Chapter 6

EPS Security Architecture

6.1 Overview and Relevant Specifications

The Evolved Packet System (EPS) brings two new major ingredients into the 3rd Generation Partnership Project (3GPP) environment: the radio network Evolved Universal Terrestrial Radio Access Network (E-UTRAN) with a new radio interface, and the Internet Protocol (IP)-based core network Evolved Packet Core (EPC). The security functions and mechanisms that are part of Global System for Mobile communications (GSM) and 3G security architectures are mostly based on designs and principles that are generic enough and usable in many other environments. But still both GSM and 3G security architectures have a tight coupling with other functions and mechanisms in these systems; security functions have been embedded into the overall architecture in an optimal and efficient manner.

The design of the EPS security architecture follows the same principle of maximizing, from a system point of view, the synergies between security functions and other functions. In particular, this implies that:

• GSM and 3G security mechanisms offer a good basis for the EPS security architecture, but
• to a certain extent, each GSM or 3G mechanism, if reused, needs to be adapted from the original context and embedded to the EPS architecture.

The EPS must also be able to interwork with legacy systems, so these adaptations have to be done in a backward-compatible manner. In addition to adaptations from security functionalities already existing ...