI as a request for authentication. The IMSI is broadcasted to a corresponding MSC, which in turn forwards this information to the HLR in the home network, and also the VLR in the visited network. The AuC is associated with the HLR, and is responsible for storing authentication specific parameters. After the reception of the IMSI by the AuC, a random number (RAND) is generated using the received IMSI and the stored secret key Ki. The RAND number is a 128-bit key, and represents the challenge to be sent to the SIM by the home network. The AuC and SIM card contain authentication algorithms, namely the A3 algorithm for authentication and the A8 algorithm for key generation (explained in section 1.4.1). With the help of these algorithms an Expected Response key (XRES), which is 32-bits long, and a Cipher key (Kc), 64-bits long are generated.
26
The XRES is used to verify if the SIM can generate the same response, and is based on a symmetric mechanism. The Kc is used for encrypting calls between the mobile and base stations, and is a temporary session key. Upon generating these keys, the HLR sends out an authentication response known as triplets, which consists of the (RAND, XRES and Kc). The triplets are generated and stored in the VLR for each subscriber. The MSC then forwards the RAND number of the generated triplets to the mobile station. This RAND number is sent as a challenge to the mobile station, and challenges the mobile station to calculate the same response generated by the AuC. With the use of the A3 and A8 algorithms, the RAND number and Ki key are used to calculate the RES and a Kc. The RES is then forwarded to the MSC/VLR, and a comparison of RES and XRES is made. If both responses match, the authentication procedure is successful and the mobile station gains access to the network and its services. If, however the XRES and RES dont match, then access is denied to the mobile station and the authentication procedure fails [5] [6] [15].
2.4.2.1 A3 Algorithm
The A3 algorithm is the authentication algorithm for GSM networks, and resides on the SIM card of the mobile subscriber, and on the HLR/AuC of the home network. The implementation of the A3 algorithm is network specific and depends on the network operator. The A3 algorithm is a non-recursive algorithm, meaning that the output generated from the input cannot be used to derive or guess the inputs. Thus, the output gives no indication about the input. The main purpose of this algorithm is to authenticate the identity of a mobile subscriber.
27
The A3 algorithm generates the XRES on the network side and the RES on the mobile side. Both the XRES and RES are a 32-bit long key and are generated from Ki and RAND [13] [14] [15].
2.4.2.2 A5 Algorithm
The A5 algorithm is the ciphering/deciphering algorithm, and resides on the mobile station of a subscriber and on the BSS. The A5 algorithm is used for protecting data sent from the mobile station, and the BSS and vice-versa, this provides the privacy of data and calls. The Kc ensures that all calls are encrypted between the MS and the BSS. The A5 algorithm is a standardized algorithm, but this algorithm can only be obtained with a specific license from the GSM Association [5]. Although the A5 algorithm is standardized, its specification remains undisclosed [5] [13] [14] [15].
2.4.2.3 A8 Algorithm
The A8 algorithm is the ciphering key generation algorithm, as with the A3 algorithm it also resides on the SIM card and HLR/AuC. Its implementation is network specific and it is also a non-recursive algorithm. The A8 algorithm is used for generating the Kc, which is a session key and is used for encrypting voice and data traffic. The Kc is generated from the Ki and RAND and is 64bits long [13] [14] [15].
28
MS/UE
BTS MS BSS Packet Switched Domain UTRAN HLR AuC BSC MSC VLR
Node B UE RNS Mobile Device Visited Access Network Visited Core Network Home Network RNC 3G SGSN
29
The UMTS network consists of the following components: [16] [17] [18] User Equipment (UE) UMTS Terrestrial Radio Access Network (UTRAN) Core Network (CN)
30
controlling the connection to the CN, while the DRNC is responsible for the connection to the UE and offers additional resources [4] [18]. 2.5.1.2.2 Node B Node-Bs are the base stations of the UMTS network, and several Node-Bs can be connected to one RNC. Each Node-B can serve one or several radio cells. A Node-B fulfils almost the same functionalities as a BTS in GSM networks [16]. A Node B is mainly responsible for the transmission and reception of data [17].
31
32
IMSI
Authentication Request
IMSI
Authentication Request
UE
MSC VLR
SGSN
HLR AuC
USIM
RAND K AUTN RAND K SQN
RES
RES = XRES
XRES AUTN CK
IK
User Equipment
Serving Network
Home Network
UMTS authentication is based on a challenge-response type of authentication, similar to that of GSM networks. It is based on the existing GSM infrastructure and is built on GSM authentication and security mechanisms [5] [6]. UMTS authentication provides mutual authentication [5] [6], meaning that the network a certain subscriber is connecting to is authenticated. Details about the exact mutual authentication procedure are described below. The UE initiates the authentication procedure by sending an authentication request, which can be in the form of different subscriber identities: The IMSI. The Temporary Mobile Subscriber Identity (TMSI). This is a temporary identity, used instead of the IMSI in order to avoid the users identity from being continuously transferred via the network. Packet-TMSI (P-TMSI), for the packet switched domain [5].
33
These identities are also used in 2G GSM networks, apart from the P-TMSI, which is used in 2.5G networks. A permanent secret key (K) 128 bits - resides in the USIM of the UE and in the AuC of the home network. As with GSM authentication, this key is never transmitted and is always kept secret. The users identity is verified by the Serving Network (SN) or the visited core network. Access to the network is granted by the SN if the verification procedure is successful. The SN forwards the authentication request (IMSI) to the HLR/AuC of the Home Network (HN). An authentication vector, called (Quintets) is generated as the authentication response and is returned back to the SN. Using the IMSI, the AuC then generates a Random Number (RAND) 128 bits and a Sequence Number (SQN) 48 bits. This SQN is chosen in ascending order in order to later check the freshness of the SQN, and thus the freshness of the generated authentication vector sent to the USIM. The SQN and RAND number are then used, with the help of the f1, f2, f3, f4 and f5 functions/algorithms to generate the authentication vector. These functions are all nonrecursive, and it is important to note that the output of one function cannot reveal any information about the input of another function [5]. The inputs for the authentication vector are the RAND, SQN and K, which is stored in the AuC. The authentication vector consists of the following keys: the Expected Response (XRES) generated using the f2 function and is 32 128 bits; the Cipher Key (CK) generated using the f3 function and is 128 bits; the Integrity Key (IK) generated using the f4 function an is 128 bits; the Authentication Token (AUTN), which is a concatenation of different keys (explained below) and is 128 bits. An authentication response is then sent out to the Serving Network in a form of quintets, this authentication response is made out of the following keys: (RAND, AUTN, XRES, CK and IK). The SN keeps a copy of the XRES to compare it with the RES that will be generated on the USIM. The SN sends a challenge to the USIM in the form of the RAND and the AUTN keys. This challenge is used in the USIM along with K as inputs for the authentication procedure on the USIM side. The generated output consists of the following keys; Response (RES) 32 128 bits, generated by the f2 function, the SQN 48 bits, the Cipher Key (CK) and the Integrity Key (IK), generated by the f3 and f4 functions respectively.
34
The authentication procedure on the USIM starts upon the reception of RAND and AUTN. The importance of sending these two keys is for the mutual authentication process. The AUTN can only be computed by the AuC of the home network. Therefore, the UE is able to verify that it is connecting to a trusted network; a network that holds the same secret as the USIM (i.e. K) [19]. The RES is then forwarded to the SN, and is evaluated against the XRES response received from the Home Network. If both responses match then the UE is authenticated to access the network [5] [6] [19].
The generation of the authentication vector on the home network side begins with the reception of the IMSI (authentication request) from the UE. A fresh SQN and a RAND number are generated. SQN proves to the USIM that the generated authentication vector
35
is fresh. Five one way functions (f1, f2, f3, f4 and f5) [5] are used for generating the authentication vector.
The f1 and f2 functions/algorithms are message authentication functions. The input of the f1 function is the RAND, K, SQN and the Authentication and Management Field (AMF) a 16 bit key. The AMF is an operator-specific key, and is used for operatorspecific functions in the authentication procedure. The output of the f1 function is the Message Authentication Code (MAC) a 64 bit key, which is an algorithm or a one way hash that computes bits and a secret key to generate a fixed-length of bits [20]. Its purpose is for verifying that the inputted bits have not been altered in some way or the other. The f3, f4 and f5 functions are key generating functions, which all take the RAND and K as inputs. The f2 function generates the XRES, and is used to compare the RES generated on the USIM side for subscriber authentication. The f3 and f4 functions generate the CK and IK keys respectively for ciphering and integrity protection purposes on the air interface. The f5 function generates an Anonymity Key (AK) 48 bit, which is used to conceal the generated sequence number SQN [5] [19].
36
USIM
K RAND f5 f2 f3 f4
AK
RES SQN
CK
IK
SQN + AK
? MAC = XMAC
The functions f1 f5 are ordered in a different manner on the USIM as compared with the functions on the AuC. In USIM authentication the f5 function must generate outputs before the f1 function. The authentication procedure starts with the computation of the Anonymity Key (AK). This key is generated from the inputs of RAND and K using the f5 function, which is used to conceal the SQN preventing any leakage of user identity through the SQN. The functions f2, f3 and f4 take the RAND and K as inputs and generate RES, CK and IK respectively. The input of the f1 function is a bit more complicated; two keys from the AUTN namely SQN and AK are concatenated with the AK, which is generated from the f5 function in the following manner: SQN = (SQN AK) AK [19]. This SQN is then an input for the f1 function along with the AMF key. The f1 function generates the Expected MAC (XMAC) a 64 bit key as its output. This value (XMAC) is compared to the MAC of the AUTN key, which is a concatenation of the SQN, AK, AMF and MAC
37
match, authentication of the network is completed and the USIM verifies that it is connected to a trusted network [5] [19].
38
2.7 Introduction into the Internet Protocol Multimedia Sub-System in UMTS networks
The IP Multimedia Sub-System (IMS) plays a major role in UMTS networks as of the UMTS release number 5 [5]. The IMS is an application layer, residing on top of the packet switched domain of the UMTS network. It is independent of the access network, and supports various types of networks and devices [5]. The main intention of the IMS is to provide multimedia services and applications to end users. IMS also supports roaming services for mobile networks [5] [23]. A multimedia service is a service that supports two or more kinds of multimedia services for telecommunication networks. Services can be for example, video and audio downloading and streaming, text messaging, web browsing, etc [22] The following figure illustrates an overview of the IMS system architecture in mobile and fixed networks:
Core Network GMSC PLMN / PSTN / ISDN
Home IMS
HSS S-CSCF
UTRAN
39
The IMS consists of the following components: The Home Subscriber Server (HSS) Proxy-Call Session Control Function (P-CSCF) Interrogating-Call Session Control Function (I-CSCF) Serving-Call Session Control Function (S-CSCF) Gateway GRPS Support Node (GGSN); also supported in UMTS and 2.5G networks [22]. The HSS is the main database of the IMS network. The HLR and AuC are integrated into this database, and subscriber specific, location-related data and user identities are is stored in this database. The CSCF consists of three types that perform different functions within the network: The P-CSCF is the first contact point in the IMS. It is responsible for forwarding registration requests and responses, to and from the mobile device and the I-CSCF. The P-CSCF resides in the visited network, and is assigned to a terminal supporting IP Multimedia (E.g. mobile phone, laptop, computer, etc). It is also responsible for the confidentiality and integrity of messages sent in the network. The I-CSCF is responsible for contacting the respective S-CSCF within the home network via the HSS. Its main task is the assignment of an S-CSCF, routing, and forwarding of requests and responses to the relevant S-CSCF. The S-CSCF is responsible for session control and session management. In addition, authentication and subscriber specific data are stored in the S-CSCF, which are retrieved from the HSS. The S-CSCF is assigned to an IMS terminal, and performs the authentication of an IMS user. Registration requests received by the S-CSCF are forwarded to the HSS [5] [22] [23]. The I-CSCF and S-CSCF reside in the home network of the IMS. The GGSN is a gateway between the IMS and UMTS networks, and represents the entrance point to the IMS system. The IMS supports the access of other networks like; Fixed Access Networks, Wireless Local Area Networks (WLAN), Public Land Mobile Networks (PLMN), Public Switched Telephone Networks (PSTN) and Integrated Services Digital Networks (ISDN). The
40
latter three can be accessed by GSM networks via, the Gateway Mobile Switching Center (GMSC) [23]. Authentication in the IMS is performed, via the IMS Authentication and Key Agreement (AKA) mechanism, which is a challenge/response type of authentication and which is analogous to UMTS authentication. The IMS uses the IMS Subscriber Identity Module (ISIM), in the UE instead of the USIM and SIM in UMTS and GSM networks respectively [5].
41
42
Wireless Station 1
Target Network
Access Point
Wireless Station 2
The main components involved in a WLAN network are the mobile station, which could be any mobile device (E.g. a laptop, Personal Digital Assistant (PDA)), the wireless Access Point (AP) that performs the task of a wired hub the AP acts as an entry point to access the target network- , and some kind of authentication server performing, authentication and granting access to the network via the AP [8]. In the following the WLAN security architecture will be explained along with concepts relating to WLAN authentication.
43
44
2.10.1 802.1X
The 802.1X is an essential element in securing WLAN networks. It is a standard from the IEEE, and is used for port-based network access control. Authentication of wireless stations (e.g. laptop, access point) is performed via this standard, and is based on the EAP protocol [33]. The 802.1X is the authentication framework, and the EAP methods deployed are the authentication algorithms [29].
45
Authentication methods in wireless networks must fulfil certain minimum requirements; amongst these requirements are the following: Generation of session keys for authentication, confidentiality and integrity purposes. Support for mutual authentication between client and access point, thus preventing rogue (impersonating) access points. Protection against eavesdroppers and man in the middle attacks, this can be ensured using session keys for message authentication, data confidentiality and data integrity. Protection against dictionary attacks [33].
Three components are involved in the 802.1X framework: The client the wireless station The authenticator the access point The authentication server the AAA server [cisco 2]
The client initiates the connection procedure, by associating itself to the access point, and issuing an EAP Start Request. At this point, the access point blocks the communication between the client and the network, until the authentication procedure is completed, (i.e. until the client presents correct authentication data (user ID and password/certificate) and is verified). The access point requests the identity of the client, by issuing an EAP Request Identity message. The client replies to this message via an EAP Response message containing its identity. This information is forwarded to the AAA server. Authentication is achieved depending on the authentication method deployed. The access point, grants the client the right to access the network upon the reception of an accept message, unsuccessful authentication leads to a reject message. Keys (session key and broadcast keys) are derived when the client authenticates the authentication server [29]. The 802.1X, along with the EAP authentication methods provide centralized authentication and dynamic key generation and distribution. Authentication methods in
46
WLAN can be of different types, the ones described in this chapter are password based and certificate based methods.
47
2.10.3.1.2 Certifying Authority A certifying authority is a trusted third party that issues digital certificates, and verifies the validity of public keys [39].
48
2.10.3.1.3 Public Key A public key is a number belonging to a certain entity. This key is distributed among entities that interact with the entity owning this key. The public key is used for verifying a digital signature and is used for encryption [39]. 2.10.3.1.4 Private Key A private key is a number belonging to a certain entity and is not known to any other entity. The private key is used for computing signatures and decryption. Public and private keys exist in pairs and correspond to each other; a message can be decrypted by a private key upon the reception of a public key associated with that private key [39]. 2.10.3.1.5 Digital Signature A digital signature is a digital code, verifying that the sender is the one issuing the electronic message. The digital signature, also verifies that the contents of the electronic message have not been altered.
49
The EAP protocol defines several types of authentication methods, amongst them are the following: Lightweight Extensible Authentication Protocol (LEAP) Extensible Authentication Protocol Transport Layer Security (EAP-TLS) Protected Extensible Authentication Protocol (PEAP) Extensible Authentication Protocol Subscriber Identity Module (EAP-SIM)
50
message, the dynamic session keys are generated and network access is granted to the client [28].
51
EAP-SIM is an authentication method, designed to provide mutual authentication between a WLAN client and an AAA server, using the GSM network for accounting and billing purposes. It is especially useful in the case of hotspots, where a user of a WLAN network can easily gain access to the internet via a mobile phone. As the name implies, EAP-SIM uses the EAP framework and GSM system for authentication and encryption. It is based on the authentication procedure between the SIM card and mobile networks AuC. Thus, EAP-SIM acts as a bridge between wireless and mobile networks, namely WLAN and GSM networks. For EAP-SIM, the wireless station requires a SIM reader, which could be in the form of a smart card, USB stick, PC access cards, etc The overview scenario of an EAP-SIM protocol is that a wireless station, connected to a SIM card reader, requests access to a network via an AP. The AP forwards the request to an authentication server, which retrieves authentication data from an authentication
52
center via a GSM gateway. The GSM gateway is responsible for translating requests from an authentication server into GSM syntax. After the retrieval of the authentication data, several messages are exchanged to and from the client and authentication server. Upon successful authentication, the client gains access to the network. Before successful authentication of the client and network, the communication ports are blocked from the client by the AP. The client is not able to send any messages to the network except for the authentication specific messages (EAP and EAP-SIM messages). After authentication is completed, the client is able to communicate with the network and the AP unblocks the ports from the client. The EAP-SIM mechanism is more secure than the stand alone GSM system for authentication, since it provides mutual authentication of the client and the network. Another factor is that clients session key, is never transmitted via the radio interface with EAP-SIM, thus less data is exposed in comparison to GSM networks. EAP-SIM functions in a way that it retrieves several GSM triplets from the AuC, and combines them together in order to generate a session encryption key. This encryption key is more secure than the GSM counterpart. For the communication of the EAP-SIM between the client and the network, the EAPSIM protocol and the EAP-SIM authenticator code are implemented on the client. The authenticator code is responsible for handling server side EAP-SIM messages, and is also responsible for communicating with the AuC. Messages sent from the AAA server to the AuC are translated into GSM specific messages [28]. EAP-AKA is used for 3G networks, namely UMTS networks and is similar in concept to EAP-SIM but with more enhanced security features. EAP-AKA is not addressed in this thesis.
53
EAP-SIM Authentication The following figure illustrates WLAN authentication via the EAP-SIM protocol:
Wireless Station
EAPOL Start EAP Request Network Identity EAP Identity Response 0<IMSI>@realm EAP-SIM Start EAP-SIM Start Response (RAND)
Calculate MAC_RAND
Access Point
AAA Server
HLR AuC
EAP Identity Response 0<IMSI>@realm EAP-SIM Start EAP-SIM Start Response (RAND) EAP-SIM Challenge RAND, MAC_RAND
Client Authenticated
EAP-Success
Session Key
Session Key
Accept
Broadcast Key
The EAP-SIM authentication procedure starts, when the client sends an EAP-over-LAN (EAPOL) Start message to the AP. This message informs the AP that the authentication procedure will be carried out via EAP. The AP responds to the EAPOL Start message, with an EAP Request Identity message, which requests the network identity of the user. This identity is forwarded from the client to the authentication server via the AP in the form of an EAP Identity Response.
The users network identity takes the following syntax: 0 <IMSI>@<realm>, where IMSI represents the subscribers identity number and realm represents the network
54
operators domain name. The network identity is used for WLAN authentication purposes. The authentication server determines the EAP type being used, and sends an EAP-SIM Start message to the client. The client responds via an EAP-SIM Start Response message that carries the RAND number generated from the SIM. After reception of the EAPSIM Start Response message, the authentication server retrieves several GSM triplets from the AuC of the GSM network provider. A gateway is needed in order to translate the request from the AAA servers syntax to GSM specific syntax. An EAP-SIM Challenge message is created from the RAND number, received from both the clients SIM and the triplets from the GSM response. This challenge consists of the AuCs RAND number and a Random Message Authentication Code (MAC_RAND), which is 160 bits long. A MAC_RAND number is calculated separately on the SIM card, and is compared to the one received from the authentication server in the EAP-SIM Challenge. If both MAC_RAND numbers are equal, the first step of mutual authentication is completed and the server is authenticated. Upon successful server authentication, the SIM generates the XRES and Kc for the respective RAND numbers received. Another number is also generated, which is the Expected MAC Response (MAC_XRES). The MAC_XRES is sent by the client to the authentication server as a response to the challenge sent. The authentication server separately calculates a MAC_XRES, and compares it to the one received from the SIM. If both MAC_XRES are equal, the second step of mutual authentication is completed and the client is authenticated to the server. Session encryption keys are generated on the SIM and authentication server. An Accept message is sent from the authentication server to the AP, along with an encapsulated EAP-Success message (which is sent to the client) and the clients session key. The clients session key, is sent to the client from the AP via a Broadcast key. Authentication at this stage is completed and the client is able to access the network [28].
55
The meaning of content can be expressed, in order to enable machine readability, rather than just being used, for displaying content to humans, and which has no real value to processes or machines. Providing meaning to content enables the Web to be a resource, for processable data and information. Knowledge is represented in a structured way, which can be inferred according to various rules, thus enabling logical deduction and reasoning of data. This facilitates new information to be derived from existing information. The method of representing knowledge in such a way is called Knowledge Representation. Common meanings of information are collected in what is known as an ontology. The ontology can undergo inference rules, which can be used to reach common meanings
56
among terms, and can be used for the creation of new meaning. The machine is able to read the ontology, and provide a user with more meaningful information [40]. Various languages and tools have been developed for the Semantic Web. The most popular are, the eXtensible Modelling Language (XML) used to add arbitrary structure to documents without expressing the meaning of the structures, the Resource Description Framework (RDF) used to express meaning and used to exchange knowledge on the Web, and the Web Ontology Language (OWL) used for sharing and distributing knowledge. OWL is an ontology language, which supports knowledge management, and advanced Web searches [40] [42]. The ontologies section takes a deeper look into ontologies and explains ontologies in more detail. The most popular languages developed for the Semantic Web, and which are World Wide Web Consortium (W3C) recommendations are as follows: XML and XML-Schema; provides structured syntax for documents (XML), restrict the structure of XML and extend it with dataypes (XML-Schema), but which also provide no semantic meaning for the documents. RDF and RDF-Schema; using XML syntax provide a datamodel for objects and define the relationships between the datamodels (RDF). RDF-Schema provides a terminology to express RDF datamodels using classes and properties. OWL; provides more terminology for expressing the relationships between the classes and properties. It provides more terminology for the description of classes and properties [51]. OWL differs from XML-Schema, in that it represents knowledge of a certain domain rather than just being a message format [52].
3.2 Ontologies
3.2.1 Origin
The term Ontology originates from philosophy and describes the nature of being in its different aspects. Ontology relates back to many years and has had a long history. Ontology in the field of metaphysics is the study, of existence and the relationships that relate to this existence. It attempts to answer questions like; what defines the nature of beings, what are its main characteristics/properties, what relationships exist among
57
different beings, and how can they be defined, what are the main causes of being, what different entities exist in beings and what rules govern them, etc Ontologies remained in the domain of philosophers, linguistics, librarians and knowledge representation researchers, until the recent adoption of the term in computer science and its usage in Artificial Intelligent (AI) research [43].
3.2.2 Definition
3.2.2.1 In Philosophy
That department of the science of metaphysics, which investigates and explains the nature and essential properties and relations of all beings, as such, or the principles and causes of being [44]. A branch of metaphysics concerned with the nature and relations of being [45]. A particular theory about the nature of being or kinds of existence [45].
58
world semantics, which enables humans to understand the machine understandable content, thus permitting reuse and ontology sharing [46] [50].
3.2.3.2 Frame-based
Modelling in Frame based approaches, consists of classes and local class properties. It takes more of an object oriented approach in defining a domain. Frames (classes) describe an individual, or a set of individuals in a certain domain, thus representing knowledge of a concept in that domain. Properties of a class can be reused by other classes with other range values and value restrictions. Frames in a Frame-based system are interconnected and follow a hierarchy, such that the properties defined for parent frames, are inherited by those of the child frames. Properties can take specified values, or can be computed values [50] [59].
59
An ontology in Frame-based systems, is made up of class definitions, and the connecting relationships between the classes and properties, functions, objects and relating axioms [50].
60
other web languages (XML, XML-Schema, RDF and RDF-Schema). OWL is an extension of these technologies [51]. The use of OWL can be summarized into the three following points: The description of a certain domain via the definition of classes and properties. The definition of the relationships existing among these classes and properties. The reasoning of the defined classes, properties and relationships, which prove the defined logic of the described domain, and verify its consistency [52]. OWL is divided into three sublanguages; OWL-Lite, OWL-DL and OWL Full, which differ from each other in the level of expressivity. Each sublanguage is an extension of its predecessor, and is designed according to what the required ontology should describe. Making a choice of which sublanguage to choose is based on the level of expressivity required for the ontology, and which best suits the needs of the ontology. OWL represents an important part of the Semantic Web. It allows the collection of information from distributed sources, by relating ontologies together. This enables web resources to be accessible to processes, via the description of the resources web content [52].
3.2.4.2 OWL DL
OWL DL is based on Description Logics, as the abbreviations DL imply. With OWL DL full support of the OWL constructs is included. These constructs can only be expressed under certain restrictions. OWL DL supports reasoning mechanisms, thus inconsistencies of the described domain and concepts can be tested, in an ontology conforming to OWL DL. OWL DL represents an extension for OWL Lite, and provides better expressivity and maximum expressiveness, with the assurance that what is deducted from the ontology is computable [51].
61
3.2.5.1 Classes
A class represents a concept, which is represented by a name and a set of rules, or restrictions that qualify individuals to become members of the class. Individuals that share common characteristics (properties) can be grouped into one or several classes. Classes and individuals are, described by the properties assigned to the classes, and by the relationships existing among the properties of a class. Classes can be sub-classed, forming a hierarchy and a class may have several sub-classes. The subclass inherits its characteristics from the super or parent class, and it may have one or more parent class. Multiple inheritance is supported. Subclasses and instances of a class are, sometimes used interchangeably, and can be confused from the meaning. The main difference is that a subclass is used, to describe a subset of the class. Instances are used to state that the individual described, is an actual member of the class, and not a member that can be further characterized or subset. OWL Full supports classes and instances, while OWL DL does not [52]. 3.2.5.1.1 Enumerated Classes An Enumerated Class is a class that consists, of an enumerated number of individuals that belong to the class. Only the exact number of members that are specified in an enumerated class can be members of the defined class. Enumerated classes are described
62
using the oneOf construct, the class consists of oneOf the enumerated members and nothing more [51] [52]. 3.2.5.1.2 Disjoint Classes Disjoint classes describe the difference between classes, and state that one class cannot have the same instance(s) as another class that it is disjoint with. This helps a reasoner in detecting inconsistencies between classes. What is an instance in class A cannot be an instance in class B, if both classes are declared as disjoint [51] [52].
3.2.5.2 Properties
Properties describe individuals that belong to a class. They define general and specialized facts about an individual. Relationships among individuals are defined using properties. The same property can be re-used by several classes. This is achieved by specifying rules, or restrictions for a particular individual. Therefore, the rules are specific to that particular individual, and are not a tied to the property. Applying restrictions to properties is a method, for defining the relationships between individuals of a class. As with classes, properties can have sub-properties that further classify or define the property, and that form a hierarchy of properties. A sub-property can have multiple properties as a parent, or super-property. Sub-properties inherit the super-propertys characteristics [52]. The two important types of properties in OWL are datatype properties and object properties: datatype properties; define the relationship between instances of classes, RDF literals or XML Schema datatypes. object properties; define the relationship between instances of two or more classes. 3.2.5.2.1 Property Domains and Ranges Domains and ranges can be defined for properties, which relate individuals of one class (the domain), to individuals of another class (the range), via a specific property. Domains specify the individuals the property can be applied to. A range limits the values a property can have, only the individuals specified in the range, can be values of the specified property.
63
3.2.5.2.2 Property Characteristics Properties can be further specified, by assigning certain characteristics to a property. The following describes the characteristics that can be applied to a property in OWL [52]:
3.2.5.2.2.1 TransitiveProperty
Transitive properties are properties, which relate one individual to another, via a common individual. E.g. considering two individuals (individual 1 and individual 2), are related to each other via a property, if a third individual (individual 3), is related to individual 2 via the same property, it can be deducted that individual 1 is also related to individual 3 via the same property. This is a transitive property [53].
3.2.5.2.2.2 SymmetricProperty
In symmetric properties, individual 1 is related to individual 2, via a property. And individual 2 is related to individual 1, via the same property [53].
3.2.5.2.2.3 FunctionalProperty
Functional properties can also be referred to as single valued properties, and are properties that can take only one individual as its value. If a functional property is applied to two individuals, it can be deducted that these two individuals, represent the same individual. The minimum cardinality allowed for a functional property is zero and the maximum cardinality is 1 [51] [53].
3.2.5.2.2.4 InverseOf
An inverse property relates individual 1 to individual 2, via a property and relates individual 2 to individual 1 via another property, which is its inverse property. A property can be the inverse of another property [51].
3.2.5.2.2.5 InverseFunctionalProperty
An inverse functional property, states that the inverse property is functional (i.e. has only one individual as its value) [51]. 3.2.5.2.3 Property Restrictions
64
Property restrictions are, rules applied to properties, in order to specify which and how many individuals can belong to a certain class. A restriction is used, for describing an unknown class, which consists of individuals satisfying the restriction (e.g. individuals belonging to a certain group or that satisfy certain criteria). Property restrictions can be classified into quantifier restrictions; (existential quantifiers and universal quantifiers), hasValue restrictions and cardinality restrictions. These are addressed in the following [51] [53]:
3.2.5.2.3.1 Quantifier Restrictions
Three parts make up a quantifier restriction; the first part is the type of quantifier (existential or universal), the second part is the property involved in assigning the restriction, and the third part is, the class from which values/individuals, are to be taken from, in order to create an anonymous class that satisfies the restriction (The creation of a group of values satisfying the condition).
3.2.5.2.3.2 Existential Quantifiers
Existential restrictions (someValuesFrom) are assigned to a property, and denote that at least one individual of a class, associated with the restricted property belongs to an unknown class. This unknown class forms the values of the defined restriction. (E.g. the someValuesFrom restriction denotes that class A, has a set of individuals (at least one) from class B, because it fulfils the property A). In other words, there exists at least one kind of relationship between two or more classes [53].
3.2.5.2.3.3 Universal Quantifiers
Universal restrictions (allValuesFrom), as existential restrictions are assigned to a property, and denote that only individuals of a specific class associated with the restricted property belong to an unknown class, resulting from the property restriction. Individuals from other classes cannot belong to this unknown class. (E.g. the allValuesFrom denotes that class A can only have individuals from class B that fulfil the property A) [53].
3.2.5.2.3.4 hasValue Restrictions
The hasValue restriction relates individuals, from an unknown class to a specific individual. It states that the unknown class has a particular value, which is a specified individual [53].
65
Cardinality is used, to specify the number the number of relationships that can be associated to a particular individual, via a specific property. In OWL minimum cardinality, maximum cardinality and cardinality, can be defined for properties, and which express the minimum, maximum and arbitrary number of occurrences respectively. Cardinality values start from 0 and are never negative values [53].
3.2.5.3 Operators
Operators are used to define the characteristics of a class. Logical combinations of classes can be performed with operators, such as; the intersection, union and complement of classes. New class definitions can be created with the use of operators [53]. 3.2.5.3.1 intersectionOf The intersectionOf operator performs a logical AND operation, between two or more classes. It combines the features of the classes specified, into a new class. Individuals of the intersected classes become individuals of the new class [53]. 3.2.5.3.2 unionOf The unionOf operator performs a logical OR operation between two or more classes, and combines either the characteristics of all the specified classes, or one of the classes into a new class. (E.g. if a union operation is performed for class A and class B, the resulting class would be the individuals, of class A and B, or would be either one of them) [53]. 3.2.5.3.3 complementOf The complementOf operator selects the individuals that do not belong to the specified class.
66
3.2.6.1 Protg
Protg was developed as a tool for developing ontologies. Apart from the development of ontologies, Protg also supports the customization of data entry forms, and data entry. It is an open source tool, and provides a knowledge-base framework, based on Java and which can be extended, via customized Application Programming Interfaces (API) and Plugins. Extensions can provide different kinds of components, such as; graphs, tables, images, etcas well as providing support for different storage formats, such as; XML, RDF(S), OWL and HTML [54].
The Protg OWL Plug-in The Protg OWL Plug-in is a complex extension of the Protg tool, which is called Protg Core. With Protg OWL, it is possible to edit OWL ontologies and perform description logic reasoning, and OWL-related services (classification, consistency checking and ontology testing). Formats like RDF(S), OWL Lite, OWL DL, and OWL Full are supported by the Protg OWL Plugin. Extensions that include custom tabs and widgets can be added. Protg OWL provides a library of reusable components, and a very flexible architecture, which can be extended in various ways. Protg OWL, becoming an architecture for the building of ontology based Semantic Web applications can be foreseen [55].
67
inconsistent classes), and classification (inferring new concepts, classes, relations, etc from the existing asserted concepts) [55] [56]. Inferred concepts correspond, to the deduction of new content and meaning from existing content (computed concepts). Asserted concepts are concepts which are defined in a certain domain, (manual definition of concepts). A knowledge base in description logics consists of, TBoxes (ontologies) that represent the knowledge of a certain domain, and ABoxes that represent the instances of the TBoxes domain knowledge. RacerPro can be used in many application fields, among them are the Semantic Web and Knowledge Engineering fields [56].
An asserted condition/hierarchy/model is what is manually defined, while creating the ontology. Asserted models have not undergone any kind of logical classification or reasoning.
68
An inferred condition/hierarchy/model is the asserted condition/hierarchy/model after reasoning has been performed (automatic computation of the assertions). New information is deducted according to logic in the inferred model, and also classification checking is performed. The results of information deduction and classification, is the information that is displayed in the inferred condition/hierarchy/model. While defining restrictions on classes, a differentiation between necessary conditions and necessary and sufficient conditions must be made. Necessary conditions relate to Primitive or Partial classes, while necessary and sufficient conditions relate to Defined or complete classes. Defined classes are classes that consist of at least one set of necessary and sufficient conditions. Necessary and sufficient conditions imply, that the necessary conditions defined, in order for an individual to qualify in being a member of a class, are not only necessary for class membership, but are also sufficient for the individuals, satisfying the conditions in becoming class members. Primitive classes are classes that consist of at least one set of necessary conditions. Necessary conditions imply that, certain conditions need to be satisfied, in order for an individual to become a member of the defined class. It does not imply, however, that any individual that satisfies the defined conditions must be an individual of the defined class [53].
69
70
The enumeration of the ontologys important terms The definition of classes and its hierarchy. The definition of class properties. The description of property features. The instantiation of class instances.
In determining the scope and domain of an ontology, it is important to think of questions that will help in constructing the ontology, and defining its main concepts. The level of detail that the ontology should describe is also a critical issue to consider. Questions to consider could be: Q: What should the ontology describe? Q: Who will the ontology be useful for, and for what purposes? Q: What kinds of questions should the ontology be able to answer? The re-usage of ontologies could save a lot of effort, by just taking already existing ontologies and refining them, or extending them according to the intended use. The enumeration of terms is helpful in determining the contents of an ontology, e.g. the enumeration of the concepts the ontology will define, the concepts properties and characteristics, etc Several approaches in defining the class hierarchy could be used, e.g. a top-down approach; which defines the most general terms first, and then goes down to specializing each term definition, a bottom-up approach; which defines the specific terms first and then goes up to the most general term definitions, or a combination of both approaches. After the definition of the concepts (classes of an ontology) further descriptions can be given to these concepts, by defining the properties of a concept, and its relationships to the other concepts in the ontology. More specialized descriptions can be applied to the properties. This is performed by describing what types of concepts can exist within another concept, the number of times a certain property can occur for a concept and so forth. The last step of the ontology development would be the instantiation of class instances. An instance is the value filled in for a certain property, of an individual belonging to a class [49].
71
Ontologies can be classified and checked for consistency using a reasoner. RacerPro is one example for an ontology reasoner.
72
The ontology consists of 14 main classes, which are divided into subclasses. The super class (not visualized here), is owl:thing which is part of the OWL language defined by the W3C. It represents the set that contains all individuals. All individuals in an ontology are subclasses of owl:thing [53].
73
The main ontology classes are: the Algorithm class, the AuthenticationMethod class, the AuthenticationType class, the Certificate class, the CertificateComponent class, the Code class, the Database class, the Identity class, the Key class, the Network class, the Number class, the Service class, the UserData class and the Subscriber class. These classes are related to the description of authentication data stored in the profile registers for GSM, UMTS and WLAN networks and are explained in detail in the following section.
The A3 and A8 algorithms represent the authentication algorithms in GSM networks. The f1 - f5_ algorithms represent the UMTS network algorithms. Details about these algorithms can be found in sections (2.4.2 and 2.6.2). The Algorithm class is declared as disjoint from the other classes in the ontology, because an algorithm cannot be the same
74
individual as any other class in the ontology. (E.g. an Algorithm cannot be a service or an identity).
The AuthenticationMethod class is declared disjoint from all of the classes in the ontology, except for the AuthenticationType class, because an authentication method can be both an authentication method and an authentication type. E.g. LEAP, which exists in the AuthenticationMethod class is a password based type of authentication method. The password based characteristic is a subclass of the AuthenticationType class, therefore, these two classes cannot be declared as disjoint. More details on the EAP authentication methods can be found in section (2.10.5.2 ).
75
Certificate based authentication is described in section (2.10.3), challenge response authentication is described in section (2.4.1), mutual authentication means that the type of authentication is performed on the network side as well as on the user side, network authentication means that only the network is authenticated, password based authentication is described in section (2.10.4), and user authentication means that only the user is authenticated. The AuthenticationType class is declared disjoint from all the classes in the ontology, except for the AuthenticationMethod class. An authentication type can be one type of authentication method. However, specific disjoints can be declared within the members of the AuthenticationType class. More on disjoints in section (4.3).
76
The AuC and HLR are also subclasses of the HSS class, and are later removed from the hierarchy in the inferred model. This will be discussed later on in this chapter. Details about the AuC, HLR, HSS and user database can be found in section (2.3.1.1 and 2.7).
77
The UserNetworkIdentity is the identity used, to identify the user of a network to a network. The IPAddress and Realm are also used for identification purposes. Details about the IMSI, NAI, public service, private and public user identities are described in section (2.7.1).
78
79
The SupplementaryService class contains the following subclasses: CallBarring CallDivert CallWaiting ConferenceCall CustomerCareBilling DataService
The MutlimediaService subclass contains the following subclasses: AudioDownload AudioStream MMS VideoDownload
80
VideoStream WebBrowsing
81
In developing an ontology it is important to notice which classes should be declared as disjoint and which should not. Inconsistency errors occur, if classes that should logically not be disjoint, are declared as disjoint from each other. Disjointness means that one class cannot be the same as the other class, or have the same meaning. E.g. a Network is not a Database, therefore, the Network class must be declared as disjoint from the Database class, otherwise the reasoner understands that a Network is a Database.
82
When a class is not disjoint it expresses an is-a relationship. E.g. An authentication method is-a authentication type. Disjointness can be applied to a class as a whole, or to parts of a class. Specifying that only part of the class is disjoint from another class, or vice-versa. A subclass inherits its disjointness to other classes, from its super class and cannot be disjoint from its super class. Logical errors occur in the ontology, when checking for consistency. An error is generated, if a subclass is declared as disjoint from its super class. The following section goes into detail about the disjointness of the classes in the ontology:
83
EAP-SIM is not disjoint from the ChallengeResponse and MutualAuthentication classes, because EAP-SIM is a challenge response type of authentication method. It performs mutual authentication of the network and the user.
84
the EAP-TLS to authenticate the network, and any type of EAP method to authenticate the user. Network only authentication, user only authentication, password based authentication and challenge response type of authentication are supported by this class.
85
The PasswordBased subclass is disjoint from all its siblings, from the EAP-TLS, and EAP-SIM classes. It is not disjoint from the PEAP and LEAP classes, since password based authentication is what LEAP is based on, and PEAP can use an EAP password based method to authenticate the user.
4.3.5.1 The IssuerName, SerialNumber, Signature, Subject, ValidFrom, ValidTo and PublicKey subclasses
The IssuerName, SerialNumber, Signature, Subject, ValidFrom and ValidTo subclasses, are all disjoint from each other and their siblings. Nothing can be an issuer name and a serial number for example. These subclasses classes are also disjoint from the Algorithm class, since the algorithm class is not declared as disjoint from the CertificateComponent class.
86
87
88
This inconsistency appeared because the Key and CertificateComponent class were declared as super classes of the PublicKey class. At the same time, the whole CertificateComponent class was declared as disjoint from the Key class.
89
The solution to this problem was to make sure that the PublicKey class was not declared as disjoint in the Key class, and also in the CertificateComponent class.
90
91
92
93
The NAI is inconsistent due to the fact that it was identified and declared as a subclass of the PrivateUserIdentity and that it is still disjoint from its siblings. Removing the disjoint characteristic from the NAI makes the class consistent. Inconsistent classes are marked with a red circle around the class name.
94
95
The f1 class belongs to the Algorithm class, which means that f1 is an algorithm. The f1 algorithm has an AMF as its authentication management field, and all authentication management fields are AMF, this is described with the; f1(
hasAuthenticationManagementField AMF) expression. Where , expresses a universal quantifier, and in this case means only (only AMF as an authentication management field). The hasAuthenticationManagementField is the property, and the AMF is a class, which is a subclass of the DerivedKey class. The f1 class, only has the XMAC key as its expected message authentication code; f1( hasExpectedMessageAuthenticationCode XMAC). And only the MAC key as its message authentication code; f1( hasMessageAuthenticationCode MAC). It only has the Ki Key as its secret key, only the RAND key as its random number, and only the SQN key as its sequence number; f1( hasSecretKey Ki,, hasRandNumber RAND, (
hasSequenceNumber SQN). This relationship, can also be described as; f1(hasSecretKey (allValuesFrom Ki, hasRandNumber allValuesFrom RAND, hasSequenceNumber allValuesFrom SQN). The f1 class has only SQN AND AMF AND Ki AND RAND keys as its inputs, this is expressed by the following expression; f1( hasInput SQN, hasInput AMF, hasInput Ki, hasInput RAND), or; f1(hasInput (allValuesFrom SQN, allValuesFrom AMF, allValuesFrom Ki, allValuesFrom RAND)). The f1 class is only an algorithm of the UMTS network, this is expressed as f1( isAlgorithmOf UMTS), or; f1(isAlgorithmOf (allValuesFrom UMTS). The f1 class is stored in BOTH the AuC, and the HSS; f1( isStoredIn AuC, isStoredIn HSS), or; f1(isStoredIn (allValuesFrom AuC, allValuesFromHSS). The output of the f1 class can be either the XMAC key or the MAC key, this is expressed by the following expression; f1( hasOutput XMAC MAC), or f1(someValuesFrom XMAC MAC).
96
The EAP-SIM class belongs to the AuthenticationMethod class. This indicates that EAPSIM is an authentication method. The EAP-SIM class has a challenge response and a mutual authentication type of authentication. This is expressed by; EAP-SIM( hasAuthenticationType MutualAuthentication) or; ChallengeRepsonse, hasAuthenticationType (allValuesFrom
EAP-SIM(hasAuthenticationType
ChallengeRepsonse, allValuesFrom MutualAuthentication). The EAP-SIM class, has the RAND and MAC keys as its challenge, and the MAC_RAND and MAC_XRES keys as its challenge response, this is expressed by; EAP-SIM( hasChallenge RAND, hasChallenge MAC) or EAP-SIM(hasChallenge (allValuesFrom RAND, allValuesFrom MAC)) and EAP-SIM( hasChallengeResponse MAC_RAND, hasChallengeResponse MAC_XRES) or; EAP-
97
SIM(hasChallengeResponse (allValuesFrom MAC_RAND, allValuesFrom MAC_XRES) respectively. The MAC_RAND, the random message authentication code and MAC_XRES, the expected response message authentication code, are described in the EAP-SIM class by EAP-SIM( hasRandomMessageAuthenticationCode MAC_XRES) and EAP-SIM( hasExpectedResponseMessageAuthenticationCode MAC_RAND) respectively. The UserNetworkIdentity is the network identity of an EAP-SIM method. This restriction is defined in the following way; EAP-SIM( hasNetworkIdentity UserNetworkIdentity). The triplets (RAND AND Kc AND XRES) are the triplets used by the EAP-SIM method. This is expressed by; EAP-SIM ( hasTriplets RAND, hasTriplets Kc, hasTriplets XRES). The EAP-SIM method is an authentication method of BOTH GSM and WLAN networks; this is expressed by; EAP-SIM( isAuthenticationMethodOf GSM, isAuthenticationMethodOf WLAN).
98
The Subscriber class only has individuals, as user data that belong to the UserData class. The UserData class contains all personal details of a user, e.g. first name, last name, address, country, etcThe following expression describes that the subscriber class only has UserData individuals, as its user data; Subscriber( hasUserData UserData). A subscriber has a user name, IMSI and UserNetworkIdentity as identities. This is expressed by; Subscriber( hasIdentity UserName, hasIdentity IMSI, hasIdentity UserNetworkIdentity). A subscriber has a public user identity; Subscriber( hasPublicUserIdentity PublicUserIdentity), and a private user identity; Subscriber( hasPrivateUserIdentity PrivateUserIdentity).
99
A subscriber is subscribed to basic, supplementary and multimedia services; Subscriber( isSubscribedTo BasicService, isSubscribedTo SupplementaryService, isSubscribedTo MultimediaService). A subscriber is a subscriber of GSM, UMTS and WLAN networks; Susbscriber( isSubscriberOf UMTS, isSubscriberOf GSM, isSubscriberOf WLAN).
The IMSI class is a member of the Identity class, meaning that an IMSI is an identity. The IMSI has a mobile station ISDN number as its number; IMSI( hasNumber MSISDN). The IMSI is made up of the following parts; the mobile station identification
100
number, and the mobile network code and the mobile country code. This is expressed by IMSI( hasPart MobileStationIdentificationNumber, hasPart MobileNetworkCode, hasPart MobileCountryCode). The IMSI is an identity of a subscriber and is part of a user network identity, this is expressed by; IMSI( isIdentityOf Subscriber) and; IMSI( isPartOf
UserNetworkIdentity) respectively. The IMSI is stored in the HLR, AuC and the HSS, this is expressed by IMSI( isStoredIn HLR, isStoredIn AuC, isStoredIn HSS).
101
In the inferred hierarchy, the NAI is now the subclass of the PrivateUserIdentity class, this is because in the asserted hierarchy it was defined to be a child of both the PrivateUserIdentity, and the Identity class, which is a super class of the PrivateUserIdentity class. The changes are marked in blue in the inferred hierarchy.
102
103
104
The ontology became consistent again after the removal of the enumerated classes.
105
Figure 27: Defining a value for an Object Property - OWL FULL Error
106
The same rule holds when trying to define that the f1 algorithm can be stored in either the AuC or the HSS. f1( isStoredIn (AuC HSS), this rule returns an inconsistency. Therefore, it was defined that the f1 algorithm is stored in BOTH the AuC and the HSS. This type of error also occurred, if classes were declared as disjoint from each other. When removing the disjointness of classes, it was possible to define some restrictions with the someValuesFrom restriction. An example of which is given; The A3 and f2 algorithms generate the responses XRES and RES on the AuC and USIM side respectively. When defining that the A3 algorithm takes either XRES, or RES as its output value, via the following expression; A3( hasOutput XRES RES) the A3 class was consistent. However, when defining the same rule for the f1 algorithm; f1( hasOutput XRES RES) an inconsistency in both the A3 and f1 algorithm classes arose. This was because the A3 and f1 algorithms were declared as disjoint from each other. When removing the disjointness of the A3 and f1 algorithm, the reasoner did not classify these classes as inconsistent. However, an A3 algorithm is not an f1 algorithm; therefore they must be defined as disjoint.
107
108
defining restrictions for each class, indicating how classes are related to each other and which individuals can belong to a certain class. The ontology provides a logical description of the data, stored in profile registers of GSM, UMTS and WLAN networks in one logical view. Testing of the ontology was performed using a reasoning tool named Racer, which was used to classify the ontology, and to check for inconsistencies in the ontology. Using OWL to describe data provides better expressivity of data in comparison to other modelling techniques. It also enables the re-use and sharing of data among domains, and enables an easier translation of data between systems. This simplifies the complexity of managing data between systems in current networks today, and solves the problem of closed vendor specific systems. It also enables an easier integration of data from several other domains and for the integration of future networks.
109
The following figure illustrates the future view of the ontology with the integration of several other domains:
TTYPE
WLAN GSM/UMTS
Bluetooth
Other domains other than the ones previously mentioned include Bluetooth networks, description and integration of TTYPE services, which describe the type of mobile device a subscriber has (the type of screen; color, black and white, size, etc). This is used to determine what type of device a subscriber owns, in order to push multimedia services to the subscriber. Other domains include, but are not limited to administrational data, Customer Relationship Management (CRM) data, and Billing data.
110
References
[1] Global System for Mobile Communication (GSM), Online-Education Tutorial, International Engineering Consortium, http://www.iec.org/online/tutorials/gsm, 9th September 2005. [2] Introduction to GSM, Article, Performance Technologies, Inc., http://www.pt.com/products/gsmintro.html, 9th September 2005. [3] Overview of the Global System for Mobile Communications, Report, John Scourias, http://ccnga.uwaterloo.ca/~jscouria/GSM/gsmreport.html, 9th September 2005. [4] Mobile Communications Chapter 4: Wireless Telecommunication Systems, Course work, Prof. Dr.- Ing. Jochen Schiller, http://www.inf.fu-berlin.de/inst/agtech/resources/material/English/PDF-Handout/C04Wireless_Telecommunication_Systems.pdf, 9th September 2005. [5] Valtteri Niemi and Kaisa Nyberg, UMTS Security, John Wiley & Sons, Ltd., 2003. [6] GSM and UMTS Security, Presentation, Peter Howard, Vodafone Group R&D, http://www.isg.rhul.ac.uk/msc/teaching/sc3/sec3slides/SC3-2004-7.pdf, 9th September 2005. [7] EAP Methods for 802.11 Wireless LAN Security, Online-Education Tutorial, International Engineering Consortium, http://www.iec.org/online/tutorials/eap_methods/index.html, 9th September 2005. [8] Designing a Secure WLAN with the HP-UX AAA RADIUS Server, Whitepaper, Hewlett-Packard Development Company, L.P., http://docs.hp.com/en/WLANsAAA/WLANs-AAA.pdf, 9th September 2005. [9] Radio Subsystem, Technical Definition, Siemens AG, http://networks.siemens.com/communications/lexicon/5/f008225.htm, 9th September 2005. [10] Kennziffern von GSM, Article, UMTS Link, http://umtslink.at/GSM/gsm_kennziffern.htm, 9th September 2005. [11] Numbering Plans Guide, E.212: International Identification Plan for Mobile Terminals and Mobile Users, Article, SpraakMaker Telecom, http://www.numberingplans.com/index.php?goto=guide&topic=E212, 9th September 2005.
111
[12] Numbering Plans Guide, E.164: The International Public Telecommunication Numbering Plan, Article, SpraakMaker Telecom, http://www.numberingplans.com/index.php?goto=guide&topic=E164, 9th September 2005. [13] GSM Security Algorithms, Article, GSM Association 2005, http://www.gsmworld.com/using/algorithms/index.shtml. 9th September 2005. [14] GSM Interception, White Paper, Lauri Pesonen, Helsinki University of Technology, http://www.dia.unisa.it/professori/ads/corso-security/www/CORSO9900/a5/Netsec/netsec.html, 9th September 2005. [15] Digital Cellular Telecommunications System (Phase 2+); Security Related Network Functions (GSM 03.20 version 6.1.0 Release 1997), Technical Specification, ETSI, Valbonne France, http://www.3gpp.org/ftp/Specs/archive/03_series/03.20/, 9th September 2005. [16] Universal Mobile Telecommunications System (UMTS) Protocols and Protocol Testing, Online Education Tutorial, International Engineering Consortium, http://www.iec.org/online/tutorials/umts/topic02.html, 9th September 2005. [17] Overview of the Universal Mobile Telecommunication System (Draft, July 2002), Draft Overview, UMTSWorld.com, http://www.umtsworld.com/technology/overview.htm, 9th September 2004. [18] GSM and UMTS Technology System Architecture, Article, Mobileguru Ltd., http://www.mobileguru.co.uk/Mobile_Technology_globe.html, 9th September 2005. [19] Security Mechanisms in UMTS, Paper, Stefan Ptz, Roland Schmitz, Tobias Martin, http://fb1.hdm-stuttgart.de/skripte/Internetsecurity_2/Papers/UMTSSecurityMechanisms.pdf, 9th September 2005. [20] Security in UMTS Integrity, Paper, Telenor R&D, Runar Langnes, Tom E. Aamodt, Trond Friis, Geir Kien, yvind Eilertsen, http://www.telenor.com/rd/pub/not01/sec_UMTS.PDF, 9th September 2005. [21] 3G Security Principles, Presentation, Myagmar, Gupta - UIUC 2001, http://choices.cs.uiuc.edu/MobilSec/posted_docs/3G_Security_Overview.ppt, 9th September 2005. [22] Overview of 3GPP Release 5, Summary of all Release 5 Features, Technical Document, ETSI Mobile Competence Centre, http://www.3gpp.org/Releases/Rel5_features_v_2003_09_09.doc, 9th September 2005. [23] The Internet Multimedia Subsystem, Presentation, Thomas Belling, Siemens, WiMAX Forum, http://www.wimaxforum.org/
112
[24] 3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; IP Multimedia Subsystem (IMS); Stage 2 (Release 5), Technical Specification, Valbonne France, http://www.3gpp.org/ftp/Specs/archive/23_series/23.228/, 9th September 2005. [25] IP Multimedia Subsystem, Tutorial, Johannes Stadler, Forschungszentrum Telekommunikation Wien, http://www.ftw.at/ftw/events/tutorials/IMS_Tutorial_050331_Part_IIb.pdf, 9th September 2005. [26] Glossary: Intel PRO/Wireless 2200BG Network Connection Users Guide, Glossary, Intel Corporation, http://support.intel.com/support/wireless/wlan/pro2200bg/userguide81/glossary.htm, 9th September 2005. [27] What is 802.11?, Definition, webopedia.com, http://www.webopedia.com/TERM/8/802_11.html, 9th September 2005. [28] Cisco SAFE: Wireless LAN Security in Depth Version 2, White Paper, Sean Convery, Darrin Miller, Sri Sundaralingam, Mark Doering, Pej Roshan, Stacey Albert, Bruce McMurdo, Jason Halpern, Cisco Systems Inc., San Jose, California, USA, http://www.cisco.com/en/US/netsol/ns340/ns394/ns171/ns128/networking_solution s_white_paper09186a008009c8b3.shtml, 9th September 2005. [29] A Comprehensive Review of 802.11 Wireless LAN Security and the Cisco Wireless Security Suite, White Paper, Cisco Systems Inc., http://www.cisco.com/en/US/products/hw/wireless/ps430/products_white_paper091 86a00800b469f.shtml, 9th September 2005. [30] How to Build a Secure WLAN, Article, Cisco Systems Inc., http://www.cisco.com/en/US/about/ac123/ac114/ac173/ac168/about_cisco_packet_f eature09186a00800b443c.html, 9th September 2005. [31] Wi-Fi Protected Access, WPA2 and IEEE 802.11, Questions and Answers, Cisco Systems Inc., http://www.cisco.com/en/US/products/hw/wireless/ps430/products_qanda_item090 0aecd801e3e59.shtml, 9th September 2005. [32] IEEE 802.1X, Definition, Wikipedia Encyclopedia, http://en.wikipedia.org/wiki/802.1x, 9th September 2005. [33] EAP Methods for 802.11 Wireless LAN Security, Online-Education Tutorial, International Engineering Consortium, http://www.iec.org/online/tutorials/eap_methods/, 9th September 2005.
113
[34] Remote Authentication Dial In User Service (RADIUS), RFC 2138, C. Rigney Livingston, A. Rubens Merit, W. Simpson Daydreamer, S. Willens Livingston, The Internet Engineering Taskforce, http://www.ietf.org/rfc/rfc2138.txt, 9th September 2005. [35] Using RADIUS for WLAN Authentication, Part 1, Article, Lisa Phifer, http://www.wi-fiplanet.com/tutorials/article.php/3114511, 9th September 2005. [36] What is PKI?, Definition, webopedia, http://www.webopedia.com/TERM/P/PKI.html, 9th September 2005. [37] Definition of Public Key Infrastructure, Definition, M-Tech Information Technology Inc., http://mtechit.com/concepts/public_key_infrastructure.html, 9th September 2005. [38] Introduction to Digital Certificates, Tutorial, veriSign Australia Pty Ltd., http://www.verisign.com.au/repository/tutorial/digital/intro1.shtml, 9th September 2005. [39] X.509 Certificates and Certificate Revocation Lists (CRLs), Article, Sun Microsystems Inc., http://java.sun.com/j2se/1.3/docs/guide/security/cert3.html, 9th September 2005. [40] The Semantic Web, Article, Tim Berners Lee, James Hendler and Ora Lassila, Scientific American, May 17, 2001, http://www.scientificamerican.com/print_version.cfm?articleID=00048144-10D21C70-84A9809EC588EF21, 12th September 2005. [41] The Semantic Web: An Introduction, Tutorial, Sean B. Palmer, http://infomesh.net/2001/swintro/, 12th September 2005. [42] Semantic Web, Overview, W3C, http://www.w3.org/2001/sw/, 12thSeptember 2005. [43] Ontologies Come of Age, Paper, Deborah L. McGuinness, Knowledge Systems Laboratory, Stanford University, CA., http://www.ksl.stanford.edu/people/dlm/papers/ontologies-come-of-age-mit-press(with-citation).htm, 12th September 2005. [44] Ontology, Definition, Websters Revised Unabridged Dictionary (1913). [45] Ontology, Definition, Merriam Webster Online Dictionary, http://www.mw.com/cgi-bin/dictionary?book=Dictionary&va=Ontology&x=0&y=0, 12th September 2005.
114
[46] Using Ontologies, Enabling Knowledge Sharing and Reuse on the Semantic Web, Technical Report, Jos de Bruijn, Digital Enterprise Research Institute, Austria, http://www.deri.at/publications/techpapers/documents/DERI-TR-2003-10-29.pdf, 12th September 2005. [47] Ontology, Definition, The Collaborative International Dictionary of English v.0.48, http://dict.diodesign.co.uk/index.pl, 12th September 2005. [48] A Translational Approach to Portable Ontology Specifications, Technical Report, Thomas R. Gruber, Knowledge Systems Laboratory, http://tomgruber.org/writing/ontolingua-kaj-1993.pdf, 12th September 2005. [49] Ontology Development 101: A Guide to Creating your First Ontology, Publication, Natalya F. Noy and Deborah L. McGuinness, Stanford University, Stanford CA., http://protege.stanford.edu/publications/ontology_development/ontology101-noymcguinness.html, 12th September 2005. [50] Dieter Fensel, Ontologies: A Silver Bullet for Knowledge Management and Electronic Commerce, Springer-Verlag Berlin Heidelberg 2004. [51] OWL Web Ontology Language Overview, Recommendation, Deborah McGuinness, Frank van Harmelen, W3C, http://www.w3.org/TR/owl-features/, 12th September 2005. [52] OWL Web Ontology Language Guide, Recommendation, Michael K. Smith, Chris Welty, Deborah L. McGuinness, W3C, http://www.w3.org/TR/owl-guide/, 12th September 2005. [53] A Practical Guide to Building OWL Ontologies Using the Protg-OWL Plugin and CO-ODE Tools, Edition 1.0, Guide, Matthew Horridge, Holger Knublauch, Alan Rector, Robert Stevens, Chris Wroe, The University of Manchester, Stanford University, http://www.co-ode.org/resources/tutorials/ProtegeOWLTutorial.pdf, 12th September 2005. [54] Protg Official Website, http://protege.stanford.edu/, 12th September 2005. [55] The Protg OWL Plugin: An Open Development Environment for Semantic Web Applications, Publication, Holger Knublauch, Ray. W. Fergerson, Natalya F. Noy and Mark A. Musen, Stanford Medical Informatics, Stanford School of Medicine, Stanford CA., http://protege.stanford.edu/plugins/owl/publications/ISWC2004-protegeowl.pdf, 12th September 2005. [56] RacerPro Users Guide, Version 1.8, User Guide, Racer Systems GmbH & Co. KG, www.racer-systems.com, 12th September 2005.
115
[57] GraphViz Graph Visualization Software, About, http://www.graphviz.org/, 12th September 2005. [58] Predicate Logic Terms and Symbols, Peter Suber, Earlham College, Course Material, www.earlham.edu/~peters/courses/log/terms3.htm, 19th September 2005. [59] Frame Based Systems, Paper, Bernhard Nebel, http://www.cs.umbc.edu/771/current/papers/nebel.html, 19th September 2005. [60] Basic Description Logics, Course Material, Franz Baader, Werner Nutt, www.inf.unibz.it/~franconi/dl/course/dlhb/dlhb-02.pdf, 19th September 2005. [61] Restructuring the Telecommunication Networks, Simplification of the Network Infrastructure by implementing Storage Networks and Web Services techniques, EVOLUTE Workshop, S. Rupp, R. Lopez-Aladros, F.J. Banet, M.Duspiva, Alcatel SEL AG, http://www.linecity.de/pdfs/HETNET_2003_Paper.pdf, 30th September 2005. [62] Open Biomedical Ontologies, http://obo.sourceforge.net/, 30th September 2005. [63] Ontologies for Ethology, Paper, Peter E. Midford, http://www.mesquiteproject.org/ontology/, 30th September 2005. [64] Protg OWL Plugin Ontology editor for the Semantic Web, List of Ontologies, http://protege.stanford.edu/plugins/owl/owl-library/index.html, 30th September 2005.
116
Abbreviations
2G 2.5G 3G 802.11 802.1X A A3 A5 A8 AAA ABoxes AI AK AKA AMF AP API AuC AUTN B BSC BSS BTS C CA CC CK CN CRM CS D DL DRNC E EAP EAP-AKA EAP-CHAP Extensible Authentication Protocol EAP-Authentication and Key Agreement EAP-Challenge Handshake Authentication Protocol Certifying Authority Country Code Cipher Key Core Network Customer Relationship Management Circuit Switched Base Station Controller Base Station Subsystem Base Transceiver Station An Authentication Algorithm in GSM Networks A Ciphering/Deciphering Algorithm in GSM Networks A Key Generation Algorithm in GSM Networks Authentication Authorization and Accounting Represent Instances of TBoxes Artificial Inteliigence Anonymity Key Authentication and Key Agreement Authentication Management Field Access Point Application Programming Interface Authentication Center Authentication Token Second Generation Networks Second and a half Generation Networks Third Generation Networks A WLAN network standard defined by the IEEE Standard for securing WLAN networks defined by the IEEE
117
EAP-MD5 EAP-OL EAP-SIM EAP-TLS F f1 f5 G GGSN GMSC GPRS GraphViz GSM H HLR HLR-Number HSS HTML I I-CSCF ID IEEE IK INMSI IMS IMSI IP ISDN ISIM ISN K K Kc Ki L LEAP M MAC
EAP-Message Digest 5 EAP Over LAN EAP-Subscriber Identity Module EAP-Transport Layer Security
Gateway GPRS Support Node Gateway Mobile Switching Center General Packet Radio Service Graphical Visualization Global System for Mobile Communication
Home Location Register Logical HLR Address Home Subscriber Server Hypertext Markup Language
Interrogating Call Session Control Function Identification Institute of Electrical and Electronics Engineers Integrity Key International Mobile Station Identity IP Multimedia Subsystem International Mobile Subscriber Identity Internet Protocol Integrated Services Digital Network IMS Subscriber Identity Module Individual Subscriber Number
118
MAC_RAND MAC_XRES MCC ME MMS MNC MS MSC MSIN MSISDN N NAI NCI NDC NGN NGPR Node B NSS O OSS OWL OWL-DL OWL-Viz P PC P-CSCF PDA PEAP PIN PKI PLMN PPRJ PS PSTN P-TMSI R RACER RacerPro RADIUS RAND RDF RES RNC
Random Message Authentication Code Expected Message Authentication Code Response Mobile Country Code Mobile Equipment Multimedia Messaging Service Mobile Network Code Mobile Station Mobile Switching Center Mobile Station Identification Number Mobile Station Integrated Services Digital Network Number
Network Access Identifier National Cancer Institute National Destination Code Next Generation Network Next Generation Profile Register UMTS Base Station Network Switching Subsystem
Personal Computer Proxy Call Session Control Function Personal Digital Assistant Protected Extensible Authentication Protocol Personal Identification Number Public Key Infrastructure Public Land Mobile Network Protg Project Extension Packet Switched Public Switched Telephone Network Packet-Temporary Mobile Subscriber Identity
RenamedABox and Concept Expression Reasoner RenamedABox and Concept Expression Reasoner Professional Remote Authentication Dial-In User Service Random Number Resource Description Framework Response Radio Network Controller
119
RNS RSS S S-CSCF SGSN SIM SMS SN SN SQN SRNC SSL T TBoxes TLS TMSI TTYPE U UML UMTS URL USB USIM UTRAN V VLR W W3C WEP WLAN WPA X X.509 XMAC XML XRES
Serving Call Session Control Function Serving GPRS Support Node Subscriber Identity Module Simple Message Service Serving Network Subscriber Number Sequence Number Serving Radio Network Controller Secure Socket Layer
Represents Ontologies Transport Layer Security Temporary Mobile Subscriber Identity Mobile Terminal Type
Unified Modelling Language Universal Mobile Telecommunication System Universal Resource Locator Universal Serial Bus Universal Subscriber Identity Module UMTS Terrestrial Radio Access Network
World Wide Web Consortium Wired Equivalent Privacy Wireless Network Wi-Fi Protected Access
Standard for Digital Certificates Expected Message Authentication Code Extensible Modeling Language Expected Response
120
Appendix A
Appendix A lists the classes and subclasses of the ontology
Class
Algorithm
Subclass
A3 A8 F1 F1_ F2 F3 F4 F5 F5_ EAP-SIM EAP-TLS LEAP PEAP CertificateBased ChallengeResponse MutualAuthentication NetworkAuthentication PasswordBased UserAuthentication n/a IssuerName PublicKey SerialNumber Signature SignatureAlgorithm Subject ValidFrom ValidTo Version CountryCode MobileCountryCode MobileNetworkCode NationalDestinationCode AuC HLR HSS UserDatabase IMSI NAI PrivateUserIdentity PublicServiceIdentity UserNetworkIdentity URL Realm
Subclass of subclass
n/a
AuthenticationMethod
n/a
AuthenticationType
n/a
Certificate CertificateComponent
n/a n/a
Code
n/a
Database
n/a
Identity
121
Key
GeneratedKey StaticKey Network GSM IMS UMTS WLAN FixedTelephoneNumber HLRNumber MSISDN MobileSubscriberIdentificatio nNumber SubscriberNumber IndividualSubscriberNumber BasicService MutlimediaService
AK AMF AUTN IK Kc MAC MAC_RAND MAC_XRES RES XMAC XRES RAND SQN Ki PrivateKey PublicKey n/a
Number
n/a
Service
SupplementaryService
UserData
SMS Speech AudioDownload AudioStream MMS VideoDownload VideoStream WebBrowsing CallBarring CallDivert CallWaiting ConferenceCall CustomerCareBilling DataService n/a
122
Subscriber
n/a
123
Appendix B
The following appendix lists the properties and the inverse of each property if applicable:
Property
has Algorithm hasAnonymityKey hasAuthenticationManagementField hasAuthenticationMethod hasAuthenticationType hasBasicService hasCertificate hasChallenge hasChallengeResponse hasData hasDatabase hasExpectedMessageAuthenticationCode hasExpectedResponse hasExpectedResponseMessageAuthenticati onCode hasIdentity hasInput hasIntegrityKey hasIssuerName hasMessageAuthenticationCode hasMultimediaService hasNetworkIdentity hasNumber hasOutput hasPart hasPassword hasPrivateUserIdentity hasPublicKey hasPublicServiceIdentity hasPublicUserIdentity hasQuintets hasRandNumber hasRandomMessageAuthenticationCode hasResponse hasSecretKey hasSequenceNumber hasSerialNumber hasSessionKey hasSignature hasSignatureAlgoritm hasSubject hasSubscriber
Inverse Property
isAlgorithmOf isAnonymityKeyOf isAuthenticationManagementFieldOf isAuthenticationMethodOf isAuthenticationTypeOf isBasicServiceOf isCertificateOf isChallengeOf isChallengeResponseOf isDataOf isDatabaseOf isExpectedAuthenticationCodeOf isExpectedResponseOf isExpectedResponseMessageAuthentication CodeOf isIdentityOf isInputOf isIntegrityKeyOf isIssuerNameOf isMessageAuthenticationCodeOf isMultimediaServiceOf isNetworkIdentityOf isNumberOf isOutputOf isPartOf isPasswordOf isPrivateUserIdentityOf isPublicKeyOf isPublicServiceIdentityOf isPublicUserIdentityOf isQuintetsOf isRandNumberOf isRandomMessageAuthenticationCodeOf isResponseOf isSecretKeyOf isSequenceNumberOf isSerialNumberOf isSessionKeyOf isSignatureOf isSignatureAlgoritmOf isSubjectOf isSubscriberOf
124