9.1 Security in 3GPP Mobile Networks
The objectives for security, as documented in 2001 by 3GPP [1] are that:
- user information is protected against misuse;
- network resources and services provided by serving networks and home environments, are adequately protected against misuse;
- security features are standardized, have worldwide availability (considering e.g. export restrictions) and are interoperable so that roaming can be supported between different serving networks;
- level of protection for both user, and for providers of service, is better than that provided by contemporary fixed or mobile networks;
- security features and mechanisms are extendable as required, to address potential new threats and services.
The experiences from 2G security were the basis for creating the objectives for 3G, especially the identified shortcomings, real and perceived, of 2G security were addressed. Otherwise the security elements and components from 2G that were perceived to be robust were kept as a basis.
The documented 2G weaknesses include:
- Possibility for a ‘false BTS’ attack (since terminal is authenticated, but not the network). This is addressed with mutual authentication.
- Transmitting keys as clear-text. Between networks (and network domains), network domain security functionality has been included in 3G.
- Weaknesses in authentication, related to IMEI (International Mobile Equipment Identity).
- Lacking data integrity protection. Integrity of air interface signaling is protected in 3G.
Get Mobile Backhaul now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.