Enhancing User Identity Privacy in LTE

Identity privacy is a security issue that is crucial for the users of a cellular network. Knowledge of the permanent identity of a user may allow an adversary to track and amass comprehensive profiles about individuals. Such profiling may expose an individual to various kind of unanticipated risks, and above all may deprive an individual of his right to privacy. With the introduction of sensitive services like online banking, shopping, etc. through cellular phones, identity privacy has now become a bigger security issue. In GSM and UMTS, the problem of user identity privacy vulnerability is proven to exist. In both these systems, there are situations where the permanent identity of a subscriber may get compromised. Long Term Evolution (LTE), which evolved from GSM and UMTS, is proposed by 3GPP for inclusion into the fourth generation of cellular networks. Although security of LTE has evolved from the security of GSM and UMTS, due to different architectural and business requirements of fourth generation systems, LTE security is substantially different and improved compared to its predecessors. However, the issue of identity privacy vulnerability continue to exist in LTE. In this paper, we discuss how the security architecture of LTE deals with identity privacy. We also discuss a possible solution that may be utilised to overcome the problem of user identity privacy in LTE.