It is a brief range communication technology to hook up to devices using short-range radio occurrence(RF) which is supposed to displace communication that uses cabling. It is utilized mainly to establish wireless personal area sites (WPAN), commonly known as AD-HOC or peer-to-peer (P2P) systems. This technology more recently are built-into many types of business and consumers devices such as mobile phones, PDA, laptops, headphones, vehicles, printers.
This technology is internationally accepted and any devices that are bluetooth allowed can talk to other bluetooth enabled device located in proximity to one another almost everywhere in the world.
Bluetooth is a low cost, low electric power technology which provides small wireless systems. The devices with this technology hook up the other person through short range, random networks known as piconets. Whenever a bluetooth allowed device enter or leave radio proximity the piconets gets founded automatically and dynamically. Also each device in the piconets offers a simultaneous interconnection up to seven other devices and this piconet can also belong to several other piconets allowing a unlimited connection.
This technology also offers the ability to simultaneously deal with data and tone of voice transmission which gives users with a number of uses such as stamping, synchronization with Personal computer and laptops, recognizing voice calling through hands-free headsets etc.
Some of the benefits of this technology includes:
Replacements for cable tv: this technology replaces the utilization of different types of cabling required to establish a connection between 2 or more different or similar devices e. g mouse, headphones, keyboard, printers etc.
Wireless synchronization: It automatically synchronize with bluetooth empowered devices such as notebooks via wireless interconnection. e. g synchronization of address booklet within laptops, cellular phones etc.
Internet connection: any bluetooth empowered device having internet connection can reveal the internet access with other bluetooth allowed device. One serves as a modem. e. g a laptop can use a internet via a bluetooth enabled mobile phone by establishing a dialup connection through the mobile phone.
Bluetooth Technology Characteristics:
Bluetooth operates in the unlicensed 2. 4 GHz to 2. 4835 GHz Industrial, Scientific and Medical (ISM) regularity music group. Many technology such as IEEE 802. 11 b/g WLAN standard operate in this strap. It employs frequency hoping pass on spectrum (FHSS) for every transmissions, also FHSS really helps to minimize the interference and transmission mistakes as well as provides a limited degree of transmission security. That is done by the technology which picks up the devices under the range and avoids the occurrence used by the other bluetooth enabled device. Also the communication between your devices uses 79 different radio programs by hoping frequencies at 1 MHz interval giving a high degree of disturbance immunity and allowing better transmission within the range. This hoping provides higher performance even though other technology are being used all together with bluetooth technology.
Range:
the operating range relies upon the device class such as the following:
Class 3 radios : supports up to 1m or 3ft.
Class 2 radios : found in mobile devices-ranges from 10m or 33 ft.
Class 1 radios: found in industrial sector creating a huge selection of 100m or 300 foot.
Bluetooth low energy technology has a variety as high as 200m or 600ft.
Power Usage:
class 2 device uses 2. 5 mW of ability.
The generic different macintosh personal computer/phy in version 3. 0 HS permits the finding of remote control AMPs for high speed device and transforms on the radio only when needed for data transfer providing a power optimization advantage as well as aiding in the security of the radios.
Bluetooth low energy technology, optimizd for devices requiring maximum electric battery life rather than a high data transfer rate, consumes between Ѕ and 1/100 the energy of common bluetooth technology.
Data rate
bluetooth low energy technology offers a speed of 1 1 Mbps of data transmitting.
For version 1. 2 and 2. 0 EDR the info rate includes 1Mbps and 3 Mbps respectivley.
For version 3. 0 HS up to 24 Mbps is recognized.
Security Aspects:
bluetooth technology and associated devices are vunerable to general cordless networking hazards, such as DOS episodes, eavesdropping, man-in-the-middle-attacks, note modification, and source misappropriation. Generally the security are categorized into three categories:
non-secure: in this kind any bluetooth device do not start any security measures.
Service level enforced security: in this security setting two bluetooth device establish a nonsecure Asynchronous Connection-Less (ACL) link.
Link level enforced security: in this setting authentication, authorization and optional enryption are initiated whenever a get of L2CAP(logical Website link Control and Version Protocol )connection-oriented or connectionless channel is made. This security function is established prior to the connection is made between the devices.
Vulnerabilities:
Bluejacking: this is a danger which involves a mailing of unsolicited text messages or business cards to bluetooth empowered devices. For this danger to work the mailing and acquiring device must be within the number of of 8-10m from one another. This is a method usually used for promotional purposes purpose alternatively than with any destructive intention. This method could be very annoying anticipated to repetitive messages. Also this technique does indeed leave a door wide open for variety of public engineering attacks. In order to prevent this kind of attack the device must be placed into non-discoverable function in unsecured areas.
Bluesnarfing: this hacking method is performed in bluetooth allowed cellular phones and what this strike does could it be copies the whole contact publication, calender or whatever is stored in the cellular phone's recollection. This risk can be minimised by placing these devices in non-discoverable method in an un-secured zone. How-ever many software are available in web which can grab information from blue-tooth enabled devices.
the back door assault: this strike begins of after being in connection with bluetooth device; through pairing system and if the dog owner does not observe their device after connection than these are unlikely to note anything following the device are matched; allowing attacker to work with any resources that a trusted relationship recover device grants access to. This implies the attacker can not only get data but also use features such as GPRS WAT, internet, modems etc. without the dog owner being notified.
The cabir worm: this is a harmful software that uses the bluetooth technology to look for available bluetooth devices and send itself to them. This worm presently only effects mobile phone which uses symbian series 60 interface system. But this risk can be prevented by the user since the user itself must manually recognize the worm and install in order for this harm to be in effect.
GPRS
it is a non-voice value added service which allows Mobile Phones to be utilized for mailing and obtaining data over and internet protocol(IP) structured network. It means General Packet Radio Services. It is a packet established radio service which is sent as a network overlay for GSM, CDMA and TDMA sites which allows always on relationships. This reduces the repetitive and time consuming dial up connection. It also reserves radio resources only once there is a certain data to be directed ensuring the utmost usage of radio resources. This service enables users to use many multimedia request through mobile internet. Along with it it offers user the internet from everywhere and anytime.
GPRS handles data in some packets which is often routed over several paths through the GSM network. The info is segmented and stored as packets before being transmitted and reassembled at the acquiring end. GPRS users obtain the benefit of instantaneous connection setup and continuous link with the internet after being logged-in to an APN (Access Point Name) until the end user log off and the user only have to pay the info which is really sent. Since this is a wireless technology so and end-to-end connection is not required because network resources and bandwidth are just used when data is actually transferred. This enables useful use of available radio bandwidth. This reduces the price in comparison to circuit switched services since communication channels gets shared and are on a 'as-packets-are-needed' basis.
GPRS data rates of speed runs from 14. 4 kbit/s (using one radio time-slot) to 115kamount/s (by amalgamating time slots). The average data transfer velocity reaches about 56 kbit/s. The improvement in the info rate allows users to be a part of video convention and interact with various websites and similar program using mobile handheld devices as well as from mobile computing.
GPRS is dependant on GSM communication and will accentuate existing services like Text message. It also complement blue-tooth.
Advantages of GPRS:
Operators
offer new and superior data services to personal and business market segments.
Uplift the profits from data services.
Opportunity to raise the amount of network users.
Provides an upgrade route and baseline for UMTS
End Users:
high acceleration internet
cost effective since charge is completed only once data is sent and not throughout connection
constant connectivity
simultaneous use of voice and data communication
Applications of GPRS include:
Chat
web browsing
internet email
file transfer
file sharing
Security:
Security threat depend the type of traffic and data service for specific risk. The Gp software is the reasonable connection between PLMNs that is used to aid roaming data users. The following traffic comes under Gp :
GTP : this provides a logical interconnection between your SGSN and GGSN of roaming companions.
BGP : this gives the routing information between the operator and the GRX and/or roaming partners
DNS: provides resolution for subscriber's Access Point Name (APN)
THREAT ON Gp includes
Availability
Border Gateway Bandwidth saturation : in this kind of risk a malicious operator links to the same GRX which might have the ability to generate enough traffic which gets directed at users border gateway such that required traffice is starved for bandwidth in or out of customer PLMN. Finally denying roaming acess to and from the network.
DNS flooding: in this risk the DNS server gets flooded with correct or malformed DNS concerns denying subscribers to find GGSN to use an external gateway.
GTP flooding: in this menace SGSNs and GGSNs may be flooded with GTP traffic that lead them to spend their CPU cycles processing illegitimate data protecting against users to roam or send data out to an exterior network
Authentication and Authorization
Spoofed create PDP framework Request:
Spoofed update PDP framework request
Integrity and Confidentiality
Capturing a subscriber's data session
WAP
WAP means Wireless Application Standard protocol. It is a credit card applicatoin environment and a couple of communication standard protocol for witless devices which is designed to allow manufacturer, seller and technology independent access to the internet and advanced telephony services. Basically it serves as a bridge between the mobile world and the internet as well as intranets offering the ability to deliver an endless selection of mobile value added services to the users irrespective of their network, bearer and terminal. This also allows subscriber to access the same amount of information from a pocket sized devices as they can from the desktop.
The WAP standards defines a set of protocols in levels like application, period, transfer, security, and travel enabling operators and companies to meet up with the issues in advanced wireless service differentiation and fast/flexible service creation.
WAP utilizes binary transmitting for greater compression of data and is optimized for long latency and low bandwidth. The light weight WAP protocol stop was created to minimize the mandatory bandwidth and improve the amount of cellular network types that can deliver WAP content. Since WAP is dependant on a scalable split architecture, each layer can develop separately of the others so that it is possible to introduce new bearers or even to use new transport protocols without having to make any alteration in other tiers.
Versions of WAP
WAP 1. X-
WAP 1. 0 was presented in the past in April 1998 which referred to a collection of softwares for internet access through mobile.
WAP 1. 1 was then unveiled a season later after WAP 1. 0 in 1999.
WAP 1. 2 which was the final update of the WAP 1. X series was created in June 2000 and the significant revise of the was the benefits of WAP drive.
WAP Push:
This version allows WAP content to be pressed to the mobile device with minimum amount user involvement since this consists of a specially encoded subject matter that includes a web link to wap address. It can be used over any device which supports WDP like GPRS and Text message.
This press version enables users the choice to automatically access the WAP content with WAP 1. 2
WAP 2. 0:
This version re-engineered WAP that was introduced in the entire year 2002 and was a straightforward version of HTML to create XHTML. The XHTML helps decrease the bandwidth of internet pages helping user to work with the kept bandwidth for other goal.
Benefits:
Operators
chance to raise the subscriber by bettering services such as interface to voice email and prepaid systems
introduction of new application without the need for more infrastructure or modification to the telephone.
Enabling the provision of end-to-end turnkey solution which make a lasting competitive advantage.
Content Providers;
enable content and program developers to understand eh tag based mostly WML(wireless Markup Language) allowing services to be written and executed within an operator's network quickly and easily
End Users
easy and secured access to relevant internet information and services such as unified messaging and entertainment through their mobile devices.
Can access the info from corporate directories.
Significant freedom of choice when choosing mobile terminals and request they support
allows users to get and request information in managed fast and low-cost environment.
Applications of WAP:
advertising the merchandise immediately through the cellular devices allowing the buyers directly the hyperlink to order accessibility page.
Establishment of exclusive lan allowing users to play or show information within the grous.
Downloading files.
Infotainment feature: customer care and provisioning, concept notification and call management, email, mapping and location service, weather and traffic alerts, sports activities and financial services, address booklet and listing services and corporate intranet program.
Security concern over WAP
WAP Gateway : this is the most important menace associated with WAP. In this particular threat WAP devices connect to web machines through WAP gateway meaning WAP has unencrypted data for a brief period of time which is often highly confidential. To avoid this the WAP device must turn to a trusted and secured gateway rather than using the default WAP gateway. Also another solution includes upgrading all wap gateways in a way that they can work in pass-through method. When WAP gateway works in this function it just let go all the encrypted traffic from cellular phone to server without having to be decrypted and the gateway would be just a relay for the data stream.
Weak encryption algorithms: the encryption standard protocol encrypts data through the handshake phase which has a possibility to find the 40bit DES encryption method. In this technique, a 5 byte key is employed formulated with 5 parity bits giving only 35 effective key parts in the DES key. This DES key can be easily hacked through brute force
potential for pathogen attacks: wap consists of a scripting language(WMLScript) making easier for viruses to affect cellular phone.
GSM
It means Global System for Mobile Communication which is a internationally accepted standard for digital mobile communication and most globally used cellular phone system. It is an open digital mobile technology which can be used to transfer mobile tone and data services. This design was the first digital design to follow the analog period to improve the security from analog counterparts in mobile communication. This technology supports voice telephone calls and data copy rate up-to 9. 6klittle/s, combined with the transmission of Text. This functions in the 900MHz and 1. 8 GHz rings in Europe and 1. 9 GHz and 850MHz rings in the US, Australia, Canada and many southern American countries. The users can gain access to the same service when touring abroad through GSM international roaming potential which is done after harmonizing spectrum across most area of the earth. Thus giving users to hook up seamlessly and same quantity connectivity in more than 218 countries even if they have different network service provider.
Application of GSM includes:
accessing the internet with GPRS being allowed. .
Used in E-commerce for services like mobile bank, e-ticketing etc.
Advantage of Gsm include:
the consumer advantages from the capability to roam and transition carriers without swapping phones and SIM and to network providers.
High voice quality because of the productive use of radio frequencies which allows the machine to tolerate intercell disturbances.
The encryption of speech allows customer information to be secured.
Also pioneered low priced implementation of the brief note service known as text messaging.
Introduction of worldwide emergency phone number feature.
Introduction of value added feature such as GPRS EDGE.
Threat includes the next:
there are mainly two determination for attackers of mobile phone systems that are:
Theft Of service:
cloning: In this type of episode, the attacker steals the determining information from a legitimate phone and tons it to another telephone allowing attacker to masquerade as the authentic mobile. What this does is it causes charges to be assessed against the profile holder of the authentic phone.
Call Decryption: this threat is dependant on the encryption approach to the GSM network. The attacker experienced found to decrypt a call with greater swiftness within 30 seconds with just a laptop and specific radio device back in 2007 and 2008.
data Interception: in this type of episode the attacker may easily listen to the transmitting of the phone using relatively unsophisticated tools in a effort to eavesdrop on the speech and data transmission occurring. To resolve this issue encryption of the data in the air should be maintained.
