Guide To 3G Security v130 Draft-Changed To Cover MAP-SEC

S3-000181
3GPP TR 33.900 V1.3.0 (2000-02)

Technical Specification
3rd Generation Partnership Project;
Technical Specification Group SA WG3;
A Guide to 3
rd
Generation Security
(3GPP T 33!"00 #ersion 1!3!0$
The present document has been developed within the 3
rd
Generation Partnership Project (3GPP
TM
) and may be further
elaborated for the purposes of 3GPP.
The present document has not been subject to any approval process by the 3GPP

Oranisational Partners and shall not
be implemented.
This !pecification is provided for future development wor" within 3GPP

only. The Oranisational Partners accept no
liability for any use of this !pecification.
!pecifications and reports for implementation of the 3GPP
TM
system should be obtained via the 3GPP Oranisational
Partners# Publications Offices.
1
3GPP
3GPP
Postal address
3GPP support office address
650 Route des Lucioles - op!ia "#tipolis
Val$o##e - %R"&'(
Tel.) *33 + 92 9+ +2 00 %a,) *33 + 93 65 +- 16
.#ter#et
!ttp)//000.31pp.or1
Refere#ce
2T/TG " 3G 3 33.900 4
5e60ords
78e60ord9: 8e60ord;<
3GPP T 33!"00 %1!3!0 (&000-0&$ & 3GPP T 33!"00 #ersion 1!3!0
2 'o#te#ts
$ %ontents ............................................................................................................................................... 3
3 &oreword................................................................................................................................................ '
( )ntroduction............................................................................................................................................ '
' !cope...................................................................................................................................................... *
* +eferences.............................................................................................................................................. *
, - brief overview of 3GPP !ecurity.......................................................................................................,
. %ounteractin envisaed 3GPP attac"s...................................................................................................,
../ +adio path attac"s0..................................................................................................................................................
.././ 1ser de2reistration re3uest spoofin..................................................................................................................
../.$ 4ocation update re3uest spoofin........................................................................................................................
../.3 Mobile connectin to a false 5!..........................................................................................................................
../.( -ttachin on a false +adio -ccess 6etwor"......................................................................................................7
../.' Passive identity catchin....................................................................................................................................7
../.* -ctive identity catchin......................................................................................................................................7
../., )mpersonation of the networ" by suppressin encryption between the taret user and the intruder............../8
../.. )mpersonation of the networ" by suppressin encryption between the taret user and the true networ"....../8
../.7 9avesdroppin on user data by suppressin encryption between the taret user and the intruder................./8
.././8 :ijac"in incomin calls in networ"s with encryption disabled...................................................................//
..$ )nfrastructure based attac"s.................................................................................................................................//
..$./ )mpersonation of the networ" by forcin the use of a compromised cipher "ey.............................................//
..$.$ 9avesdroppin on user data by suppression of encryption between the taret user and the true networ"...../$
..$.3 9avesdroppin on user data by forcin the use of a compromised cipher "ey................................................/$
..$.( )mpersonation of the user throuh the use of by the networ" of a compromised authentication vector......../3
..$.' )mpersonation of the user throuh the use by the networ" of an eavesdropped authentication response....../3
7 6etwor" issues .................................................................................................................................... /3
/8 )nter 6etwor" !ecurity....................................................................................................................... /(
/8./ !inallin system 6umber ,Motivation............................................................................................................/(
/8.$ The 3GPP Mechanism for !ecurin M-P25ased Transmissions..................................................................../'
// )ntra networ" security........................................................................................................................ /*
//./ 3GPP 6etwor" elements and interfaces............................................................................................................/*
//././ :ome 4ocation +eister 2 :4+....................................................................................................................../*
//./.$ -uthentication %entre 2 -u%........................................................................................................................./,
//./.3 3GPP networ" interfaces................................................................................................................................/,
//./.( 5illin system ; %ustomer %are system........................................................................................................../,
/$ 1ser Module and !mart %ard............................................................................................................./7
/3 !ervices.............................................................................................................................................. /7
/3./ 4ocation services................................................................................................................................................/7
/3.$ Mobile 9<ecution 9nvironment 2 M9<9..........................................................................................................$8
/( 4awful interception.............................................................................................................................$8
/' -ppendi< - !ecurity policy...............................................................................................................$/
/'././ -ccess control policy......................................................................................................................................$/
/'.$ !ecure networ" elements interconnection ........................................................................................................$/
/'.3 %ommunications node security.........................................................................................................................$$
/'.3./ )dentification ..................................................................................................................................................$$
/'.3.$ -uthentication................................................................................................................................................$$
/'.3.3 !ystem -ccess %ontrol...................................................................................................................................$3
/'.3.( +esource -ccess %ontrol................................................................................................................................$3
/'.3.' -ccountability and -udit................................................................................................................................$(
/'.3.* !ecurity -dministration.................................................................................................................................$(
/'.3., =ocumentation................................................................................................................................................$'
3GPP
3GPP T 33!"00 %1!3!0 (&000-0&$ 3 3GPP T 33!"00 #ersion 1!3!0
/* :istory............................................................................................................................................... $*
3GPP
3GPP T 33!"00 %1!3!0 (&000-0&$ ' 3GPP T 33!"00 #ersion 1!3!0
3 %ore0ord
T!e 3GPP !a=e produced t!is Tec!#ical Report.
T!e co#te#ts of t!e prese#t docu>e#t are su$?ect to co#ti#ui#1 0or8 0it!i# t!e TG a#d
>a6 c!a#1e follo0i#1 for>al TG appro=al. !ould t!e TG >odif6 t!e co#te#ts of t!is
T: it 0ill $e re-released $6 t!e TG 0it! a# ide#tif6i#1 c!a#1e of release date a#d a#
i#crease i# =ersio# #u>$er as follo0s)
Versio# 3.6.@
0!ere)
, t!e first di1it)
1 prese#ted to TG for i#for>atio#A
2 prese#ted to TG for appro=alA
3 .#dicates TG appro=ed docu>e#t u#der c!a#1e co#trol.
6 t!e seco#d di1it is i#cre>e#ted for all c!a#1es of su$sta#ce: i.e. tec!#ical
e#!a#ce>e#ts: correctio#s: updates: etc.
@ t!e t!ird di1it is i#cre>e#ted 0!e# editorial o#l6 c!a#1es !a=e $ee# i#corporated
i# t!e specificatio#A
+ .#troductio#
T!is docu>e#t is i#te#ded to offer securit6 1uida#ce to t!ose i#=ol=ed i# 3GPP s6ste>s.
"ll specificatio#s !a=e to ta8e i#to accou#t t!e cost a#d feasi$ilit6 of securit6 features a#d
fu#ctio#s. .t is i>porta#t to realise possi$le ris8s a#d t!reats >a6 e,ist. T!e docu>e#t
descri$es t!ose securit6 issues t!at !a=e $ee# ide#tified i# t!e for>ulatio# of t!e
sta#dards.
3GPP
3GPP T 33!"00 %1!3!0 (&000-0&$ ( 3GPP T 33!"00 #ersion 1!3!0
5 cope
T!e prese#t docu>e#t 1i=es a 1e#eral descriptio# of t!e securit6 arc!itecture a#d
features of t!e 3
rd
Ge#eratio# ecurit6 sta#dards. .t is i#te#ded to pro=ide a# o=er=ie0 of
securit6: for detailed e,pla#atio# a#d t!e actual sta#dards t!e reader is referred to t!e
appropriate sta#dards.
.t also ser=es t!e purpose of ide#tif6i#1 t!e pote#tial ris8s a#d t!reats t!at !a=e $ee#
!i1!li1!ted a#d reBuire careful co#sideratio# 0!e# i>ple>e#ti#1 a t!ird 1e#erat6io#
>o$ile s6ste>.
Readers s!ould #ote t!at so>e possi$le securit6 attac8s !a=e $ee# ide#tified a#d o>itted
fro> t!is docu>e#t: as t!e arc!itecture does #ot protect a1ai#st t!ese attac8s.
6 Refere#ces
Refere#ce to a# (T s!all also $e ta8e# to refer to later =ersio#s pu$lis!ed as a#
(& 0it! t!e sa>e #u>$er.
91; 3GPP T 33.102: 3GPP ecurit6A ecurit6 "rc!itecture
92; 3GPP T 33.103 ecurit6 .#te1ratio# Guideli#es
93; 3GPP T 33.105 'r6pto1rap!ic "l1orit!> ReBuire>e#ts
9+; 3GPP T 33.106 La0ful .#terceptio# reBuire>e#ts
95; 3GPP T 33.10- La0ful i#terceptio# arc!itecture a#d fu#ctio#s
96; 3GPP T 33.901 'riteria for cr6pto1rap!ic al1orit!> desi1# process
9-; 3GPP T 33.902 %or>al a#al6sis of t!e 3GPP aut!e#ticatio# protocol 0it! a
>odified seBue#ce #u>$er
9C; 3GPP T 33.120: 3GPP ecurit6A ecurit6 Pri#ciples a#d D$?ecti=es
99; 3GPP T 21.133: 3GPP ecurit6A ecurit6 T!reats a#d ReBuire>e#ts
3GPP
3GPP T 33!"00 %1!3!0 (&000-0&$ ) 3GPP T 33!"00 #ersion 1!3!0
- " $rief o=er=ie0 of 3GPP ecurit6
'o#sideratio# of pre=ious securit6 sta#dards lead to t!e follo0i#1 e#!a#ce>e#ts i#
3GPP)
T!e securit6 >ec!a#is>s i#clude a protocol t!at e#sures t!at t!e >o$ile ca# perfor>
so>e de1ree of >utual aut!e#ticatio#. T!is reduces t!e ris8 of a false $ase statio#
attac8.
5e6 le#1t!s 0ere i#creased to allo0 for t!e possi$ilit6 of stro#1er al1orit!>s for
e#cr6ptio# a#d i#te1rit6.
Eec!a#is>s 0ere i#cluded to support securit6 0it!i# a#d $et0ee# #et0or8s.
ecurit6 is ta8e# $ac8 i#to t!e #et0or8: t!erefore li#8s are also protected.
Ter>i#al ide#tit6 (.E(.) a reBuire>e#t t!at it ca##ot $e easil6 c!a#1ed 0it!i# t!e
sta#dards.
%or t!e aut!e#ticatio# al1orit!> 1uida#ce o# c!oice 0ill $e 1i=e#.
3!e# roa>i#1 $et0ee# #et0or8s of differe#t sta#dards: o#l6 t!e le=el of protectio#
supported $6 t!e >o$ile eBuip>e#t 0ill appl6.
C 'ou#teracti#1 e#=isa1ed 3GPP attac8s
Ea#6 of t!e securit6 e#!a#ce>e#ts reBuired for 3GPP s6ste>s are i#te#ded to
cou#teract attac8s 0!ic! 0ere #ot percei=ed to $e feasi$le i# 2G s6ste>s. T!is i#cludes
attac8s t!at are: or are percei=ed to $e: possi$le #o0 or =er6 soo# $ecause i#truders
!a=e access to >ore co>putatio#al capa$ilities: #e0 eBuip>e#t !as $eco>e a=aila$le:
a#d t!e p!6sical securit6 of certai# #et0or8 ele>e#ts is Buestio#ed.
.# order to perfor> t!e attac8s t!e i#truder !as to possess o#e or >ore of t!e follo0i#1
capa$ilities to co>pro>ise co>>u#icatio#s securit6)
- +adio path attac"s0 *a#esdroppin+! T!is is t!e capa$ilit6 t!at t!e i#truder ea=esdrops
si1#alli#1 a#d data co##ectio#s associated 0it! ot!er users. T!e reBuired eBuip>e#t
is a modified MS or specialised equipment.
- +adio path attac"s0 I,personation of a user! T!is is t!e capa$ilit6 0!ere$6 t!e i#truder
se#ds si1#alli#1 a#d/or user data to t!e #et0or8: i# a# atte>pt to >a8e t!e #et0or8
$elie=e t!e6 ori1i#ate fro> t!e tar1et user. T!e reBuired eBuip>e#t is a1ai# a modified
MS or specialised equipment.
- +adio path attac"s0 -,personation of the net.or/! T!is is t!e capa$ilit6 0!ere$6 t!e
i#truder se#ds si1#alli#1 a#d/or user data to t!e tar1et user: i# a# atte>pt to >a8e t!e
tar1et user $elie=e t!e6 ori1i#ate fro> a 1e#ui#e #et0or8. T!e reBuired eBuip>e#t is
>odified BS or modified MS. "#ot!er sce#ario is 0!ere t!e i#truder puts itself i#
$et0ee# t!e tar1et user a#d a 1e#ui#e #et0or8 a#d !as t!e a$ilit6 to ea=esdrop:
>odif6: delete: re-order: repla6: a#d spoof si1#alli#1 a#d user data >essa1es
e,c!a#1ed $et0ee# t!e t0o parties. T!e reBuired eBuip>e#t is >odified BS in
conjunction with a modified MS.
3GPP
3GPP T 33!"00 %1!3!0 (&000-0&$ 0 3GPP T 33!"00 #ersion 1!3!0
- 1et.or/ security! 3!ere t!e attac8er >a#a1es to i#tercept: ea=esdrop or attac8 data
or #et0or8 ele>e#ts.
- 2o,pro,isin+ authentication #ectors in the net.or/! T!e i#truder possesses a
compromised authentication vector: 0!ic! >a6 i#clude c!alle#1e/respo#se pairs:
cip!er 8e6s a#d i#te1rit6 8e6s. T!is data >a6 !a=e $ee# o$tai#ed $6 co>pro>isi#1
#et0or8 #odes or $6 i#tercepti#1 si1#alli#1 >essa1es o# #et0or8 li#8s: for e,a>ple
si1#alli#1 s6ste> #u>$er -.
T!e first capa$ilit6 is t!e easiest to ac!ie=e t!e follo0i#1 capa$ilities are 1raduall6 >ore
co>ple, a#d reBuire >ore i#=est>e#t $6 t!e attac8er. T!erefore: i# 1e#eral: a# i#truder
!a=i#1 a certai# capa$ilit6 is assu>ed also to !a=e t!e capa$ilities positio#ed a$o=e t!at
capa$ilit6 i# t!e list.
C.1 Radio pat! attac8s)
C.1.1 4ser de-re1istratio# reBuest spoofi#1
Description:
"# attac8 t!at reBuires a modified MS a#d e,ploits t!e 0ea8#ess t!at t!e #et0or8
ca##ot aut!e#ticate t!e >essa1es it recei=es o=er t!e radio i#terface. T!e i#truder
spoofs a de-re1istratio# reBuest (.E. detac!) to t!e #et0or8. T!e #et0or8 de-re1isters
t!e user fro> t!e =isited locatio# area a#d i#structs t!e FLR to do t!e sa>e. T!e user
is su$seBue#tl6 u#reac!a$le for >o$ile ter>i#ated ser=ices.
Does 3GPP security architecture counteract the attac!
.#te1rit6 protectio# of critical si1#alli#1 >essa1es protects a1ai#st t!is attac8. Eore
specificall6: data aut!e#ticatio# a#d repla6 i#!i$itio# of t!e de-re1istratio# reBuest
allo0s t!e ser=i#1 #et0or8 to =erif6 t!at t!e de-re1istratio# reBuest is le1iti>ate.
C.1.2 Locatio# update reBuest spoofi#1
Description:
"# attac8 t!at reBuires a modified MS a#d e,ploits t!e 0ea8#ess t!at t!e #et0or8
ca##ot aut!e#ticate t!e >essa1es it recei=es o=er t!e radio i#terface. .#stead of t!e de-
re1istratio# reBuest: t!e attac8er spoofs a locatio# update reBuest i# a differe#t locatio#
area fro> t!e o#e i# 0!ic! t!e user is roa>i#1. T!e #et0or8 re1isters i# t!e #e0
locatio# area a#d t!e tar1et user 0ill $e pa1ed i# t!at #e0 area. T!e user is
su$seBue#tl6 u#reac!a$le for >o$ile ter>i#ated ser=ices.
specificall6: data aut!e#ticatio# a#d repla6 i#!i$itio# of t!e locatio# update reBuest
allo0s t!e ser=i#1 #et0or8 to =erif6 t!at t!e locatio# update reBuest is le1iti>ate.
C.1.3 Eo$ile co##ecti#1 to a false G
Description:
"# attac8 t!at reBuires a modified BS a#d e,ploits t!e 0ea8#ess t!at a user ca# $e
e#ticed to attac! o# a false $ase statio#. D#ce t!e tar1et user selects t!e radio
c!a##els of a false $ase statio#: t!e tar1et user is out of reac! of t!e pa1i#1 si1#als of
t!e ser=i#1 #et0or8 i# 0!ic! !e is re1istered.
3GPP
3GPP T 33!"00 %1!3!0 (&000-0&$ 8 3GPP T 33!"00 #ersion 1!3!0
T!e securit6 arc!itecture does #ot cou#teract t!is attac8. Fo0e=er: t!e de#ial of ser=ice
i# t!is case o#l6 persists for as lo#1 as t!e attac8er is acti=e u#li8e t!e a$o=e attac8s
0!ic! persist $e6o#d t!e >o>e#t 0!ere i#ter=e#tio# $6 t!e attac8er stops. T!ese
attac8s are co>para$le to radio ?a>>i#1 0!ic! is =er6 difficult to cou#teract effecti=el6
i# a#6 radio s6ste>.
C.1.+ "ttac!i#1 o# a false Radio "ccess &et0or8
Description:
"# attac8 t!at reBuires a modified BS"MS a#d e,ploits t!e 0ea8#ess t!at a user ca# $e
e#ticed to attac! o# a false $ase statio#. " false G/E ca# act as a repeater for so>e
ti>e a#d ca# rela6 so>e reBuests i# $et0ee# t!e #et0or8 a#d t!e tar1et user: $ut
su$seBue#tl6 >odif6 or i1#ore certai# ser=ice reBuests a#d/or pa1i#1 >essa1es related
to t!e tar1et user.
T!e securit6 arc!itecture does #ot pre=e#t a false G/E rela6i#1 >essa1es $et0ee#
t!e #et0or8 a#d t!e tar1et user: #eit!er does it pre=e#t t!e false G/E i1#ori#1 certai#
ser=ice reBuests a#d/or pa1i#1 reBuests. .#te1rit6 protectio# of critical >essa1e >a6
!o0e=er !elp to pre=e#t so>e de#ial of ser=ice attac8s: 0!ic! are i#duced $6 >odif6i#1
certai# >essa1es. "1ai#: t!e de#ial of ser=ice i# t!is case o#l6 persists for as lo#1 as
t!e attac8er is acti=e u#li8e t!e a$o=e attac8s: 0!ic! persist $e6o#d t!e >o>e#t 0!ere
i#ter=e#tio# $6 t!e attac8er stops. T!ese attac8s are co>para$le to radio ?a>>i#1
0!ic! is =er6 difficult to cou#teract effecti=el6 i# a#6 radio s6ste>. .f e#cr6ptio# is 8ept
al0a6s o# t!e# t!is 0ill cou#teract t!is attac8: as t!e >o$ile 0ill $e a0are if e#cr6ptio#
fails.
C.1.5 Passi=e ide#tit6 catc!i#1
Description:
" passi=e attac8 t!at reBuires a modified MS a#d e,ploits t!e 0ea8#ess t!at t!e
#et0or8 >a6 so>eti>es reBuest t!e user to se#d its ide#tit6 i# clearte,t.
T!e ide#tit6 co#fide#tialit6 >ec!a#is> cou#teracts t!is attac8. T!e use of te>porar6
ide#tities allocated $6 t!e ser=i#1 #et0or8 >a8es passi=e ea=esdroppi#1 i#efficie#t
si#ce t!e user >ust 0ait for a #e0 re1istratio# or a >is>atc! i# t!e ser=i#1 #et0or8
data$ase $efore !e ca# capture t!e userHs per>a#e#t ide#tit6 i# plai#te,t. T!e
i#efficie#c6 of t!is attac8 1i=e# t!e li8el6 re0ards to t!e attac8er 0ould >a8e t!is
sce#ario u#li8el6. (&ote !o0e=er t!at t!e per>a#e#t ide#tit6 >a6 $e protected i# t!e
e=e#t of #e0 re1istratio#s or ser=i#1 #et0or8 data$ase failure i# order to 1uard a1ai#st
>ore efficie#t acti=e attac8s.)
C.1.6 "cti=e ide#tit6 catc!i#1
Description:
"# acti=e attac8 t!at reBuires a modified BS a#d e,ploits t!e 0ea8#ess t!at t!e #et0or8
>a6 reBuest t!e E to se#d its per>a#e#t user ide#tit6 i# clearte,t. "# i#truder e#tices
t!e tar1et user to attac! o# its false G a#d su$seBue#tl6 reBuests t!e tar1et user to
3GPP
3GPP T 33!"00 %1!3!0 (&000-0&$ " 3GPP T 33!"00 #ersion 1!3!0
se#d its per>a#e#t user ide#tit6 i# clearte,t per!aps $6 forci#1 a #e0 re1istratio# or $6
clai>i#1 a te>porar6 ide#tit6 >is>atc! due to data$ase failure.
T!e ide#tit6 co#fide#tialit6 >ec!a#is> cou#teracts t!is attac8 $6 usi#1 a# e#cr6ptio#
8e6 s!ared $6 a 1roup of users to protect t!e user ide#tit6 i# t!e e=e#t of #e0
re1istratio#s or te>porar6 ide#tit6 data$ase failure i# t!e ser=i#1 #et0or8. &ote
!o0e=er t!at t!e si@e of t!e 1roups s!ould $e c!ose# carefull6) too s>all a#d t!e 1roup
ide#tif6 >a6 co>pro>ise t!e user ide#tit6 itselfA too lar1e a#d t!e 1roup e#cr6ptio# 8e6
>i1!t $e =ul#era$le to attac8. T!e e#!a#ced user ide#tit6 1roup 8e6 also protects
a1ai#st t!is attac8.
C.1.- .>perso#atio# of t!e #et0or8 $6 suppressi#1 e#cr6ptio# $et0ee# t!e
tar1et user a#d t!e i#truder
Description:
"# attac8 t!at reBuires a modified BS a#d t!at e,ploits t!e 0ea8#ess t!at t!e E
ca##ot aut!e#ticate >essa1es recei=ed o=er t!e radio i#terface. T!e tar1et user is
e#ticed to attac! o# t!e false G. 3!e# t!e i#truder or t!e tar1et user i#itiates a
ser=ice: t!e i#truder does #ot e#a$le e#cr6ptio# $6 spoofi#1 t!e cip!er >ode co>>a#d.
T!e i#truder >ai#tai#s t!e call as lo#1 as it is reBuired or as lo#1 as !is attac8 re>ai#s
u#detected.
" >a#dator6 cip!er >ode co>>a#d 0it! >essa1e aut!e#ticatio# a#d repla6 i#!i$itio#
allo0s t!e >o$ile to =erif6 t!at e#cr6ptio# !as #ot $ee# suppressed $6 a# attac8er.
C.1.C .>perso#atio# of t!e #et0or8 $6 suppressi#1 e#cr6ptio# $et0ee# t!e
tar1et user a#d t!e true #et0or8
Description:
"# attac8 t!at reBuires a modified BS"MS a#d t!at e,ploits t!e 0ea8#ess t!at t!e
#et0or8 ca##ot aut!e#ticate >essa1es recei=ed o=er t!e radio i#terface. T!e tar1et
user is e#ticed to attac! o# t!e false G/E. 3!e# a call is set-up t!e false G/E
>odifies t!e cip!eri#1 capa$ilities of t!e E to >a8e it appear to t!e #et0or8 t!at a
1e#ui#e i#co>pati$ilit6 e,ists $et0ee# t!e #et0or8 a#d t!e >o$ile statio#. T!e #et0or8
>a6 t!e# decide to esta$lis! a# u#-e#cip!ered co##ectio#. "fter t!e decisio# #ot to
cip!er !as $ee# ta8e#: t!e i#truder cuts t!e co##ectio# 0it! t!e #et0or8 a#d
i>perso#ates t!e #et0or8 to t!e tar1et user.
" >o$ile statio# co>>a#d 0it! >essa1e aut!e#ticatio# a#d repla6 i#!i$itio# allo0s t!e
#et0or8 to =erif6 t!at e#cr6ptio# !as #ot $ee# suppressed $6 a# attac8er.
C.1.9 (a=esdroppi#1 o# user data $6 suppressi#1 e#cr6ptio# $et0ee# t!e
tar1et user a#d t!e i#truder
Description:
3GPP
3GPP T 33!"00 %1!3!0 (&000-0&$ 10 3GPP T 33!"00 #ersion 1!3!0
"# attac8 t!at reBuires a modified BS"MS a#d t!at e,ploits t!e 0ea8#ess t!at t!e E
ca##ot aut!e#ticate >essa1es recei=ed o=er t!e radio i#terface. T!e tar1et user is
e#ticed to attac! o# t!e false G. 3!e# t!e tar1et user or t!e i#truder i#itiates a call t!e
#et0or8 does #ot e#a$le e#cr6ptio# $6 spoofi#1 t!e cip!er >ode co>>a#d. T!e
attac8er !o0e=er sets up !is o0# co##ectio# 0it! t!e 1e#ui#e #et0or8 usi#1 !is o0#
su$scriptio#. T!e attac8er >a6 t!e# su$seBue#tl6 ea=esdrop o# t!e tra#s>itted user
data.
" >a#dator6 cip!er >ode co>>a#d 0it! >essa1e aut!e#ticatio# a#d repla6 i#!i$itio#
allo0s t!e >o$ile to =erif6 t!at e#cr6ptio# !as #ot $ee# suppressed $6 a# attac8er.
.
C.1.10 Fi?ac8i#1 i#co>i#1 calls i# #et0or8s 0it! e#cr6ptio# disa$led
Description:
T!is attac8 reBuires a modified BS"MS. 3!ile t!e tar1et user attac!es o# t!e false $ase
statio#: a# associate of t!e i#truder >a8es a call to t!e tar1et userHs #u>$er. T!e
i#truder acts as a rela6 $et0ee# t!e #et0or8 a#d t!e tar1et user u#til aut!e#ticatio# a#d
call set-up !as $ee# perfor>ed $et0ee# tar1et user a#d ser=i#1 #et0or8. T!e #et0or8
does #ot e#a$le e#cr6ptio#. "fter aut!e#ticatio# a#d call set-up t!e i#truder releases
t!e tar1et user: a#d su$seBue#tl6 uses t!e co##ectio# to a#s0er t!e call >ade $6 !is
associate. T!e tar1et user 0ill !a=e to pa6 for t!e roa>i#1 le1.
specificall6: data aut!e#ticatio# a#d repla6 i#!i$itio# of t!e co##ectio# accept >essa1e
allo0s t!e ser=i#1 #et0or8 to =erif6 t!at t!e reBuest is le1iti>ate. .# additio#: periodic
i#te1rit6 protected >essa1es duri#1 a co##ectio# !elps protect a1ai#st !i?ac8i#1 of u#-
e#cip!ered co##ectio#s after t!e i#itial co##ectio# esta$lis!>e#t. Fo0e=er: !i?ac8i#1
t!e c!a##el $et0ee# periodic i#te1rit6 protectio# >essa1es is still possi$le: alt!ou1!
t!is >a6 $e of li>ited use to attac8ers. .# 1e#eral: co##ectio#s 0it! cip!eri#1 disa$led
0ill al0a6s $e =ul#era$le to so>e de1ree of c!a##el !i?ac8i#1.
C.2 .#frastructure $ased attac8s
C.2.1 .>perso#atio# of t!e #et0or8 $6 forci#1 t!e use of a co>pro>ised
cip!er 8e6
Description:
"# attac8 t!at reBuires a modified BS a#d t!e possessio# $6 t!e i#truder of a
compromised authentication vector a#d t!us e,ploits t!e 0ea8#ess t!at t!e user !as #o
co#trol upo# t!e cip!er 8e6. T!e tar1et user is attac!ed o# t!e false G/E. 3!e# a
call is set-up t!e false G/E forces t!e use of a co>pro>ised cip!er 8e6 o# t!e >o$ile
user. T!e i#truder >ai#tai#s t!e call as lo#1 as it is reBuired or as lo#1 as !is attac8
re>ai#s u#detected.
T!e prese#ce of a seBue#ce #u>$er i# t!e c!alle#1e allo0s t!e .E to =erif6 t!e
fres!#ess of t!e cip!er 8e6 to !elp 1uard a1ai#st forced re-use of a co>pro>ised
aut!e#ticatio# =ector. Fo0e=er: t!e arc!itecture does #ot protect a1ai#st force use of
co>pro>ised aut!e#ticatio# =ectors: 0!ic! !a=e #ot 6et $ee# used to aut!e#ticate t!e
3GPP
3GPP T 33!"00 %1!3!0 (&000-0&$ 11 3GPP T 33!"00 #ersion 1!3!0
.E. T!us: t!e #et0or8 is still =ul#era$le to attac8s usi#1 co>pro>ised aut!e#ticatio#
=ectors 0!ic! !a=e $ee# i#tercepted $et0ee# 1e#eratio# i# t!e aut!e#ticatio# ce#tre a#d
use or destructio# i# t!e ser=i#1 #et0or8.
T!e user >ust trust t!e & (t!rou1! t!e F() to !a#dle aut!e#ticatio# =ectors securel6.
%or i#sta#ce: a# attac8er 0it! a false G >a6 0or8 i# collusio# 0it! a# & to i#tercept
u#used aut!e#ticatio# =ectors: or t!e & >a6 e,pose itself to u#due ris8s $ecause it
stoc8piles lar1e #u>$ers of aut!e#ticatio# =ectors $efore t!e6 #eed to $e used.

C.2.2 (a=esdroppi#1 o# user data $6 suppressio# of e#cr6ptio# $et0ee# t!e
tar1et user a#d t!e true #et0or8
Description:
"# attac8 t!at reBuires a modified BS"MS a#d t!at e,ploits t!e 0ea8#ess t!at t!e
#et0or8 ca##ot aut!e#ticate >essa1es recei=ed o=er t!e radio i#terface. T!e tar1et
user is e#ticed to attac! o# t!e false G/E. 3!e# t!e tar1et user or t!e 1e#ui#e
#et0or8 sets up a co##ectio#: t!e false G/E >odifies t!e cip!eri#1 capa$ilities of t!e
E to >a8e it appear to t!e #et0or8 t!at a 1e#ui#e i#co>pati$ilit6 e,ists $et0ee# t!e
#et0or8 a#d t!e >o$ile statio#. T!e #et0or8 >a6 t!e# decide to esta$lis! a# u#-
e#cip!ered co##ectio#. "fter t!e decisio# #ot to cip!er !as $ee# ta8e#: t!e i#truder
>a6 ea=esdrop o# t!e user data.
Eessa1e aut!e#ticatio# a#d repla6 i#!i$itio# of t!e >o$ileHs cip!eri#1 capa$ilities
allo0s t!e #et0or8 to =erif6 t!at e#cr6ptio# !as #ot $ee# suppressed $6 a# attac8er.
C.2.3 (a=esdroppi#1 o# user data $6 forci#1 t!e use of a co>pro>ised cip!er
8e6
Description:
"# attac8 t!at reBuires a modified BS"MS a#d t!e possessio# $6 t!e i#truder of a
compromised authentication vector a#d t!us e,ploits t!e 0ea8#ess t!at t!e user !as #o
co#trol t!e cip!er 8e6. T!e tar1et user is e#ticed to attac! o# t!e false G/E. 3!e#
t!e tar1et user or t!e i#truder set-up a ser=ice: t!e false G/E forces t!e use of a
co>pro>ised cip!er 8e6 o# t!e >o$ile user 0!ile it $uilds up a co##ectio# 0it! t!e
1e#ui#e #et0or8 usi#1 its o0# su$scriptio#.
T!e prese#ce of a seBue#ce #u>$er i# t!e c!alle#1e allo0s t!e .E to =erif6 t!e
fres!#ess of t!e cip!er 8e6 to !elp 1uard a1ai#st forced re-use of a co>pro>ised
aut!e#ticatio# =ector. Fo0e=er: t!e arc!itecture does #ot protect a1ai#st force use of
co>pro>ised aut!e#ticatio# =ectors: 0!ic! !a=e #ot 6et $ee# used to aut!e#ticate t!e
.E. T!us: t!e #et0or8 is still =ul#era$le to attac8s usi#1 co>pro>ised aut!e#ticatio#
=ectors: 0!ic! !a=e $ee# i#tercepted $et0ee# 1e#eratio# i# t!e aut!e#ticatio# ce#tre a#d
use a#d destructio# i# t!e ser=i#1 #et0or8.
T!e user >ust trust t!e & (tra#siti=el6 =ia t!e F() to !a#dle aut!e#ticatio# =ectors
securel6. %or i#sta#ce: a# attac8er 0it! a false G >a6 0or8 i# collusio# 0it! a# & to
i#tercept u#used aut!e#ticatio# =ectors: or t!e & >a6 e,pose itself to u#due ris8s
$ecause it stoc8piles lar1e #u>$ers of aut!e#ticatio# =ectors $efore t!e6 #eed to $e
used.
3GPP
3GPP T 33!"00 %1!3!0 (&000-0&$ 1& 3GPP T 33!"00 #ersion 1!3!0
C.2.+ .>perso#atio# of t!e user t!rou1! t!e use of $6 t!e #et0or8 of a
co>pro>ised aut!e#ticatio# =ector
Description:
"# attac8 t!at reBuires a modified MS a#d t!e possessio# $6 t!e i#truder of a
compromised authentication vector 0!ic! is i#te#ded to $e used $6 t!e #et0or8 to
aut!e#ticate a le1iti>ate user. T!e i#truder uses t!at data to i>perso#ate t!e tar1et
user to0ards t!e #et0or8 a#d t!e ot!er part6.
T!e prese#ce of a seBue#ce #u>$er i# t!e c!alle#1e >ea#s t!at aut!e#ticatio# =ectors
ca##ot $e re-used to aut!e#ticate .Es. T!is !elps to reduce t!e opportu#it6 of usi#1 a
co>pro>ised aut!e#ticatio# =ector to i>perso#ate t!e tar1et user. Fo0e=er: t!e #et0or8
is still =ul#era$le to attac8s usi#1 co>pro>ised aut!e#ticatio# =ectors: 0!ic! !a=e $ee#
i#tercepted $et0ee# 1e#eratio# i# t!e aut!e#ticatio# ce#tre a#d use a#d destructio# i#
t!e ser=i#1 #et0or8.
T!e user >ust trust t!e & (tra#siti=el6 =ia t!e F() to !a#dle aut!e#ticatio# =ectors
securel6. %or i#sta#ce: a# attac8er 0it! a false G >a6 0or8 i# collusio# 0it! a# & to
i#tercept u#used aut!e#ticatio# =ectors: or t!e & >a6 e,pose itself to u#due ris8s
$ecause it stoc8piles lar1e #u>$ers of aut!e#ticatio# =ectors $efore t!e6 #eed to $e
used.
C.2.5 .>perso#atio# of t!e user t!rou1! t!e use $6 t!e #et0or8 of a#
ea=esdropped aut!e#ticatio# respo#se
Description:
"# attac8 t!at reBuires a modified MS a#d e,ploits t!e 0ea8#ess t!at a# aut!e#ticatio#
=ector >a6 $e used se=eral ti>es. T!e i#truder ea=esdrops o# t!e aut!e#ticatio#
respo#se se#t $6 t!e user a#d uses t!at 0!e# t!e sa>e c!alle#1e is se#t later o#.
u$seBue#tl6: cip!eri#1 !as to $e a=oided $6 a#6 of t!e >ec!a#is>s descri$ed a$o=e.
T!e i#truder uses t!e ea=esdropped respo#se data to i>perso#ate t!e tar1et user
to0ards t!e #et0or8 a#d t!e ot!er part6.
T!e prese#ce of a seBue#ce #u>$er i# t!e c!alle#1e >ea#s t!at aut!e#ticatio# =ectors
ca##ot $e re-used to aut!e#ticate .Es
9 &et0or8 issues
(=er6 3GPP #et0or8 !as se#siti=e #et0or8 ele>e#ts t!at >ust $e properl6 >a#a1edA a#
e,a>ple of t!ese is 1i=e# i# "ppe#di, ".
3GPP
3GPP T 33!"00 %1!3!0 (&000-0&$ 13 3GPP T 33!"00 #ersion 1!3!0
10.#ter &et0or8 ecurit6
10.1 i1#alli#1 s6ste> &u>$er -Eoti=atio#
Eo$ile #et0or8s pri>aril6 use i1#ali#1 6ste> #o. - (-) for co>>u#icatio# $et0ee#
#et0or8s for suc! acti=ities as aut!e#ticatio#: locatio# update: a#d supple>e#tar6
ser=ices a#d call co#trol. T!e >essa1es u#iBue to 3GPP are E"P >essa1es.
T!e securit6 of t!e 1lo$al - #et0or8 as a tra#sport s6ste> for si1#ali#1 >essa1es e.1.
aut!e#ticatio# a#d supple>e#tar6 ser=ices suc! as call for0ardi#1 is ope# to >a?or
co>pro>ise.
T!e pro$le> 0it! t!e curre#t - s6ste> is t!at >essa1es ca# $e altered: i#?ected or
deleted i#to t!e 1lo$al - #et0or8s i# a# u#co#trolled >a##er.
.# t!e past: - traffic 0as passed $et0ee# >a?or PTDHs co=ered u#der treat6
or1a#i@atio# a#d t!e #u>$er of operators 0as relati=el6 s>all a#d t!e ris8 of co>pro>ise
0as lo0.
&et0or8s are 1etti#1 s>aller a#d >ore #u>erous. Dpportu#ities for u#i#te#tio#al
>is!aps 0ill i#crease: as 0ill t!e opportu#ities for !ac8ers a#d ot!er a$users of #et0or8s.
3it! t!e i#crease i# differe#t t6pes of operators a#d t!e i#crease i# t!e #u>$er of
i#terco##ectio# circuits t!ere is a# e=er-1ro0i#1 loss of co#trol of securit6 of t!e si1#ali#1
#et0or8s.
T!ere is also e,po#e#tial 1ro0t! i# t!e use of i#terco##ectio# $et0ee# t!e
teleco>>u#icatio# #et0or8s a#d t!e .#ter#et .T!e .T co>>u#it6 #o0 !as >a#6 protocol
co#=erters for co#=ersio# of - data to .P: pri>aril6 for t!e tra#sportatio# of =oice a#d
data o=er t!e .P #et0or8s. .# additio# #e0 ser=ices suc! as t!ose $ased o# .& 0ill lead to
a 1ro0i#1 use of t!e - #et0or8 for 1e#eral data tra#sfers.
T!ere !a=e $ee# a #u>$er of i#cide#ts fro> accide#tal actio#: 0!ic! !a=e da>a1ed a
#et0or8. To date: t!ere !a=e $ee# =er6 fe0 deli$erate actio#s.
T!e a=aila$ilit6 of c!eap P' $ased eBuip>e#t t!at ca# $e used to access #et0or8s a#d
t!e read6 a=aila$ilit6 of access 1ate0a6s o# t!e .#ter#et 0ill lead to co>pro>ise of -
si1#ali#1 a#d t!is 0ill effect >o$ile operators.
%or t!e #et0or8 operator t!ere is so>e polici#1 of i#co>i#1 si1#ali#1 o# >ost s0itc!es
alread6: $ut t!is is depe#de#t o# t!e >a8e of s0itc! as 0ell as o# t!e 0a6 t!e s0itc! is
co#fi1ured $6 operators.
o>e e#1i#eeri#1 eBuip>e#t is #ot su$sta#tiall6 differe#t fro> ot!er ad=a#ced protocol
a#al6sers i# ter>s of its fraud pote#tial: $ut is >ore i#telli1e#t a#d ca# $e pro1ra>>ed
>ore easil6.
.t is =itall6 i>porta#t t!at #et0or8 operators e#sure t!at si1#ali#1 scree#i#1 of -
i#co>i#1 >essa1es ta8es place at t!e e#tr6 poi#ts to t!eir #et0or8s a#d t!at operatio#s
a#d >ai#te#a#ce s6ste>s alert a1ai#st u#usual - >essa1es. T!ere are a #u>$er of
>essa1es t!at ca# !a=e a si1#ifica#t effect o# t!e operatio# of t!e #et0or8 a#d
i#appropriate >essa1es s!ould $e co#trolled at e#tr6 poi#t.
&et0or8 operators #et0or8 securit6 e#1i#eers s!ould o# a re1ular $asis carr6 out
>o#itori#1 of si1#ali#1 li#8s for t!ese i#appropriate >essa1es. .# si1#i#1 a1ree>e#ts
0it! roa>i#1 part#ers a#d carr6i#1 out roa>i#1 testi#1: re=ie0 of >essa1es a#d also to
see8 appropriate co#fir>atio# t!at #et0or8 operators are also scree#i#1 i#co>i#1 -
>essa1es t!eir #et0or8s to e#sure t!at #o rou1e >essa1es appear.
3GPP
3GPP T 33!"00 %1!3!0 (&000-0&$ 1' 3GPP T 33!"00 #ersion 1!3!0
Dperators s!ould #ote t!at FPLE& co#trol o=er a su$scri$er roa>i#1 i# a VPLE& usi#1
differe#t E"P release could $e li>ited. To a=oid t!is: operators s!ould assure t!at t!eir
roa>i#1 part#ers use t!e curre#t E"P =ersio#: as specified $6 t!e 3GPP "ssociatio#.
T!e - #et0or8 as prese#tl6 e#1i#eered is i#secure. T!erefore: it is =itall6 i>porta#t
t!at #et0or8 operators e#sure E"P >essa1es are adeBuatel6 protected#
10.2 T!e 3GPP Eec!a#is> for ecuri#1 E"P-Gased
Tra#s>issio#s
" >ec!a#is> for securi#1 se#siti=e E"P >essa1es !as $ee# de=ised $6 3GPP. T!e
>ec!a#is> co#sists of t!ree la6ers: >a8i#1 use of #e0l6 defi#ed #et0or8 e#tities: t!e so-
called 5e6-"d>i#istratio# 'e#tres (5"'s).: Gesides 1e#erati#1 a#d stori#1 e#cr6ptio#
8e6s: t!ese e#tities ser=e a t0ofold tas8) %irstl6: t!e6 >a#a1e t!e tra#sport of e#cr6ptio#
8e6s $et0ee# differe#t #et0or8s i# a secure >a##er $6 deplo6i#1 as6>>etric
cr6pto1rap!6 (t!is is La6er . or $ey %dministration &ayer of t!e >ec!a#is>). eco#dl6:
after t!ese sessio# 8e6s !a=e $ee# esta$lis!ed: t!e 5"' ta8es care of t!e furt!er
distri$utio# of t!e 8e6s to t!e #et0or8 e#tities i# its o0# do>ai#: t!is $ei#1 La6er .. (or
$ey Distri'ution &ayer). %i#all6: i# La6er ...: t!e #et0or8 e#tities t!e# ca# use t!e
e#cr6ptio# 8e6s to protect se#siti=e E"P >essa1es $6 s6>>etric cr6pto1rap6. T!e
picture $elo0 1i=es a# o=er=ie0 of t!e t!ree la6ers.
3GPP
3GPP T 33!"00 %1!3!0 (&000-0&$ 1( 3GPP T 33!"00 #ersion 1!3!0
"ccordi#1 to t!e pote#tial se#siti=it6 of E"P >essa1es (t!e E"P >essa1e co#tai#i#1 3G
aut!e#ticatio# =ectors $ei#1 a pri>e e,a>ple) t!e E"P >essa1es ca# $e protected i#
t!ree differe#t protectio# >odes: t!e first offeri#1 #o protectio# at all: t!e seco#d offeri#1
>essa1e i#te1rit6 a#d >essa1e aut!e#ticatio#: 0!ile t!e t!ird protectio# >ode pro=ides
co#fide#tialit6: >essa1e i#te1rit6 a#d >essa1e aut!e#ticatio#. T!e >appi#1 of t!e E"P
>esa1es to t!e appropriate >ode of protectio# is left to eac! #et0or8 operator: 0!o could
ad?ust t!is >appi#1 to !is securit6 polic6.
11 .#tra #et0or8 securit6
11.1 3GPP &et0or8 ele>e#ts a#d i#terfaces
4#aut!orised: local or re>ote access to 3GPP #et0or8 ele>e#ts ca# result i# access to
co#fide#tial data stored $6 s6ste> e#tities: u#aut!orised access to ser=ices a#d
resources: >isuse of t!e #et0or8 ele>e#t to 1ai# access to data or ser=ices or de#ial of
ser=ice. T!e follo0i#1 sectio# 1i=es a# outli#e of pote#tial t!reats related to attac8s o#
3GPP #et0or8 ele>e#ts a#d reco>>e#datio#s.
11.1.1 Fo>e Locatio# Re1ister - FLR
"# u#aut!orised access to FLR could result i# acti=ati#1 su$scri$ers #ot see# $6 t!e
$illi#1 s6ste>: t!us #ot c!ar1ea$le. er=ices >a6 also $e acti=ated or deacti=ated for
eac! su$scri$er: t!us allo0i#1 u#aut!orised access to ser=ices or de#ial of ser=ice
attac8s. .# certai# circu>sta#ces it is possi$le to use Ea#-Eac!i#e (EE) co>>a#ds to
3GPP
3GPP T 33!"00 %1!3!0 (&000-0&$ 1) 3GPP T 33!"00 #ersion 1!3!0
>ey =istribution %omplete
!ession >ey >!
?@
&et0or8 I &et0or8 J
3A2
4
La6er .
La6er ..
La6er ...
1*
4
(sendin+5
e!+! Au2
4
$
1*
6
(recei#in+5
e!+! %7
6
$
5y >!
?@
Protected =ata
!ession >ey >!
?@
3A2
6
!ession >ey >!
?@
>o#itor ot!er FLR userHs actio# - t!is 0ould also ofte# allo0 for u#aut!orised access to
data.
"# operator s!ould #ot rel6 o# t!e fact t!at a# i#truderHs 8#o0led1e o# particular =e#dorHs
EE la#1ua1e 0ill $e li>ited. T!ose attac8s ca# $e perfor>ed $ot! $6 e,ter#al i#truders
a#d $6 operatorHs e>plo6ees.
"ccess co#trol to FLRs s!ould $e $ased o# user profiles: usi#1 at least a u#iBue
user#a>e a#d a pass0ord as aut!e#ticatio# data. Re>ote access to FLR s!ould $e
protected fro> ea=esdroppi#1: source a#d desti#atio# spoofi#1 a#d sessio# !i?ac8i#1. "#
operator >a6 t!erefore 0is! to li>it t!e ra#1e of protocols a=aila$le for co>>u#icatio#
0it! FLR..
11.1.2 "ut!e#ticatio# 'e#tre - "u'
%n intruder who (ains direct access to an %u) can effectively clone all su'scri'ers whose
data he had access to#
&u>$er of e>plo6ees !a=i#1 p!6sical a#d lo1ical access to "u' s!ould $e li>ited. %ro>
securit6 poi#t of =ie0 it is t!e# reaso#a$le to use a# "u' 0!ic! is #ot i#te1rated 0it!
FLR.
Dperators s!ould carefull6 co#sider t!e #eed for e#cr6ptio# of "u' data.
.f decided to use a# add-o# cip!eri#1 facilit6: atte#tio# s!ould $e paid to cr6pto1rap!ic
8e6 >a#a1e>e#t. 'areless use of suc! eBuip>e#t could e=e# lo0er "u' securit6.
"ut!e#ticatio# data >a6 $e o$tai#ed fro> "u' $6 >asBueradi#1 as a#ot!er s6ste> e#tit6
(#a>el6 FLR). T!e t!reat is prese#t 0!e# FLR a#d "u' are p!6sicall6 separated.
11.1.3 3GPP #et0or8 i#terfaces
"# i#truder 1ai#i#1 access to 3GPP #et0or8 i#terfaces 0ould pri>ar6 1ai# access to
i#for>atio# se#t o# t!e i#terface tar1eted. Fo0e=er: pla6i#1 de#ial-of-ser=ice attac8s
0ould also $e feasi$le - depe#de#t o# !o0 t!e i#terface is tec!#icall6 realised (e.1. ca$le
or 0ireless).
Teleco>>u#icatio# #et0or8s are usuall6 desi1#ed 0it! #ecessar6 redu#da#c6: allo0i#1
for reco#fi1uratio# i# case of loss of a li#8 or li#8s. %ro> securit6 poi#t of =ie0 it is
particularl6 i>porta#t to foresee alter#ate co##ectio# pat!s 0!ere li#8s =ul#era$le to
de#ial-of-ser=ice attac8s (e.1.: >icro0a=e li#8s or i#tercept #odes) >a6 $e possi$le.
11.1.+ Gilli#1 s6ste> / 'usto>er 'are s6ste>
Gilli#1/custo>er care s6ste>s are critical for >ai#tai#i#1 t!e $usi#ess co#ti#uit6 of a
3GPP Dperator.
4#aut!orised access to t!e $illi#1 or custo>er care s6ste> could result i#
loss of re=e#ue due to >a#ipulated call records (o# t!e >ediatio# de=ice/$illi#1
s6ste> le=el)
3GPP
3GPP T 33!"00 %1!3!0 (&000-0&$ 10 3GPP T 33!"00 #ersion 1!3!0
u#aut!orised appl6i#1 of ser=ice discou#ts (custo>er care s6ste> le=el):
u#aut!orised access to ser=ices (false su$scriptio#s)
a#d e=e# de#ial of ser=ice - $6 repeated lau#c!i#1 of resource - co#su>i#1 s6ste>
?o$s.
"tte#tio# s!ould $e paid to t!e fact t!at access ri1!ts to t!e $illi#1/custo>er care s6ste>
are ofte# 1ra#ted to te>porar6 e>plo6ees.
"s 3GPP #et0or8 operators s!ould i#troduce proper access co#trol >ec!a#is>s:
co!ere#t 0it! t!e DperatorHs 1e#eral securit6 polic6. .# particular: it 0ould $e ad=isa$le to)
'o#trol t!e access to t!e $illi#1 data o# t!e data$ase le=el.
"ll users of t!e $illi#1 s6ste> s!ould $e aut!e#ticated $6 t!e $illi#1
data$ase a#d access ri1!ts s!ould $e 1ra#ted $6 t!e data$ase upo#
successful aut!e#ticatio#. Rela6i#1 o# t!e applicatio#-to-data$ase
aut!e#ticatio# lea=es t!e data$ase ope# for a s8illed attac8er.
Re=ie0 t!e acti=atio# process.
T!e sa>e e>plo6ee s!ould #ot carr6 out $ot! tas8sA data =erificatio# s!ould i#=ol=e a
trusted e>plo6ee. "cti=atio# s!ould $e >ade o#l6 upo# co#fir>atio# of t!e perso#
=erif6i#1 t!e data e#tered.
3GPP
3GPP T 33!"00 %1!3!0 (&000-0&$ 18 3GPP T 33!"00 #ersion 1!3!0
124ser Eodule a#d >art 'ard
.f a 3GPP .E is i#te1rated o# a >ulti-applicatio# s>art card: t!ere s!ould $e sufficie#t
1uara#tees t!at t!e u#iBue user 5e6 ca##ot $e read or used $6 a#6 applicatio# ot!er t!a#
t!e 3GPP applicatio#. "lso t!ere s!ould $e clear a#d secure procedures for placi#1
applicatio#s a#d i#for>atio# o# t!e s>art card: e#suri#1 t!at 3GPP i#for>atio# ca##ot $e
c!a#1ed i# a# u#aut!orised 0a6. T!ere s!ould $e clear respo#si$ilities a#d procedures
for deali#1 0it! stole# or >alfu#ctio#i#1 cards.
T!e i>porta#ce of secure >a#a1e>e#t of 8e6s is alread6 detailed a$o=e. .# additio# it is
i>porta#t t!at .E status lists are 8ept up to date a#d t!at operators defi#e >easures to
detect a#d i#=esti1ate t!e >isuse of .Es. T!ere s!ould $e procedures to replace .Es:
for e,a>ple at t!e e#d of t!eir =alidit6 period: a#d to deal 0it! stole# .Es. .t is
particularl6 i>porta#t t!at i#di=idual operators de=ise a#d operate secure .E
>a#a1e>e#t processes 0it! t!eir .E suppliers a#d t!rou1!out t!e .E distri$utio#
c!a##el. .Es s!ould also $e used t!at are #ot ope# to p!6sical attac8: a#d ot!er attac8s
suc! as ti>i#1 or differe#tial po0er a#al6sis.
13er=ices
T!ere are >a#6 =alue-added ser=ices 0it!i# t!e sta#dards: 0!ic! 0ill so>eti>es: 0!e#
0ro#1l6 i>ple>e#ted or i#terpreted: ca# $e used for fraud.
%or e,a>ple: call for0ardi#1 ca# $e set 0!ic! 0ill t!e# allo0 calls >ade to a >o$ile to $e
se#t to e,pe#si=e desti#atio# #u>$ers. T!is could $e do#e: for e,a>ple: $6 ri#1i#1 a
>o$ile custo>er a#d 1etti#1 t!e> to put i# a call for0ard #u>$er t!e>sel=es $6
persuadi#1 t!e> t!at t!e6 are testi#1 t!e >o$ile.
Ea#6 ot!er si>ilar pro$le>s e,ist: suc! as follo0->e ser=ices: =oice>ail: a#d e,plicit call
tra#sfer. .t is to e,pected t!at as t!e ser=ices offered $6 3GPP $eco>e >ore co>ple,
(a#d i#clude for e,a>ple .#ter#et co##ecti=it6: pac8et data ser=ices as 0ell as E(,(
0!ic! ru#s code o# t!e >o$ile: a#d Ka=a >ulti applicatio# s>art cards) t!e# t!e pro$le>
ca# o#l6 $eco>e 0orse.
Dperators s!ould e#sure t!at t!e6 loo8 carefull6 at e=er6 #e0 #et0or8 feature a#d ser=ice
product to e#sure t!at suc! securit6 pro$le>s 0ill #ot occur i# t!eir #et0or8s.
13.1 Locatio# ser=ices
T!e locatio# ser=ice feature i# 3GPP depe#ds o# t!e accurac6 of t!e >ec!a#is> used
0it!i# t!e >o$ile eBuip>e#t. .t ca##ot $e t!ou1! of as accurate: as t!e >o$ile soft0are
ca# $e >odified: or t!e GP (Glo$al Positio#i#1 6ste> $6 atellite) could $e displaced
$6 a differe#tial i#put. 'are s!ould also $e ta8e# to protect a1ai#st t!e loss of custo>er
pri=ac6 $6 u#aut!orised access to locatio# ser=ices.
3GPP
3GPP T 33!"00 %1!3!0 (&000-0&$ 1" 3GPP T 33!"00 #ersion 1!3!0
13.2 Eo$ile (,ecutio# (#=iro#>e#t - E(,(
T!e a$ilit6 to re>otel6 >odif6 re>ote a#d ru# code o# a >o$ile clearl6 i#troduces a
securit6 ris8. .# t!e case of E(,( it is up to t!e user to deter>i#e if a possi$le securit6
ris8 is i#troduced: a#d stop t!e actio# fro> ta8i#1 place. .t is to $e e,pected t!at a s>art
attac8er 0ill $e a$le to i#troduce code t!at 0ill fool a user i#to setti#1 up ser=ices or
co##ectio# t!at 0ill co>pro>ise t!e> or result t!e> i# losi#1 >o#e6.
Eec!a#is>s are $ei#1 desi1#ed usi#1 pu$lic 8e6 i#frastructure to ide#tif6 applicatio#s
a#d i#troduce securit6 i#to t!e E(,( specificatio#s.
1+La0ful i#terceptio#
T!e sta#dards i#clude la0ful i#terceptio# fu#ctio#s for 3GPP: so t!at 0!ere reBuired $6
#atio#al reBuire>e#ts: t!is facilit6 is $uilt i#to eBuip>e#t:
3GPP
3GPP T 33!"00 %1!3!0 (&000-0&$ &0 3GPP T 33!"00 #ersion 1!3!0
15 "ppe#di, " ecurit6 polic6
15.1.1 "ccess co#trol polic6
"ccess co#trol polic6 0it! respect to 3GPP #et0or8 ele>e#ts s!ould $e co#siste#t 0it!
1e#eral access co#trol polic6 as defi#ed i# t!e particular operatorHs securit6 polic6. "s a
$asis: t!e follo0i#1 rules s!ould appl6)
1. .# 1ra#ti#1 users access ri1!ts to 3GPP #et0or8s ele>e#ts or supporti#1 .T
s6ste>s t!e follo0i#1 pri#ciples s!ould $e follo0ed)
e=er6 e>plo6ee s!ould o#l6 !a=e access to t!ose resources #ecessar6 for
t!e co>pletio# of t!e 0or8-related tas8s set:
t!e Lpositi=e access co#trolM pri#ciple s!ould $e applied: >ea#i#1 it s!all $e
assu>ed t!at a# e>plo6ee is aut!orised to carr6 out o#l6 t!ose operatio#s
for 0!ic! !e !as o$tai#ed aut!orit6:
T!e ri1!t of access to resources s!ould $e 1ra#ted o#l6 at t!e >o>e#t 0!e#
it is actuall6 #ecessar6 a#d s!ould $e resci#ded 0!e# #o lo#1er #ecessar6
for t!e co>pletio# of 0or8-related tas8s.
2. DperatorHs e>plo6ees s!ould $e >ade respo#si$le for t!e secure stori#1 a#d
use of access co#trol e,ecuti=e co>po#e#ts e#trusted to t!e> ($ad1es: cards).
"ccess co#trol e,ecuti=e co>po#e#ts s!ould #ot $e stored to1et!er 0it! a
co>puter used to access t!e #et0or8 ele>e#t or .T s6ste>.
3. (=er6 user of a 1i=e# s6ste> s!ould $e pro=ided 0it! a# ide#tificatio# (lo1-i#
#a>e: accou#t #a>e) t!at is u#iBue 0it!i# t!e fra>e0or8 or t!e 'o>pa#6. T!e
follo0i#1 pri#ciples appl6)
a userHs ide#tificatio# o# its o0# s!ould #ot $e sufficie#t for 1ra#ti#1 access
aut!orit6:
a# ide#tificatio# s!ould #ot 1i=e a#6 i#dicatio# of t!e userHs aut!orit6 0it!i#
t!e s6ste>:
T!e use of for>s of 1roup ide#tificatio# s!ould o#l6 $e ad>issi$le i#
e,ceptio#al circu>sta#ces.
Gra#ti#1 of full or =er6 0ide ri1!ts of access to resources s!ould $e li>ited a#d strictl6
co#trolled.
15.2 ecure #et0or8 ele>e#ts i#terco##ectio#
3GPP #et0or8 ele>e#ts >ust pro=ide >ea#s for re>ote >a#a1e>e#t: >ai#te#a#ce a#d
co>>u#icatio# 0it! .T s6ste>s (e.1. t!e $illi#1 s6ste>). Dfte# a# operatorHs corporate
co>puter #et0or8 is used for t!is purpose. T!is co#sidera$l6 lo0er i#frastructure costs
$ut poses si1#ifica#t securit6 t!reats for 3GPP s6ste> e#tities. .f #o securit6 is applied:
usuall6 eac! user of corporate #et0or8 ca# tr6 to access re>otel6 a 3GPP #et0or8
ele>e#t: pro=ided its #et0or8 address is 8#o0#.
3GPP
3GPP T 33!"00 %1!3!0 (&000-0&$ &1 3GPP T 33!"00 #ersion 1!3!0
"s a pri#ciple: 3GPP #et0or8 ele>e#ts s!ould $e separated: at least lo1icall6: fro> a#
operatorHs corporate co>puter #et0or8. " u#iBue user#a>e a#d pass0ord s!ould ide#tif6
eac! e>plo6ee 0!o is aut!orised to access to #et0or8 ele>e#t. Proper applicatio# a#d
s6ste> lo1s s!ould $e >ai#tai#ed: re=ie0ed a#d protected.
Re>ote access to #et0or8 e#tities s!ould $e: su$?ect to t!e operatorHs securit6 polic6:
protected fro> ea=esdroppi#1 a#d sessio# !i?ac8i#1.
P!6sical access to 3GPP #et0or8 ele>e#ts s!ould $e co#trolled $6 appropriate p!6sical
securit6 >easures. .t is ad=isa$le t!at p!6sical locatio# of #et0or8 ele>e#ts $e treated as
protected i#for>atio#.
15.3 'o>>u#icatio#s #ode securit6
To cou#ter>easure t!e t!reats descri$ed i# t!is docu>e#t a# operator s!ould defi#e a#d
i>ple>e#t proper securit6 >easures. T!e follo0i#1 sectio# specifies t!e desira$le
securit6 features t!at a#6 3GPP &et0or8 (le>e#t (&(): &et0or8 6ste> (&): Dperatio#s
6ste> (D) or 2ata 'o>>u#icatio#s &et0or8 (2'&) s!ould pro=ide i# order to reduce
t!e ris8 of pote#tiall6 ser=ice affecti#1 securit6 co>pro>ises. T!e ter> L3GPP #odeM i#
t!e follo0i#1 sectio# is used to i>pl6 a &(: &: D: or a 2'& a#d its #odes.
15.3.1 .de#tificatio#
(ac! operatio#s related process ru##i#1 i# t!e 3GPP #ode s!ould $e associated 0it! t!e
correspo#di#1 user-.2 (so t!at a# audit trail ca# $e esta$lis!ed if t!ere is a #eed).
T!e 3GPP #ode s!ould disa$le a user-.2 if it !as re>ai#ed i#acti=e (i.e.: #e=er used)
o=er a specified ti>e period.
15.3.2 "ut!e#ticatio#
"ll Dperatio#s: "d>i#istratio#: Eai#te#a#ce a#d Pro=isio#i#1 (D"ENP) i#put ports of t!e
3GPP #ode (i#cludi#1 direct: dial-up a#d #et0or8 access) s!ould reBuire aut!e#ticatio# of
a sessio# reBuester: 0it!out a#6 pro=isio# for a $6pass >ec!a#is>.
" si#1le stored pass0ord e#tr6 (e.1.: i# a pass0ord file) s!ould #ot $e allo0ed to $e
s!ared $6 >ultiple user-.2s. Fo0e=er: t!e 3GPP #ode s!ould #ot pre=e#t a user fro>
c!oosi#1 (u#8#o0i#1l6) a pass0ord t!at is alread6 $ei#1 used $6 so>e ot!er user. &or
s!ould t!e 3GPP #ode =olu#teer t!is i#for>atio# to eit!er user.
Pass0ords s!ould $e stored i# a o#e-0a6 e#cr6pted for>: a#d s!ould #ot $e retrie=a$le
$6 a#6 user i#cludi#1 >a#a1ers or ad>i#istrators (of s6ste> a#d securit6). "lso: t!ere
s!ould $e #o clear te,t displa6 (o# a de=ice suc! as a scree#: t6pe0riter: or pri#ter) of a
pass0ord at a#6 ti>e (e.1.: lo1i#: file du>p: etc.).
T!e 3GPP #ode s!ould allo0 pass0ords to $e user c!a#1ea$le (reBuiri#1 re-
aut!e#ticatio#): a#d s!ould reBuire t!at t!e user c!a#1e it t!e first ti>e !e/s!e
esta$lis!es a sessio# 0it! t!e pass0ord assi1#ed to !i>/!er. T!e default s!ould $e #o#-
tri=ial i# #ature: ideall6 ra#do>.
3GPP
3GPP T 33!"00 %1!3!0 (&000-0&$ && 3GPP T 33!"00 #ersion 1!3!0
T!e pass0ord s!ould !a=e a# La1ei#1M feature: a#d it s!ould !a=e a co>ple,it6
reBuire>e#t to >a8e it #ot easil6 1uessed. T!e 3GPP #ode s!ould #ot accept co>>o#
0ords or #a>es as =alid pass0ords. "lso: it s!ould #ot allo0 a rece#tl6 o$solete
pass0ord to $e readil6 reselected $6 t!e said user.
15.3.3 6ste> "ccess 'o#trol
T!e 3GPP #ode s!ould #ot allo0 access to a#6 sessio# reBuester u#less ide#tified a#d
aut!e#ticated. T!ere s!ould $e #o default >ec!a#is> to circu>=e#t it.
T!e 3GPP #ode s!ould #ot allo0 a#6 sessio# to $e esta$lis!ed =ia a port t!at is #ot
aut!orised to accept i#put co>>a#ds. %or e,a>ple: if a# output port recei=es a lo1i#
reBuest: t!e 3GPP #ode s!ould #ot respo#d.
T!e e#tire lo1i# procedure s!ould $e allo0ed to $e co>pleted 0it!out i#terruptio#: e=e# if
i#correct para>eters (suc! as a# i#correct user-.2 or a# i#correct pass0ord) are e#tered:
a#d #o L!elp >essa1eM s!ould $e tra#s>itted to t!e sessio# reBuester as to 0!o> part of
t!e aut!e#ticatio# is i#correct. T!e o#l6 i#for>atio# to $e co#=e6ed at t!e e#d of t!e lo1i#
atte>pt is t!at t!e lo1i# is i#=alid.
"fter a specified #u>$er of i#correct lo1i# atte>pts carried out i# successio#: t!e 3GPP
#ode s!ould loc8 out t!e c!a##el a#d raise a# alar> i# real ti>e for t!e ad>i#istrator.
Gefore t!e sessio# $e1i#s: t!e 3GPP #ode s!ould pro=ide a 0ar#i#1 >essa1e e,plicitl6
alerti#1 t!e user of t!e co#seBue#ces of u#aut!orised access a#d use.
"t t!e $e1i##i#1 of t!e sessio#: t!e 3GPP #ode s!ould displa6 t!e date a#d ti>e of t!e
userHs last successful access a#d t!e #u>$er of u#successful atte>pts: if a#6: t!at !a=e
$ee# >ade to esta$lis! a sessio# si#ce t!e last successful access.
T!ere s!ould $e a Lti>e-outM feature - i.e.: t!e 3GPP #ode s!ould disco##ect or re-
aut!e#ticated users after a specified ti>e i#ter=al duri#1 0!ic! #o >essa1es 0ere
e,c!a#1ed. "lso: t!ere s!ould $e a >ec!a#is> for user-i#itiated 8e6$oard loc8i#1.
T!e 3GPP #ode s!ould pro=ide a >ec!a#is> to e#d a sessio# t!rou1! a secure lo1off
procedure. .f a sessio# 1ets i#terrupted due to reaso#s suc! as ti>e-out: po0er failure:
li#8 disco##ectio#: etc.: t!e port s!ould $e dropped i>>ediatel6.
%or dial-up access o=er u# trusted c!a##els: aut!e#ticatio# i#=ol=i#1 o#e ti>e pass0ords
s!ould $e reBuired (e.1.: s>art card: etc.).
15.3.+ Resource "ccess 'o#trol
"ccess to resources s!ould $e co#trolled o# t!e $asis of Lpri=ile1eM (i.e.: access
per>issio#) associated 0it! user-.2 a#d c!a##el. .t s!ould #ot $e $ased o# a Lpass0ordM
associated 0it! t!e access fu#ctio#: $ecause t!at pass0ord 0ill !a=e to $e #ecessaril6
s!ared a>o#1 all users reBuiri#1 suc! access. &eit!er s!ould e#cr6ptio# $e used as a
pri>ar6 access co#trol >ec!a#is> (t!ou1! e#cr6ptio# >a6 $e used to e#!a#ce it).
T!e 1ra#ularit6 of resource access co#trol s!ould $e suc! t!at for eac! resource it s!ould
$e possi$le to 1ra#t (or de#6) access pri=ile1e to a#6 si#1le user (or a prescri$ed 1roup
of users). %or e,a>ple: t!e co#trol s!ould $e adeBuatel6 fi#e-1rai#ed so t!at user access
a#d c!a##el access ca# $e restricted o# t!e $asis of co>>a#ds: data$ase =ie0s (i.e.:
o$?ects): records (i.e.: o$?ect i#sta#ces): a#d fields (i.e.: attri$utes).
3GPP
3GPP T 33!"00 %1!3!0 (&000-0&$ &3 3GPP T 33!"00 #ersion 1!3!0
.f e,ter#al e#tities - e.1.: custo>ers: are allo0ed access to t!e resources: eac! 3GPP
#odeHs resource (e.1.: proprietar6 data) s!ould $e protected fro> access $6 u#aut!orised
perso#s.
(,ecuta$le/loada$le/fetc!a$le soft0are s!ould $e access co#trolled for o=er0rite: update:
a#d e,ecutio# ri1!ts.
15.3.5 "ccou#ta$ilit6 a#d "udit
T!e 3GPP #ode s!ould 1e#erate a securit6 lo1 co#tai#i#1 i#for>atio# sufficie#t for after-
t!e-fact i#=esti1atio# of loss or i>propriet6.
T!e securit6 lo1 s!ould $e protected fro> u#aut!orised access. &o user s!ould $e
allo0ed to >odif6 or delete a securit6 lo1. T!ere s!ould $e #o >ec!a#is> to disa$le t!e
securit6 lo1. T!ere s!ould $e a# alar> i# real ti>e if t!e securit6 lo1 does #ot fu#ctio#
properl6.
T!e securit6 lo1 s!ould: as a >i#i>u>: record e=e#ts suc! as)
all sessio#s esta$lis!ed:
i#=alid user aut!e#ticatio# atte>pts:
u#aut!orised atte>pts to access resources (i#cludi#1 data a#d tra#sactio#s):
c!a#1es i# usersH securit6 profiles a#d attri$utes:
c!a#1es i# access ri1!ts to resources:
c!a#1es i# t!e 3GPP #ode securit6 co#fi1uratio#:
"#d >odificatio# of 3GPP #ode soft0are.
%or eac! suc! e=e#t: t!e record s!ould: as a >i#i>u>: i#clude date a#d ti>e of e=e#t:
i#itiator of t!e e=e#t suc! as) user-.2: ter>i#al: port: #et0or8 address: etc.: #a>es of
resources accessed: a#d success or failure of t!e e=e#t.
"ctual or atte>pted pass0ords s!ould #ot $e recorded i# t!e securit6 lo1
T!ere s!ould $e audit tools to produce e,ceptio# reports: su>>ar6 reports: a#d detailed
reports o# specifia$le data ite>s: users: or co>>u#icatio# facilities.
15.3.6 ecurit6 "d>i#istratio#
T!e 3GPP #ode s!ould support fu#ctio#s for t!e L>a#a1e>e#tM of securit6 related data
(e.1.: securit6 para>eters suc! as user-.2s: pass0ords: pri=ile1es: etc.) as LseparateM
fro> ot!er user fu#ctio#s. ecurit6 ad>i#istratio# s!ould $e reser=ed o#l6 for a#
appropriate ad>i#istrator.
T!e ad>i#istrator s!ould $e a$le to displa6 all curre#tl6 lo11ed-i# users as 0ell as a list of
all aut!orised user-.2s.
T!e ad>i#istrator s!ould $e a$le to i#depe#de#tl6 a#d selecti=el6 >o#itor: i# real ti>e:
t!e actio#s of a#6 o#e or >ore users $ased o# respecti=e user-.2s: ter>i#als: ports: or
#et0or8 addresses.
T!e ad>i#istrator s!ould $e a$le to ide#tif6 all resources o0#ed $6 or accessi$le to a#6
specific user alo#1 0it! t!e associated access pri=ile1es.
T!e ad>i#istrator s!ould $e a$le to e#ter: edit: delete or retrie=e all attri$utes of a user-.2
(e,cept for a pass0ord: 0!ic! s!ould #ot $e retrie=a$le).
3GPP
3GPP T 33!"00 %1!3!0 (&000-0&$ &' 3GPP T 33!"00 #ersion 1!3!0
T!e ad>i#istrator s!ould li>it t!e use of a L#ull pass0ordM duri#1 s6ste> lo1i# o# a per
user or per port $asis (i.e.: duri#1 #e0 release i#stallatio#).
T!e ad>i#istrator s!ould $e a$le to sa=e t!e securit6 lo1 for safe stora1e: so t!at it is #ot
0ritte# o=er 0!e# t!e $uffer is full.
"ll securit6 para>eters (e.1.: pass0ord-a1ei#1 i#ter=al: ti>e-out i#ter=al: a#d =arious
alar> co#ditio#s) s!ould $e specifia$le a#d ad?usta$le $6 t!e ad>i#istrator. T!is i>plies
t!at t!e 3GPP #ode s!ould #ot !a=e a#6 securit6 para>eters !ard coded.
15.3.- 2ocu>e#tatio#
"#6 3GPP #ode supplier/=e#dor s!ould pro=ide docu>e#tatio# o# securit6 co#sideratio#s
for ad>i#istrators: operators: a#d users. T!e6 ca# $e sta#d-alo#e docu>e#ts or sectio#s
i#corporated i# appropriate =e#dor >a#uals.
T!e ad>i#istratorHs 1uide s!ould co#tai# ite>s suc! as) fu#ctio#s a#d pri=ile1es t!at #eed
to $e co#trolled to secure t!e facilit6: proper usa1e of securit6 audit tools: procedures for
e,a>i#i#1 a#d >ai#tai#i#1 audit files: procedures for periodic sa=i#1 a#d $ac8up of
securit6 lo1s: reco>>e#datio#s o# setti#1 t!e >i#i>u> access per>issio#s o# all files:
directories: a#d data$ases: 1uideli#es o# securit6 assess>e#t tec!#iBues.
T!e operatorHs 1uide s!ould co#tai# procedures #ecessar6 to i#itiall6 start t!e 3GPP #ode
i# a secure >a##er a#d to resu>e secure operatio# after a#6 lapse t!at >a6 !a=e
occurred.
T!e userHs 1uide s!ould descri$e t!e protectio# >ec!a#is>s t!at are #o#-tra#spare#t to
t!e user: s!ould e,plai# t!eir purpose: a#d pro=ide 1uideli#es o# t!eir use. .t s!ould #ot
co#tai# a#6 i#for>atio# t!at could ?eopardise t!e securit6 of t!e 3GPP #ode if >ade
pu$lic.
Pass0ords s!ould $e stored i# a o#e-0a6 e#cr6pted for>: a#d s!ould #ot $e retrie=a$le
$6 a#6 user i#cludi#1 >a#a1ers or ad>i#istrators (of s6ste> a#d securit6). "lso: t!ere
s!ould $e #o clear te,t displa6 (o# a de=ice suc! as a scree#: t6pe0riter: or pri#ter) of a
pass0ord at a#6 ti>e (e.1.: lo1i#: file du>p: etc.).
T!e 3GPP #ode s!ould allo0 pass0ords to $e user c!a#1ea$le (reBuiri#1
reaut!e#ticatio#): a#d s!ould reBuire t!at t!e user c!a#1e it t!e first ti>e !e/s!e
esta$lis!es a sessio# 0it! t!e pass0ord assi1#ed to !i>/!er. T!e default s!ould $e #o#-
tri=ial i# #ature: ideall6 ra#do>.
3GPP
3GPP T 33!"00 %1!3!0 (&000-0&$ &( 3GPP T 33!"00 #ersion 1!3!0
16Fistor6
8ocu,ent history
1.0.0 Dct 1999 Pu$licatio# as first draft to 3GPP TG " 3G3 ecurit6
1.1.0 &o= 1999 Prese#ted at &o 6 for i#for>atio#
1.2.0 Ka# 2000 Prese#ted at &o 10 for co>>e#t
1.3.0 %e$ 2000 (diti#1 >eeti#1 at 2T. 16/02/2000. %or prese#tatio# at &o 11
ETSI
3GPP T 33!"00 %1!3!0 (&000-0&$ &) 3GPP T 33!"00 #ersion 1!3!0

Guide To 3G Security v130 Draft-Changed To Cover MAP-SEC

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Guide To 3G Security v130 Draft-Changed To Cover MAP-SEC

Uploaded by

Copyright:

Available Formats

S3-000181

3GPP TR 33.900 V1.3.0 (2000-02)

You might also like