A Home Node-B (HNB) is used to provide the third generation mobile communication system (3G) wireless coverage to the 3G mobile phone in the home area so as to connect the existing residential broadband service. It comprises the function of one standard node B (one element in the 3G macro radio access network) and radio resource management functions of one standard radio network controller (RNC).
FIG. 1 describes the system architecture of a HNB. Wherein, the interface between the third Generation Partnership Project (3GPP) and the HNB is a backhaul and compatible air interface in the universal terrestrial radio access network (UTRAN). The HNB accesses the operator's core network via a security gateway (SeGW), wherein the broadband Internet protocol (IP) backhaul between the HNB and the SeGW might be insecure. In the backhaul, the transmitted information should be protected by a secure channel established between the HNB and the SeGW. The SeGW is on behalf of the operator's core network to carry out mutual authentication with the HNB. The HNB Gateway (HNB GW) and SeGW are two logically separated entities within the operator's core network, and they are used to control the access of the user equipment (UE) in a non closed subscriber group (CSG). The HNB management system (HMS) connects directly with the HNB via broadband IP backhaul, or via the SeGW. The HMS requires secure communications.
FIG. 2 describes the system architecture of a home evolved Node-B (HeNB). The difference between the HeNB and the HNB is that the HeNB is an air interface connecting the 3GPP user equipment with the Evolved Universal Terrestrial Radio Access Network (EUTRAN).
H(e)NB (Home (evolved) Node-B) comprises a HNB and a HeNB, and the HNB and the HeNB are collectively called H(e)NB. The H (e) NB Management System (H(e)MS) comprises a HMS and a HeMS and the HMS and the HeMS are collectively called H(e)MS.
For H(e)NB security, 3GPP TR 33.820 defines 27 kinds of threats. These 27 kinds of threats are grouped into seven categories. They are respectively: threat to the H(e)NB certificate, physical attack on the H(e)NB, attack on the H(e)NB structure, attack on the H(e)NB protocol, attack on the core network (including attack based on H(e)NB location), attack on user data and identity privacy and attack on radio resources and management.
In the 27 kinds of threats defined in 3GPP TR 33.820, threats such as deceptive software update and software architecture change, wrong configuration of H(e)NB, incorrect configuration of an access control list or attack on access control list, attack on the middleman in the H(e)NB, and attack on the H(e)MS and its transmission data, are due to insecure downloading of the H(e)NB configuration data or software.
In practical applications, due to the large-scale use of H(e)NB and great breadth and flexibility of application, since the insecure transmission of data or software imposes a heavier burden and threats to the H(e)NB and the H(e)MS, there is not a perfect solution for securely transmitting the H(e)NB data in the related specifications to date. In particular, there is not any reasonable operation on the already downloaded but not authenticated configuration data and the H(e)NB software update.