Table of Contents
Advertisement
eA380 Series LTE CPE
User Guide
User Authentication and Access Control
User authentication and access control are implemented for users to be served by the eA380.
The objective of authentication is to identify users and grant the users with proper permission.
The objective of access control is to specify and restrict the operations to be performed and
the resources to be accessed by the users.
OM System Security
OM system security includes software integrity check.
In the original procedure for releasing and using the software, the software integrity is ensured
by using cyclic redundancy check (CRC). CRC can only prevent data loss during
transmissions. If data is tampered with during transmissions, a forged CRC value will be
regarded as valid by the CRC. Therefore, the receive end cannot rely on the CRC to ensure
the consistency between the received data and the original data, adversely affecting the
reliability and security for the software.
Software integrity protection implements the Hash algorithm or adds a digital signature to
software (including mediation layers and configuration files) when releasing software, and
then uploads software to the target server or device. When a target device downloads, loads,
or runs software, the target device performs the Hash check or authenticates the digital
signature. By doing so, software integrity protection ensures end-to-end software reliability
and integrity.
Software integrity protection helps detect viruses or malicious tampering in a timely manner,
preventing insecure or virus-infected software from running on the device.
Digital Signature of Software
A digital signature of software is used to identify the software source. It ensures the integrity
and reliability of software.
When software is released, its digital signature is delivered with the software package. After
the software package is downloaded to an NE, the NE verifies the digital signature of the
software package before using it. If the digital signature passes the verification, the software
is intact and reliable. If the verification fails, the software package is invalid and cannot be
used. Figure 1-5 illustrates the principles of a software digital signature.
Issue 01 (2017-08-31)
Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
1Overview
11
Advertisement
Table of Contents
