TR 33.700-28
Study on Security aspects of Satellite access
V18.0.0 (Wzip)
2023/06 9 p.
- Rapporteur:
- Ms. Lu, Wei
Xiaomi Technology
Content for TR 33.700-28 Word version: 18.0.0
1 Scope
2 References
3 Definitions of terms, symbols and abbreviations
4 Assumptions
5 Key issues
6 Solutions
7 Conclusions
$ Change history
1 Scope p. 6
The present document investigates the security and privacy aspects of satellite access/NTN. The study is based on the architectural and functional requirements on integration of satellite components in the 5GS/EPS architecture, so as to ensure that the proposed solutions address the security and privacy implications on the architecture enhancements agreed in TR 23.700-28. Specifically, it covers the following:
- The identified security and privacy issues, threats, and potential requirements for protecting the UE in the enhanced 5GS/EPS architecture supporting discontinuous coverage with satellite access;
- The potential solutions addressing the identified security and privacy issues as above.
2 References p. 6
The following documents contain provisions which, through reference in this text, constitute provisions of the present document.
- References are either specific (identified by date of publication, edition number, version number, etc.) or non-specific.
- For a specific reference, subsequent revisions do not apply.
- For a non-specific reference, the latest version applies. In the case of a reference to a 3GPP document (including a GSM document), a non-specific reference implicitly refers to the latest version of that document in the same Release as the present document.
3 Definitions of terms, symbols and abbreviations p. 6
3.1 Terms p. 6
For the purposes of the present document, the terms given in TR 21.905 and the following apply. A term defined in the present document takes precedence over the definition of the same term, if any, in TR 21.905.
3.2 Symbols p. 6
Void
3.3 Abbreviations p. 7
4 Assumptions p. 7
Discontinuous satellite coverage for satellite access in the context of this study is characterized by the fact that Uu interface is available for the UE less than 100% of the time, due to predictable patterns of satellite coverage.
According to TR 23.700-28, the work on satellite access focuses on further 5GC/EPC enhancements to support discontinuous satellite access, which mainly aim for mobility enhancement and power saving optimizations. Therefore, security solutions should be applicable to both 5GS and EPS while minimizing the impact on 5GS and EPS protocols, and not adversely affect mobility enhancement and power saving optimizations.
5 Key issues p. 7
5.1 Key issue #1: Protection of satellite coverage information received by 5GC/EPC p. 7
5.1.1 Key issue details p. 7
To support mobility enhancement and power saving optimization, multiple solutions were documented in TR 23.700-28, which require 5GC/EPC to move the UE into CM-IDLE state and provide power saving parameters or mobility management parameters properly, when the UE is about to leave satellite coverage. This requires that satellite coverage availability information in the affected area to be made aware of by 5GC/EPC. According to the conclusions in TR 23.700-28 and normative work in 23.501 [4], such satellite coverage availability information could be received by 5GC/EPC from different potential sources, e.g. the OAM, the AF/external server (e.g. Coverage Map Server). While the sources like the OAM could be trusted, the sources like the AF/external server may not always be trusted.
5.1.2 Threats p. 7
If 5GC/EPC receives falsified or tampered satellite coverage availability information, the 5GC/EPC may be misled to put a CM-CONNECTED UE into CM-IDLE state when the UE is still in satellite coverage, leading to service interruption; or the 5GC/EPC may be misled to provide inappropriate mobility management parameters and/or power saving parameters to the UE, which fails the optimization of power consumption. Both cases are a type of DoS attack on the UE.
If an AF is not authorized to provide satellite coverage availability information in the affected area, the 5GC/EPC may also suffer from the above threat.
5.1.3 Potential security requirements p. 7
The 5GS/EPS shall provide a means to ensure that the AF/external server is authorized to provide satellite coverage availability information to 5GC/EPC.
6 Solutions p. 8
6.1 Solution #1: AF authorization for providing satellite coverage information in 5GS p. 8
6.1.1 Introduction p. 8
This solution addresses the requirement in Key Issue #1 "The 5GS/EPS shall provide a means to ensure that the AF is authorized to provide satellite coverage availability information to 5GC/EPC".
6.1.2 Solution details p. 8
It is proposed that the AF providing satellite coverage information is authorized using one of the following methods:
- Based on local NEF configuration on authorization.
- OAuth token-based authorization by the NEF as defined in clause 12.4 of TS 33.501 is reused.
- If the CAPIF is supported by the NEF, the authorization mechanism defined in clause 12.5 of TS 33.501 is reused.
6.1.3 Evaluation p. 8
The solution is based on either the local configuration on authorization in the NEF or the existing OAuth token-based authorization mechanisms supported by the AF and NEF. Hence it has no impact on the existing system.
The solution only applies to 5GS.
7 Conclusions p. 8
7.1 Conclusion on Key Issue #1 p. 8
For key issue #1 on protection of satellite coverage information received by the 5GC/EPC, satellite coverage information is provisioned to the AMF by O&M only. Hence no normative work is needed on AF authorization.
$ Change history p. 9
