The LTE (Long Term Evolution) and SAE (System Architecture Evolution) architecture is currently being specified by 3GPP, e.g. for inclusion in 3GPP Release-8. FIGS. 1a and 1b show conventional architectures so far agreed as part of the SAE/LTE standardization work in 3GPP, e.g. as described in 3GPP TS 23.401 for the non-roaming scenarios. FIG. 1a shows Non-roaming architecture for 3GPP accesses and FIG. 1b shows non-roaming architecture for 3GPP accesses in a single gateway option.
Transport Network level security in the S1 interface (i.e. both the S1-MME and S1-U interfaces) is needed in many deployment scenarios between Evolved UTRAN (E-UTRAN), comprising a single node type called E-UTRAN NodeB (eNodeB), and the Core Network (CN) nodes, Mobility Management Entity (MME) and Serving Gateway (FIGS. 1a and 1b also show the PDN Gateway and the combination of the Serving Gateway and PDN Gateway is also known as SAE-GW which is the term used in this application for both these gateway nodes). The S1 interface (both the S1-MME and S1-U interfaces) may traverse insecure IP networks. One example of such a deployment scenario is the Home eNodeB (HNB) concept currently being studied in 3GPP.
The S1 interface security is based on IPsec tunnels which are established between the eNodeBs (or HNBs) and the Security GateWays (SEGW) in the network side. The SEGW functionality could theoretically be incorporated in SAE-GW's and MME's, however it's most likely that this will be handled by dedicated equipment due to the quite heavy processing capacity needed for IPsec.
The signaling sequences to establish a dedicated SAE/LTE bearer is shown in FIG. 3. This figure shows as an example that the bearer is created for an IMS VoIP/SIP call/transaction in the case when network initiated bearer activation is applied via the Policy and Charging Rules Function (PCRF).
The interface between the P-CSCF and the PCRF is called “Rx+”-interface and is based on the Rx-interface which is specified for 3GPP, e.g. Release-7 in 3GPP TS 29.214. The interface between the PCRF and the PDN gateway (and so the SAE-GW) is called S7-interface and is based on the Gx-interface which is specified for 3GPP, e.g. Release-7 in 3GPP TS 29.212.