View
41
Download
0
Category
Preview:
DESCRIPTION
Korea’s Wireless Internet and its New Threats. Richard Rhee, AhnLab, Inc. What is the wireless internet ? The cellular phone is no longer just a telephone. How to navigate What is the mobile platform ? How does it use ? The threat nears, and many more… - PowerPoint PPT Presentation
Citation preview
Ahnlab.com
Korea’s Wireless Internet
and its New Threats
Richard Rhee, AhnLab, Inc.
2
Contents
What is the wireless internet ?
The cellular phone is no longer just a telephone.
How to navigate
What is the mobile platform ?
How does it use ?
The threat nears, and many more…
What are your plans against new threats?
3
What is the wireless internet ?Introduction
The environment and technology offering the mobile terminal to get access to information through wireless network.
New services enabling cellular phones and handheld devices access to the internet through wireless network
Specialization
Ubiquity
Accessibility
Security
Convenience
Mobility
Localization
Personality
Customization
4
What is the wireless internet ?CDMA 2000 1x Packet Data Network Component
Mobile Terminal
BTS ( Base Transceiver Station )
BSC ( Base Station Controller )
PDSN ( Packet Data Switching Node )
MSC / VLR / HLR
IWF ( Inter-Working Function )
AAA Server ( Authentication Authorization Accounting )
HA ( Home Agent )
Gateway
5
What is the wireless internet ?CDMA 2000 1x Packet Data Network Architecture
6
What is the wireless internet ?WIBRO is the next wireless network. ( 1 )
Specification 2.3 GHz / 1Mbps Always connected Will be serviced in 2006. IP - Based
Components PSS ( Portable Subscriber Station )
Wireless connection IP based connection
RAS ( Radio Access Station )Resource management & control Hand-off support
QoS ACR ( Access Control Router )
IP Routing IP Multicast Billing information
Authentication / Security model
7
What is the wireless internet ?WIBRO is the next wireless network. ( 2 )
8
The cellular phone is no longer just a telephone.
Telephone Digital Entertainment
MP3 PlayerMovie Player
PIM Data Contacts Calendar
WAP Browsing / Web Browsing File Storage / Exchange And more…
9
How to Navigate : WAP Browser 2.0
WML 1.x, WML 2, xHTML, HTML
WML script
HTTP 1.1 full specification, HTTP 1.1 Cache
OMA Download
SSL 3.0 / TLS 1.0
BMP, WBMP, (animated) GIF, SIS
Pictogram
WAP Push
ARM7, 700 ~ 800 kb
10
What is the Mobile Platform ?Introduction
REX is only a scheduler for mobile terminal.
The market wants a strong functionality.
Common Functionality Terminal H/W and Platform independent
File system support
2D & 3D graphic support
Socket based Network communication
Serial communication
Interoperability with SIS, VOD and Camera
Voice call , SMS, Browser call
Terminal Data Access
Content development kit
11
What is the Mobile PlatformGNEX
GNEX is a content downloader and player.GNEX SDK
GNEX Player
GNEX Architecture GNEX Virtual Machine
GNEX Kernel
GNEX Event Handler
MIDD ( Mobile Interface Device Driver )
12
What is the Mobile PlatformXVM based on J2ME
Clean room implementation of J2ME
Components
XVM
M-Configuration
M-Profile
Telecom Service APIs
Application manager
Supports Garbage Collector
13
What is the Mobile PlatformBREW ( Binary Run-time Environment in Wireless )
Residing on top of the chip system software, BREW provides wireless application with access to a suite of highly integrated chipset functions.
Supports language beyond native C/C++, including Java, XML and Flash
BDS ( BREW Distribution System )
14
What is the Mobile PlatformWIPI 2.0 ( 1 )
Needs the Standard platform
15
What is the Mobile PlatformWIPI 2.0 ( 2 )
Structure
Application Manager
Basic APIs
Dynamic components
Run-Time engine
HAL ( Hardware adaptation Layer )
16
What is the Mobile PlatformWIPI 2.0 ( 3 )
Functionality
Supports C/C++, JavaTM
Execute the binary code through COD server
Stable APIs
API Access control : 3 Level
Data Access control : 3 Level
Memory management
Compaction & Garbage collection
Shared memory management
Supports Unicode and Locale
Dynamic APIs and Components
Application management
17
What is the Mobile PlatformWIPI 2.0 ( 4 )
API Overview
18
What is the Mobile PlatformWIPI 2.0 ( 5 )
Security Model
Access Security
System Level
CP ( Content Provider ) Level
Public Level
APIs Security
Data Security
Private directory
Application shared directory
System shared directory
19
What is the Mobile PlatformWIPI 2.0 ( 6 )
Service Architecture
20
Mobile Transaction
Payments
Banking
Stock Exchange
Mobile office
SFA ( Sales Force Automation )
School Affair Management
Distribution Support
Customer Support
And many, many more…
How do it use ? In business
21
Hacking Mp3 files
mp3 file download & playback : Limited to 3 days of play-back (SK Telecom, KTF)
☞ "UnlimitedSMP.exe“, an illegal program disabling (hacking) 3-day limit of the mp3 file playback
Cloning
Phone Cloning : The most severe attack to the cellular systems through the air
☞ Cellular phones can be easily cloned using ESN (Electronic Serial Number) and MIN (Mobile Identification Number). These numbers are exposed to everyday life, and with equipments pricing from $700 ~ $2000, numbers can easily be obtained.
The threat nears, and many moreThe case (1)
22
Mobile spam More than 30 million subscribers : High rate of mobile handset spam mails
Many users exchange short messages through their high-powered handsets every day, offering spammers something to exploit.
Virus writer group Cabir : Network worm targeting phones running on Symbian
WinCE4.Dust : First known WinCE virus on ARM-based devices
☞29A : International group connected by a common interest in computer security, especially in self-replicating code.
The threat nears, and many moreThe case (2)
23
WIPI : Standard wireless platform in Korea
The Ministry of Information and Communication (MIC) said that the government will oblige the Wireless Internet Platform for Interoperability (WIPI) to new cell phone models from next year.
The Korean government can mandate the open-source WIPI as a standard while mobile carriers are also allowed to support other specifications on top of the compulsory WIPI platform.
Harmful content for children
Disabling the bell sound for digital camera phone.
WIPI Open Source
Opened wireless network
The threat nears, and many moreThe case (3)
24
Attacking EFS
Malicious Contents
Rebooting the Cellular Phone
Hacking Private Information
Unwanted Bill
Mobile Adwares
The threat nears, and many moreThe potential threat
25
Anti-virus and Anti-spam for the cellular phone
WPKI based Authentication
Mobile VPN
Applied TLS / SSL
Protected IWF / Gateway for using Firewall / IDS
Harmful traffic prevention
What are your plans against new threats?
26
http://www.xce.co.kr
http://www.genx.co.kr
http://www.brew.com
http://www.kisa.or.kr
http://www.infraware.co.kr
http://www.kwisforum.org
http://www.koreaharald.co.kr
Telecom’s IP Packet Core IP Packet Core Network Network Overview – SK Telecom
kwisf WIPI 1.2 specification
Attacks on celluar phone - Hai-Ping Ko
휴대인터넷 서비스 및 네트워크 – 강충구 모바일 비즈니스 개념 정의 – 이재원
References
Recommended