9
Security in Intra-LTE State Transitions and Mobility
This chapter describes security for state transitions and mobility inside LTE. These include registering to the network, moving to ECM-CONNECTED state, intra-LTE handovers, moving to idle state, idle state mobility, and de-registering from the network.
The two layers of LTE security and the key management requirements are reflected in the security of state transitions and mobility scenarios. The first layer security between the UE and the base stations, called AS security layer, is set up only when user plane data needs to be exchanged, but the second layer security between UE and the core network, called NAS security layer, is set up all the time when the UE is registered to the network. An EPS NAS security context of type native (see section 7.4) remains stored in the UE and the MME while the UE is not registered to the network and is used when the UE re-registers to the network.
The second layer (NAS) is used to bootstrap the first layer (AS) security when the UE needs to send or receive data. The first layer security is refreshed with the help of the second layer security between the UE and the core network. Running EPS AKA and a Security Mode Command procedure refreshes the second layer security itself that is, the EPS NAS security context.
Before the security has been set up between the base station and the UE there cannot be any handovers or user plane data transfers. When the UE is in ECM-IDLE state and needs to send ...