Tech-invite3GPPspaceIETFspace
21222324252627282931323334353637384‑5x
Top   in Index   Prev   Next

TR 33.882
Study on Personal IoT Networks Security aspects

3GPP‑Page  
V18.0.1 (Wzip)  2023/06  26 p.
Rapporteur:
Mr. Xie, Zhenhua
vivo Mobile Communication Co.,

full Table of Contents for  TR 33.882  Word version:  18.0.1

Here   Top
1 Scope2 References3 Definitions of terms and abbreviations4 Assumptions5 Key issues6 Proposed solutions7 Conclusions$ Change history

 

1  Scopep. 7

The present document studies how 5G security architecture and procedures can be enhanced to support Personal IoT Network. The aim of the present document is to study the security aspects of Personal IoT Networks for any potential enhancements in alignment with the outcome of SA2 study in TR 23.700-88. The study will look at the following aspects, performing gap analysis where necessary:
  1. Study potential security enhancements for authentications required to secure Personal IoT Networks.
  2. Study the security protection and access control for communications required to secure Personal IoT Networks.
  3. Study the security enhancements for privacy required to secure Personal IoT Networks.
  4. Other security aspects for any potential enhancements in alignment with the outcome of SA2 study in TR 23.700-88.
Up

2  Referencesp. 7

3  Definitions of terms and abbreviationsp. 7

3.1  Termsp. 7

3.2  Abbreviationsp. 8

4  Assumptionsp. 8

5  Key issuesp. 8

5.1  Key Issue #1: Authentication and authorization for PINEp. 8

5.1.1  Key issue detailsp. 8

5.1.2  Security threatsp. 8

5.1.3  Potential security requirementsp. 8

5.2  Key Issue #2: Authorization of PIN capabilitiesp. 9

5.2.1  Key issue detailsp. 9

5.2.2  Security threatsp. 9

5.2.3  Potential security requirementsp. 9

6  Proposed solutionsp. 9

6.1  Mapping of solutions to key issuesp. 9

6.2  Solution #1: PINE authentication and authorizationp. 10

6.2.1  Introductionp. 10

6.2.2  Solution detailsp. 10

6.2.3  Evaluationp. 11

6.3  Solution #2: PINE authentication by AAA over 5G CPp. 11

6.3.1  Introductionp. 11

6.3.2  Solution detailsp. 11

6.3.3  Evaluationp. 12

6.4  Solution #3: Authentication for PIN elements involving SMFp. 12

6.4.1  Introductionp. 12

6.4.2  Solution detailsp. 13

6.4.3  Evaluationp. 14

6.5  Solution #4: PEGC/PEMC and PINE Authentication and Authorizationp. 14

6.5.1  Introductionp. 14

6.5.2  Solution detailsp. 15

6.5.2.1  Generalp. 15

6.5.2.2  PEGC/PEMC authentication and/or authorization procedurep. 15

6.5.2.3  PINE authentication and/or authorization procedurep. 16

6.5.3  Evaluationp. 16

6.6  Solution #5: EAP-based PINE authenticationp. 17

6.6.1  Introductionp. 17

6.6.2  Solution detailsp. 17

6.6.3  Evaluationp. 18

6.7  Solution #6: Authorization on AF manipulating PINp. 18

6.7.1  Introductionp. 18

6.7.2  Solution detailsp. 18

6.7.3  Evaluationp. 18

6.8  Solution #7: Authentication and Authorization of PINE Elementsp. 19

6.8.1  Introductionp. 19

6.8.2  Solution detailsp. 19

6.8.3  Evaluationp. 20

6.9  Solution #8: AF authorization in PIN scenariosp. 20

6.9.1  Introductionp. 20

6.9.2  Solution detailsp. 20

6.9.3  Evaluationp. 20

6.10  Solution #9: PIN AF authorization for accessing the UDRp. 21

6.10.1  Introductionp. 21

6.10.2  Solution detailsp. 21

6.10.3  Evaluationp. 21

6.11  Solution #10: Local Authentication and Authorization of PINEp. 21

6.11.1  Introductionp. 21

6.11.2  Solution detailsp. 21

6.11.2.1  Architecturep. 21

6.11.2.2  Proceduresp. 23

6.11.3  Evaluationp. 24

6.12  Solution #11: UDM based AF authorization mechanism for PIN scenariosp. 24

6.12.1  Introductionp. 24

6.12.2  Solution detailsp. 24

6.12.3  Evaluationp. 24

7  Conclusionsp. 25

7.1  Conclusions for KI#1p. 25

$  Change historyp. 26

Up   Top