Tech-invite3GPPspaceIETFspace
21222324252627282931323334353637384‑5x
Top   in Index   Prev   Next

TR 33.738
Study on Security aspects of Enablers for
Network Automation for the 5G System
Phase 3

3GPP‑Page  
V18.1.0 (Wzip)  2023/09  68 p.
Rapporteur:
Mr. Liu, Chang
China Mobile Com. Corporation

full Table of Contents for  TR 33.738  Word version:  18.1.0

Here   Top
1 Scope2 References3 Definitions of terms, symbols and abbreviations4 Overview5 Key issues6 Solutions7 Conclusions$ Change history

 

1  Scopep. 8

The present document studies the security aspects of enablers for network automation for the 5G system based on the outcome of TR 23.700-81. More specifically, the present document will identify security issues and requirements and provide corresponding security solutions related to the following scenarios:
  • Security aspects of potential architecture enhancement: roaming, supporting federated learning, interaction between NWDAF and MDAS/MDAF, etc.
  • Handling of sensitive information inherent to application detection, roaming and location information.
  • KIs from R17 which do not have enough time to proceed, e.g. NWDAF detection related issues.
  • Any further security enhancements which need to be studied based upon the ongoing SA2 eNA Phase 3 work
Up

2  Referencesp. 8

3  Definitions of terms, symbols and abbreviationsp. 8

3.1  Termsp. 8

3.2  Symbolsp. 9

3.3  Abbreviationsp. 9

4  Overviewp. 9

5  Key issuesp. 9

5.1  Key Issue #1: Protection of data and analytics exchange in roaming casep. 9

5.1.1  Key issue detailsp. 9

5.1.2  Security threatsp. 9

5.1.3  Potential security requirementsp. 10

5.2  Key Issue #2: Authorization of selection of participant NWDAF instances in the Federated Learning groupp. 10

5.2.1  Key issue detailsp. 10

5.2.2  Security threatsp. 10

5.2.3  Potential security requirementsp. 10

5.3  Key Issue #3: Security for AI/ML model storage and sharingp. 11

5.3.1  Issue detailsp. 11

5.3.2  Security Threatsp. 11

5.3.3  Potential security requirementsp. 11

5.4  Key Issue #4: Anomalous NF behaviour detection by NWDAFp. 11

5.4.1  Issue detailsp. 11

5.4.2  Security Threatsp. 12

5.4.3  Potential security requirementsp. 12

5.5  Key Issue #5: KI on Security for NWDAF-assisted application detectionp. 12

5.5.1  Key issue detailsp. 12

5.5.2  Security threatsp. 12

5.5.3  Potential security requirementsp. 12

5.6  Key Issue #6: Key issues on Cyber-attack detectionp. 13

5.6.1  Key Issue Detailsp. 13

5.6.2  Security Threatsp. 13

5.6.3  Potential Security Requirementsp. 13

6  Solutionsp. 13

6.0  Mapping Solutions to Key Issuesp. 14

6.1  Solution #1: Authorization of AI/ML model retrievingp. 14

6.1.1  Introductionp. 14

6.1.2  Solution detailsp. 14

6.1.2.1  Authorization of AI/ML model retrieving from NWDAFp. 14

6.1.2.2  Authorization of AI/ML model retrieving from ADRFp. 14

6.1.3  Evaluationp. 15

6.2  Solution #2: Authorization and Authentication of ML model transferp. 15

6.2.1  Introductionp. 15

6.2.2  Solution Detailsp. 15

6.2.3  Evaluationp. 17

6.3  Solution #3: AI/ML model authorization and retrievalp. 17

6.3.1  Introductionp. 17

6.3.2  Solution detailsp. 17

6.3.3  Evaluationp. 19

6.4  Solution #4: AI/ML model storage and sharing securityp. 20

6.4.1  Introductionp. 20

6.4.2  Solution detailsp. 20

6.4.3  Evaluationp. 23

6.5Void

6.6  Solution #6: Anomalous NF behaviour detection by NWDAFp. 23

6.6.1  Introductionp. 23

6.6.2  Solution detailsp. 24

6.6.2.1  Generalp. 24

6.6.2.2  Collection of security related log data of NFs via NFs EventExposure APIsp. 24

6.6.2.3  Collection of security related log data of NFs via OAMp. 25

6.6.3  Evaluationp. 28

6.7  Solution #7: Secured and authorized AI/ML model transfer and retrievalp. 29

6.7.1  Introductionp. 29

6.7.2  Solution detailsp. 29

6.7.3  Evaluationp. 31

6.8  Solution #8: Protection of data and analytics exchange in roaming casep. 32

6.8.1  Introductionp. 32

6.8.2  Solution detailsp. 32

6.8.3  Evaluationp. 34

6.9  Solution #9: Anomalous NF behaviour event related data collection and anomalous NF detectionp. 34

6.9.1  Introductionp. 34

6.9.2  Solution detailsp. 34

6.9.3  Evaluationp. 37

6.10  Solution #10: Authorization of AI/ML model sharing between different vendors and usage of one-time URLsp. 37

6.10.1  Introductionp. 37

6.10.2  Solution detailsp. 38

6.10.3  Evaluationp. 40

6.11  Solution #11: Secured and authorized AI/ML model sharing between different vendorsp. 40

6.11.1  Introductionp. 40

6.11.2  Solution detailsp. 40

6.11.3  Evaluationp. 43

6.12  Solution #12: Secured and authorized AI/ML model sharing between different vendorsp. 43

6.12.1  Introductionp. 43

6.12.2  Solution detailsp. 43

6.12.3  Evaluationp. 45

6.13  Solution #13: Support authorization of AI/ML model sharing By NWDAF containing MTLFp. 45

6.13.1  Introductionp. 45

6.13.2  Solution detailsp. 46

6.13.3  Evaluationp. 48

6.14  Solution #14: Protection of data and analytics exchange in roaming case using Secure Multi-party Computationp. 48

6.14.1  Introductionp. 48

6.14.2  Solution detailsp. 48

6.14.2.1  Data Privacy Computing Function DPCFp. 48

6.14.2.2  Data collection protection architecture based on Secure Multi-party Computationp. 49

6.14.3  Evaluationp. 50

6.15  Solution #15: Authorization of selection of participant NWDAF instances in the FL groupp. 50

6.15.1  Introductionp. 50

6.15.2  Solution detailsp. 50

6.15.3  Evaluationp. 51

6.16  Solution #16: FL GROUP AUTHORIZATION OF NWDAF(S) IN 5GCp. 51

6.16.1  Introductionp. 51

6.16.2  Solution detailsp. 51

6.16.3  Evaluationp. 53

6.17  Solution #17: Authorization of FL Server and FL Client in FL groupp. 54

6.17.1  Introductionp. 54

6.17.2  Solution detailsp. 54

6.17.3  Evaluationp. 56

6.18  Solution #18: Solution for authorization in FLp. 56

6.18.1  Introductionp. 56

6.18.2  Solution detailsp. 56

6.18.3  Evaluationp. 58

6.19  Solution #19: Access control for user plane datap. 58

6.19.1  Introductionp. 58

6.19.2  Solution detailsp. 58

6.19.3  Evaluationp. 60

6.20  Solution #20: Cyber attack detection using an analytics functionp. 60

6.20.1  Introductionp. 60

6.20.2  Solution detailsp. 60

6.20.3  Evaluationp. 63

6.21  Solution #21: Authorization of data and analytics exchange in roaming casep. 63

6.21.1  Introductionp. 63

6.21.2  Solution detailsp. 64

6.21.3  Evaluationp. 65

7  Conclusionsp. 65

7.1  Conclusion on Key Issue #1 "Protection of data and analytics exchange in roaming case"p. 65

7.2  Conclusion on Key Issue #2 "Authorization of selection of participant NWDAF instances in the Federated Learning group"p. 65

7.3  Conclusion on Key Issue #3 "Security for AI/ML model storage and sharing"p. 66

7.4  Conclusion on Key Issue #4 " Anomalous NF behaviour detection by NWDAF "p. 66

7.5  Conclusion on Key Issue #5 "Security for NWDAF-assisted application detection"p. 66

7.6  Conclusion on Key Issue #6 "Key issues on Cyber-attack detection"p. 67

$  Change historyp. 68

Up   Top