Network equipment/system identity authentication issues: Illegal access/counterfeit equipment (such as base stations) will lead to illegal information acquisition or implantation, as well as direct attacks on the core network, and the urgent need for identity verification for networked devices to prevent illegal access;
End-to-end data transmission confidentiality issues: In order to prevent the leakage of information content and malicious network monitoring, encryption technology is required to ensure that the transmitted data content is not stolen, monitored and leaked;
End-to-end data transmission integrity issues: the tampering of the transmission information content will lead to the destruction of integrity and adverse consequences. To ensure data integrity and prevent malicious tampering of data, it is necessary to introduce corresponding cryptographic technology to ensure the integrity of data content;
Build an independent LTE-PKI system to realize the provision of comprehensive certificate management services such as automatic registration, application, and renewal of CA certificates for base stations, security gateways, management systems and other equipment and systems through the SCEP/CMP protocol.
The PKI certificate authentication system is closely integrated with Huawei's LTE network to form a complete set of unified security solutions to achieve password-based trusted identity authentication, trusted network access, and data communication security for the overall LTE network, and build a safe and trusted security foundation for the LTE network facility.
Equipment access authentication: Provide comprehensive certificate services for base stations through the PKI/CA certificate authentication system, realize access authentication based on digital certificates when base stations access the network, and ensure the credibility and safety of the identity of the base station equipment.
Data transmission confidentiality: realize end-to-end encrypted transmission of data information between base station and base station, base station and base station management system, base station and security gateway, etc., to realize reliable data communication guarantee;
Data transmission integrity: realize end-to-end protection of data information transmission integrity between base station and base station, base station and base station management system, base station and security gateway, etc., to prevent data from being maliciously tampered with.
I want to consult