Global Standards Collaboration (GSC) 14
DOCUMENT #:
GSC14-PLEN-008
FOR:
Presentation
SOURCE:
TIA
AGENDA ITEM:
6.3
CONTACT(S):
Cheryl Blum
Frank Quick (Chair TR-45 AHAG)
John Oblak (Chair TR-8)
TIA
Security and Lawful Intercept
Geneva, 13-16 July 2009
Fostering worldwide interoperability
1
Current Activities - Security
TIA Committee TR-45 supports
security standards development for
US TDMA (TIA-136) and CDMA (TIA2000 and TIA-856)
Most of TR-45’s work involves
transposition of specifications
developed by 3GPP2 TSG-S WG4
Current efforts:
Security framework for Femto-cells
Update of the Common Cryptographic
Algorithms (CCA)
Geneva, 13-16 July 2009
Fostering worldwide interoperability
2
Current Activities - Security
Engineering Committee TR-8 has
a subcommittee focused on
Encryption Standards, TR-8.3
A block encryption Protocol
document, TIA-102.AAAD-A has
been approved for ballot in 2009
TR-8 has standards for Advanced
Encryption, Data Encryption, and
OTAR
For overviews of these areas see ANSI/TIA102.AAAB-A, ANSI/TIA-102.AAAB-A, and
TIA-102.AACB
Geneva, 13-16 July 2009
Fostering worldwide interoperability
3
Strategic Direction
TIA expects its TR-45 security work to
continue to be driven by 3GPP2
Much of 3GPP2 security work is input taken
directly from IETF or 3GPP documents
There is at present little need for new work by
TIA on security in TR-45
Equipment Numbering Identifier security (e.g.,
MEID, IMEI, ESN)
Consider an International regulatory adoption of common
Equipment Numbering Identifier security requirements
TR-34 will be reviewing adding authentication
security per flow to TIA-1039
This will be an important improvement to network security
Geneva, 13-16 July 2009
Fostering worldwide interoperability
4
Challenges
Inconsistent implementation of
security in the networks
Security is perceived as preventing fraud
adequately, may lead to complacency in some
systems
Cost and complexity are usually cited as
reasons for not using authentication
Geneva, 13-16 July 2009
Fostering worldwide interoperability
5
Next Steps/Actions
TIA plans to continue to monitor the
security environment faced by
operators and users
Any issues identified that are not
addressed by 3GPP or 3GPP2 will be
studied by TR-45
TR-8, TR-34, and other TIA
Engineering Committees will continue
to work on Security requirements in
their respective standards scope
Geneva, 13-16 July 2009
Fostering worldwide interoperability
6
Global Standards Collaboration (GSC) 14
Lawful Intercept
Geneva, 13-16 July 2009
Fostering worldwide interoperability
7
Current Activities
TIA TR-45.8 (Core Network)
Recently published TIA-1118, “LAES
(Lawfully Authorized Electronic
Surveillance) for cdma2000® WLAN
Interworking”
Lawful Intercept of subject accessing
cdma2000® packet data services via a
WLAN
FBI-CIU request for new project, LAES
for cdma2000® Femtocells
Geneva, 13-16 July 2009
Fostering worldwide interoperability
8
Current Activities in TR-45.8
TR-45.8 LI Group developed a Report for TR-45 on
Potential Technical Impacts of the Department of
Justice (DOJ) petition to the FCC regarding asserted
deficiencies in the LAES Capabilities for cdma2000®
Packet Data Services (as specified in ANSI/J-STD025-B)
Asserted deficiencies include:
More precise location information
Reporting of summary communication content packet header
information as IRI
More precise timing information
Security, Performance, and Reliability enhancements
No projects have been undertaken to address the impacts identified in
the report
Awaiting a final ruling from the FCC
Report shared with ATIS PTSC LAES and WTSC LI
Groups
Geneva, 13-16 July 2009
Fostering worldwide interoperability
9
Security and Lawful Intercept in
ISO TC 204
TIA is International Secretariat to ISO TC 204
and US TC204 TAG ADMIN
TR 11766 Lawful Interception in ITS and CALM
TR 11769 Data retention for law enforcement in ITS
and CALM
NP 13181-1 CALM Security Part 1: Framework
NP 13181-2 CALM Security Part 2: Threat
Vulnerability and Risk Analysis
NP 13181-3 CALM Security Part 3: Objectives and
requirements
NP 13181-4 CALM Security Part 4:
Countermeasures
Geneva, 13-16 July 2009
Fostering worldwide interoperability
10
Strategic Directions
For TR-45 Continue collaboration and
coordination with LI development in groups
such as ATIS WTSC and PTSC and 3GPP SA3
LI.
Other TIA-supported activities will continue
to evolve and enhance their standards as
the Threat, the Technology, and Timing –
(need for faster implementations) - the 3 T’s
keep changing.
Geneva, 13-16 July 2009
Fostering worldwide interoperability
11
Challenges
Final rulings of DOJ petition could impact or
affect capabilities supported by other
technologies.
Imperative to maintain close coordination with
other LI groups.
Keeping pace with support of LI capabilities with
the ongoing introduction of new features and
services while maintaining LI standards already
implemented
Consideration of the unique issues presented
with access to the Internet
e.g., Local Breakout
Communications protocols involved in New and
Novel Technology areas such as “Smart Grid.”
Geneva, 13-16 July 2009
Fostering worldwide interoperability
12
LI Next Steps/Actions TR-45
LAES for new CDMA features and services
New work item introduced in June for support of LI for
Femto Cells
Assess LAES impact on the eHRPD
Possible support for Server-based
conferencing
Geneva, 13-16 July 2009
Fostering worldwide interoperability
13
Supplementary Slides
Geneva, 13-16 July 2009
Fostering worldwide interoperability
14
Recent TR-45 Security
Standards
TIA-946-A Enhanced Cryptographic
Algorithms
TIA-1097-A Security Mechanisms
Using GBA
TIA-1098-A Generic Bootstrapping
Architecture (GBA) Framework
TIA-1141 IMS Security for 2G R-UIMs
Geneva, 13-16 July 2009
Fostering worldwide interoperability
15