One of the latest trends in the enhancement of mobile networks is the deployment of small-cells or femto-cells. These are small, cellular base station, typically designed for residential or enterprise customers. In order to keep products attractive, production costs need to be low. However, this may backfire and might put the devices as well as the operators’ core network in danger.
Small cells are usually deployed in insecure environments. However, physical security is not provided in the extent of base stations (e.g. Node Bs). Thus verifying the integrity of a small cell is of high relevance to impede that attackers or malicious cell-owner overcome protection mechanisms.
Fraunhofer SIT has developed multiple solutions to make small cells more secure.
First, Fraunhofer SIT has developed a protocol that provides for
- Authentication of link between small cell and core network
- Detection of physical access or hardware manipulation
- Detection of unauthorized software manipulation / malware
- Detect and prevent insider attacks
Second, dynamic firewalling or software-defined networking can be applied within the operator‘s network in order to enable a more fine-grained access control of cell user. Authentication or usage of a small cell triggers dynamic firewall configuration. This prevents attacks on core network resources and services due to reduced amount of allowed communication paths.
Additionally, the small cell security solution enables for secure remote device management and software upgrades.
Fraunhofer SIT provides the following offers to small cell manufactures, small cell software developers and network operators:
- Tailor-made prototype on customer’s platform
- Transferring our knowledge in hardware security
- Design and implementation of secure network protocols
- Concepts for securing network infrastructures (e.g. core network)
- Demonstration of trust establishment in mobile ad-hoc networks
- Provide consulting service in the area of mitigation of insider threats and APT treatment