CHAPTER THREE

GSM (2G) VS UMTS (3G) Security

 GSM stands for Global System for Mobile Communication. It is a digital cellular technology used for
transmitting mobile voice and data services.

GSM - Architecture
GSM networks have of many functional units. These functions and interfaces are explained in
this chapter. The GSM network can be broadly divided into:

 The Mobile Station (MS)

 The Base Station Subsystem (BSS)

 The Network Switching Subsystem (NSS)

 The Operation Support Subsystem (OSS)

The additional components of the GSM architecture include of databases and messaging
systems functions:

 Home Location Register (HLR)

 MSC(mobile switching center : used for setup and clear down voice call, Deliver text messages and
tracking of mobile under its management.

 Visitor Location Register (VLR)

 Equipment Identity Register (EIR)

  Authentication Center (AuC)

 SMS Serving Center (SMS SC)

 Gateway MSC (GMSC)

 Chargeback Center (CBC)

 Transcoder and Adaptation Unit (TRAU)

The following diagram shows the GSM network along with the added elements:

GSM - Operations
Once a Mobile Station initiates a call, a series of events takes place. Analyzing these events can
give an insight into the operation of the GSM system.

Mobile Phone to Public Switched Telephone Network

(PSTN)
When a mobile subscriber makes a call to a PSTN telephone subscriber, the following sequence
of events takes place:

 The MSC/VLR receives the message of a call request.

 The MSC/VLR checks if the mobile station is authorized to access the network. If so, the mobile
station is activated. If the mobile station is not authorized, then the service will be denied.

 MSC/VLR analyzes the number and initiates a call setup with the PSTN.

 MSC/VLR asks the corresponding BSC to allocate a traffic channel (a radio channel and a time slot).

 The BSC allocates the traffic channel and passes the information to the mobile station.

 The called party answers the call and the conversation takes place.

 The mobile station keeps on taking measurements of the radio channels in the present cell and the
neighbouring cells and passes the information to the BSC. The BSC decides if a handover is
required. If so, a new traffic channel is allocated to the mobile station and the handover takes place.
If handover is not required, the mobile station continues to transmit in the same frequency.
PSTN to Mobile Phone
When a PSTN subscriber calls a mobile station, the following sequence of events takes place:

 The Gateway MSC receives the call and queries the HLR for the information needed to route the call
to the serving MSC/VLR.

 The GMSC routes the call to the MSC/VLR.

 The MSC checks the VLR for the location area of the MS.

 The MSC contacts the MS via the BSC through a broadcast message, that is, through a paging
request.

 The MS responds to the page request.

 The BSC allocates a traffic channel and sends a message to the MS to tune to the channel. The MS
generates a ringing signal and, after the subscriber answers, the speech connection is established.

 Handover, if required, takes place, as discussed in the earlier case.

To transmit the sp;heech over the radio channel in the stipulated time, the MS codes it at the
rate of 13 Kbps. The BSC transcodes the speech to 64 Kbps and sends it over a land link or a
radio link to the MSC. The MSC then forwards the speech data to the PSTN. In the reverse
direction, the speech is received at 64 Kbps at the BSC and the BSC transcodes it to 13 Kbps
for radio transmission.
GSM supports 9.6 Kbps data that can be channelled in one TDMA timeslot. To supply higher
data rates, many enhancements were done to the GSM standards (GSM Phase 2 and GSM Phase

Genuine
k
 Security Mechanisms in GSM (2G)
GSM has a lot of security systems to build safe communication. It includes a lot of different types of
algorithms and different type of devices.
The main security measurements of GSM security can be written in 4 principles;

1. Authentication of a user; it provides the ability for mobile equipment to prove that it has
access to a particular account with the operator.
2. Ciphering of the data and signaling; it requires that all signaling and user data (such as
text messages and speech) are protected against interception by means of ciphering.
3. Confidentiality of a user identity; it provides IMSI’s (international mobile subscriber
identity) security. GSM communication uses IMSI rarely, it uses TMSI (Temporary Mobile
Subscriber Identity) to provide more secure communication and to avoid disclosing of user’s
identity. This means someone intercepting communications should not be able to learn if a
particular mobile user is in the area.
4. Using SIM as security module; Incase SIM card was taken by opponent, there is still
PIN code measurement.
 A3 and A8 Algorithms
A3 and A8 algorithms are A3 and A8 algorithms are symmetric algorithms which the encryption
and decryption use the same key. Both of the algorithms are one way function, it means that
output can be found if the inputs are known but it is mostly impossible to find inputs incase the
output is known. A3 and A8 algorithms are kept and implemented in SIM card

The SIM itself is protected by an optional PIN code. The PIN is entered on the phone’s keypad,
and passed to the SIM for verification. If the code does not match with the PIN stored by the
SIM, the SIM informs the user that code was invalid, and refuses to perform authentication
functions until the correct PIN is entered. To further enhance security, the SIM normally “locks
out” the PIN after a number of invalid attempts (normally 3). After this, a PUK (PIN Unlock)
code is required to be entered, which must be obtained from the operator. If the PUK is entered
incorrectly a number of times (normally 10), the SIM refuses local access to privileged
information (and authentication functions) permanently, rendering the SIM useless.

Therefore the SIM card contains all of the details necessary to obtain access to a particular
account. It contains 4 important information; IMSI, Ki, A3 and A8 algorithms

Ki: Root encryption key. This is a randomly generated 128-bit number allocated to a particular
subscriber that seeds the generation of all keys and challenges used in the GSM system. The Ki
is highly protected, and isk only known in the SIM and the network’s AuC (Authentication
Centre). The phone itself never learns of the Ki, and simply feeds the SIM the information it
needs to know to perform the authentication or generate ciphering keys. Authentication and key
generation is performed in the SIM, which is possible because the SIM is an intelligent device
with a microprocessor.

A3 Algorithm:
It provides authentication to the user that it has privilege to access the system. The network
authenticates the subscriber through the use of a challenge-response method.

Firstly, a 128 bit random ;gnumber (RAND) is transmitted to the mobile station over the air
hinterface. The RAND is passed to the SIM card, where it is sent through the A3 authentication
algorithm together with the KI. The output of the A3 algorithm, the signed response (SRES) is
transmitted via the air interface from the mobile station back to the network. On the network, the
AuC compares its value of SRES with the value of SRES it has received from the mobile station.
If the two values of SRES match, authentication is successful and the subscriber joins the
network. The AuC actually doesn’t store a copy of SRES but queries the HLR or the VLR for it,
as needed
 Figure 4: A3 Algorithm

A8 Algorithm:
GSM makes use of a ciphering key to protect both user data and signaling on the vulnerable air
interface. Once the user is authenticated, the RAND (delivered from the network) together with
the Ki (from the SIM) is sent through the A8 ciphering key generating algorithm, to produce a
ciphering key (Kc). The A8 algorithm is stored on the SIM card. The Kc created by the A8
algorithm, is then used with the A5 ciphering algorithm to encipher or decipher the data. The A5
algorithm is implemented in the hardware of the mobile phone, as it has to encrypt and decrypt
data on the air
Whenever the A3 algorithm runs to generate SRES, the A8 algorithm is run as well The A8
algorithm uses the RAND and Ki as input to generate a 64-bit ciphering key, the Kc, which is
then stored in the SIM and readable by the phone. The network also generates the Kc and
distributes it to the base station (BTS) handling the connection

- Ki is the 128-bit Individual Subscriber Authentication Key utilized as a secret key shared between the Mobile
Station and the Home Location Register of the subscriber’s home network.
- RAND is 128-bit random challenge generated by the Home Location Register.
- SRES is the 32-bit Signed Response generated by the Mobile Station and the Mobile Services Switching
Center.
- Kc is the 64-bit ciphering key used as a Session Key for encryption of the over-the-air channel. Kc is
generated by the Mobile Station from the random challenge presented by the GSM network and the Ki from
the SIM utilizing the A8 algorithm.

COMP128
COMP128 is hash function which is an implementation of the A3 and A8 algorithms in the GSM
standard.

The COMP128 takes the RAND and the Ki as input; it generates 128 bits of output. The first 32
bits of the 128 bits form the SRES response; the last 54 bits of the COMP128 output form the
session key

A5 Algorithm
A5 is a stream cipher which can be implemented very efficiently on hardware. There exist
several implementations of this algorithm, the most commonly used ones are A5/0, A5/1 and
A5/2 (A5/3 is used in 3G systems). The reason for the different implementations is due to
export restrictions of encryption technologies. A5/1 is the strongest version and is used widely
in Western Europe and America, while the A5/2 is commonly used in Asia. Countries under UN
Sanctions and certain third world countries use the A5/0, which comes with no encryption.

The algorithm takes 228 bits of plain text as input and outputs 228 bits of cipher text. Each block of
228 bits is called a ”frame”, where the first 114 bits represents data sent from unit A to unit B, and the
last 114 bits are data received by unit A from unit B. Each frame has a duration of 4.615 ms, allowing
2ˆ8 frames to be sent every second[8]. Over time, several A5-versions have been developed, but they all
share the same main idea. a A5 algorithm takes the session key Kc (symmetric) and a frame counter
Fn, and generates 228 pseudo random bits (PRAND), called a key stream. The key stream is then
XORed with a 228 bit segment of plain text, yielding 228 bits of ciphertext. Figure 1 shows a schema of
the A5 data flow.

As a stream cipher, A5 works on a bit by bit basis (and not on blocks, as DES and AES). So, an
error in the received cipher text will only result in the corresponding plaintext bit being in error.
None of the algorithms are published by GSM Association. They are all discovered by using
reverse engineering methods.

Over-the-air privacy of GSM telephone conversations is protected using the A5 stream cipher

Figure A5 algorithm

Kc is the key which was produced by A8 algorithm. Plaintext is the data which is wanted to
transmit. Fn is the frame bits which come from LFSR (Linear Feedback Shift Register) process.

The encryption itself is just a simple XOR operation for each bit, which may seem very naive. If the
encryption itself is simple, what makes A5 secure? In A5, it is the generation of pseudo random bits
(function GEN in figure 1) that is important. The different A5-versions offer different levels of security by
implement GEN differently.
 Weakness of GSM Security
1. First of all, most of the operators do not have expertise enough to create new A3/8
algorithms. So they use COMP128 function without even changing it. This is big security
problem because all the COMP128 function has found by reverse engineering.
2. Moreover, authentication query only exists BTS-MS communication. There is no
authentication for MS-BTS. It means that, fake base stations can behave like real BTS and
MS will answer each SRES request from them. The network does not authenticate itself to a
phone. This is the most serious fault in GSM security, which allows a man-in-the-middle
attack.
3. Another serious vulnerability of the GSM is the lack of proper Caller ID or Sender ID
verification. In other words, the caller number or SMS sender number could be spoofed. The
caller ID and the voice is transmitted in different channels. So, Called ID or SMS ID can be
spoofed.
4. Weak authentication and encryption algorithms (COMP128 has a weakness allowing user
impersonation; A5 can be broken to reveal the cipher key)
5. No network authentication (false base station attack possible)
6. Limited encryption scope (Encryption terminated at the base station, in clear on microwave
hklink s)k
 UMTS (3G)
UMTS (Universal Mobile oTelecommunications Service) is a third-generation
(3G) broadband, packet-based transmission of text, digitized voice, video, and multimedia at data
rates up to 2 megabits per second (Mbps).
UMTS uses wideband code division multiple access (W-CDMA) radio access
technology to provide greater spectral efficiency and bandwidth mobile network
operators.
The main idea behind 3G is to prepare a universal infrastructure able to carry
existing and also future services. The infrastructure should be so designed that
technology changes and evolution can be adapted to the network without
causing uncertainties to the existing services using the existing network
structure.

UMTS Architecture
The UMTS network architecture can be divided into three main elements:

 User Equipment (UE): The User Equipment or UE is the name given to what was
previous termed the mobile, or cellphone. The new name was chosen because the
considerably greater functionality that the UE could have. It could also be anything
between a mobile phone used for talking to a data terminal attached to a computer
with no voice capability.
 Radio Network Subsystem (RNS): The RNS also known as the UMTS Radio Access
Network, UTRAN, is the equivalent of the previous Base Station Subsystem or BSS in
GSM. It provides and manages the air interface for the overall network.
 Core Network: The core network provides all the central processing and
management for the system. It is the equivalent of the GSM Network Switching
Subsystem or NSS.
The core network is then the overall entity that interfaces to external networks
including the public phone network and other cellular telecommunications networks.
 1. User Equipment, UE
The USER Equipment or UE is a major element of the overall 3G UMTS network
architecture. It forms the final interface with the user
There are a number of elements within the UE that can be described separately:
 UE RF circuitry: The RF areas handle all elements of the signal, both for the
receiver and for the transmitter
 Baseband processing: The base-band signal processing consists mainly of
digital circuitry
 Battery: While current consumption has been minimised as far as possible
within the circuitry of the phone, there has been an increase in current drain on
the battery
 l Subscriber Identity Module, USIM: The UE also contains a SIM card, although
in the case of UMTS it is termed a USIM (Universal Subscriber Identity Module).
This is a more advanced version of the SIM card used in GSM and other systems,
but embodies the same types of information. It contains the International Mobile
Subscriber Identity number (IMSI) as well as the Mobile Station International
ISDN Number (MSISDN)

2. 3G UMTS Radio Network Subsystem

This is the section of the 3G UMTS / WCDMA network that interfaces to both the UE and
the core network. The overall radio access network, i.e. collectively all the Radio
Network Subsystem is known as the UTRAN UMTS Radio Access Network.

The radio network subsystem is also known as the UMTS Radio Access Network or
UTRAN.

3G UMTS Core Network

The 3G UMTS core network architecture is a migration of that used for GSM with further
elements overlaid to enable the additional functionality demanded by UMTS.

In view of the different ways in which data may be carried, the UMTS core network may
be split into two different areas:

 Circuit switched elements: These elements are primarily based on the GSM network
entities and carry data in a circuit switched manner, i.e. a permanent channel for the
duration of the call.
 Packet switched elements: These network entities are designed to carry packet
data. This enables much higher network usage as the capacity can be shared and
data is carried as packets which are routed according to their destination.
Some network elements, particularly those that are associated with registration are
shared by both domains and operate in the same way that they did with GSM.

Circuit switched elements:

 The circuit switched elements of the UMTS core network architecture include the
following network entities:
 Mobile switching center (MSC): This is essentially the same as that within GSM, and
it manages the circuit switched calls under way.
 Gateway MSC (GMSC): This is effectively the interface to the external networks.

Packet switched elements:

Serving GPRS Support Node (SGSN): The SGSN provides a number of functions within
the UMTS network architecture.

 Mobility management
 Session management:
 Interaction with other areas of the n
 Billing

Shared elements
The shared elements of the 3G UMTS core network architecture include the following
network entities:
 Home location register (HLR): This database contains all the administrative
information about each subscriber along with their last known location. In this way,
the UMTS network is able to route calls to the relevant RNC / Node B. When a user
switches on their UE, it registers with the network and from this it is possible to
determine which Node B it communicates with so that incoming calls can be routed
appropriately. Even when the UE is not active (but switched on) it re-registers
periodically to ensure that the network (HLR) is aware of its latest position with their
current or last known location on the network.
 Equipment identity register (EIR): The EIR is the entity that decides whether given
UE equipment may be allowed onto the network. Each UE equipment has a number
known as the International Mobile Equipment Identity. This number, as mentioned
above, is installed in the equipment and is checked by the network during
registration.
 Authentication center (AuC) : The AuC is a protected database that contains the
secret key also contained in the user's USIM card.

3G (UMTS) Security Features

3G Security Architecture
There are five different sets of features that are part of the architecture:

1. Network Access Security: This feature enables users to securely access services provided by
the 3G network. This feature is responsible for providing identity confidentiality,
authentication of users, confidentiality, integrity and mobile equipment authentication. ; User
Identity confidentiality is obtained by using a temporary identity called the International
Mobile User Identity. Authentication is achieved using a challenge response method using a
secret key. Confidentiality is obtained by means of a secret Cipher Key (CK) which is
exchanged as part of the Authentication and Key Agreement Process (AKA). Integrity is
provided using an integrity algorithm and an integrity key (IK). Equipment identification is
achieved using the International Mobile Equipment Identifier (IMEI)
2. Network Domain Security: This feature enables nodes in the provider domain to securely
exchange signaling data, and prevent attacks on the wired network
3. User Domain Security: This feature enables a user to securely connect to mobile stations
4. Application Security: This feature enables applications in the user domain and the provider
domain to securely
5. Visibility And Configurability Of Security: This feature allows users to enquire what
security features are available

UMTS Authentication
The UMTS Authentication and Key Agreement (UMTS AKA) mechanism is responsible for
providing authentication and key agreement using the challenge/response mechanism.
Challenge/Response is a mechanism where one entity in the network proves to another entity that
it knows the password without revealing it. AKA provides mutual authentication for the user and
the network. Also, the user and the network agree upon a cipher key (CK) and an integrity key
(IK) which are used until their Control Signaling Communication between the mobile station and
the network is sensitive and therefore its integrity must be protected. This is done using the
UMTS Integrity Algorithm (UIA) which is implemented both in the mobile station and the
RNC. This is known as the f9 algorithm which is used to protect data integrity and authenticate
the data origin of signaling data at the RRC layer. FIRST the F9 algorithm in the user
equipment calculates a 32 bit MAC-I for data integrity using the signaling message as an input
parameter This, along with the original signal message is sent to the RNC, where the XMAC-I is
calculated and then compared to the MAC-I. If both are same, then we know that the integrity of
the message has not been compromised
Integrity Key(IK): The length of IK is 128 bits.

Frame dependent input (COUNT-I): The length of COUNT-I is 32 bits

One time random number (FRESH): The length of fresh is 32 bits.The same IK
may be used for several consecutive connections. This fresh value is input to the algorithm
to assure the network side that the user is not replaying old MAC-ls.

Direction of Transmission(DIRECTION): The length of DIRECTION is 1 bit. The

same IK may be used for uplink and downlink channels associated with the UE. The value
of the DIRECTION is 0 for messages from the UE to the RNC and 1 for messages from
the RNC to the UE

Message Authentication Code(MAC-l) and expected MAC-I(XMAC-I) : The

length of MAC-I is 32 bits. The UMTS security specification makes use of two other MACs-
MAC-A and MAC-S -which are used in the authentication process

UMTS CONFIDENTIALITY
The confidentiality algorithm is known as f8 and it operates on the signaling data as well as the
user data. The user's device uses a Cipher Key CK and some other information and calculates an
output bit stream. Then this output stream is xored bit by bit with the data stream to generate a
cipher stream. This stream is then transmitted to the RNC, where the RNC uses the same CK and
input as the user's device and the f8 algorithm to calculate the output stream. This is then xored
with the cipher stream to get the original data stream.
For more information on the inputs to the f8 and f9 algorithms, please refer to [Xenakis04]. A
block cipher known as the KASUMI cipher is central to both the f9 and the f8 algorithm. This
cipher is based on the feistel structure using 64 bit data blocks and a 128 bit key.

It has eight rounds of processing, with the plain text (can be any form of data) as input to the first
round and the cipher text the result after the last round. An encryption key is used to generate
round keys (KLi,KOi,KIi) for each round Each round calculates a separate function since the
round keys are different. The same algorithm is used for encryption and decryption. The
KASUMI cipher is based on the MISTY1 cipher which was chosen by 3GPP due to its proven
security against many advanced cipher breaking techniques. It has been optimized for hardware
implementation which is important concerning the hardware constraints of cellular devices, such
as limited power and limited memory.
Problems with 3G(UMTS) Security
1. All that can happen to a fixed host attached to the Internet could happen to a 3G terminal
2. IMSI is sent in clear text when the user is registering for the first time in the serving
network (trusted third party can be a solution)
3. A user can be enticed to camp on a false BS. Once the user camps on the radio channels
of a false BS, the user is out of reach of the paging signals of SN
4. Hijacking outgoing/incoming calls in networks with disabled encryption is possible. The
intruder poses as a man-in-the-middle and drops the user once the call is set-up

CHAPTER-FOUR
Biometric Security
Biometrics is a technology used to identify, analyze, and measure an individual’s physical and behavioral
characteristics

Biometric security is a security mechanism used to authenticate and provide access to a facility
or system based on the automatic and direct verification of an individual's physical
characteristics. Because biometric security evaluates an individual’s bodily elements or
biological data, it is the strongest and most foolproof physical security technique used for
identity verification.
Biometric security-based systems or engines store human body characteristics that do not change
over an individual's lifetime. These include fingerprints, eye texture, voice, hand patterns and
facial recognition.
Biometric authentication refers to verifying individuals based on their physiological and
behavioral characteristics such as face, fingerprint, hand geometry, iris, keystroke, signature,
voice, etc. It is inherently more reliable than password-based authentication, as biometric
characteristics cannot be lost or forgotten (cf. passwords being lost or forgotten); they are
extremely difficult to copy, share, and distribute

Biometric Identification is the automatic identification of living individuals by using their

physiological and behavioral characteristics; "negative identification can only be 12

accomplished through biometric identification"; "if a pin or password is lost or forgot-

ten it can be changed and reissued but a biometric identification cannot.

What is a Biometric System?

A biometric system is a technology which takes an individual’s physiological, behavioral, or both traits as
input, analyzes it, and identifies the individual as a genuine or malicious user.

Why Biometrics is required?

With increasing use of Information Technology in the field of banking, science, medication,
etc., there is an immense need to protect the systems and data from unauthorized users.

Biometrics is used for authenticating and authorizing a person. Though these terms are often
coupled; they mean different.

Authentication (Identification)
This process tries to find out answer of question, “Are you the same who you are claiming to
be?”, or, “Do I know you?” This is one-to-many matching and comparison of a person’s
biometrics with the whole database.

Verification
This is the one-to-one process of matching where live sample entered by the candidate is
compared with a previously stored template in the database. If both are matching with more
than 70% agreeable similarity, then the verification is successful.

Authorization
It is the process of assigning access rights to the authenticated or verified users. It tries to find
out the answer for the question, “Are you eligible to have certain rights to access this resource?”

Basic Components of a Biometric System

In general, a biometric system can be divided into four basic components. Let us see them
briefly −

Input Interface (Sensors)

It is the sensing component of a biometrics system that converts human biological data into
digital form.

For example,

 A Metal Oxide Semiconductor (CMOS) imager or a Charge Coupled Device (CCD) in the case of
face recognition, handprint recognition, or iris/retinal recognition systems.

 An optical sensor in case of fingerprint systems.

 A microphone in case of voice recognition systems.

Processing Unit
The processing component is a microprocessor, Digital Signal Processor (DSP), or computer
that processes the data captured from the sensors.

The processing of the biometric sample involves −

 Sample image enhancement

 Sample image normalization

 Feature extraction

 Comparison of the biometric sample with all stored samples in database.

Database Store
The database stores the enrolled sample, which is recalled to perform a match at the time of
authentication. For identification, there can be any memory from Random Access Memory
(RAM), flash EPROM, or a data server. For verification, a removable storage element like a
contact or contactless smart card is used.

Output Interface
The output interface communicates the decision of the biometric system to enable the access to
the user. This can be a simple serial communication protocol RS232, or the higher bandwidth
USB protocol. It could also be TCP/IP protocol, Radio Frequency Identification (RFID),
Bluetooth, or one of the many cellular protocols.

Application Areas of Biometrics

There are a number of applications where biometric systems are useful. Few of them are given
below −

 Controlling workplace access.

 Identity establishment of people for authentic citizenship and immigration systems.

 Applying access control to sensitive information and systems.

 Identifying criminals by forensics.

 Executing online e-commerce transactions.

 Fraud and theft reduction.

 Law enforcement.

Biometrics – Modalities/types
 A biometric modality is nothing but a category of a biometric system depending upon the
type of human trait it takes as input.

Types of Biometric Modalities

There are various traits present in humans, which can be used as biometrics modalities. The
biometric modalities fall under three types −

 Physiological

 Behavioral

 Combination of physiological and behavioral modality

The following table collects the points that differentiate these three modalities −

Physiological Modalities
As depicted earlier, the physiological modalities are based on the direct measurement of parts of
human body such as iris, fingerprint, shape, and position of fingers, etc.

There are some physical traits which remain unaltered throughout a person’s life. They can be
an excellent resource for identification of an individual.

Fingerprint Recognition System

It is the most known and used biometrics solution to authenticate people on biometric systems.
The reasons for it being so popular are there are ten available sources of biometric and ease of
acquisition.

Every person has a unique fingerprint which is composed of ridges, grooves, and direction of
the lines. There are three basic patterns of ridges namely, arch, loop, and whorl. The
uniqueness of fingerprint is determined by these features as well as minutiae features such as
bifurcation and spots (ridge endings).

Fingerprint is one of oldest and most popular recognition technique. Fingerprint matching
techniques are of three types −

 Minutiae Based Techniques − In these minutiae points are found and then mapped to their relative
position on finger. There are some difficulties such as if image is of low quality, then it is difficult to
find minutiae points correctly. Another difficulty is, it considers local position of ridges and furrows;
not global.

 Correlation Based Method − It uses richer gray scale information. It overcomes problems of
minutiae-based method, by being able to work with bad quality data. But it has some of its own
problems like localization of points.

 Pattern Based (Image Based) Matching − Pattern based algorithms compare the basic fingerprint
patterns (arch, whorl, and loop) between a stored template and a candidate fingerprint.

Merits of Finger Recognition System

 It is the most contemporary method.

 It is most economical method.

 It is highly reliable and secure.

 It works on a small template size, which speeds up the verifying process.

 It consumes less memory space.

Demerits of Finger Recognition System

 Scars, cuts or absence of finger can hinder the recognition process.

 The systems can be fooled by using artificial finger made of wax.

 It involves physical contact with the system.

 They leave the pattern of finger behind at the time of entering sample.
Applications of Finger Recognition System
  Verification of driver-license authenticity.

 Checking validity of driving license.

 Border Control/Visa Issuance.

 Access control in organizations.

Facial Recognition System

Facial recognition is based on determining shape and size of jaw, chin, shape and location of the
eyes, eyebrows, nose, lips, and cheekbones. 2D facial scanners start reading face geometry and
recording it on the grid. The facial geometry is transferred to the database in terms of points.
The comparison algorithms perform face matching and come up with the results. Facial
recognition is performed in the following ways −

 Facial Metrics − In this type, the distances between pupils or from nose to lip or chin are measured.

 Eigen faces − It is the process of analyzing the overall face image as a weighted combination of a
number of faces.

 Skin Texture Analysis − The unique lines, patterns, and spots apparent in a person’s skin are
located.

Merits of Facial Recognition System

 It offers easy storage of templates in database.

 It reduces the statistic complexities to recognize face image.

 It involves no physical contact with the system.

Demerits of Facial Recognition System

 Facial traits change over time.

  Uniqueness is not guaranteed, for example, in case of identical twins.

 If a candidate face shows different expressions such as light smile, then it can affect the result.

 It requires adequate lighting to get correct input.

Applications of Facial Recognition System

 General Identity Verification.

 Verification for access control.

 Human-Computer Interaction.

 Criminal Identification.

 Surveillance.

Iris Recognition System

Iris recognition works on the basis of iris pattern in human eye. The iris is the pigmented elastic
tissue that has adjustable circular opening in center. It controls the diameter of pupil. In adult
humans, the texture of iris is stable throughout their lives. The iris patterns of left and right eyes
are different. The iris patterns and colors change from person to person.

It involves taking the picture of iris with a capable camera, storing it, and comparing the same
with the candidate eyes using mathematical algorithms

Merits of Iris Recognition System

 It is highly accurate as the chance of matching two irises is 1 in 10 billion people.

 It is highly scalable as the iris pattern remains same throughout a person’s lifetime.

 The candidate need not remove glasses or contact lenses; they do not hamper the accuracy of the
system.

 It involves no physical contact with the system.

 It provides instant verification (2 to 5 seconds) because of its small template size.

Demerits of Iris Recognition System

 Iris scanners are expensive.

 High quality images can fool the scanner.

 A person is required to keep his/her head very still for accurate scanning.
Applications of Iris Recognition System
 National security and Identity cards such as Adhaar card in India.

 Google uses iris recognition for accessing their datacenters.

Behavioral Modalities
Behavioral biometrics l to the behavior shown by people or the manner in which people
perform tasks such as walking, signing, and typing on the keyboard.

Behavioral biometrics modalities have higher variations as they primarily depend on the
external factors such as fatigue, mood, etc. This causes higher FAR and FRR as compared to
solutions based on a physiological biometrics.

Gait Recognition
Gait is the manner of a person’s walking. People show different traits while walking such as
body posture, distance between two feet while walking, swaying, etc., which help to recognize
them uniquely.

;A gait recognition based on the analyzing the video images of candidate’s walk. The sample of
candidate’s walk cycle is recorded by Video. The sample is then analyzed for position of joints
such as knees and ankles, and the angles made between them while walking.

A respective mathematical model is created for every candidate person and stored in the
database. At the time of verification, this model is compared with the live sample of the
candidate walk to determine its identity

Application of Gait Recognition System

It is well-suited for identifying criminals in the crime scenario.

Signature Recognition System

In this case, more emphasis is given on the behavioral patterns in which the signature is signed
than the way a signature looks in terms of graphics.

The behavioral patterns include the changes in the timing of writing, pauses, pressure, direction
of strokes, and speed during the course of signing. It could be easy to duplicate the graphical
appearance of the signature but it is not easy to imitate the signature with the same behavior the
person shows while signing.
This technology consists of a pen and a specialized writing tablet, both connected to a computer
for template comparison and verification. A high quality tablet can capture the behavioral traits
such as speed, pressure, and timing while signing.

Applications of Signature Recognition System

 It is used in document verification and authorization.

 The Chase Manhattan Bank, Chicago is known as the first bank to adopt Signature Recognition
technology.

Keystroke Recognition System

 During the World War II, a technique known as Fist of the Sender was used by military
intelligence to determine if the Morse code was sent by enemy or ally based on the
rhythm of typing. These days, keystroke dynamics the easiest biometric solution to
implement in terms of hardware.
 This biometric analyzes candidate’s typing pattern, the rhythm, and the speed of typing
on a keyboard. The dwell time and flight time measurements are used in keystroke
recognition.
 Dwell time − It is the duration of time for which a key is pressed.
 Flight time − It is the time elapsed between releasing a key and pressing the following
key.

Voice Recognition
Voice recognition biometric modality is a combination of both physiological and behavioral
modalities. Voice recognition is nothing but sound recognition. It relies on features influenced
by −

 Physiological Component − Physical shape, size, and health of a person’s vocal cord, and lips, teeth,
tongue, and mouth cavity.

 Behavioral Component − Emotional status of the person while speaking, accents, tone, pitch, pace
of talking, mumbling, etc.

Merits of Voice Recognition

 It is easy to implement.
Demerits of Voice Recognition
 It is susceptible to quality of microphone and noise.
  The inability to control the factors affecting the input system can significantly decrease performance.

 Some speaker verification systems are also susceptible to spoofing attacks through recorded voice.

Applications of Voice Recognition

 Performing telephone and internet transactions.

 Working with Interactive Voice Response (IRV)-based banking and health systems.

 Applying audio signatures for digital documents.

 In entertainment and emergency services.

 In online education systems.

Biometric Modality Selection

 To be able to select a proper biometric system, you need to compare them on various
aspects. You need to assess the suitability of the systems to your requirements in terms
of convenience, system specifications and performance, and your budget.
 You can select best suitable biometric system by studying various criteria for their
effectiveness

Criteria for Effective Biometric System

There are seven basic criteria for measuring effectiveness of a biometric system −

 Uniqueness − It determines how uniquely a biometric system can recognize a user from a group of
users. It is a primary criterion.

 Universality − It indicates requirement for unique characteristics of each person in the world, which
cannot be reproduced. It is a secondary criterion.

 Permanence − It indicates that a personal trait recorded needs to be constant in the database for a
certain time period.

 Collectability − It is the ease at which a person’s trait can be acquired, measured, or processed
further.

 Performance − It is the efficiency of system in terms of accuracy, speed, fault handling, and
robustness.
  Acceptability − It is the user-friendliness, or how good the users accept the technology such that they
are cooperative to let their biometric trait captured and assessed.

 Circumvention − It is the ease with which a trait is possibly copied using an artifact or substitute.

Biometric System Security

The operations of a biometric system depend heavily on the input devices that are subjected to
operational limitations. At times, the devices themselves may fail to capture the necessary input
samples. They may not capture the sample sufficiently. This makes the system unreliable and
vulnerable.

The more vulnerable a biometric system is, the more insecure it is.

Biometric System Vulnerability

There are the two major causes of biometric system vulnerability −

System Failures
There are two ways in which a biometric system can fail to work −

 Intrinsic failures − They are failures such as non-working sensors, failure of feature extraction,
matching, or decision making modules, etc.

 Failures due to attacks − They are due to loopholes in the biometric system design, availability of
any computations to the attackers, insider attacks from unethical system administrators, etc.

Non-secure Infrastructure
The biometric system can be accessible to malicious users if its hardware, software, and
user data are not safeguarded
Biometric System Security
A number of solutions are proposed to address the biometric system security issue. Biometric
templates are never stored in the raw form. They are encrypted; sometimes even twice.

In the case of biometrics, there are various resources involved such as humans (subjects or
candidates), entities (system components or processes), and biometric data (information). The
security requirements of confidentiality, integrity, authenticity, non-repudiation,
and availability are essential in biometrics. Let us go through them briefly

Authenticity
It is the quality or the state of being pure, genuine, or original, rather than being reproduced.
Information is authentic when it is in the same state and quality when it was created, stored, or
transferred.

There are two authenticities in a biometric system − entity authenticity and data origin
authenticity. Entity authenticity confirms that all entities involved in the overall processing are
the ones they claim to be. Data origin authenticity ensures genuineness and originality of data.
For example, the biometrics data is captured with sensor devices. The captured data that came
from a genuine sensor is not spoofed from a previous recording.

Confidentiality
It is limiting information access and disclosure to authorized users and preventing access by or
disclosure to unauthorized people. In cases of a biometric system, it mainly refers to biometric
and related authentication information when it is captured and stored, which needs to be kept
secret from unauthorized entities.

The biometric information should only be accessible completely to the person it belongs.
During identification and variation, the accessing candidate needs to be restricted with
appropriate security measures.

Integrity
It is the condition of being complete and unaltered that refers to its consistency, accuracy, and
correctness. For a biometric system, the integrity should be high. Any malicious manipulations
during operation and storage should be kept away or detected earliest by including its
notification and correction.

Non-repudiation
It is identification of involved resources such as entities and components. It is also seen as
accountability. For example, it prohibits a sender or a recipient of biometric information from
denying having sent or received biometric information.

Availability
A resource has the property of availability with respect to a set of entities if all members of the
set can access the resource. An aspect called reachabilityensures that the humans or system
processes either can or cannot be contacted, depending on user interests.

Attackers can make the system unusable for genuine users, thus preventing them from using
authenticated applications. These attackers target the availability of the information.
some of the common reasons for biometric signal/representation variations.

1 Inconsistent Presentation: The signal captured by the sensor from a biometric identifier
depends upon both the
intrinsic identifier characteristic as well as the way the identifier was presented. Thus, an
acquired biometric signal
is a nondeterministic composition of physiological trait, the user characteristic behavior, and the
user interaction
facilitated by the acquisition interface

2 Irreproducible Presentation: Unlike the synthetic identifiers [e.g., radio frequency

identification (RFID)], biometric
identifiers represent measurements of biological trait or behavior. These identifiers are prone to
wear and tear
The gait of a
pregnant woman is significantly different from that of awoman who is not pregnant. Inebriation
results in erratic
signatures. The common cold changes a person’s voice. All these phenomena contribute to
dramatic variations in the
biometric identifier signal captured at different acquisitions.
3 Imperfect Signal/Representational Acquisition: The signal acquisition conditions in practical
situations are not
perfect and cause extraneous variations in the acquired biometric signal. For example,
nonuniform contact results
in poor-quality fingerprint acquisitions.
 Cont…Chapter two
GSM

GSM - Security and Encryption

GSM is the most secured cellular telecommunications system available today. GSM has its
security methods standardized. GSM maintains end-to-end security by retaining the
confidentiality of calls and anonymity of the GSM subscriber.

Temporary identification numbers are assigned to the subscriber’s number to maintain the
privacy of the user. The privacy of the communication is maintained by applying encryption
algorithms and frequency hopping that can be enabled using digital systems and signalling.

This chapter gives an outline of the security measures implemented for GSM subscribers.

Mobile Station Authentication

The GSM network authenticates the identity of the subscriber through the use of a challenge-
response mechanism. A 128-bit Random Number (RAND) is sent to the MS. The MS computes
the 32-bit Signed Response (SRES) based on the encryption of the RAND with the
authentication algorithm (A3) using the individual subscriber authentication key (Ki). Upon
receiving the SRES from the subscriber, the GSM network repeats the calculation to verify the
identity of the subscriber.
The individual subscriber authentication key (Ki) is never transmitted over the radio channel, as
it is present in the subscriber's SIM, as well as the AUC, HLR, and VLR databases. If the
received SRES agrees with the calculated value, the MS has been successfully authenticated and
may continue. If the values do not match, the connection is terminated and an authentication
failure is indicated to the MS.

The calculation of the signed response is processed within the SIM. It provides enhanced
security, as confidential subscriber information such as the IMSI or the individual subscriber
authentication key (Ki) is never released from the SIM during the authentication process.

Signaling and Data Confidentiality

The SIM contains the ciphering key generating algorithm (A8) that is used to produce the 64-bit
ciphering key (Kc). This key is computed by applying the same random number (RAND) used
in the authentication process to ciphering key generating algorithm (A8) with the individual
subscriber authentication key (Ki).

GSM provides an additional level of security by having a way to change the ciphering key,
making the system more resistant to eavesdropping. The ciphering key may be changed at
regular intervals as required. As in case of the authentication process, the computation of the
ciphering key (Kc) takes place internally within the SIM. Therefore, sensitive information such
as the individual subscriber authentication key (Ki) is never revealed by the SIM.

Encrypted voice and data communications between the MS and the network is accomplished by
using the ciphering algorithm A5. Encrypted communication is initiated by a ciphering mode
request command from the GSM network. Upon receipt of this command, the mobile station
begins encryption and decryption of data using the ciphering algorithm (A5) and the ciphering
key (Kc).

Subscriber Identity Confidentiality

To ensure subscriber identity confidentiality, the Temporary Mobile Subscriber Identity (TMSI)
is used. Once the authentication and encryption procedures are done, the TMSI is sent to the
mobile station. After the receipt, the mobile station responds. The TMSI is valid in the location
area in which it was issued. For communications outside the location area, the Location Area
Identification (LAI) is necessary in addition to the TMSI.
Web Services
A web service is any piece of software that makes itself available over the internet and uses a standardized
XML messaging system

Web services are self-contained, modular, distributed, dynamic applications that can be described, published,
located, or invoked over the network to create products, processes, and supply chains. These applications can
be local, distributed, or web-based. Web services are built on top of open standards such as TCP/IP, HTTP,
Java, HTML, and XML.
Web services are XML-based information exchange systems that use the Internet for direct application-to-
application interaction. These systems can include programs, objects, messages, or documents

To summarize, a complete web service is, therefore, any service that −

 Is available over the Internet or private (intranet) networks

 Uses a standardized XML messaging system

 Is not tied to any one operating system or programming language

 Is self-describing via a common XML grammar

 Is discoverable via a simple find mechanism

Components of Web Services

The basic web services platform is XML + HTTP. All the standard web services work using the
following components −
  SOAP (Simple Object Access Protocol)

 UDDI (Universal Description, Discovery and Integration)

 WSDL (Web Services Description Language)

How Does a Web Service Work?

A web service enables communication among various applications by using open standards
such as HTML, XML, WSDL, and SOAP. A web service takes the help of −

 XML to tag the data

 SOAP to transfer a message

 WSDL to describe the availability of service.

Web Services - Characteristics

 Web services have the following special behavioral characteristics –

XML-Based
 Web services use XML at data representation and data transportation layers. Using XML
eliminates any networking, operating system, or platform binding. Web services based
applications are highly interoperable at their core level.
Loosely Coupled
 A consumer of a web service is not tied to that web service directly. The web service
interface can change over time without compromising the client's ability to interact with
the service. A tightly coupled system implies that the client and server logic are closely
tied to one another, implying that if one interface changes, the other must be updated.
Adopting a loosely coupled architecture tends to make software systems more
manageable and allows simpler integration between different systems.
Coarse-Grained
 Object-oriented technologies such as Java expose their services through individual
methods. An individual method is too fine an operation to provide any useful capability
at a corporate level. Building a Java program from scratch requires the creation of
several fine-grained methods that are then composed into a coarse-grained service that is
consumed by either a client or another service.
  Businesses and the interfaces that they expose should be coarse-grained. Web services
technology provides a natural way of defining coarse-grained services that access the
right amount of business logic.
Ability to be Synchronous or Asynchronous
 Synchronicity refers to the binding of the client to the execution of the service. In
synchronous invocations, the client blocks and waits for the service to complete its
operation before continuing. Asynchronous operations allow a client to invoke a service
and then execute other functions.
 Asynchronous clients retrieve their result at a later point in time, while synchronous
clients receive their result when the service has completed. Asynchronous capability is a
key factor in enabling loosely coupled systems.
Supports Remote Procedure Calls(RPCs)
 Web services allow clients to invoke procedures, functions, and methods on remote
objects using an XML-based protocol. Remote procedures expose input and output
parameters that a web service must support.
 Component development through Enterprise JavaBeans (EJBs) and .NET Components
has increasingly become a part of architectures and enterprise deployments over the past
couple of years. Both technologies are distributed and accessible through a variety of
RPC mechanisms.
 A web service supports RPC by providing services of its own, equivalent to those of a
traditional component, or by translating incoming invocations into an invocation of an
EJB or a .NET component.
Supports Document Exchange
 One of the key advantages of XML is its generic way of representing not only data, but
also complex documents. These documents can be as simple as representing a current
address, or they can be as complex as representing an entire book or Request for
Quotation (RFQ). Web services support the transparent exchange of documents to
facilitate business integration.

Web Services - Architecture

There are two ways to view the web service architecture −

 The first is to examine the individual roles of each web service actor.

 The second is to examine the emerging web service protocol stack.

 Web Services - Components
Over the past few years, three primary technologies have emerged as worldwide standards that
make up the core of today's web services technology. These technologies are discussed below.

XML-RPC
This is the simplest XML-based protocol for exchanging information between computers.

 XML-RPC is a simple protocol that uses XML messages to perform RPCs.

 Requests are encoded in XML and sent via HTTP POST.

 XML responses are embedded in the body of the HTTP response.

 XML-RPC is platform-independent.

 XML-RPC allows diverse applications to communicate.

 A Java client can speak XML-RPC to a Perl server.

 XML-RPC is the easiest way to get started with web services.

To learn more about XML-RPC, visit our XML-RPC Tutorial.

SOAP
SOAP is an XML-based protocol for exchanging information between computers.

 SOAP is a communication protocol.

 SOAP is for communication between applications.

 SOAP is a format for sending messages.

 SOAP is designed to communicate via Internet.

 SOAP is platform independent.

 SOAP is language independent.

 SOAP is simple and extensible.

 SOAP allows you to get around firewalls.

 SOAP will be developed as a W3C standard.

To learn more about SOAP, visit our SOAP Tutorial.

WSDL
WSDL is an XML-based language for describing web services and how to access them.

 WSDL stands for Web Services Description Language.

 WSDL was developed jointly by Microsoft and IBM.

 WSDL is an XML based protocol for information exchange in decentralized and distributed
environments.

 WSDL is the standard format for describing a web service.

 WSDL definition describes how to access a web service and what operations it will perform.

 WSDL is a language for describing how to interface with XML-based services.

 WSDL is an integral part of UDDI, an XML-based worldwide business registry.

 WSDL is the language that UDDI uses.

 WSDL is pronounced as 'wiz-dull' and spelled out as 'W-S-D-L'.

To learn more about WSDL, visit our WSDL Tutorial.

UDDI
UDDI is an XML-based standard for describing, publishing, and finding web services.

 UDDI stands for Universal Description, Discovery, and Integration.

 UDDI is a specification for a distributed registry of web services.

 UDDI is platform independent, open framework.

 UDDI can communicate via SOAP, CORBA, and Java RMI Protocol.

 UDDI uses WSDL to describe interfaces to web services.

 UDDI is seen with SOAP and WSDL as one of the three foundation standards of web services.

Web Services - Security

Security is critical to web services. However, neither XML-RPC nor SOAP specifications make
any explicit security or authentication requirements.

There are three specific security issues with web services −

 Confidentiality
  Authentication

 Network Security

Confidentiality
If a client sends an XML request to a server, can we ensure that the communication remains
confidential?

Answer lies here −

 XML-RPC and SOAP run primarily on top of HTTP.

 HTTP has support for Secure Sockets Layer (SSL).

 Communication can be encrypted via SSL.

 SSL is a proven technology and widely deployed.

A single web service may consist of a chain of applications. For example, one large service
might tie together the services of three other applications. In this case, SSL is not adequate; the
messages need to be encrypted at each node along the service path, and each node represents a
potential weak link in the chain. Currently, there is no agreed-upon solution to this issue, but
one promising solution is the W3C XML Encryption Standard. This standard provides a
framework for encrypting and decrypting entire XML documents or just portions of an XML
document. You can check it at www.w3.org/Encryption

Authentication
If a client connects to a web service, how do we identify the user? Is the user authorized to use
the service?

The following options can be considered but there is no clear consensus on a strong
authentication scheme.

 HTTP includes built-in support for Basic and Digest authentication, and services can therefore be
protected in much the same manner as HTML documents are currently protected.

 SOAP Digital Signature (SOAP-DSIG) leverages public key cryptography to digitally sign SOAP
messages. It enables the client or server to validate the identity of the other party.
  The Organization for the Advancement of Structured Information Standards (OASIS) is working on
the Security Assertion Markup Language (SAML).

Network Security
There is currently no easy answer to this problem, and it has been the subject of much debate.
For now, if you are truly intent on filtering out SOAP or XML-RPC messages, one possibility is
to filter out all HTTP POST requests that set their content type to text/xml.
Another alternative is to filter the SOAPAction HTTP header attribute. Firewall vendors are also
currently developing tools explicitly designed to

What is SOAP?
SOAP is an acronym for Simple Object Access Protocol. It is an XML-based messaging
protocol for exchanging information among computers. SOAP is an application of the XML
specification.

SOAP is a simple XML-based protocol that allows applications to exchange information over
HTTP.

Points to Note
 SOAP is a communication protocol designed to communicate via Internet.

 SOAP can extend HTTP for XML messaging.

 SOAP provides data transport for Web services.

 SOAP can exchange complete documents or call a remote procedure.

 SOAP can be used for broadcasting a message.

 SOAP is platform- and language-independent.

 SOAP is the XML way of defining what information is sent and how.

 SOAP enables client applications to easily connect to remote services and invoke remote
methods.

SOAP - Message Structure

A SOAP message is an ordinary XML document containing the following elements −

 Envelope − Defines the start and the end of the message. It is a mandatory element.

 Header − Contains any optional attributes of the message used in processing the
message, either at an intermediary point or at the ultimate end-point. It is an optional
element.

 Body − Contains the XML data comprising the message being sent. It is a mandatory
element.

 Fault − An optional Fault element that provides information about errors that occur
while processing the message.

SOAP - Transport
SOAP is not tied to any transport protocol. SOAP can be transported via SMTP, FTP, IBM's
MQSeries, or Microsoft Message Queuing (MSMQ).

SOAP specification includes details on HTTP only. HTTP remains the most popular SOAP
transport protocol.

SOAP via HTTP

Quite logically, SOAP requests are sent via an HTTP request and SOAP responses are returned
within the content of the HTTP response. While SOAP requests can be sent via an HTTP GET,
the specification includes details on HTTP POST only.

Additionally, both HTTP requests and responses are required to set their content type to
text/xml.

WSDL
WSDL stands for Web Services Description Language. It is the standard format for describing a
web service. WSDL was developed jointly by Microsoft and IBM.

WSDL is an XML-based language for describing web services and how to access them.

WSDL describes a web service, along with the message format and protocol details for the web
service

Features of WSDL
  WSDL is an XML-based protocol for information exchange in decentralized and distributed
environments.

 WSDL definitions describe how to access a web service and what operations it will perform.

 WSDL is a language for describing how to interface with XML-based services.

 WSDL is an integral part of Universal Description, Discovery, and Integration (UDDI), an XML-
based worldwide business registry.

 WSDL is the language that UDDI uses.

 WSDL is pronounced as 'wiz-dull' and spelled out as 'W-S-D-L'.

WSDL Usage
WSDL is often used in combination with SOAP and XML Schema to provide web services over
the Internet. A client program connecting to a web service can read the WSDL to determine
what functions are available on the server. Any special datatypes used are embedded in the
WSDL file in the form of XML Schema. The client can then use SOAP to actually call one of
the functions listed in the WSDL.

WSDL Elements
A WSDL document contains the following elements −

 Definition − It is the root element of all WSDL documents. It defines the name of the web service,
declares multiple namespaces used throughout the remainder of the document, and contains all the
service elements described here.

 Data types − The data types to be used in the messages are in the form of XML schemas.

 Message − It is an abstract definition of the data, in the form of a message presented either as an
entire document or as arguments to be mapped to a method invocation.

 Operation − It is the abstract definition of the operation for a message, such as naming a method,
message queue, or business process, that will accept and process the message.

 Port type − It is an abstract set of operations mapped to one or more end-points, defining the
collection of operations for a binding; the collection of operations, as it is abstract, can be mapped to
multiple transports through various bindings.
  Binding − It is the concrete protocol and data formats for the operations and messages defined for a
particular port type.

 Port − It is a combination of a binding and a network address, providing the target address of the
service communication.

 Service − It is a collection of related end-points encompassing the service definitions in the file; the
services map the binding to the port and include any extensibility definitions.

In addition to these major elements, the WSDL specification also defines the following utility
elements −

 Documentation − This element is used to provide human-readable documentation and can be

included inside any other WSDL element.

 Import − This element is used to import other WSDL documents or XML Schemas.

Access control
Network access control is a method of enhancing the security of a private
organizational network by restricting the availability of network resources to
endpoint devices that comply with the organization’s security policy. A
typical network access control scheme comprises of two major components
such as Restricted Access and Network Boundary Protection.

Restricted Access to the network devices is achieved through user

authentication and authorization control which is responsible for identifying
and authenticating different users to the network system. Authorization is
the process of granting or denying specific access permissions to a
protected resource.

Network Boundary Protection controls logical connectivity into and out

of networks. For example, multiple firewalls can be deployed to prevent
unauthorized access to the network systems. Also intrusion detection and
prevention technologies can be deployed to defend against attacks from the
Internet.

access control also helps you effectively protect your data from various
types of intruders and it is up to your organization’s access control policy to
address which method works best for your needs.
The Three Types of Access Control Systems
In brief, access control is used to identify an individual who does a specific job,
authenticate them, and then proceed to give that individual only the key to the
door or workstation that they need access to and nothing more

Access control systems come in three variations: Discretionary Access

Control (DAC), Mandatory Access Control (MAC), and Role Based Access
Control (RBAC).
Discretionary Access Control (DAC)
Discretionary Access Control is a type of access control system that holds the
business owner responsible for deciding which people are allowed in a specific
location, physically or digitally. DAC is the least restrictive compared to the
other systems, as it essentially allows an individual complete control over any
objects they own, as well as the programs associated with those objects. The
drawback to Discretionary Access Control is the fact that it gives the end user
complete control to set security level settings for other users and the
permissions given to the end user are inherited into other programs they use
which could potentially lead to malware being executed without the end user
being aware of it.
2. Mandatory Access Control (MAC)
Mandatory Access Control is more commonly utilized in organizations that
require an elevated emphasis on the confidentiality and classification of data (ie.
military institutions). MAC doesn’t permit owners to have a say in the entities
having access in a unit or facility, instead, only the owner and custodian have
the management of the access controls. MAC will typically classify all end users
and provide them with labels which permit them to gain access through security
with established security guidelines.

3. Role-Based Access Control (RBAC)

Also known as Rule-Based Access Control, RBAC is the most demanded in
regard to access control systems. Not only is it in high demand among
households, RBAC has also become highly sought-after in the business world. In
RBAC systems, access is assigned by the system administrator and is
stringently based on the subject’s role within the household or organization and
most privileges are based on the limitations defined by their job responsibilities.
So, rather than assigning an individual as a security manager, the security
manager position already has access control permissions assigned to it. RBAC
makes life much easier because rather than assigning multiple individuals
particular access, the system administrator only has to assign access to specific
job titles.

Choosing the Best Access Control System for Your Organization

As you can see, when it comes to choosing the type of access control system
that is most suitable for your organization, there are a number of factors
involved. Some of those factors include the nature of your business, security
procedures within the organization, and the number of users on the system.
Places of business with small or basic applications will probably find
Discretionary Access Control to be less complicated and better utilized. If,
however, you have highly confidential or sensitive information on your business
platform, a Mandatory Access or Role-Based Access Control system are two
options you may want to consider.

Cross-site scripting

Cross-site scripting (XSS) is a code injection attack that allows an attacker

to execute malicious JavaScript in another user's browser.

XSS attacks occur when an attacker uses a web application to send malicious code, generally in
the form of a browser side script, to a different end user

The end user’s browser has no way to know that the script should not be trusted, and will execute
the script. Because it thinks the script came from a trusted source, the malicious script can access
any cookies, session tokens, or other sensitive information retained by the browser and used with
that site

The attacker does not directly target his victim. Instead, he exploits a
vulnerability in a website that the victim visits, in order to get the website
to deliver the malicious JavaScript for him. To the victim's browser, the
malicious JavaScript appears to be a legitimate part of the website, and the
website has thus acted as an unintentional accomplice to the attacker.
These attacks can be carried out using HTML, JavaScript, VBScript, ActiveX,
Flash, but the most used XSS is malicious JavaScript.

Types of XSS Attacks

XSS attacks are often divided into three types −
  Persistent XSS, where the malicious string originates from the website's
database.

 Reflected XSS, where the malicious string originates from the victim's request.

 DOM-based XSS, where the vulnerability is in the client-side code rather than
the server-side code.

Generally, cross-site scripting is found by vulnerability scanners so that

you don’t have to do all the manual job by putting a JavaScript on it like

Ex

<script>

alert(‘I am Vulnerable’)

</script>