E.5 Other CTS security features

3GPP43.020Release 17Security related network functionsTS

Tools: ARFCN - Frequency Conversion for 5G NR/LTE/UMTS/GSM

In 3GPP TS 42.056 the requirements of a series of additional security services and functions for the CTS are defined. They should provide, amongst others, protection against misuse of equipment

This subclause describes the CTS security features that concern:

– secure storage of sensitive data in CTS-MS;

– secure storage of sensitive data in CTS-FP;

– CTS-FP de-initialisation;

– CTS-FP reprogramming protection.

E.5.1 Secure storage of sensitive data and software in the CTS‑MS

E.5.1.1 Inside CTS-ME

The storage of the IMEI should be according the requirements described in 3GPP TS 42.009. Secure storage of sensitive data inside non-volatile memory of the CTS-ME should follow the directives in 3GPP TS 42.056.

E.5.2 Secure storage of sensitive data and software in CTS-FP

The IFPEI is stored in the CTS-FPE according to the same requirements for storage of the IMEI as described in 3GPP TS 42.009. Other sensitive data shall be stored securely.

The timer for operation control should be stored in a secure way.

E.5.3 CTS-FP reprogramming protection

Reprogramming shall only be possible by the manufacturer of the CTS-FP and authorised services. The specification of the method is up to the manufacturer.