Scribd Logo
Upload

Welcome to Scribd!

  • Aug12 Sridhar

    Uploaded by

    Lâm Nguyễn
    12 views3 pages
    Sercurity LTE

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Sercurity LTE

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    12 views3 pages

    Aug12 Sridhar

    Uploaded by

    Lâm Nguyễn
    Sercurity LTE

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 3

    1. Gii thiu tng quan kin trc v an ninh ca h thng LTE.

    1.1. Gii thiu.


    Vi bt k mng IP no vic m bo an ninh l ti quan trng, iu ny ng vi
    mng LTE, l mt mng di ng all-IP vi kin trc phng (eNodeB c kt ni vi
    nhau thng qua giao din X2, v kt ni trc tip vi EPC thng qua giao din S1,
    khng c thnh phn iu khin tp trung cho cc trm v tuyn).Bn cnh cc nguy
    c an ninh r rng trngiao dinv tuyn truyn n v i khi thit b ngi dng
    (User Equipment - UE) cn l cc nguy c an ninh truyn thng lin quan n cc lin
    kt IP ca cc nh cung cp mng LTE. Vic xy dng kin trc an ninh i ph
    vi cc nguy c l khi u quan trng cho cc nh cung cp di ng.
    1.2. Cc yu cu an ninh ca mng LTE.
    Tiu chun 3GPP TS 33.401 a ra cc yu cu v cc tnh nng an ninh cn c
    trong mng LTE nh sau:
    m bo an ninh gia ngi dng v mng, gm:
    Nhn dng ngi dng v bo mt thit b.
    Nhn thc cc thc th.
    Bo mt d liu ngi dng v d liu bo hiu.
    Ton vn d liu ngi dng v d liu bo hiu.
    C kh nng cu hnh v hin th an ninh.
    p ng cc yu cu an ninh trn eNodeB.
    Ngoi ra, c mt s yu cu khc i vi an ninh trn mng LTE c th d dng
    nhn ra nh:
    Cc tnh nng an ninh khng c nh hng ti s tin dng ca ngi dng.
    Cc tnh nngan ninh khng c nh hng ti qu trnh chuyn dch t 3G ln
    LTE.
    1.3. Kin trc an ninh tng qut ca LTE.
    3GPP a ra kin trc an ninh tng qut ca LTE trong tiu chun 3GPP
    TS33.401 gm 5 nhm tnh nngan ninh khc nhau:

    Network access security (I): tp hp cc tnh nngan ninh cung cp kh nng


    bo v truy nhp ngi dng ti cc dch v, v cng bo v chng li cc cuc
    tn cng trn lin kt truy nhp v tuyn. V d: s dng USIM cung cp truy
    nhp c m bo cho ngi dng ti EPC, bao gm nhn thc tng h v
    cc tnh nng ring khc.
    Network Domain Sercurity (II): Tp hp cc tnh nngan ninh cho php cc
    node trao i an ton d liu bo hiu v d liu ngi dng (gia AN v SN,
    v trong AN), v cng bo v chng li cc cuc tn cng trn mnghu tuyn.
    V d: AS Security, NAS Security, IPsec EPS.
    User domain security (III): Tp hp cc tnh nngan ninh bo v truy nhp ti
    cc MS (Mobile Station). V d: kha mn hnh, m PIN s dng SIM.
    Application domain security (IV): tp hp cc tnh nngan ninh cho phpbo
    v cc bn tin trao i ca cc ng dng ti min ngi dng v min nh cung
    cp. V d: https.
    Visibility and configurability of security (V): tp hp cc tnh nngan ninh
    cho php thng bo ti ngi dng mt tnh nng an ninh c ang hot ng
    hay khng, v cc dch v ang s dng v c cung cp nn ph thuc vo
    tnh nng an ninh khng.
    Di y chng ta s xem xt mt s tnh nng an ninh p dng cho mng
    LTE thuc v cc nhm tnh nng an ninh (I) v (II), l nhng nhm tnh nng an
    ninh c trng v lin quan trc tip n cc thc th trong mng LTE.
    1.4. Mng li EPC
    Mng li mi l s m rng hon ton ca mng li trong h thng 3G v n ch
    bao ph min chuyn mch gi. V vy, n c mt ci tn mi: Evolved Packet Core
    (EPC
    Cng mt mc ch nh E-UTRAN, s mode trong EPC c gim. EPC chia
    lung d liu ngi dng thnh mt phng ngi dng v mt phng iu khin. Mt
    mode c th c nh ngha cho mt mt phng, cng vi Gateway chung kt ni
    mng LTE vi Internet v nhng h thng khc. EPC gm mt vi thc th chc nng:
    MME (Mobile Management Entity): Chu trch nhim x l nhng chc
    nng mt bng iu khin, lin quan n qun l thu bao v qun l phin.
    Gateway dch v (Serving Gateway): L v tr kt ni ca giao tip d liu
    gi vi E-UTRAN. N cn hot ng nh mt node nh tuyn n nhng k
    thut 3GPP khc.
    P-Gateway (Packet Data Gateway): L im u cui cho nhng phin
    hng v mng d liu gi bn ngoi. N cng l Router n mng Internet.
    PCRF (Policyand Charging Rules Function): iu khin vic to ra bng gi
    v cu hnh cho h thng con a phng tin IP IMS (the IP Multimedia
    Subsystem) cho mi ngi dng.
    HSS (Home Subscriber Server): L mt ni lu tr d liu ca thu bao cho
    tt c cc d liu ngi dng. N l c s d liu trung tm trong trung tm ca
    nh khai thc.
    Cc min dch v bao gm IMS (Ip Multimedia Sub-system) da trn cc nh khai
    thc, IMS khng da trn cc nh khai thc v cc dch v khc. IMS l mt kin
    trc mng nhm to s thun tin cho vic pht trin v phn phi cc dch v a
    phng tin n ngi dng, bt k l h ang kt ni thng qua mng truy nhp
    no. IMS h tr nhiu phng thc truy nhp nh GSM, UMTS, CDMA 2000,
    truy nhp hu tuyn bng rng nh xDSL, cp quang, cp truyn hnh, cng nh
    truy nhp v tuyn bng rng nh WLAN, WiMAX, IMS to iu kin cho h
    thng mng khc nhau c th tng thch vi nhau. IMS ha hn mng nhiu li
    ch cho c ngi dng ln nh cung cp dch v. N v ang c tp trung
    nghin cu cng nh thu ht c s quan tm ca gii cng nghip. Tuy nhin
    IMS cng gp phi kh khan nht nh cng nh cha thc s chn thuyt
    phc cc nh cung cp mng u t trin khai n. Kin trc IMS c cho l kh
    phc tp vi nhiu thc th v v s cc chc nng khc nhau.
    1.5. Dsgsd
    2. An ninh trong min mng li EPC ca LTE.
    2.1. D
    2.2. Df
    2.3. fdfd
    2.4. Dfdkjfsd
    2.5. Dfdsf
    2.6. Khdsfsd
    2.7.

    You might also like