标准编号:	GB/T 45279.2-2025
中文名称:	IPv4/IPv6网络安全防护技术规范 第2部分：移动通信网
英文名称:	IPv4/IPv6 network security protection technical specifications―Part 2:Mobile communication network
行业分类:	GB    国家标准
发布机构:	国家市场监督管理总局 国家标准化管理委员会
发布日期:	2025-02-28
实施日期:	2025-6-1
标准状态:	valid
翻译语言:	英文
文件格式:	PDF
中文字符数:	64000 字
翻译价格(元):	4480.0
交付时间:	付款后 1~5 个工作日

GB/T 45279.2-2025 IPv4/IPv6 network security protection technical specifications―Part 2:Mobile communication network English, Anglais, Englisch, Inglés, えいご This is a draft translation for reference among interesting stakeholders. The finalized translation passing through draft translation, self-check, revision and verification will be delivered upon being ordered. ICS 33.040.40 CCS L 78 National Standard of the People’s Republic of China GB/T 45279.2-2025 IPv4/IPv6 network security protection technical specifications -Part 2: Mobile communication network IPv4/IPv6网络安全防护技术规范第2部分：动通信网 English Translation Issue date: 2025-02-28 Implementation date: 2025-06-01 Issued by the State Administration for Market Regulation the Standardization Administration of the People's Republic of China Contents Foreword Introduction 1 Scope 2 Normative references 3 Terms and definitions 4 Abbreviation 5 Overall requirements for mobile communication networks 6 Requirements for security protection of mobile communication networks 7 Mobile communication network security protection testing methods Bibliography IPv4/IPv6 network security protection technical specifications - Part 2: Mobile communication network 1 Scope This document specifies the security protection requirements and testing methods for mobile communication networks in IPv4, IPv6, and dual stack environments, including business security, network security, network element equipment and infrastructure security, physical environment security, and management security. This document is applicable to guide and promote the security protection of mobile communication networks that support IPv4/IPv6 protocols. 2 Normative references The following documents contain provisions which, through reference in this text, constitute provisions of this document. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document including any amendments applies. GB/T 22239-201 Information security technology - Baseline for classified protection of cybersecurity GB/T 22240-2020 Information security technology - Classification guide for classified protection of cybersecurity YD/T 3799-2020 Implementation guide for classification and record-keeping of network security protection in telecom network and Internet 3 Terms and definitions For the purpose of this document, the following terms and definitions apply. 3.1 mobile communication network network that provides mobile communication services to public users through wireless access technology 4 Abbreviation The following abbreviations apply to this document. AAA: Authentication, Authorization, and Accounting AKA: Authentication and Key Agreement AMF: Access Management Function AN: Access Network AN-AAA: Access Network-Authentication, Authorization, and Accounting API: Application Programming Interface ARP: Address Resolution Protocol AUSF: Authentication Server Function BG: Border Gateway BGP: Border Gateway Protocol BSF: Binding Support Function BTS: Base Transceiver Station CDMA: Code Division Multiple Access CG: Charging Gateway CPU: Central Processing Unit CSCF: Call Session Control Function CSMF: Communication Service Management Function DDoS: Distributed Denial of Service DMZ: Demilitarized Zone DNS: Domain Name Server EAP: Extensible Authentication Protocol eNB: Evolved Node B EPC: Evolved Packet Core ESP: Encapsulating Security Payload FTP: File Transfer Protocol GGSN: Gateway GPRS Support Node GMSC: Gateway Mobile Switching Center GMSCe: Gateway Mobile Switching Center element gNB: Next Generation Node B GPRS: General Packet Radio Service GSM: Global System for Mobile communications GW-C: Gateway-Control GW-U: Gateway-User HLR: Home Location Register HRPD: High Rate Packet Data HSS: Home Subscriber Sever HSS-FE: Home Subscriber Sever-Front End HSS-BE: Home Subscriber Sever-Back End HTTPS: Hypertext Transfer Protocol Secure IBCF: Interconnection Border Control Function ICMP: Internet Control Message Protocol I-CSCF: Interrogating Call Session Control Function IKE: Internet Key Exchange IMS: IP Multimedia Subsystem IMSI: International Mobile Subscriber Identity I/O: Input/Output IP: Internet Protocol IPSec: Internet Protocol Security IPv4: Internet Protocol Version4 IPv6: InternetProtocolVersion6 ISIM: IP Multimedia Service Identity Module IS-IS: Intermediate System to Intermediate System LTE: Long Term Evolution MS: Mobile Station MSC: Mobile Switch Center MSCe: Mobile Switch Center element MME: Mobility Management Entity NF: Network Functions NFV: Network Functions Virtualization NFVI: Network Functions Virtualization Infrastructure NFVO: Network Functions Virtualization Orchestrator NIA: Network Integrity Algorithm for 5G NRF: Network Repository Function NSA: Non-Standalone NSD: Network Service Descriptor NSMF: Network Slice Management Function NSSF: Network Slice Selection Function NSSMF: Network Slice Subnet Management Function OAM: Operation Administration and Maintenance OMC-R: Operation & Management Center-Radio OSPF: Open Shortest Path First PCF: Packet Control Function PCRF: Policy and Charging Rules Function PCRF-FE: Policy and Charging Rules Function-Front End PCRF-BE: Policy and Charging Rules Function-Back End P-CSCF: Proxy Call Session Control Function PDSN: Packet Data Serving Node RNC: Radio Network Controller RIPng: Routing Information Protocol next generation RRC: Radio Resource Control SAE: Stand Alone Equipment SAE-GW: Stand Alone Equipment-Gateway S-CSCF: Serving Call Session Control Function SDN: Software Defined Network