Risk analysis and software integrity protection for 4G network elements in ASMONIA

Abstract

The paper gives an insight into current ASMONIA research work on risk analysis, security requirements and defence strategies for 4G network elements. It extends the 3GPP security architecture for 4G networks, in particular when being part of critical infrastructures. Based on identified requirements it focuses on enhanced protection concepts, aiming to improve implementation security of threatened elements in 4G networks through attack resistant mechanisms for integrity protection, covering attacks against a system during boot- and execution-time. The concepts concentrate on generic mechanisms that can be applied to 4G network elements and complete other methods researched in ASMONIA. The paper describes infrastructure aspects of software integrity in mobile networks and provides proposals for implementation of verification and enforcement processes inside self-validating target systems. The proposals are based on typical exemplary systems, relying on Linux and QEMU/KVM. © 2012 Springer-Verlag.