Tech-invite  3GPPspecsRELsGlossariesSIP
Info21222324252627282931323334353637384‑5x

Top   in Index   Prev   Next

TR 33.816SA3
Feasibility Study on
LTE Relay Node Security

use "3GPP‑Page" to get the Word version
for a better overview, the Table of Contents (ToC) is reproduced
V10.0.0 (Wzip)  2011/03  94 p.

Rapporteur:  Dr. Escott, Adrian

ThiS TR provides an analysis of the security issues by including Relay Nodes (RN) into the LTE network. Furthermore it contains several solutions to provide security for the relay architecture chosen by the RAN groups. It also provides a comparison between those solution and the reasoning why a particular solution was chosen.

full Table of Contents for  TR 33.816  Word version:   10.0.0

Here   Top
1  ScopeWord-p. 8
2  References
3  Definitions, symbols and abbreviationsWord-p. 9
4  Relay ArchitectureWord-p. 10
5  ThreatsWord-p. 12
6  RequirementsWord-p. 15
7  Security Architecture
8  Security ProceduresWord-p. 19
8.1  Analysis of Un interface security
8.2  Security for the RN NAS trafficWord-p. 23
8.3  Security for the RN RRC traffic
8.4  Mutual Authentication
8.5  Enrolment procedures for RNs
8.6  Location verificationWord-p. 24
8.7  Security handling in handover
8.8  Analysis of key interaction on Un interfaceWord-p. 26
8.9  Differentiation the RN and UE by the DeNB
8.10  NAS signalling securityWord-p. 27
8.11  Algorithm negotiation for RBs on Un interface
9  Device SecurityWord-p. 28
10  Proposed SolutionsWord-p. 31
10.1  Solution 1 - IPsec for control and user plane
10.2  Solution 2 - IPsec for control and user plane with certificate and AKA authentication in IKE
10.3  Solution 3 - AKA credentials embedded in RN
10.4  Solution 4 - IPsec for control plane and secure channel between RN and USIM with AKA credentials stored in UICC
10.5  Solution 5 - Enhanced AKA to include device authenticationWord-p. 45
10.6  Solution 6: AKA for Relay Node UE authentication and secure channel between RN and USIM
10.7  Solution 7: AKA for Relay Node UE authentication and IPSec protection
10.8  Solution 8 - Enhancing AKA to include device authentication via symmetric key in RN and HSS/MME
10.9  Solution 9 - IPsec or PDCP security for control plane and with key binding for AS security
10.10  Solution 10 - Secure channel between RN and USIM with a one-to-one mapping between RN and UICCUp
10.11  Solution 11 - Secure Channel between USIM and RN and AS integrity for S1 /X2; Variant with two USIMs
10.12  Solution 12 - Secure Channel between USIM and RN and AS integrity for S1 /X2; Variant with modified KASMEWord-p. 86
11  ConclusionsWord-p. 93
A  Change historyWord-p. 94

Up   Top