The use of SIMs containing cipher and authentication
keys within a GSM phone allows networks to verify the device is legitimate and
the subscriber is authenticated.
To maintain security between the user device and the home network, each device
is equipped with a Universal Integrated Circuit Card (UICC) that runs the security
application. The (UICC) is the little card that fits within the GSM phone. Running on
the UICC is the Subscriber Identity Module (SIM) application (which is often what we
call the UICC).
The private user identity is kept on the removable SIM, which is placed into whatever
phone the subscriber uses. This allows subscribers to move from device to device
while taking their identity with them. However, the private user identity is not disclosed.
It is kept on the SIM application hidden from users.
The communications between the subscriber module (SIM) and the home network
is encrypted and kept secure to prevent another network (or another subscriber) from
accessing the private user identity of a subscriber. All of these security functions are
kept transparent from the user, since there is no need for the subscriber to know the
private identity or anything else kept secure by the operator. This is all transparent
and unseen by the subscriber.
Encryption is supported as well over the air interface. This prevents eavesdropping
over the radio waves, which is a major concern within GSM circles.
Pages:
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297