With all the excitement that gathers around the public debut of any new, widespread high technology, many nagging details go overlooked or are brushed aside for the moment. Long-term evolution (LTE) mobile phone technology is no exception.
The base station networks are being deployed, 3G sites upgraded, microwave backhaul engineered to support the new service and other first order considerations. Many wireless operators have taken the plunge into the deep end of the LTE pool, and are now swimming for the ladder. While they're keeping their operational heads above water, security has yet to be addressed.
As I noted in my previous Industry Insight, LTE brings along with its enhanced capacity and latency a number of security issues.
While subscribers have their concerns regarding the security of their wireless phone calls, text messages, mobile banking and other app usage, operators have their own worries vis-`a-vis LTE. Network management is chief among these.
Even if the subscriber payload of an LTE microwave backhaul network is secure, the management may not be, allowing malefactors to divert, drop or even kill traffic. Without secure management, operators' LTE backhaul traffic could be at the mercy of hackers, cyber criminals or, worse, electronic warfare.
With the shift to IP-based LTE networks, the offenders are finding ways to wreak havoc on backhaul networks from their tablets, smartphones and other mobile devices. Unsecure management channels can allow them to create mismatched frequency settings between radios, reconfigure circuitry or reroute payload.
For example, there was an instance where unauthorised users took control of a motorised antenna, and repeatedly sent instructions for the motor to adjust the position of the antenna, eventually draining the batteries for the entire site. Therefore, the network management channel must be protected.
What is secure management?
In a microwave network specifically, management should be FIPS 140-2 Level 2 compliant. By being compliant to FIPS 140-2 Level 2, an internationally recognised electronic protection standard developed by the Computer Security Resource Centre, operators can know their management solution has been rigorously tested by independent, third-party laboratories to exceed the level of security called for in the standard.
Compliant, secure management for an LTE microwave radio backhaul has to comprise a number of capabilities. But among the most important attributes it must possess, there should be:
* Secure interfaces
* Physical security
* Security permissions and event logging
Secure interfaces
Secure interfaces are at the heart of secure management. Secure interfaces help actualise high-level ciphering of the management channel as per AES 128- or 256-bit encryption (Advanced Encryption Standard).
Under this regime, messages sent from the network operations centre (NOC) or an in-the-field engineer using a 'craft tool' to the radio, are protected and not subject to compromise or malicious spoofing by unauthorised users. Secure management also protects against accidental or unintentional misconfiguration of the network by those not qualified or certified to make changes.
Moreover, secure interfaces are vital to accessing LTE microwave backhaul over unsecured networks, such as the Public Switched Telephone Network (PSTN), WLANs/LANs with unsecured access points, the cloud, and others.
However, when properly protected, backhaul networks defended by secure interfaces that establish tunnels between the management interface on one end and the microwave radio on the other can be safely accessed. At that point, NOC engineers can monitor network performance and manage the operation of the backhaul with peace of mind.
Hi-tech protocols
Compliant solutions, providing secure interfaces for secure management, will use modern protocols, such as SNMP v3 (Simple Network Management Protocol) interfacing for centralised administration from NOCs, or TLS v1.2 (Transport Layer Security) tunnelling for engineers in the field using a craft tool.
Secure interfaces are vital to accessing LTE microwave backhaul over unsecured networks.
Another factor to consider is defending the software/firmware upgrade path for microwave radios for LTE backhaul. Because many microwave radios are installed on very high towers, in inaccessible sites and/or at remote locations, it is critically important that secure downloading of radio software be supported.
Fortunately, a familiar solution no further away than a Web browser proves more than adequate to the task at hand: HTTPS - the secure form of the ubiquitous HTTP prefix used in Firefox, Chrome, Safari and so on for Internet addresses. Implemented with secure sockets layer (SSL), which protects most e-commerce transactions, HTTPS enables code delivery via microwave to the radio into encrypted configuration files.
And this is so much better than having a crew-member climb a tower and precariously perch himself, while fumbling with an Ethernet cable to fit into a radio port, in order to complete the same software upgrade process.
Physical security
This brings me to my next point regarding protection of LTE for operators and subscribers alike: physical security of the radio. It may seem like a mundane consideration, but all the unused, unsecure ports on an LTE microwave backhaul radio have to be physically disabled, which means the ports must be glued shut - or other actions with the same effect.
Many of the most famous - or infamous - network security incidents in recent times have been the result of physical breaching of computer systems, as opposed to electronic espionage. For example, the Pentagon and US defence contractors have had Trojans, spyware and viruses introduced into their otherwise airtight infrastructure as a result of negligent or malicious docking of USB thumbdrives of dubious origin onto network-attached laptop and desktop computers. Let this be a warning: never pick up a random memory stick at a tradeshow and use it for business!
Of course, this is mostly an analogy - but the concept is the same. Available ports on the radio must be physically blocked. Only the ports intended for rare usage should be accessible. And then they should be covered by tamper-evident labels so the only way that someone can utilise the port is by altering the label in such a manner that it cannot be reaffixed to the radio without revealing the evidence of the malevolent activity. Also, radios must be enclosed in all-metal housing so they are not easily broken into.
Security permissions and event logging
Microwave misconfigurations - intentional and unintentional - result from acts by personnel inside the operator firewall. However, a secure management solution would enable centralised, sophisticated permissions granting to limit who can configure microwave radios and to what extent.
But, of course, no security is 100% foolproof! For that infinitesimal number of times security fails for LTE microwave backhaul, forensics capability must be embedded to find the perpetrators of breaches. A security logging function hosted on the radio enables network administrators to analyse any security event activity taking place in the network, perform root-cause analysis and enforce accountability. System events such as power up, software reboot, login attempts and even access to the event log are vital functions that any FIPS-140-2 Level 2 compliant security logger must support.
A security event logging feature could record all management activity for improved accountability, troubleshooting and root-cause analysis.
In the next Industry Insight, I will look at access control necessities in a strongly secured LTE microwave radio backhaul wireless network.
Share