Tech-invite3GPPspaceIETFspace
21222324252627282931323334353637384‑5x

Content for  TR 33.821  Word version:  9.0.0

Top   Top   Up   Prev   None
0…   4…   6…   8…
8 Network Domain Security9 Security Requirements for LTE eNBsA Decision made in RAN2/3-SA3 joint meeting in Jan 2006B Issues and Threats of emergency calls$ Change history

 

8  Network Domain Securityp. 118

8.1  Introductionp. 118

8.1.1  NDS/IP architecture applied to LTEp. 118

8.1.2  Key Management solutions for NDS/IPp. 119

8.1.3  Alternativesp. 119

8.2  How particular threats can be counteracted.p. 120

8.2.1  Threats to User Datap. 120

8.2.2  Threats to Signalling Datap. 121

8.3  Summaryp. 122

8.4  Network Domain Security Evolutionp. 122

8.5  IKE version in NDS/IP for EPSp. 123

8.6  S1/X2 reference point securityp. 124

8.7  S6a Reference Point Securityp. 125

8.8  Authentication Failure Reporting (AFR) functionality for EPSp. 125

8.9  EPS interworking with a pre-Rel-8 HSS/HLRp. 126

8.9.1  Current approach to binding authentication vectors to E-UTRAN serving network identityp. 126

8.9.2  Solutions for interworking with a pre-Rel-8 HSS/HLRp. 127

8.9.2.1  Solution 1: K_ASME derivation and protocol conversion in HPLMNp. 127

8.9.2.2  Solution 2: K_ASME derivation in HPLMN, protocol conversion in VPLMNp. 128

8.9.2.3  Solution 3: K_ASME derivation and protocol conversion in VPLMN (with dynamic setting of separation bit in HLR)p. 129

8.9.2.4  Solution 4: K_ASME derivation and protocol conversion in VPLMN (with static setting of separation bit in HLR)p. 129

8.9.2.5  Solution 5: IWF in VPLMN with UMTS level security in EPSp. 130

8.9.2.6  Solution 6: Gradual upgrade of HLR using indicator on Rel-8 USIMp. 130

8.9.3  Distinguishing E-UTRAN authentication vector requests from other typesp. 131

8.9.4  Considerations on migration towards full security solutionp. 132

8.9.5  Evaluation of proposed solutionsp. 133

8.9.6  Conclusionp. 134

9  Security Requirements for LTE eNBsp. 134

9.1  Terminologyp. 134

9.2  eNB security requirementsp. 135

A  Decision made in RAN2/3-SA3 joint meeting in Jan 2006p. 136

A.1  RRCp. 136

A.2  MACp. 136

B  Issues and Threats of emergency callsp. 137

B.1  Generalp. 137

B.2  DoS threats against EC functionp. 137

B.2.1  Threats against IMS nodesp. 137

B.2.2  Threats against EPS nodesp. 138

B.3  Protection via network configurationp. 139

B.4  UE implementation considerationsp. 139

$  Change historyp. 141

Up   Top