Security and Mobility Aspects of Femtocell Networks

Security and Mobility Aspects of Femtocell Networks

Suneth Namal (Center for Wireless Communication, Finland) and Andrei Gurtov (Center for Wireless Communication, Finland)
DOI: 10.4018/978-1-4666-0092-8.ch008
OnDemand PDF Download:
List Price: $37.50


This chapter discusses security and mobility aspects of femtocell networks, given protocol level descriptions in the subsections. The connectivity between FAP and core network has a high risk of being compromised. The chapter discusses how Host Identity Protocol (HIP) can be adapted in femtocell technology to improve security and mobility issues. This chapter presents several enhancements to the femtocell technology such as strong authentication, service registration, identity verification, and node multihoming. In addition, Encapsulating Security Payload (ESP) is used to provide confidentiality, data origin authentication, connectionless integrity, anti-replay service, and limited traffic flow confidentiality. Furthermore, enhanced mobility support by means of locator/identity separation and node multihoming is discussed in the scope of 3GPP femtocells.
Chapter Preview


Femtocell security architecture consists of three major stratums such as access security stratum, UE access control stratum and mobile network security stratum. FAP access security is provided in terms of mutual authentication, establishment of secure association, authorization, location looking mechanisms and the SeGW located in the border of the core network. Network domain security includes the security communication between SeGW and the core network whereas, UE access security includes access control based on Close Subscriber Groups (CSG) applicable legacy UEs. However, FAP authentication and message encryption across unreliable Internet or broadband access are major security considerations in femtocell networks.

Femtocell backhaul is vulnerable to any external attack since; there is no guarantee of security by the network provider. The femtocell security aspects are not yet standardized according to the 3GPP specifications (Akyildiz, Xie, & Mohanty, 2004). Thus, there are many ongoing research efforts to enable an end-to-end secure communication in femtocell technology. FAP authentication is a major consideration in femtocell security. In general, FAP authentication is performed using Extensible Authentication Protocol Method for Authentication and Key Agreement (EAP-AKA), certificate or as a combination of both. The 3GPP standard presumes validation and authentication to be performed sequentially. Thus, during the initial power-up, FAP gets authenticate to the core network. If the certificate based authentication is used, the mutual authentication between the FAP and the core network is performed with X.509 certificate which is already configured at FAP and SeGW. Rather, Universal Integrated Circuit Card (UICC) that defines the identity of the secondary hosting party is used for the authentication (Akyildiz, Xie, & Mohanty, 2004).

Complete Chapter List

Search this Book: