This page contains a Flash digital edition of a book.
security


look over it – even if there’s nothing actually worth seeing on the other side. However, once those techniques become more widely


shared, there is always a risk that more malicious uses may be made of them by so-called ‘black hat’ communities of criminal hackers.


Managing risk In many ways, the security issues facing the TETRA and mission-critical communications communities are a subset of wider issues facing the whole of the telecommunications industry. As a result of financial pressures, constant innovation and


the continued erosion of once rigid boundaries between different technological and commercial domains, telecom operators around the world are having to find new ways of managing risk. Just as the creation of highly complex, intricately interlinked and poorly-understood financial products have helped to crash economies around the world over the last few years, so too is the increasingly rapid roll-out of advanced new services, applications and devices threatening the once highly stable world of telecoms. Already, public safety operators are looking to exploit


new broadband paths for TETRA, using LTE. Cost and coverage considerations mean that in these situations they are likely to have to partner with existing cellular service providers and share at least some public networks and infrastructure. Cost and wider efficiency issues are also encouraging a take-


up of devices such as PDAs and tablets from the enterprise and consumer sectors, to support a widening range of applications for both data input and information retrieval. While application security presents its own particular


problems, especially where data sources such as geographical information are in the public domain, the adoption of equipment from the consumer sector adds others. As the history of the PC shows all too well, once a population of devices reaches a critical mass it becomes an increasingly attractive target for hackers, benign or otherwise.


Security algorithms Specific details of TETRA’s security techniques were covered in depth in Issue 4 of TETRA Today by Trevor Evans, chairman of the TETRA Association’s Security and Fraud Protection Group (SFPG). But they have to be considered in a wider, holistic context. Just as mainstream telecommunications service providers are finding, silo mentalities and point solutions alone are not sufficient to provide the kinds of security required by private users, let alone ones tasked with guaranteeing public security. One particularly hot topic that is reaching right across the


combined IT and telecoms worlds involves geopolitics – and specifically the restrictions, legal and otherwise, placed on the export, import and usage of particular devices, equipment and security techniques. One of the most significant initiatives in this area for the


TETRA community is the Wassenaar Arrangement or, to give it its full title, Te Wassenaar Arrangement on Export Controls for Conventional Arms and Dual-Use Goods and Technologies. With around 40 current members, this


Issue 5 2011 TE TRA TODAY ‘


There are obvious advantages in commercial platforms but these must meet security and usability criteria


agreement restricts the export of equipment using the TETRA Air Interface Encryption (AIE) algorithms TEA2 and TEA3. For countries outside this agreement – or multinational


companies wishing to support their commercial operations with TETRA technologies – other options do exist. Gareth Jones, solutions architect at Sepura, explains: “Where export restrictions exist, TETRA networks can use instead what are known as In-Country Algorithms (ICA) approved by the local regulatory authority, or they can use a private algorithm. “While these may have apparent benefits in that the


strengths or weaknesses of the particular algorithms are not well known outside that country and the knowledge base is obviously much smaller, there is an obvious disadvantage as well, in that their security will not have been as robustly tested as those techniques already in use by the wider community.”


Crossing borders As boundaries of all kinds around the world continue to fall, some of these restrictions – corporate, national and international – will become increasingly problematic. For example, while telecommunications equipment and software from some Asian countries are extremely attractive in both price and performance, telecoms operators and individual countries are now placing restrictions on their use in mission-critical or sensitive parts of their infrastructure. Te recent planned acquisition of Rohde & Schwarz by the Chinese manufacturer Hytera – awaiting approval by the respective governments involved – highlights just some of the sensitivities involved in this territory. Similar trans-border issues are also set to directly impact


the operational TETRA environment itself, though in this context it involves the boundaries and overlaps between users, networks and applications. For Robin von Post, chief technical officer at the Swedish


communications security specialist Sectra, this is going to drive a need to implement and manage true end-to-end cryptographic security across these different devices and boundaries. “Cost, coverage and new technology issues mean that the TETRA environment of the future is going to require the equivalent of Virtual Private Network (VPN) techniques to keep user communications properly secure”, he comments. “On top of that, a large number of users of older, analogue systems are going to be migrating to TETRA and other digital platforms and they will need securing as well as they move out of their old ‘comfort zones’. “In this context it’s vital to be able to consider the whole


communications path as it transits through the network. Te air interface to the base station might be secure – but is the base station itself physically protected? Tere have already, for example, been cases of activists breaking into base stations and leaving somewhat ominous graffiti.” “Tis concern for the total communications


environment”, Sectra’s von Post adds, “also has to extend 17 ’


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40