Application Security - Huawei eA680-950 User Manual

eA680-950 LTE DAU
User Guide

HTTPS
For the eA680-950, the OM TCP applications can use SSL. HTTP over SSL is generally
called HTTPS. HTTPS is used for connections between the NMS/WebUI and eA380. SSL
also uses the digital certificate mechanism.
HTTPS provides secure HTTP channels. HTTPS is HTTP to which SSL is added, and SSL
ensures the security of HTTPS.

1.6.2 Application Security

eA680-950 application security includes wireless security and OM security.
Wireless Security
eA680-950 wireless security includes authentication, air-interface data encryption, and
integrity protection.
OM Security
OM security includes user authentication, access control, OM system security, and software
digital signature.
User Authentication and Access Control
User authentication and access control are implemented for users to be served by the eA380.
The objective of authentication is to identify users and grant the users with proper permission.
The objective of access control is to specify and restrict the operations to be performed and
the resources to be accessed by the users.
OM System Security
OM system security includes software integrity check.
In the original procedure for releasing and using the software, the software integrity is ensured
by using cyclic redundancy check (CRC). CRC can only prevent data loss during
transmissions. If data is tampered with during transmissions, a forged CRC value will be
regarded as valid by the CRC. Therefore, the receive end cannot rely on the CRC to ensure
the consistency between the received data and the original data, adversely affecting the
reliability and security for the software.
Software integrity protection implements the Hash algorithm or adds a digital signature to
software (including mediation layers and configuration files) when releasing software, and
then uploads software to the target server or device. When a target device downloads, loads,
or runs software, the target device performs the Hash check or authenticates the digital
signature. By doing so, software integrity protection ensures end-to-end software reliability
and integrity.
Software integrity protection helps detect viruses or malicious tampering in a timely manner,
preventing insecure or virus-infected software from running on the device.
Digital Signature of Software
Issue 01 (2017-03-03)
Data integrity
Any tampering on data during transmission can be detected. SSL establishes a secure
channel between the client and the server so that all the SSL data can reach the
destination intact.
Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
1 Overview
8