Figure 4-1 gives an overview of the complete security architecture.

Five security feature groups are defined. Each of these feature groups meets certain threats and accomplishes certain security objectives:

• Network access security (I): the set of security features that provide users with secure access to services, and which in particular protect against attacks on the (radio) access link.
• Network domain security (II): the set of security features that enable nodes to securely exchange signalling data, user data (between AN and SN and within AN), and protect against attacks on the wireline network.
• User domain security (III): the set of security features that secure access to mobile stations.
• Application domain security (IV): the set of security features that enable applications in the user and in the provider domain to securely exchange messages.
• Visibility and configurability of security (V): the set of features that enables the user to inform himself whether a security feature is in operation or not and whether the use and provision of services should depend on the security feature.