TS 33.320
Security of Home Node B (HNB) / Home evolved Node B (HeNB)

3GPP‑Page ETSI‑search fToC_↓ Partial Content _→

V19.0.0 (PDF) 2025/09 43 p.

V18.0.0 2024/03 43 p.

V17.0.0 2022/03 43 p.

V16.0.0 2020/06 43 p.

V15.0.0 2018/06 42 p.

V14.0.0 2016/12 43 p.

V13.0.0 2016/01 43 p.

V12.1.0 2014/09 43 p.

V11.6.0 2012/06 43 p.

V10.5.0 2012/06 37 p.

V9.7.0 2012/12 36 p.

Rapporteur:: Mr. Wong, Marcus
Huawei Tech.(UK) Co.. Ltd

full Table of Contents for TS 33.320 Word version: 19.0.0

each clause number in 'red' refers to the equivalent title in the Partial Content

Scope p. 6

References p. 6

Definitions and abbreviations p. 7

3.1	Definitions p. 7
3.2	Abbreviations p. 7

Overview of Security Architecture and Requirements p. 8

4.1

System architecture of H(e)NB p. 8

4.2

Network Elements p. 9

4.2.1	H(e)NB p. 9
4.2.2	Security Gateway (SeGW) p. 9
4.2.3	H(e)NB Management System (H(e)MS) p. 10
4.2.4	UE p. 10
4.2.5	H(e)NB Gateway (H(e)NB-GW) and MME p. 10
4.2.6	AAA Server and HSS p. 10
4.2.7	Void p. …
4.2.8	Local Gateway (L-GW) \|R10\| p. 10

4.3

Interfaces (Reference Points) p. 10

4.3.1	Backhaul Link p. 10
4.3.2	H(e)MS Interface p. 10
4.3.3	Interface between SeGW and AAA Server, AAA Server and HSS p. 10
4.3.4	Interface between H(e)NBs \|R11\| p. 11

4.4

Security Requirements and Principles p. 11

4.4.1	Operation p. 11
4.4.2	Requirements on H(e)NB p. 11
4.4.3	Requirements on SeGW p. 12
4.4.4	Requirements on H(e)MS p. 12
4.4.5	Requirements on Backhaul Link p. 13
4.4.6	Requirements on H(e)MS Link p. 13
4.4.7	Requirements on Local Gateway (L-GW) \|R10\| p. 13
4.4.8	Requirements on the Direct Link between H(e)NBs \|R11\| p. 14
4.4.9	Requirements on Verification of H(e)NB Identity and Operating Access Mode \|R11\| p. 14

Security Features p. 15

5.1

Secure Storage and Execution p. 15

5.1.1

Hosting Party Module p. 15

5.1.2

Trusted Environment (TrE) p. 15

5.1.2.1

General p. 15

5.2

Device Mutual Authentication p. 15

5.3

Hosting Party Mutual Authentication p. 16

5.4

Other security features p. 16

Security Procedures in H(e)NB p. 18

6.1

Device Integrity Check p. 18

6.1.1	Device Integrity Check Procedure p. 18
6.1.2	Protection of Trusted Reference Value(s) p. 18

6.2

Void p. …

6.3

Measures for Clock Protection p. 18

6.3.1

Clock Synchronization Security Mechanisms for H(e)NB p. 18

Security Procedures between H(e)NB and SeGW p. 19

7.1

Device Validation p. 19

7.2

Device Authentication p. 19

7.2.1

General p. 19

7.2.2

SeGW and Device Mutual Authentication Procedure p. 20

7.2.3

H(e)NB/IKEv2 Processing Requirements for SeGW Certificates p. 21

7.2.4

SeGW/IKEv2 Processing Requirements for H(e)NB Certificates p. 21

7.2.5

Security Profiles p. 22

7.2.5.1

Profile for IKEv2 p. 22

7.2.5.2

IKEv2 Certificate Profile p. 22

7.2.5.2.1	IKEv2 Entity Certificates p. 22
7.2.5.2.2	IKEv2 CA Certificates p. 22

7.3

Hosting Party Authentication p. 23

7.4

IPsec Tunnel Establishment p. 23

7.5

Device Authorization p. 23

Security Aspects of H(e)NB Management p. 25

8.1

Location Verification p. 25

8.1.1	General p. 25
8.1.2	IP Address provided by H(e)NB p. 25
8.1.3	IP Address and/or access line location identifier provided by broadband access provider p. 25
8.1.4	Surrounding macro-cell information provided by H(e)NB p. 25
8.1.5	GNSS information provided by H(e)NB p. 25
8.1.6	Requirements p. 26

8.2

Access Control Mechanisms for H(e)NB p. 26

8.2.1	Non-CSG Method p. 26
8.2.2	CSG Method p. 26

8.3

Protection of H(e)MS traffic between H(e)MS and H(e)NB p. 26

8.3.1

Connection to H(e)MS accessible on MNO Intranet p. 26

8.3.2

Connection to H(e)MS accessible on public Internet p. 27

8.3.2.1	General p. 27
8.3.2.2	Device Validation p. 28

8.3.3

TLS certificate profile p. 28

8.3.3.1	TLS entity certificates p. 28
8.3.3.2	TLS CA certificates p. 29

8.3.4

TR-069 protocol profile p. 29

8.4

Protection of SW Download p. 29

8.5

Enrolment of H(e)NB to an Operator PKI |R11| p. 30

8.5.1	General p. 30
8.5.2	Enrolment Procedure p. 30
8.5.3	Certificate Validation p. 30

Security Aspects of Emergency Call Handling p. 31

Security Aspects for Mobility p. 32

10.1	Inbound mobility p. 32
10.2	Outbound mobility p. 32

Security Procedures for Direct Interfaces between Base Stations |R11| p. 33

11.1	General p. 33
11.2	Direct Link between two H(e)NBs p. 33

Authentication Call-flows p. 34

A.1	Device Authentication Call-flow Example p. 34
A.2	Combined Device and HP Authentication Call-flow Example p. 35

Location Verification Examples p. 38

B.1	Example of Location verification based on IP address and line identifier in NASS p. 38
B.2	Example process of location verification when the verifying node receive different types of location information p. 38

Change History p. 40

TS 33.320 Security of Home Node B (HNB) / Home evolved Node B (HeNB)

full Table of Contents for TS 33.320 Word version: 19.0.0

TS 33.320
Security of Home Node B (HNB) / Home evolved Node B (HeNB)