Enhancing Security In Tracking Area Update (TAU) Procedure In LTE Networks

LTE System Structure and Working Mechanism

Question:

Write an essay on "improving the security techniques in 4G LTE".
 

The emergence of LTE as the preferred communication technology in the global arena, shows that the issue of security is an immediate concern that the MNO (mobile network operators) need to focus (Abeta, 2010). Designers of the LTE network architecture always kept simplicity in mind that accepts the IP based new system with MME (mobile management entity) and ‘Serving gateway’ as the indispensable elements. This new system however, needs the security design as its protocols including authentication process, session management which is the key to the LTE adoption success at commercial level. The LTE system consists of the location status update and paging which is composed of ‘Tracking areas TA’ in ‘Tracking area list TAL’ (Bikos & Sklavos,  2013). It is widely known fact that each of the MNO has implemented its own security system and mostly are using DoS (denial of service) attack detection technologies. The issue hence is to evaluate the TAU (Tracking area update) analysis that is integral to the LTE operations process is of emerging importance to the MNO firms that should be able to protect the service gateway. In an  evolutionary note, each of the LTE networks need to try to design the security mapping that addresses the broader technical and stakeholder requirements (Astely et al., 2013).  

The LTE system assigns the security  element to the TA  but the security system at each phase in the total architecture thwarts the intrusion which largely a gap.  The emergence of the technology in the mobile communication which lacks in the security features therefore needs the security to be enhanced in order to TAU method in the networks supporting LTE to be robust and failsafe (Cao et al. 2014). It will hence be a long term solution and preferred platform or else the LTE technology will lose the commercial viability with an abrupt end in the adoption cycle by users and also by MNO. 

To find out the security enhancement in Tracking Area Update(TAU) procedure in LTE (Long Term Evolution) networks

• To understand the LTE network architecture and working mechanism
• To evaluate the security structure and TAU
• To find out the best practices of security enhancement system from global cases
• To propose the evolutionary security enhancement in TAU for evolution in the LTE networks

Question 1: What is the structure of LTE network and its working mechanism?

Question 2: How does the security in TAU work and affect whole system?

Question 3: What are the security best practices that can aid enhancements?

Question 4: How can best practices be applied in TAU to make LTE failsafe?

In order to understand the criticalities, the literature review will outline the past research and the concepts which will shape the discussion. The current research will be carried out in the arena of LTE which is an emerging mobile technology platform in the world. However there issues of security are plaguing the lifecycle of the technology platform and hence it calls for the developers to take a note on that.

The LTE architecture has the MME which is the control plane entity and supports the TA list management (Abdul Basit, 2009). The Tracking Area TA, is referred to the limits within which the user of LTE can access the network without notifying the MME (Piro et al. 2011). The TAL or tracking area list is what the UE gets from a mobile cell in the form of TAI or tracking area identity. The element TAU tracking area update hence can inform the EPC (evolved packet core) for all the registered UEs in the connected state (Purkhiabani & Salahi, 2011).

The Security system in TAU and its Impact on the whole System

The TAU procedure, as it is defined, gets the triggers. The UE initiates it by sending a TAU request to the eNoDeB that carries the RRC parameters for the rebalancing of load. The eNoDeB derives MME in the selected network, where UE shows that TAU procedure is active and triggered by load rebalancing (Purkhiabani et al. 2011). The new MME that receives the GUTI from UE usually sends a context request to get the user information. UE validates that new MME has validated the integrity protection of TAU message. If the context request send then the old MME usually responds with the message, so the integrity of TAU request message is checked, which in case does not match then fails the authentication. However, MME either skips authentication or accepts it to continue TAU procedure, while when UE (emergency and non emergency) services fails, MME continues the TAU procedure with deactivation of PDN connection. MME can change to a new MME and relocate to SGW, and serve a new SGW. It also verifies the EPS bearer status from UE in relation to other bearer context, while SGW informs PGW in relation to the new change that is updated (Razavi et al. 2014). This returns a modified bearer response MSISDN to route the PDUs to the PDW. It in the eNoDeB that creates a session response for the new MME that verifies if it holds data for the UE or by the IMSI of the context data from old node. MME sends an update location request to HSS, and the SGSN registration is not cancelled.  If the EPS bearers of UE has an emergency value then new MME skips updation of location process. HSS sends cancel location (IMSI) to old MME. If the CSG ID has expired, MME sends a tracking area update reject message to UE (Roy et al. 2012).  

There are many conditions through which the TAU procedures can be triggered and most commonly when the UE detects its presence in a new area, that is registered with the MNO network, or when TA has expired over time (Khandekar et al. 2010). The first issue where the UE enters the new TA which does not have the list of TAIs that is registered with UE is a known issue. The security issues as per the signalling procedures show that the there is an integrity check when the context request message is there. There is evidence that LTE system architecture assumes itself as a default initiator, so for the illegal third party users attacking MME is easy as it does not have any protection protocol (Chung, 2011). Thus, the TAU methods which is dependent on the MME completely does not have enough strong safety mechanism  in terms of vulnerability from the external attacks.

The overloading of the serving gateway happens when the MME gets the context of multiple users and it send the create bearer request to the serving gateway. The overloading happens when the UE switches to the new TA has exceptions to it (Lei et al. 2012). MME even after authentication procedure from UE, send a large number of  create bearer request on real time. The phone which has programmable features can connect and trigger, the TAU requests which are send to new serving gateway from the eNodeB. The third situation is when the users send TAU requests to validate the users. The MME is housed in a safe network which is insufficient to ward off the third party intrusions when there is falsifying of user validation (Doppler et al. 2009).

Security Best Practices that can aid Enhancements

The enhancement of security hence seeks an architecture which is capable of recognising the problem earlier discussed. The incapability of recognising the mobile phone is a concern and hence an unique code like IMSI name and number in a TAU message can be useful (Liou et al. 2013). The change in the configuration is a necessary step that will ideally seek to gather information about the best practices of security in the mobile telecommunication s platform. Most importantly, the issue of serving gateway overload  is a issue that needs introspection. The TAU procedures needs attention as the TAU request message that leads to MME working improperly ideally needs check as it causes ‘create bearer request’ in the system. The ability to falsify information like number of users, also triggers of TAU procedures needs a check (Purkhiabani & Salahi, 2011). The new security either needs the time based security protocols, or design identity responsive system which will eliminate the false phone users in the network. The discarding of the packet of information by the Serving gateway can be strengthened by alternate technologies that support to identify the user (Ewe & Bakker, 2011).

The current LTE structure does not allow which shows gap in the security mechanism as third parties are able to fake the user identity to stay in the network and intrude the platform. This gap in the security has the opportunity to seek a solution that fills in the gaps in the existing system. The intrusion instances will be studied from the real time data and frequencies will be maintained and can  lead to the trends which can be opportunities to find security enhancements. In this research the new security solution will be a new phenomenon which will be a study of the existing trends.  

The current research will be carried out using an exploratory investigation as existing research on the chosen topic is inadequate.  Exploratory research will be supported by qualitative data collection, mainly collected from secondary sources and analysed using case study design.  Hence, the inductive method of theory/knowledge building will be feasible while understanding the security enhancement in TAU procedure in LTE networks. The researcher will follow a interpretivism philosophy which will help to carry out subjective research, instead of statistical analysis or mathematical calculations. Each of the research elements chosen in the methodology is discussed below with appropriate justification for making such choices –

Denzin and Lincoln (2011) explained that exploratory research is usually followed when the actual research problem is not clearly defined and further studies are necessary to understand the nature of problems.  It mainly emphasises on understanding the ‘what’ of the problems by focusing on elaborate theories, explanations, perceptions and emotions shared by the research subjects. Using exploratory investigation, offers flexibility to carry out research using an informal approach rather than chasing already identified research problems, or testing hypothesis. Through exploratory research, what is the mechanism of security enhancement in TAU procedure in LTE networks will be identified and presented.

Interpretivism is a branch of epistemology that supports exploratory research and thematic analysis of subjective data obtained through qualitative data collection (Saunders et al. 2009). It opposes the positivist philosophy of quantitative research, scientific data testing and arriving at objective outcomes.  Interpretivism is found suitable because the current study requires elaborate understanding on security enhancement in TAU and related concepts that is possible through qualitative research.  The scope for scientific/statistical data testing is limited in this research, as the trend analysis to find the gaps in security lapses and reasons will be tabulated.

Applying Best Practices in TAU to make LTE Failsafe

Inductive approach, as a theory building process starts with the observation of a phenomena, collection of elaborate data (usually qualitative research), studying the data patterns, formulating tentative hypothesis, and finally developing new knowledge base (Saunders et al. 2009). Deductive approach follows an opposite pattern, and tests already existing theories/concepts using quantitative approach.

Inductive approach will be suitable because it will help to understand the procedures followed in security enhancement in TAU by studying existing research that already exists. Moreover, inductive research also aligns with the exploratory investigation, interpretivism and qualitative data collection to arrive at new concepts. 

Qualitative research emphasises on discovering & understanding experiences, thoughts and perspectives of human subjects either through interaction or stories already published. Qualitative research helps to maximise objectivity and generalisibility of the findings using extensive analysis of subjective information (Denzin and Lincoln, 2011). 

Qualitative research will help to understand the and interpret the opinion already put forward by experts dealing with security enhancement in TAU in long term evolution (LTE) networks in the information technology field.  By interpreting already published data through secondary research such as case studies, thematic analysis can be carried out in order to clearly identify the problem and develop a conceptual framework.

Quantitative research will not be suitable because it focuses more on statistical (quantitative) data testing to resolve a clearly identified problem. Quantitative research also aligns with positivism, deductive approach, and usually descriptive investigation that will not be suitable to understand the mechanisms used for security enhancement in TAU procedures in LTE networks.

Qualitative data can be collected using interviews, focus group, action research (primary research) and case studies (mainly secondary research) depending on the feasibility, timelines, and complexity involved in the chosen topic. However, in the current research, the use of ‘case studies’ will be followed to collect qualitative data from already published journals, articles, reports, research papers, and discourses relating to the IT subject. 

Yin (2009) explains that the use of case study, when integrated with exploratory research, is made to investigate ‘what’ questions.   Case study will help to maintain flexibility by going through diverse research materials already published on security enhancement in TAU procedure in LTE network. By going through published materials, the researcher will be able to understand the complex issues, and focus on details contextual analysis relating to existing events or situation.  It will also help to carry out an empirical enquiry that will help to investigate the  chosen phenomena within real life context (Yin, 2009). The following will be the steps to carry out case study research using qualitative data collection –

• Determine/define the research question
• Select appropriate cases to determine data collection and techniques for analysis
• Make preparation for data collection
• Data collection (mainly empirical)
• Analysis and evaluation of data
• Preparation of the report

The creation of an enhanced security system hence will be closely related to the PLC (product life cycle curve) that will test the robustness of security in the LTE framework. 

References

Abdul Basit, S., 2009. Dimensioning of LTE Network Description of Models and Tool, Coverage and Capacity Estimation of 3GPP Long Term Evolution radio interface. Department of Electrical and Communications Engineering, MsC. 

Abeta, S., 2010. Toward LTE commercial launch and future plan for LTE enhancements (LTE-Advanced). 

Association, G. mobile S., 2014. 

Astely, D. et al., 2013. LTE release 12 and beyond. IEEE Communications Magazine, 51(7), pp.154–160.

Bikos, a & Sklavos, N., 2013. LTE/SAE security issues on 4G wireless networks. S&P, vol. 11, n(March-April 2013), pp.pp. 

Cao, J. et al., 2014. A survey on security aspects for LTE and LTE-A networks. IEEE Communications Surveys and Tutorials, 16(1), pp.283–302.

Chung, Y.W., 2011. Adaptive design of tracking area list in LTE. In 8th IEEE and IFIP International Conference on Wireless and Optical Communications Networks, WOCN2011.

Denzin, N. K. and Lincoln, Y. S. (2011) The SAGE Handbook of Qualitative Research.  Page 271, 4th ed. London: Sage Publications.

Doppler, K. et al., 2009. Device-to-device communication as an underlay to LTE-advanced networks. IEEE Communications Magazine, 47(12), pp.42–49.

Ewe, L. & Bakker, H., 2011. Base station distributed handover optimization in LTE self-organizing networks. In IEEE International Symposium on Personal, Indoor and Mobile Radio Communications, PIMRC. pp. 243–247.

Khandekar, A. et al., 2010. LTE-advanced: Heterogeneous networks. In 2010 European Wireless Conference, EW 2010. pp. 978–982.

Lei, L. et al., 2012. Operator controlled device-to-device communications in LTE-advanced networks. IEEE Wireless Communications, 19(3), pp.96–104.

Liou, R.H., Lin, Y.B. & Tsai, S.C., 2013. An investigation on LTE Mobility management. IEEE Transactions on Mobile Computing, 12(1), pp.166–176.

Piro, G. et al., 2011. Simulating LTE cellular systems: An open-source framework. IEEE Transactions on Vehicular Technology, 60(2), pp.498–513.

Purkhiabani, M. & Salahi, A., 2011. Enhanced authentication and key agreement procedure of next generation evolved mobile networks. In 2011 IEEE 3rd International Conference on Communication Software and Networks, ICCSN 2011. pp. 557–563.

Purkhiabani, M. & Salahi, A., 2011. Enhanced authentication and key agreement procedure of next generation evolved mobile networks. In 2011 IEEE 3rd International Conference on Communication Software and Networks, ICCSN 2011. pp. 557–563.

Purkhiabani, M., Salahi, A. & Nejati, M., 2011. Analysis of authentication traffic in next generation 3GPP LTE networks. In 7th International Conference on Wireless Communications, Networking and Mobile Computing, WiCOM 2011.

Razavi, S.M. & Yuan, D., 2014. Reducing signaling overhead by overlapping tracking area list in LTE. In 2014 7th IFIP Wireless and Mobile Networking Conference, WMNC 2014.

Roy, a., Shin, J. & Saxena, N., 2012. Entropy-based location management in long-term evolution cellular systems. IET Communications, 6(2), p.138.

Saunders, M. N., Lewis, P. and Thornhill, A. (2009) Research methods for business students, Page 52, 5^th ed. Harlow: Prentice Hall

Yin, R. K. (2009). Case study research: design and methods (4th ed.). Thousand Oaks, CA: Sage.