GPRS Security Feature, Threats and Solution

Background Information

Example of a 3G/GPRS Modem

GPRS stands for General packet radio service. It is a data network architecture which is designed to integrate with GSM networks and offer mobile clients or subscribers a "always on" packet swithced data services to corporate networks and the internet. GPRS is standardized by European Telecommunications Standards Institute (ETSI). GPRS usage is charged based on the volume of the data.

GPRS Services

1. SMS and Broadcasting
2. MMS
3. Internet access is "always on"
4. Internet applications for smart phones and devices are through the Wireless Application Protocol (WAP)

Supported Protocols

1. Internet Protocol (IP)
2. Point-to-point protocol (PPP)
3. TCP/IP

GSM uses GPRS for data transmissions like for example browsing the web.

GPRS Core Network Architecture Overview

GPRS Security

• Integrity
• Assures that data cannot be altered in an unauthorized or malicious manner

• Confidentiality
• Protection of data from disclosure to third parties

• Authentication
• Provides assurance that a party in a data communication is who or what they claim to be

• Authorization
• Ensures that a party may only perform the actions that they're allowed to perform

• Availability
• Data services are usable by the appropriate parties in the manner intended

 Solutions

• Traffic rate limiting
• GTP rate limiting
• Hardware-accelerated stateful packet filtering
• GTP stateful packet filtering 

Network Security & Solution Diagram
This security solution uses a tunnel hub concept to separate traffic for different corporate networks and internet.




References
http://www.it.iitb.ac.in/~kavita/GSM_Security_Papers/GPRS_Security_Threats_and_Solutions.pdf
http://en.wikipedia.org/wiki/General_Packet_Radio_Service