O'Reilly logo

LTE, LTE-Advanced and WiMAX: Towards IMT-Advanced Networks by Najah Abu Ali, Hossam S. Hassanein, Abd-Elhamid M. Taha

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Design Rationale

In Chapter 9, it was discussed how it was essential for LTE/SAE to separate the communication between the core and the UE to the AS and the NAS. This separation was also applied in terms of security whereby the security of the AS (i.e., RRC security in eNB) was separated from the security of the NAS signaling. Two other relevant decisions were made in the design of the security architecture for LTE. The first is that the user plane security terminates above the eNB; the second, that the radio link and the core network must have cryptographically separate keys. These requirements result in LTE having two layers of protection, differentiating the E-UTRAN from the UTRAN which only a one layer perimeter security. These two layers are shown in Figure 14.1, where the first provides the RRC security and the User plane protection, while the second layer provides the NAS signaling security.

image

Figure 14.1 First and second security layers in LTE. Reproduced by permission of © 2010 3GPP. Further use is strictly prohibited.

The immediate advantage of this rationale is that a compromise at the first layer (i.e., if an eNB or an HeNB is compromised), it would be hard to compromise the security of the eNB/HeNBs (i.e., other elements in the first layer) or the core (i.e., layer 2). This means that placing eNBs in vulnerable locations is more practically accessible in LTE.

Resources ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required