TIA-1169-2010 Femto Security Framework《Femto安全框架》.pdf

1、 4 TIA-1169 March 2010Femto Security Framework NOTICE TIA Engineering Standards and Publications are designed to serve the public interest through eliminating misunderstandings between manufacturers and purchasers, facilitating interchangeability and improvement of products, and assisting the purcha

2、ser in selecting and obtaining with minimum delay the proper product for their particular need. The existence of such Standards and Publications shall not in any respect preclude any member or non-member of TIA from manufacturing or selling products not conforming to such Standards and Publications.

3、 Neither shall the existence of such Standards and Publications preclude their voluntary use by Non-TIA members, either domestically or internationally. Standards and Publications are adopted by TIA in accordance with the American National Standards Institute (ANSI) patent policy. By such action, TI

4、A does not assume any liability to any patent owner, nor does it assume any obligation whatever to parties adopting the Standard or Publication. This Standard does not purport to address all safety problems associated with its use or all applicable regulatory requirements. It is the responsibility o

5、f the user of this Standard to establish appropriate safety and health practices and to determine the applicability of regulatory limitations before its use. (From Standards Proposal No. 3-0361, formulated under the cognizance of the TIA TR-45 -Mobile and Personal Communications Standards) Published

6、 by TELECOMMUNICATIONS INDUSTRY ASSOCIATION Standards and Technology Department 2500 Wilson Boulevard Arlington, VA 22201 U.S.A. PRICE: Please refer to current Catalog of TIA TELECOMMUNICATIONS INDUSTRY ASSOCIATION STANDARDS AND ENGINEERING PUBLICATIONS or call IHS, USA and Canada (1-877-413-5187) I

7、nternational (303-397-2896) or search online at http:/www.tiaonline.org/standards/catalog/ All rights reserved Printed in U.S.A. NOTICE OF COPYRIGHT This document is copyrighted by the TIA. Reproduction of these documents either in hard copy or soft copy (including posting on the web) is prohibited

8、without copyright permission. For copyright permission to reproduce portions of this document, please contact TIA Standards Department or go to the TIA website (www.tiaonline.org) for details on how to request permission. Details are located at: http:/www.tiaonline.org/standards/catalog/info.cfm#cop

9、yright OR Telecommunications Industry Association Standards (b) there is no assurance that the Document will be approved by any Committee of TIA or any other body in its present or any other form; (c) the Document may be amended, modified or changed in the standards development or any editing proces

10、s. The use or practice of contents of this Document may involve the use of intellectual property rights (“IPR”), including pending or issued patents, or copyrights, owned by one or more parties. TIA makes no search or investigation for IPR. When IPR consisting of patents and published pending patent

11、 applications are claimed and called to TIAs attention, a statement from the holder thereof is requested, all in accordance with the Manual. TIA takes no position with reference to, and disclaims any obligation to investigate or inquire into, the scope or validity of any claims of IPR. TIA will neit

12、her be a party to discussions of any licensing terms or conditions, which are instead left to the parties involved, nor will TIA opine or judge whether proposed licensing terms or conditions are reasonable or non-discriminatory. TIA does not warrant or represent that procedures or practices suggeste

13、d or provided in the Manual have been complied with as respects the Document or its contents. If the Document contains one or more Normative References to a document published by another organization (“other SSO”) engaged in the formulation, development or publication of standards (whether designate

14、d as a standard, specification, recommendation or otherwise), whether such reference consists of mandatory, alternate or optional elements (as defined in the TIA Engineering Manual, 4thedition) then (i) TIA disclaims any duty or obligation to search or investigate the records of any other SSO for IP

15、R or letters of assurance relating to any such Normative Reference; (ii) TIAs policy of encouragement of voluntary disclosure (see Engineering Manual Section 6.5.1) of Essential Patent(s) and published pending patent applications shall apply; and (iii) Information as to claims of IPR in the records

16、or publications of the other SSO shall not constitute identification to TIA of a claim of Essential Patent(s) or published pending patent applications. TIA does not enforce or monitor compliance with the contents of the Document. TIA does not certify, inspect, test or otherwise investigate products,

17、 designs or services or any claims of compliance with the contents of the Document. ALL WARRANTIES, EXPRESS OR IMPLIED, ARE DISCLAIMED, INCLUDING WITHOUT LIMITATION, ANY AND ALL WARRANTIES CONCERNING THE ACCURACY OF THE CONTENTS, ITS FITNESS OR APPROPRIATENESS FOR A PARTICULAR PURPOSE OR USE, ITS ME

18、RCHANTABILITY AND ITS NONINFRINGEMENT OF ANY THIRD PARTYS INTELLECTUAL PROPERTY RIGHTS. TIA EXPRESSLY DISCLAIMS ANY AND ALL RESPONSIBILITIES FOR THE ACCURACY OF THE CONTENTS AND MAKES NO REPRESENTATIONS OR WARRANTIES REGARDING THE CONTENTS COMPLIANCE WITH ANY APPLICABLE STATUTE, RULE OR REGULATION,

19、OR THE SAFETY OR HEALTH EFFECTS OF THE CONTENTS OR ANY PRODUCT OR SERVICE REFERRED TO IN THE DOCUMENT OR PRODUCED OR RENDERED TO COMPLY WITH THE CONTENTS. TIA SHALL NOT BE LIABLE FOR ANY AND ALL DAMAGES, DIRECT OR INDIRECT, ARISING FROM OR RELATING TO ANY USE OF THE CONTENTS CONTAINED HEREIN, INCLUD

20、ING WITHOUT LIMITATION ANY AND ALL INDIRECT, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES (INCLUDING DAMAGES FOR LOSS OF BUSINESS, LOSS OF PROFITS, LITIGATION, OR THE LIKE), WHETHER BASED UPON BREACH OF CONTRACT, BREACH OF WARRANTY, TORT (INCLUDING NEGLIGENCE), PRODUCT LIABILITY OR OTHERWISE, EVEN I

21、F ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. THE FOREGOING NEGATION OF DAMAGES IS A FUNDAMENTAL ELEMENT OF THE USE OF THE CONTENTS HEREOF, AND THESE CONTENTS WOULD NOT BE PUBLISHED BY TIA WITHOUT SUCH LIMITATIONS. S.S0132-0 Femtocell Security Framework ii EDITOR 1 Anand Palanigounder 2 QUALCOMM Inc

22、orporated 3 Tel: (+1) 858 845 0193 4 Email: 5 6 REVISION HISTORY 7 8 REVISION HISTORY 1.0 Initial Publication January 28, 2010 9 Table of Contents 1 Femtocell Security Framework i 2 1 Introduction . 2 3 2 Scope . 2 4 3 References . 2 5 3.1 Normative References 2 6 3.2 Informative References . 3 7 4

23、 Definitions and Abbreviations 3 8 4.1 Definitions 3 9 4.2 Abbreviations . 4 10 5 Overview of the Security Architecture . 5 11 5.1 Reference Model 5 12 6 Security Features . 6 13 6.1 FAP Device Identity . 6 14 6.2 FAP Secure Environment . 7 15 6.3 Authentication 7 16 6.3.1 Authentication of FAP and

24、network . 7 17 6.4 Authorization of FAP . 7 18 6.5 Integrity Protection . 8 19 6.6 Confidentiality Protection . 8 20 6.7 FMS Security 8 21 6.7.1 Security for File Transfer . 8 22 7 Security Mechanisms 9 23 7.1 Device Integrity Validation 9 24 7.2 FAP Device Authentication 9 25 7.2.1 Certificate base

25、d Device Authentication 10 26 7.3 FAP Authorization Mechanisms . 12 27 7.4 Integrity Protection Mechanisms 12 28 7.5 Confidentiality Protection Mechanisms 12 29 7.6 Profile for FAP Certificates 12 30 7.6.1 SeGW/IKEv2 Processing Requirements for FAP Certificates . 13 31 7.7 Profile for SeGW Certifica

26、tes . 13 32 7.7.1 FAP/IKEv2 Processing Requirements for SeGW Certificates . 14 33 7.8 Profile of IKEv2 . 14 34 7.9 Profile of IPSec . 15 35 7.10 FAP - FMS Security 15 36 7.10.1 Signed File Transfer . 16 37 S.S0132-0 Femtocell Security Framework 1 8 cdma 2000 1x Femtocell System Specific Procedures 1

27、7 1 8.1 1x FAP IMS Security . 17 2 8.2 RAND Generation by 1x FAP 17 3 8.2.1 Core Network Based Global RAND generation . 17 4 9 HRPD and 1x Packet Data Femtocell System Specific Procedures . 18 5 Annex A (Informative): Example Certificates 19 6 A.1 Example FAP Certificate . 19 7 A.2 Example FAP Inter

28、mediate CA Certificate 21 8 A.3 Example Root CA Certificate 24 9 A.4 Example SeGW Certificate 26 10 A.5 Example MNO Intermediate CA Certificate 28 11 Annex B (Informative): Call Flows for legacy FAP authentication 31 12 B.1 FAP authentication using EAP-AKA . 31 13 S.S0132-0 Femtocell Security Framew

29、ork 2 1 Introduction 1 The network architecture for cdma20001Femtocell systems is defined in 1. This document defines 2 the Security Framework for Femtocell systems in cdma2000 networks. 3 In this document, several key words are used to signify the requirements. The key words “shall”, “shall 4 not”,

30、 “should”, “should not” and “may” are to be interpreted as described in the TIA Engineering Style 5 Manual. 6 2 Scope 7 This document defines the security requirements, security architecture and mechanisms for securely 8 connecting Femtocell Access Points (or Femtocells) to the cdma2000 networks. 9

31、3 References 10 11 3.1 Normative References 12 1 3GPP2 X.S0059-0 000: “cdma2000 Femtocell Network: Overview”. 13 2 3GPP2 X.S0059-0 100: “cdma2000 Femtocell Network: Packet Data Network Aspects”. 14 3 3GPP2 X.S0059-0 200: “cdma2000 1x and IMS Network Aspects”. 15 4 3GPP2 S.R0126-0: “System Requiremen

32、ts for Femto Cell Systems”. 16 5 3GPP2 A.S0024-0: “Interoperability Specification (IOS) for Femtocell Access Points”. 17 6 IETF RFC 4306: “Internet Key Exchange (IKEv2) Protocol”. 18 7 IETF RFC 4303: “IP Encapsulating Security Payload (ESP)”. 19 8 IETF RFC 3948: “UDP Encapsulation of IPsec ESP Packe

33、ts”. 20 9 3GPP2 C.S0005-D: “Upper Layer (Layer 3) Signaling Standard for cdma2000 Spread 21 Spectrum Systems”. 22 10 3GPP TS 33.203: “3rd Generation Partnership Project; Technical Specification Group Services 23 and System Aspects; Access security for IP-based services”. 24 11 IETF RFC 5280: “Intern

34、et X.509 Public Key Infrastructure Certificate and Certificate 25 Revocation List (CRL) Profile” (obsoletes IETF RFC 3280). 26 1cdma2000 is the trademark for the technical nomenclature for certain specifications and standards of the Organizational Partners (OPs) of 3GPP2. Geographically (and as of t

35、he date of publication), cdma2000 is a registered trademark of the Telecommunications Industry Association (TIA-USA) in the United States S.S0132-0 Femtocell Security Framework 3 12 IETF RFC 4945: “The Internet IP Security PKI Profile of IKEv1/ISAKMP, IKEv2, and 1 PKIX”. 2 13 IETF RFC 3447: “PKCS #1

36、: RSA Cryptography Specifications Version 2.1”. 3 14 IETF RFC 4055: “Additional Algorithms and Identifiers for RSA Cryptography for use in the 4 Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) 5 Profile”. 6 7 15 IETF RFC 2560: “X.509 Internet Public Key Inf

37、rastructure Online Certificate Status Protocol - 8 OCSP”. 9 10 16 The Broadband Forum TR-069: “CPE WAN Management Protocol v1.1”, Issue 1 Amendment 11 2, December 2007 12 13 17 IETF RFC 4346: “The Transport Layer Security (TLS) Protocol Version 1.1”. 14 15 18 IETF RFC 5246: “The Transport Layer Secu

38、rity (TLS) Protocol Version 1.2”. 16 17 19 IETF RFC 3268: “Advanced Encryption Standard (AES) Ciphersuites for Transport Layer 18 Security (TLS)”. 19 20 20 National Institute of Standards and Technology: “Secure Hash Standard”, FIPS 180-2, With 21 Change Notice 1 dated February 2004. 22 23 24 3.2 In

39、formative References 25 IETF RFC 4187: “Extensible Authentication Protocol Method for 3rd Generation 26 Authentication and Key Agreement (EAP-AKA)”. 27 28 29 4 Definitions and Abbreviations 30 31 4.1 Definitions 32 For the purposes of the present document, the following terms and definitions apply:

40、33 Femtocell Access Point: A radio access network element that supports one or more of the cdma2000 34 family of radio interfaces, operates in a limited geographic area in licensed spectrum, may operate over 35 the public internet, and supports a limited number of simultaneous users in generally sma

41、ll 36 environments such as a home. 37 Femtocell systems: A set of one or more femtocells and a set of core network elements to manage and 38 support the use of those femtocells in accessing network services. 39 S.S0132-0 Femtocell Security Framework 4 4.2 Abbreviations 1 For the purposes of the pres

42、ent document, the following abbreviations apply: 2 AAA Authentication, Authorization and Accounting Server 3 ACS Auto-Configuration Server 4 AT Access Terminal 5 CA Certificate Authority 6 CAVE Cellular Authentication and Voice Encryption 7 CPE Customer Premises Equipment 8 ESP Encapsulating Securit

43、y Payload 9 EUI-64 Extended Unique Identifier 64-bit 10 FAP Femtocell Access Point 11 FCS Femtocell Convergence Server 12 FMS Femtocell Management System 13 FEID FAP Equipment Identifier 14 FQDN Fully Qualified Domain Name 15 HRPD High Rate Packet Data 16 IKEv2 Internet Key Exchange version 2 17 IMS

44、 IP Multimedia Subsystem 18 IP Internet Protocol 19 IPsec IP Security 20 MNO Mobile Network Operator 21 MS Mobile Station 22 MSC Mobile Switching Center 23 OUI Organizationally Unique Identifier 24 S.S0132-0 Femtocell Security Framework 5 PKCS Public Key Cryptography Standards 1 SA Security Associat

45、ion 2 SeGW Security GateWay 3 SIP Session Initiation Protocol 4 TLS Transport Layer Security 5 UDP User Datagram Protocol 6 UMB Ultra Mobile Broadband 7 VLR Visited Location Register 8 9 5 Overview of the Security Architecture 10 11 5.1 Reference Model 12 Figure 1 is the femtocell security architect

46、ure reference model that identifies the common functional 13 elements and the interfaces such that it is applicable to any cdma2000 femtocell systems (e.g., 1x, 14 HRPD, UMB). 15 16 17 18 Figure 1. Femtocell Security Architecture Reference Model 19 S.S0132-0 Femtocell Security Framework 6 The MS/AT

47、uses the cdma2000 air interface to access services through a Femtocell Access Point (FAP). 1 The FAP uses a Security Gateway (SeGW) to securely connect using an IP network to a cdma2000 2 operators core network. Since the IP network (e.g., broadband connection) between the FAP and the 3 SeGW is assu

48、med to be un-trusted, the FAP shall be authenticated and authorized by the cdma2000 4 network before a FAP is allowed to provide service to the ATs. The Femtocell AAA is the entity in the 5 cdma2000 network that has access to the authentication and authorization-related credential information 6 that

49、 is required for securely operating the FAPs. 7 NOTE: In addition to authentication and authorization information, the Femtocell AAA may 8 have additional profile information, but this is outside the scope of this document. 9 The functionalities of the FAP and how it interfaces to the cdma2000 network are defined in 1 . The 10 overall Femtocell system requirements are defined in 4. 11 The Femtocell Management System (FMS) is a management server that is used to configure and 12 monitor the operation of the FAPs using