A Qualitative Risk Analysis for the GPRS Technology

Author

Xenakis, Christos ; Apostolopoulou, Danae ; Panou, Angeliki ; Stavrakakis, Ioannis

Volume

2

fYear

2008

fDate

17-20 Dec. 2008

Firstpage

61

Lastpage

68

Abstract

This paper presents a qualitative risk analysis of the General Packet Radio Service (GPRS) technology. GPRS presents several essential security weaknesses which may lead to security attacks that can compromise the network operation and the data transfer. We perform a detailed threat analysis by identifying the possible attacks that may result from the GPRS security weaknesses. The analyzed threats are categorized into critical areas of GPRS security exposure and further divided into threats that compromise the availability, confidentiality, integrity, privacy, authorization and authentication of the system. Each threat is associated with a qualitative risk value that incorporates the likelihood of the attack and its potential impact on the system. The understanding gained from the analysis is used to classify the threats in low and high risk threats and define the specific areas of GPRS that require additional security measures.

Keywords

authorisation; data integrity; data privacy; message authentication; packet radio networks; risk analysis; telecommunication security; GPRS security; GPRS technology; General Packet Radio Service; authentication; authorization; data availability; data confidentiality; data integrity; data privacy; qualitative risk analysis; threat analysis; Area measurement; Authentication; Authorization; Availability; Data security; Ground penetrating radar; Packet radio networks; Performance analysis; Privacy; Risk analysis; GPRS; Risk Analysis; security threats;

fLanguage

English

Publisher

ieee

Conference_Titel

Embedded and Ubiquitous Computing, 2008. EUC '08. IEEE/IFIP International Conference on

Conference_Location

Shanghai

Print_ISBN

978-0-7695-3492-3

Type

conf

DOI

10.1109/EUC.2008.123

Filename

4755208