Secure base stations

Peter Bosch, Alec Brusilovsky, Rae McLellan, Sape J. Mullender, Paul Polakos

    Research output: Contribution to journalArticleAcademicpeer-review

    2 Citations (Scopus)
    12 Downloads (Pure)


    With the introduction of the third generation (3G) Universal Mobile Telecommunications System (UMTS) base station router (BSR) and fourth generation (4G) base stations, such as the 3rd Generation Partnership Project (3GPP) Long Term Evolution (LTE) Evolved Node B (eNB), it has become important to secure base stations from break-in attempts by adversaries. While previous generation base stations could be considered simple voice and Internet Protocol (IP) packet transceivers, newer generation cellular base stations need to perform more of the user- and signaling functions for the cellular radio access network. If adversaries can physically break into newer base stations, they can perform a range of undesirable operations such as snooping on conversations, carrying out denial-of-service attacks on the serving area, changing the software base of the base stations, stealing authentication and encryption keys, and disrupting legitimate cellular operations. The cell-site vault is a secure processing environment designed to resist such tampering and to protect the sensitive functions associated with cellular processing. It provides an execution environment where ciphering functions, key management, and associated functions can execute without leaking sensitive information. In this paper, we present the basic principles of the cell-site vault and present an overview of the types of functions that need to be protected in future base stations for cellular networks. We address the importance of providing a trust hierarchy within the cell-site vault, we present why the vault needs to be used to establish secure and authenticated communication channels—in fact, why the vault needs to be used for most external communications—and we present why it is important to execute functions such as data re-encryption inside the vault. A femtocell or home base station is particularly vulnerable to attacks since these base stations are physically accessible by adversaries. In this paper, we focus in particular on a cell-site vault design for a femto-class base station, including its standardization efforts, as it is challenging to include both secure and nonsecure processing inside a single “system-on-a-chip.‿
    Original languageEnglish
    Pages (from-to)227-243
    Number of pages17
    JournalBell labs technical journal
    Issue number4
    Publication statusPublished - 25 Feb 2009


    • IR-80486
    • EWI-21898


    Dive into the research topics of 'Secure base stations'. Together they form a unique fingerprint.

    Cite this