Security and Lawful Intercept Cheryl Blum Global Standards Collaboration (GSC) GSC-15

advertisement
DOCUMENT #:
GSC15-PLEN-25r1
FOR:
Presentation
SOURCE:
TIA
AGENDA ITEM:
6.3
CONTACT(S):
Cheryl Blum (cblum@tiaonline.org)
Betsy Covell (betsy.covell@alcatel-lucent.com)
Security and Lawful Intercept
Cheryl Blum
Global Standards Collaboration (GSC)
GSC-15
Security
Current Activities - Security
 TIA Committee TR-45 supports security standards
development for US TDMA (TIA-136) and CDMA
(TIA-2000 and TIA-856)
 Most of TR-45’s work involves transposition of
specifications developed by 3GPP2 TSG-S WG4
 Current efforts:
• New Revision of Security framework for Femto-cells
• Advanced Security Framework for HRPD, eHRPD and
xHRPD
• Security for cdma2000 1x
3
Current Activities - Security
 Equipment Numbering Identifier security continues
as discussion items during Global Numbering Joint
Expert Meetings moderated by TR-45 EUMAG
hosted by IMEI (GSMA) & MEID (TIA)
Administrators.
 Air-Interface Application Layer Security
Strategic Direction
 TIA expects its TR-45 security work to continue to
be driven by 3GPP2, with input from IETF and
3GPP
 Security for Machine-to-machine communications
will be addressed in 2010-2011
 TR-45 EUMAG Chair moderates IMEI -Global
Decimal Administration (GHA) and MEID -Global
Hexadecimal Administration (GHA) sessions for
co-ordination with Global Numbering
Administrators.
5
Challenges
 ESN resources are exhausted, therefore Global
implementation of MEID and EUIMID for
CDMA2000 is imperative.
 Inconsistent implementation of security in the
networks
• Security is perceived as preventing fraud adequately,
may lead to complacency in some systems
• Cost and complexity are usually cited as reasons for not
using authentication
6
Next Steps/Actions
 TIA plans to continue to monitor the security
environment faced by operators and users
 Any issues identified that are not addressed by
3GPP or 3GPP2 will be studied by TR-45
 TR-8, TR-34, and other TIA Engineering
Committees will continue to work on Security
requirements in their respective standards scope
Next Steps/Actions
 TR-45 EUMAG continues to support ESN/UIM
migration to MEID/EUIMID while maintaining
updates to Numbering Administration guidelines.
 TR-45 EUMAG active participation during 3GPP2
M2M numbering AdHoc studies.
8
Lawful Intercept
9
Current Activities – Lawful Intercept
• TR-45.8 developing a report based on a study conducted
by the TR-45.8 Lawful Intercept Group (LIG) to determine if
new LAES work is needed to support cdma2000 with
Femtocells.
• TR-45.8 2009 report for TR-45 on Potential Technical
Impacts of the Department of Justice (DOJ) petition to the
FCC regarding asserted deficiencies in the LAES
Capabilities for cdma2000® Packet Data Services (as
specified in ANSI/J-STD-025-B);
 No projects have been undertaken to address the impacts identified in
the report
• Awaiting a final ruling from the FCC
• Report shared with ATIS PTSC LAES and WTSC LI Groups
10
Strategic Direction
 For TR-45 - continue collaboration and
coordination with LI development in groups such
as ATIS WTSC and PTSC and 3GPP SA3 LI.
 TR-45 maintains the J-STD-025 LAES series of
joint standards as the lead SDO .
 TR-45 co-ordinates LAES Object IDentifier (OID)
administration under the “TIA” OID tree branch for
ASN.1 modules.
11
Challenges
 Keeping pace with support of LI capabilities with
the ongoing introduction of new features and
services while maintaining LI standards already
implemented
 Consideration of the unique issues presented with
access to the Internet
• e.g., Local Breakout
 Communications protocols involved in technology
areas such as “Smart Grid.”
12
Next Steps/Actions
 LAES for new CDMA features and services
• Potential new work in support of LI for Femtocells
following the completion of the study
13
Summary
 Contributions from ATIS, ETSI, and TIA
• Lawful Intercept
 Focus is on VOIP, Internet Access and Services, Local Breakout, Femtocells, Smart Grid.
 Continue cross coordination and collaboration among the SDOs.
 Challenge is to develop standards to satisfy regulatory/mandated target dates so reliable
implementations can be deployed.
• Security
 Focus on security enhancements for Femtocells, advanced security for HRPD, eHRPD and
XHRPD, Reconfigurable Radio Systems, IPv6, and new developments in the 3G
Partnership Projects. New key area for security is M2M.
 Equipment Numbering Identifier security continues as discussion items during Global
Numbering JEM moderated by TR-45 EUMAG hosted by IMEI (GSMA) & MEID (TIA)
 Stressed importance of cooperation among the SDOs.
 Challenge is to address the inconsistent implementations of security in the network.
 Recommendation
• Retain HIS for GSC-16
14
Supplementary Slides
Recent TR-45 Security/Lawful
Intercept Standards
 TIA-1118, “LAES (Lawfully Authorized Electronic
Surveillance) for cdma2000® WLAN Interworking”
16
Download