Homepage
 
Search
SOLUTIONS TECHNOLOGY ERICSSON
Home
Ericsson Review 
Security architectures for mobile networks
Written by: Dirk Eschenbrücher, Johan Mellberg, Simo Niklander, Mats Näslund, Patrik Palm and Bengt Sahlin

Download PDF file

Security is a growing issue for carriers and operators. In particular, they are concerned about protecting network infrastructure. Ericsson shares these concerns and is putting great emphasis on secure products and security features.

A holistic perspective is needed for planning the security services and functionality to be implemented in nodes, subnetworks, and at the network level. Decisions affecting security services and functionality need to based on a coherent, well-defined security architecture.

The day is gone when vendors and standards could dictate the environment for deploying the mobile network infrastructure and associated products. Today’s solutions and products must be flexible enough for use outside a reference network and resilient and extensible enough for use without external security appliances.

Simple security checkpoints, such as firewalls, no longer suffice. As applications become more complex, general vulnerability to attacks also increases. A defense-in-depth strategy is thus needed, putting security features in each and every node. These features can be complemented with security functionality at site and network levels.

While we acknowledge the importance of physical security, fraud detection, and management, the focus of this article is on logical network security. In addition, although this article primarily deals with GSM and WCDMA, the principles of security architecture presented here apply equally well to other cellular networks, such as CDMA.

The authors describe Ericsson’s security architecture for GSM and WCDMA mobile networks. This architecture is based on security principles mandated by standards and experience. Moreover, it is influenced by policies that regulate security, and by vulnerability audits of the mobile infrastructure. The authors also describe security services and functionality, and how low-level mechanisms can be applied to make the mobile network infrastructure more secure. They cite examples from Ericsson’s product portfolio, including the security solution designed in the Mobile-PBN reference network.

[First published in Ericsson Review no. 01, 2004]
Contact   |   Legal   |   Privacy (cookies)