ETSI - TS 132 371
Digital cellular telecommunications system (Phase 2+) (GSM); Universal Mobile Telecommunications System (UMTS); LTE; Telecommunication management; Security Management concept and requirements
| Organization: | ETSI |
| Publication Date: | 1 April 2017 |
| Status: | inactive |
| Page Count: | 30 |
scope:
The present document defines, in addition to the requirements defined in 3GPP TS 32.101 [1] and 3GPP TS 32.102 [2], the requirements for Security Management IRP.
The purpose of the present document is to specify the necessary security features, services and functions to protect the network management data, including Requests, Responses, Notifications and Files, exchanged across the Itf-N.
Telecommunication network security can be breached by weaknesses in operational procedures, physical installations, communication links, computational processes and data storage. Of concern here in the present document is the security problems resulting from the weaknesses inherent in the communication technologies (i.e., the 3GPP-defined Interface IRPs and their supporting protocol stacks) deployed across the Itf-N.
Appropriate level of security for a telecommunication network is essential. Secured access to the network management applications, and network management data, is essential. The 3GPP-defined Interface IRPs (and their supporting protocol stacks), deployed across the Itf-N, are used for such access, and therefore, their security is considered essential.
Many network management security standards exist. However, there is no recommendation on how to apply them in the Itf-N context. Their deployment across the Itf-N is left to operators. The present document and the corresponding solutions identify and recommend security standards in the Itf-N context.
The business case for secured Itf-N is complex as it does not relate to the functions of the Interface IRPs (the functions are constant) but rather, it relates to variants such as the cost of recovering from security breaks, the probability of security incidents and the cost of implementing Security Management, all of which differs depending on specific deployment scenarios.
The present document describes the security functions for a 3G network in terms of Security Domains (subclause 4.1). Clause 5 defines the Itf-N Security Management scope in terms of its context (subclause 5.1) and the possible threats that can occur there are defined in clause 6. Clause 7 specifies the Itf-N security Requirements.
Document History
