Mobile networks allow devices to connect to external packet switched networks (such as the Internet) as part of the basic service provided within the network as defined by international standard bodies. Example of such international standard bodies include 3rd Generation Partnership Project (3GPP) for Global System for Mobile Communications (GSM)/Universal Mobile Telecommunication System (UMTS)/Long-Term Evolution (LTE) domains, Time Division Multiple Access (TDMA)/Code Division Multiple Access (CDMA)/CDMA2000 networks, and newer Low Power Wide Area Networks (LPWAN) initiatives such as LoRa and SIGFOX.
In such systems, the packet data coming to and from a mobile device is transmitted via the radio network to elements such as a base transceiver station (BTS) in a 2G network, a NodeB in a 3G network or an eNodeB in a 4G network. Thereafter, the packet data is sent using tunnels towards a serving general packet radio service (GPRS) support node (SGSN) in a 2G/3G network or the serving gateway (SGW) in a 4G network or similar device in other mobile network solutions.
GPRS Tunnelling Protocol (GTP) tunnels from all mobile devices are aggregated towards a gateway GPRS support node (GGSN) in a 2G/3G network or the PDN gateway (PGW) in a 4G network or similar device in other mobile network solutions. These devices then merge many Ethernet connections containing numerous tunnels in each connection.
It is then the responsibility of the GGSN or PGW to disperse the aggregated GTP tunnels' traffic into multiple data streams and route every single stream into its designated destination on the external packet switched network as initially designated by the mobile device.
With the surge in the field of the Internet of Things (IoT), many more different types of mobile devices are in use than ever before, and this trend only looks to grow as more and more types of devices, such as cars, smart city sensors, shipping containers, baby strollers, etc. adopt mobile communication components.
With the plethora of different types of mobile devices, the threat to security of communications and data increases. While certainly a mobile phone designer may be an expert on communications security, a baby stroller designer may not be. This makes it less likely that mobile communications components embedded into such disparate products will address common security concerns.
Moreover, IoT devices are typically designed to be cheap and battery-conserving. Running security features on IoT devices requires a more complex CPU design and more power consumption, and thus may be inconsistent with these goals.
While most mobile networks themselves are secure, the Internet is a less secure medium so when the communications leave the mobile network and enter the Internet the threat to security rises.