6
EPS Security Architecture
6.1 Overview and Relevant Specifications
The Evolved Packet System (EPS) brings two new major ingredients into the 3GPP environment: the radio network E-UTRAN with a new radio interface, and the flat IP-based core network Evolved Packet Core (EPC). The security functions and mechanisms that are part of GSM and 3G security architectures are mostly based on designs and principles that are generic enough and usable in many other environments. But still both GSM and 3G security architectures have a tight coupling with other functions and mechanisms in these systems; security functions have been embedded into the overall architecture in an optimal and efficient manner.
The design of the EPS security architecture follows the same principle of maximizing, from a system point of view, the synergies between security functions and other functions. In particular, this implies that:
- GSM and 3G security mechanisms offer a good basis for the EPS security architecture; but
- to a certain extent, each GSM or 3G mechanism, if reused, needs to be adapted from the original context and embedded to the EPS architecture.
The EPS must also be able to interwork with legacy systems, so these adaptations have to be done in a backward-compatible manner. In addition to adaptations from security functionalities already existing in legacy systems, many new extensions and enhancements have been introduced in the EPS security architecture.
In the following, we show how major security ...