Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint

6/23/2009
08:34 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Airvana, VeriSign Team for Femtocell Network Authentication

Companies are working to deploy device certificates for Airvana's HubBub UMTS Femtocell, allowing operators to authenticate these devices before allowing access to core networks and services

LONDON, June 23 /PRNewswire-FirstCall/ -- Femtocells World Summit -- Airvana, Inc. (Nasdaq: AIRV), the company transforming the mobile experience, and VeriSign, Inc. (Nasdaq: VRSN), the trusted provider of Internet infrastructure services for the networked world, today announced that the two companies are working to deploy device certificates for Airvana's HubBub(TM) UMTS Femtocell. The certificates will be embedded into the HubBub UMTS femtocell, allowing operators to authenticate these devices before allowing access to core networks and services.

Device certificates are unique digital identifiers that are embedded into a device -- for instance, a femtocell -- to enable strong authentication and encryption. By seamlessly and securely authenticating devices on the operator's network, device certificates eliminate the need for passwords or any action from the end user. As a result, network operators can ensure that only trusted devices will be authorized to make connections while rogue devices will be easily identified and blocked from gaining access.

The work between VeriSign and Airvana builds on efforts currently taking place within the Femto Forum and the 3GPP SA3 security standards group to establish an implementation standard for network authentication for femtocells using a certificate-based model. The use of certificates has already proven successful for similar technologies such as cable modems -- with VeriSign providing trusted solutions for that community. The collaboration between the two companies will provide an authentication solution for operators deploying Airvana HubBub femtocells. The joint effort will also help drive authentication requirements for femtocells, which in turn will accelerate industry efforts toward a common approach that will facilitate large-scale, multi-vendor femtocell implementations. This activity represents a meaningful step forward in the implementation of 3GPP's overall femtocell-to-core network interface specifications including Iuh communications protocol and device management.

"Collaborating with Airvana, a leader in the femtocell market, will once again allow VeriSign to implement security into a device-driven network at the earliest stages of development of a technology ecosystem," said Adam Geller, vice president of PKI solutions at VeriSign. "As with other network access technologies, security is of critical importance to the long-term prospects for widespread adoption. Operators need to know that their deployment of femtocells will not compromise their core networks, and subscribers want assurance that their home networks are secure. Using certificates to manage the relationship between the femtocell and the core network is one of the most efficient and cost-effective methods to provide this level of trust to all parties involved."

"Both operators and subscribers must be confident that femtocell technology is highly secure in order to embrace it fully," explained Glenn Laxdal, vice president of femtocell product management, Airvana. "Airvana has been at the forefront of solving tough femtocell implementation challenges including RF interference and femto service management. Through our work with VeriSign we are tackling one of the last implementation hurdles and will deliver to operators and subscribers femtocell technology that is backed by a recognized leader in security and authentication technology and services."

About Airvana

Airvana (Nasdaq: AIRV) helps operators transform the mobile experience for users worldwide. The company's high-performance technology and products, from comprehensive UMTS and CDMA 3G femtocell solutions based on the HubBub(TM) femtocell, to core mobile network infrastructure, enable operators to deliver compelling and consistent broadband services to mobile subscribers, wherever they are. Airvana's products are deployed in 70 commercial networks on all six continents. The company is headquartered in Chelmsford, Mass., USA, with offices worldwide. For more information, please visit www.airvana.com.

About VeriSign

VeriSign, Inc. (Nasdaq: VRSN) is the trusted provider of Internet infrastructure services for the networked world. Billions of times each day, VeriSign helps companies and consumers all over the world engage in communications and commerce with confidence. Additional news and information about the company is available at www.verisign.com.

Media Contacts Robert Morton Davies Murphy Group (781) 418-2400 [email protected]

Christina Rohall VeriSign, Inc. (650) 336-4663 [email protected]

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 8/3/2020
'BootHole' Vulnerability Exposes Secure Boot Devices to Attack
Kelly Sheridan, Staff Editor, Dark Reading,  7/29/2020
Average Cost of a Data Breach: $3.86 Million
Jai Vijayan, Contributing Writer,  7/29/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Threat from the Internetand What Your Organization Can Do About It
The Threat from the Internetand What Your Organization Can Do About It
This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-18112
PUBLISHED: 2020-08-05
Affected versions of Atlassian Fisheye allow remote attackers to view the HTTP password of a repository via an Information Disclosure vulnerability in the logging feature. The affected versions are before version 4.8.3.
CVE-2020-15109
PUBLISHED: 2020-08-04
In solidus before versions 2.8.6, 2.9.6, and 2.10.2, there is an bility to change order address without triggering address validations. This vulnerability allows a malicious customer to craft request data with parameters that allow changing the address of the current order without changing the shipm...
CVE-2020-16847
PUBLISHED: 2020-08-04
Extreme Analytics in Extreme Management Center before 8.5.0.169 allows unauthenticated reflected XSS via a parameter in a GET request, aka CFD-4887.
CVE-2020-15135
PUBLISHED: 2020-08-04
save-server (npm package) before version 1.05 is affected by a CSRF vulnerability, as there is no CSRF mitigation (Tokens etc.). The fix introduced in version version 1.05 unintentionally breaks uploading so version v1.0.7 is the fixed version. This is patched by implementing Double submit. The CSRF...
CVE-2020-13522
PUBLISHED: 2020-08-04
An exploitable arbitrary file delete vulnerability exists in SoftPerfect RAM Disk 4.1 spvve.sys driver. A specially crafted I/O request packet (IRP) can allow an unprivileged user to delete any file on the filesystem. An attacker can send a malicious IRP to trigger this vulnerability.