Prototyping and evaluation of TCAPsec

• Main Author: Chung, Kang
• Format: Others
• Language: English
• Published: Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT 2008
• Subjects: Telecommunication SS7 User Security; Computer Sciences; Datavetenskap (datalogi)
• Online Access: http://urn.kb.se/resolve?urn=urn:nbn:se:kau:diva-2221

Today, the most frequently used signaling system for telecommunication is called Signaling System No. 7 (SS7). The growing usage of mobile telephones and mobile data communication, and the development of new services mean that the risk of intrusion and exploitation of the SS7 signaling networks increases. The increasing problem with unauthorized access to sensitive information and the operators’ growing demand for security is the origin of our work. This thesis presents a prototype design and implementation of a Security Gateway (SEG), which is a fundamental part of the TCAP user security (TCAPsec) concept. TCAPsec is a security concept for introducing security mechanisms to the signaling system. The prototype includes three different protection modes that provide security services, ranging from almost no protection to full protection with the use of encryption algorithms. The thesis also contains an evaluation study of the delay penalties caused by the use of these security services. With regards to the restrictions on the prototype, the conclusion drawn from the evaluation results was that the protection mechanisms in the different protection modes did not inflict any significant time penalties. Instead, the results of the study indicate that the routing process of messages in the network is a more significant delaying part in the communication between different nodes. This result implies that the routing process takes longer time than the security services. The thesis also presents a number of discovered features that will require further investigation and development before the TCAPsec concept can be realized.