4 General objectives for 3G security features

21.1333G security3GPPSecurity threats and requirementsTS

The general objectives for 3G security features have been stated as [1]:

a) to ensure that information generated by or relating to a user is adequately protected against misuse or misappropriation;

b) to ensure that the resources and services provided by serving networks and home environments are adequately protected against misuse or misappropriation;

c) to ensure that the security features standardised are compatible with world-wide availability (There shall be at least one ciphering algorithm that can be exported on a world-wide basis (in accordance with the Wassenaar agreement));

d) to ensure that the security features are adequately standardised to ensure world-wide interoperability and roaming between different serving networks;

e) to ensure that the level of protection afforded to users and providers of services is better than that provided in contemporary fixed and mobile networks;

f) to ensure that the implementation of 3G security features and mechanisms can be extended and enhanced as required by new threats and services.

Furthermore it has been agreed that the basic security features employed in 2G systems will be retained, or where needed enhanced. These include:

– subscriber authentication,

– radio interface encryption,

– subscriber identity confidentiality,

– use of removable subscriber module,

– secure application layer channel between subscriber module and home network,

– transparency of security features,

– minimised need for trust between HE and SN.

In some instances, 3G will need to be equipped with stronger or more flexible security mechanisms than those which were designed for GSM, due to new or increased threats. These will be treated in the threat analysis.

Mechanisms to combating fraud in roaming situations should be included in the 3G specifications from the start.

Mechanisms for lawful interception under authorisation should be included in 3G specifications from the start.