1、Security of Mobile and Wireless NetworkNew words and phrases1 undergo vt.经历,遭受2 hacker n.电脑黑客 3 generic adj.类属的,一般的generic name类属名4 facility n.设备(常用复数),设施 communication facility 通信设备,通信设施5 priority n.优先,重点;优先权 high priority 高优先级,重要优先项目6 cryptography n.密码学,密码术7 cryptographic adj.密码的cryptographic key密
2、钥8 authentication n.证明,鉴定9 integrity n.完整,完整性10 confidentiality n.机密性 11 unambiguously adv.明白地,不含糊地 Security of Mobile and Wireless Network12 repudiation n.否认,抛弃,批判 nonrepudiation n.认可 13 afterwards adv.以后,后来14 commerce n.商业,贸易 ecommerce(Ecommerce,electronic commerce)电子商务15 transaction n.交易,事务 finan
3、cial transaction 金融业务(交易)16 fraud n.欺骗,欺诈行为 17 validity n.有效度,真实性18 anonymity n.匿名,作者不明(或不详)19 malicious adj.恶意的,恶毒的 20 trapdoor n.陷门21 Trojan n.特洛伊Trojan horse特洛伊木马22 replicate v.复制Security of Mobile and Wireless Network23 protocol n.协议,规程 protocol stack 协议堆栈24 mobility n.移动性,流动性25 stability n.稳定性2
4、6 roam v.漫游;n.漫游27 interoperability n.互用性,互操作性28 hop v.转移,跳变,跳跃 29 encrypt v.加密,译成密码 30 intranet n.内联网,企业内部互联网 31 obligatory adj.必须的,义务的,强制性的32 cipher n.密码 33 firewall n.Internet防火墙 Security of Mobile and Wireless Network34 socket n.(报文包的)套接字35 flaw n.缺陷,瑕疵36 plaintext n.明文,原文37 truncation n.截短,截断,截
5、断舍位38 datagram n.数据报 39 forgery n.伪造物,伪造罪,伪造40 shortcut n.简化操作,捷径41 exportable adj.可输出的,可出口的42 eavesdrop v.窃听,偷听 43 disclosure n.泄密,泄露44 denial n.否定,拒绝Security of Mobile and Wireless Network1 information security 信息安全(性)2 distributed system 分布式的计算机系统3 computer security 计算机安全(性)4 follow up 贯彻,用继续行动来加
6、强效果5 application area 应用领域6 work out 设计出,作出7 logic bomb 逻辑炸弹8 protocol stack 协议堆栈9 IETF(Internet Engineering Task Force)Internet工程任务组10 IPSec(IP Security)IP安全11 be based on 根据,以为基准12 WLAN(Wireless LAN)无线局域网13 as such 同样地,同量地 Security of Mobile and Wireless Network14 networking protocol 网络协议15 covera
7、ge area 覆盖范围,有效区16 agree upon 商定,就意见一致,对达成协议17 GPRS(General Packet Radio Service)通用无线分组业务18 WAP(Wireless Application Protocol)无线应用协议19 LSFR(Linear Shift Feedback Register)线性移位反馈寄存器20 portable device 便携设备21 digital cash 数字货币22 smart card 智能卡23 data stream 数据流24 take account of 考虑25 be of much concern
8、 很重要,很有关系26 unauthorized access 越权存取,非权威存取Security of Mobile and Wireless Network The requirements of information security have undergone three major changes in the last decades.The first major change was the introduction of the computer.The need for protecting files and information became evident.C
9、ollection of tools designed to protect data and to avoid hacker attacks has the generic name computer security.The second major change was the introduction of distributed systems,networks and communication facilities for data communication.Network securitymeasures are needed to protect data during t
10、ransmission.The third change is the current,rapid development of wireless networks and mobile communications.Wireless security is therefore of high priority today.Network Security Cryptography is an essential part of todays information systems.Cryptography isneeded for(1)reliable authentication,(2)i
11、ntegrity of information content,(3)confidentiality,and(4)nonrepudiation in data communication.Security of Mobile and Wireless NetworkReliable authentication means that a communication partner can be unambiguously identified.Integrity of information content requires,that reliable methods are availabl
12、e to check that transmitted information remains unchanged on the way from the sender to the receiver.Confidentiality means that the sender of information can determine who has(have)the right to read the information content.Nonrepudiation means that the authenticated informationexchange can afterward
13、s be unambiguously proved to have happened.Nonrepudiation is essential in following up adoptedagreements and in reliable ecommerce.Within the fields from email to cellular communications,from Web access to digital cash,cryptography is applied.It prevents fraud in electronic commerce and assures vali
14、dity of financial transactions.It can prove your identity or protect your anonymity.The Security of Mobile and Wireless Networkimportance of cryptography and the number of application areas are steadily growing.Network security requires active administration.Security policies,standards and administr
15、ative procedures must be worked out,implemented and followed up.Software threats(malicious programs)are divided into two categories:those needing a host program,such as trap doors,logic bombs and Trojan horses and those being independent,such as viruses,bacteria and worms.We can also divide these so
16、ftware threats into programs that replicate and those that do not.Replicating software is either a program fragment(virus)or an independent program(bacterium,worm).Nonreplicating software are fragments of programs that are activated when their host program performs a specific function Security of Mo
17、bile and Wireless NetworkMany network security solutions and(IETF)standards are based on the assumption that the data communication media is wired.Since network security usually is implemented in the protocol stack at the network levelas the IPSec standard(IP Security Protocol,2002)or at the applica
18、tion levelas the TLS standard(Transport Layer Security,2002),no essential security modifications are needed as long as wireless communication is implemented only at the data link level of the network protocol stack.Exercises.Please translate the following words and phrases into Cwork resource 2.trap
19、 door3.Cipher Key(CK)4.smart work controller6.WAP7.data stream 8.connectionoriented 9.protocol stack10.financial transactions 11.TLS(Transport Layer Security)12.radio interface13.secure socket网络资源网络资源陷门陷门密钥密钥 智能卡智能卡 网络控制器网络控制器无线应用协议无线应用协议(Wireless Application Protocol)数据流数据流 面向连接的面向连接的 协议堆栈协议堆栈金融业务(
20、交易)金融业务(交易)传输层安全传输层安全无线接口无线接口安全套接字安全套接字Exercises14.digital cash 15.cellular communications 16.International Mobile Subscriber Identity 17.SIM18.wireless transport layer security19.cryptographic key working protocol21.data link protocol22.Authentication Centre(AuC)munication facility24.GPRS25.IMSI26.
21、WLAN数字货币数字货币蜂窝通信蜂窝通信 IMSI国际移动用户身份国际移动用户身份 用户身份模块用户身份模块(Subscriber Identity Module)WTLS无线传输层安全无线传输层安全 密钥密钥 网络协议网络协议 数据链路协议数据链路协议认证中心认证中心 通信设备通信设备 通用无线分组业务(通用无线分组业务(General Packet Radio Service)国际移动用户身份号(国际移动用户身份号(International Mobile Subscriber Identity)无线局域网无线局域网(Wireless LAN)Exercises.Please transl
22、ate the following words and phrases into English.1.信息安全(性)2.分布式的计算机系统3.数据通信4.电子商务5.计算机安全6.密码学7.逻辑炸弹 information securitydistributed systemsdata communicationecommercecomputer securitycryptographyLogic bombExercises8.特洛伊木马 9.传输层10.数据链路层11.蠕虫12.线性移位反馈寄存器13.防火墙14.覆盖范围15.应用领域16.计算机病毒Trojan horsetranspor
23、t layerdata link levelwormLinear Shift Feedback Register(LSFR)firewallcoverage areaapplication areacomputer virusExercises.Fill in the blanks with the missing word(s).1.WTLS is closely the same as the SSL and TLS protocols,but a number of changes has (has,have)been made to the protocol by the WAP Fo
24、rum.2.IPSec provides security services at the IP layer by enabling a system to select required security protocols,determined(determined,determine,determining,be determined)the algorithms to use for the services,and put in place any cryptographic keys required to provide the requested services.3.Inte
25、grity of information content requires,that reliable methods are available to check that transmitted information remains unchanged on the way from the sender to the receiver.4.New security features are added to take account of changes in network architecture and to secure new services offered by 3G.E
26、xercises5.Security policies,standards and administrative procedures must be worked out ,implemented and followed up .6.Software threats(malicious programs)are divided into two categories.7.Many network security solutions and(IETF)standards are base on the assumption that the data communication media
27、 is wired.8.WTLS is designed to ensure data integrity,privacy and authentication but WTLS does not take into account whether the content is malicious or not.9.Wireless network security along with a fast technological changeis a demanding(demanded,demanding,demand)field.Network security in itself mus
28、t be seen as a whole.10.Today the security of Wireless LANs is of much concern.Security measures taken (taken,take,taking,was taken)are almost identical in the wired and wireless world.Exercises.Answer the following questions according to the text.1.What are the major changes of information security
29、 requirements in the last decades?The requirements of information security have undergone three major changes in the last decades.The first major change was the introduction of the computer.The need for protecting files and information became evident.Collection of tools designed to protect data and
30、to avoid hacker attacks has the generic name computer security.The second major change was the introduction of distributed systems,networks and communication facilities for data communication.Network security measures are needed to protect data during transmission.The third change isthe current,rapi
31、d development of wireless networks and mobile communications.Exercises2.For what application areas will cryptography be needed?What is the meaning respectively?Cryptography is an essential part of todays information systems.Cryptography is needed for(1)reliable authentication,(2)integrity of informa
32、tion content,(3)confidentiality,and(4)nonrepudiation in data communication.Reliable authentication means that a communication partner can be unambiguously identified.Integrity of information content requires,that reliable methods are available to check that transmitted information remains unchanged
33、on the way from the sender to the receiver.Confidentiality means that the sender of information can determine who has(have)the right to read the information content.Nonrepudiationmeans that the authenticated information exchange can afterwards be unambiguously proved to have happened.Exercises3.How
34、many categories can software threats be divided into?And what are they?Software threats(malicious programs)are divided into two categories:those needing a host program,such as trap doors,logic bombs and Trojan horses and those being independent,such as viruses,bacteria and worms.We can also divide t
35、hese software threats into programs that replicate and those that do not.Replicating software is either a program fragment(virus)or an independent program(bacterium,worm).Nonreplicating software are fragments of programs that are activated when their host program performs a specific functionExercise
36、s4.What properties of wireless networks imply different security solutions for wired and wireless networks?Wireless networks have properties that imply different security solutions for wired and wireless networks.These are:They use the same networking protocols but use specialized physical and data
37、link protocols.They connect to existing networks via access points which provide a bridging function.They let you stay connected when roaming from one coverage area to another.They have unique security considerations.They have specific interoperability requirements.They require different hardware.Th
38、ey offer performance that differs from wired LANsExercises5.Tell the differences between GPRS and GSM.GPRS(General Packet Radio Service)is announced to be a mobile system of 2.5generation.GPRS is rather similar to GSM using the same radio access network in packet mode.Packet handling nodes have to b
39、e added.Such nodes are SGSN(Serving GPRS Support Node)and GGSN(Gateway GPRS Support Node).Other nodes like HLR(Home Location Register)and AuC(Authentication Center)can be reused with minor modifications.Internet and Intranet access of mobile and portable devices will be major GPRS applications.GPRS
40、will also be a major carrier of WAP(Wireless Application Protocol)applications.Most GPRS terminals will probably also support GSM.The theoretical data rate is more than 100 kbps but most operators will offer data ratesbetween 20 and 40 kbps.Exercises6.Compared to GSM,what security developments are i
41、ncluded in 3G?Compared to GSM two major security developments are included:The cryptography used will be strengthened with the introduction of 128bit keys.A 128bit cipher key CK and a 128bit integrity key IK will be established.Information is encrypted between the mobile station and Radio Network Co
42、ntrollernode.Encryption relies on the Kasumi algorithm.Mutual authentication will be introduced using cryptographic keys to establishthe identity of both user and base station over a connection.Authentication for users passing between different networks will also be protected using a public key cryp
43、tographic system.Exercises7.What problems on attacks are there in the WAP environment,and how to solve them?In the WAP environment,the WAP stack and the servers are exposed to attacks.Typical threats and protection methods are:(1)Viruses and malicious services are possible in the mobile terminal.(2)
44、The radio interface is protected with standard GSM security methods.(3)Mobile networks can have unprotected radio links between the base station and the base station controller.(4)Stored servicesof the gateway and the server require similar protection as the Internet server.(5)Data transmission between the gateway and the server needs protection.In the WAP environment,SSL is used between the Web server and the WAP gateway,but a specialized protocol,WTLS(Wireless Transport Layer Security),is needed between the WAP gateway and the WAP device.But WTLS seems to need revision.
