1. Field of the Invention
The present invention relates to wireless communication system. More particularly, the present invention relates to a security system and method for protecting a control message exchange from attacks in a wireless communication system.
2. Description of the Related Art
In an Evolved Packet System (EPS) under development for an evolution or migration of a 3rd Generation Partnership Project (3GPP), Mobility Management Entity (MME) is a control entity responsible for mobility management of a control plane. With the introduction of the MME, research is being conducted to reinforce security using a Non Access Stratum (NAS) protocol in addition to security and authentication procedures executed on an Access Stratum (AS). The research focuses on reinforced security management with independent security procedures on an AS layer and an NAS layer.
A current AS protocol-based security management method uses User Equipment (UE) security capability information derived from a UE security capability acquired by the NAS protocol. However, detailed procedures and features for validating information delivered in the NAS information are specified. Accordingly, currently specified procedures and messages are vulnerable to attacks, such as a Man-In-The-Middle (MITM) attack. Therefore, it is required to modify at least one of the NAS protocol, a AS protocol and an S1 interface message to reinforce the security.
Furthermore, a current 3GPP Evolved Packet System (EPS) assumes the UE security capability for use on an AS level is derived from the UE security capability of an NAS level, but does not specify any mechanism for security capability validation. Thereby, the UE security capability may be exposed to attacks, such as the MITM attack.
Therefore, a need exists for a security system and method for securing attacks in a wireless communication system.