Common security management for CDMA2000 1x and 1x EV-DO networks

The security of mobility voice networks has traditionally been ensured by deploying point-to-point circuit-switched transport between network elements and by isolating the voice infrastructure from the public data network. However, with the introduction of new services such as Voice over Internet Protocol (VoIP) and the trend toward IP transport between network elements, this approach is no longer adequate. To guarantee the security of IP-based voice and data networks, both human-to-machine and machine-to-machine interfaces must be secured using an approach that is consistent with industry best practices, and is robust and easy to manage. This paper describes a common infrastructure for managing network element security, encompassing both CDMA2000* 1x and CDMA2000 1x evolution data optimized (1x EV-DO) networks that contain hundreds of individual network elements. The architecture provides a common, centralized infrastructure for security management, including configuration management, data audits, logging, and key distribution. The networks are secured against both internal and external threats by addressing standard security dimensions such as authentication, privacy, non-repudiation, and access control.