In Chapter 9, it was discussed how it was essential for LTE/SAE to separate the communication between the core and the UE to the AS and the NAS. This separation was also applied in terms of security whereby the security of the AS (i.e., RRC security in eNB) was separated from the security of the NAS signaling. Two other relevant decisions were made in the design of the security architecture for LTE. The first is that the user plane security terminates above the eNB; the second, that the radio link and the core network must have cryptographically separate keys. These requirements result in LTE having two layers of protection, differentiating the E-UTRAN from the UTRAN which only a one layer perimeter security. These two layers are shown in Figure 14.1, where the first provides the RRC security and the User plane protection, while the second layer provides the NAS signaling security.
The immediate advantage of this rationale is that a compromise at the first layer (i.e., if an eNB or an HeNB is compromised), it would be hard to compromise the security of the eNB/HeNBs (i.e., other elements in the first layer) or the core (i.e., layer 2). This means that placing eNBs in vulnerable locations is more practically accessible in LTE.
Resources for this chapter can be sought as follows.