There are no NWDAF-specific additions to
clause 4.2.3.2.1 of TS 33.117.
There are no NWDAF-specific additions to
clause 4.2.3.2.2 of TS 33.117.
There are no NWDAF-specific additions to
clause 4.2.3.2.3 of TS 33.117.
There are no NWDAF-specific additions to
clause 4.2.3.2.4 of TS 33.117.
There are no NWDAF-specific additions to
clause 4.2.3.2.5 of TS 33.117.
Requirement Name:
Data masking on integration analysis about personal data
Requirement Reference:
Requirement Description:
NWDAF can collect data from UE, NF, OAM, etc. used for analytics. Personal data of the UE's user are involved also. When NWDAF uses such personal data in analytics with other information together, such data correlation operation could bind more personal information with the user's identity. Thus, privacy information about that specific user could be revealed to the person who is allowed to operate data correlation for analytics but not allowed to know the privacy information as the result of data correlation. Therefore, applicable measures (e.g. data masking) shall be applied to mitigate such privacy violation risk.
Threat References:
Test case:
Test Name:
Purpose:
Verify that no privacy information of operators' users is revealed to the party who is not allowed to have.
Pre-Condition:
The vendor shall provide the documentation describing how to create an account for accessing the analytics results.
Privacy information list (should be specified based on local policy, regulation and others).
Execution Steps:
-
Review the documentation provided by the vendor describing how to create the account for accessing the analytics results provided by the NWDAF.
-
The tester creates the account, and retrieves the analytics results from the NWDAF using the account.
Expected Results:
The tester can create the account, and the account does not reveal subscriber permanent identifier.
Expected format of evidence:
Evidence suitable for the interface, e.g. screenshot containing the results.