Tech-invite3GPPspaceIETFspace
21222324252627282931323334353637384‑5x

Content for  TR 33.820  Word version:  8.3.0

Top   Top   Up   Prev   None
0…   4…
4 System architecture5 Threats analysis6 Security Requirements7 Common Security mechanisms solutions for H(e)NB8 ConclusionsA Security mechanisms for OAMB TrE Types and Corresponding Interfaces$ Change history

 

4  System architecturep. 9

4.1  Generalp. 9

4.2  System architecture of HNBp. 10

4.3  System architecture of HeNBp. 11

4.4  Overview of Security Architecturep. 11

5  Threats analysisp. 13

5.1  Common threats to H(e)NBp. 13

5.1.1  Threats Listp. 13

5.1.2  Grouping of Threatsp. 14

5.1.3  Threatsp. 15

5.1.4  Threats Impact Overviewp. 28

5.2  Specific HNB Threatsp. 29

5.3  Specific HeNB Threatsp. 29

6  Security Requirementsp. 29

6.1  Common Requirements for H(e)NBp. 29

6.2  Specific Requirements for HeNBp. 31

6.3  Countermeasures for H(e)NBp. 31

7  Common Security mechanisms solutions for H(e)NBp. 36

7.1  H(e)NB Authentication Principlep. 36

7.2  Secure Storage and Executionp. 37

7.2.1  Hosting Party Modulep. 37

7.2.2  Trusted Environment (TrE)p. 37

7.2.2.1  Generalp. 37

7.2.2.2  TrE Interfacesp. 38

7.2.2.2.1  Generalp. 38
7.2.2.2.2  TrE Interface Categoriesp. 38

7.2.2.3  H(e)NB Authenticationp. 38

7.3  Comparison of H(e)NB Authentication Methodsp. 39

7.4  Authentication Method Selectionp. 39

7.4.1  Authentication Methodsp. 39

7.4.2  Authentication Type Identification and Enforcementp. 39

7.5  Device Integrity Checkp. 43

7.5.1  Generalp. 43

7.5.2  H(e)NB Validationp. 44

7.5.2.1  Generalp. 44

7.5.2.2  Autonomous Validationp. 44

7.5.2.3  Remote Validationp. 45

7.5.2.4  Semi-Autonomous Validationp. 45

7.5.2.5  Policy for H(e)NB Validationp. 47

7.5.2.6  Device Revalidationp. 48

7.5.2.7  Hybrid validationp. 48

7.5.3  Analysis of Device Integrity Validationp. 49

7.5.4  Study of Device Integrity Validation Methodsp. 50

7.5.4.1  Terms of Referencep. 50

7.5.4.2  Scope of Studyp. 51

7.5.4.3  Threat Analysis of Validation Methodsp. 51

7.5.4.3.1  Generalp. 51
7.5.4.3.2  Security Requirements for AUvp. 51
7.5.4.3.3  Threats and Counter-Measures Applicable to AuVp. 51
7.5.4.3.4  Security Requirements Applicable to SAVp. 52
7.5.4.3.5  Threats and Counter-Measures Applicable to SAVp. 52
7.5.4.3.6  Analysis and Conclusionsp. 53

7.5.4.4  Answers to Questions Concerning Autonomous Validationp. 53

7.5.4.5  Answers to Questions Concerning Semi Autonomous Validationp. 56

7.5.4.6  Answers to Questions Concerning Hybrid Validationp. 64

7.6  Authentication Implementation Optionsp. 66

7.6.1  Generic Authenticationp. 66

7.6.1.1  Generalp. 66

7.6.1.2  EAP-AKA-based Client Authenticationp. 66

7.6.1.2.1  Generalp. 66
7.6.1.2.2  Assumptions at H(e)NBp. 66
7.6.1.2.3  Assumptions for Storage of AKA Credentialp. 67
7.6.1.2.4  Assumptions in Core Networkp. 67
7.6.1.2.5  Authentication Flowp. 67
7.6.1.2.6  Impacts on Core Networkp. 67
7.6.1.2.7  Authentication Identifierp. 67

7.6.1.3  Certificate-based Client Authenticationp. 67

7.6.1.3.1  Generalp. 67
7.6.1.3.2  Assumptions at H(e)NBp. 68
7.6.1.3.3  Assumptions in Core Networkp. 68
7.6.1.3.4  Authentication Flowp. 68
7.6.1.3.5  Impacts on Core Networkp. 68
7.6.1.3.6  Certificate Managementp. 68
7.6.1.3.7  Authentication Identifierp. 69

7.6.2  Device Authenticationp. 69

7.6.2.1  Generalp. 69

7.6.2.2  EAP-AKA basedp. 69

7.6.2.3  Certificate-basedp. 71

7.6.3  Hosting Party Authenticationp. 72

7.6.3.1  Bundled with the Device Authenticationp. 72

7.6.3.2  Stand-alone Hosting Party Authenticationp. 72

7.6.3.2.1  Device Authentication based on Certificate and Hosting Party Authentication based on EAP-AKAp. 72
7.6.3.2.2  Binding of HPM ID and Device IDp. 74

7.6.4  Relations to Trusted Environmentp. 77

7.7  Backhaul Security Mechanismsp. 78

7.7.1  Backhaul Connection Securityp. 78

7.7.2  Backhaul Traffic Protection for H(e)NBp. 78

7.7.2.1  Generalp. 78

7.7.2.2  Establishment of a Secure Tunnelp. 79

7.7.2.3  Supporting QoSp. 79

7.8  Location Locking mechanismsp. 79

7.8.1  Overview of Location Lockingp. 79

7.8.2  Comparison Security of H(e)NB Location Identification Methodsp. 79

7.8.3  Location Authenticationp. 81

7.8.4  Location Authorisationp. 81

7.8.5  Solutionsp. 81

7.8.5.1  Solution based on IP Addressp. 82

7.8.5.2  Solution based on H(e)NB Reports of Neighbouring Macro-cellsp. 84

7.8.5.3  Solution based on IP Address and H(e)NB Reports of Neighbouring Macro-cellsp. 84

7.8.5.4  Solution based on UE Informationp. 85

7.8.5.5  Solution based on UE information and H(e)NB Reports of Neighbouring Macro-cellsp. 85

7.8.5.6  Solution based on (A-)GPS in H(e)NBp. 85

7.8.6  Re-locking of H(e)NB Locationp. 85

7.8.6.1  Same Location for H(e)NBp. 85

7.8.6.2  Different Locations for H(e)NBp. 85

7.8.7  H(e)NB Location Policy Options and Configurationp. 86

7.9  Access Control Mechanisms for H(e)NBp. 86

7.9.1  Non-CSG Methodp. 86

7.9.2  CSG Methodp. 86

7.9.3  Access List Managementp. 86

7.9.3.1  Overall Model and Requirementsp. 86

7.10  Security Mechanisms for OAMp. 88

7.11  Clock Synchronization Security Mechanisms for H(e)NBp. 88

7.11.1  Generalp. 88

7.11.2  Based on Secure Backhaul Link between H(e)NB and SeGWp. 88

7.11.3  Based on Security Protocols of the Clock Synchronization Protocolsp. 89

7.12  H(e)NB Distress Indicationp. 89

7.12.1  General Requirementp. 89

7.12.2  Distress Communication Functionp. 89

7.12.3  H(e)NB Distress Indication Procedure using Distress Communication Functionp. 89

7.12.4  Optional Procedure for Replacement of Normal Code Image Using Distress Communication Functionp. 90

7.12.5  Requirements for Distress Communication Function and Distress Indication Messagep. 90

8  Conclusionsp. 91

8.1  Authenticationp. 91

8.2  Location Securityp. 91

8.3  Device Validationp. 91

A  Security mechanisms for OAMp. 93

A.1  Mechanism to verify the software updatesp. 93

A.2  Another method to verify the software updatesp. 94

B  TrE Types and Corresponding Interfacesp. 97

$  Change historyp. 99

Up   Top