Tech-invite3GPPspaceIETFspace
21222324252627282931323334353637384‑5x
Top   in Index   Prev   Next

TR 33.893
Study on Security aspects of Ranging-based services and Sidelink Positioning

3GPP‑Page  
V18.0.1 (Wzip)  2023/06  97 p.
Rapporteur:
Ms. Lu, Wei
Xiaomi Technology

full Table of Contents for  TR 33.893  Word version:  18.0.1

Here   Top
1 Scope2 References3 Definitions of terms, symbols and abbreviations4 Architecture assumptions5 Key issues6 Solutions7 Conclusions$ Change history

 

1  Scopep. 9

The present document investigates the security and privacy aspects of Ranging based services and sidelink positioning in 5G system. The study is based on the architectural and functional requirements on Ranging based services and sidelink positioning services, so as to ensure that the proposed solutions address the security and privacy implications on the architecture enhancements studied in TR 23.700-86. Specifically, it covers the following:
  • The identified security and privacy issues, threats, and potential requirements for Ranging based services and sidelink positioning.
  • The gap analysis in security and privacy issues between Ranging based services and ProSe/V2X applications.
  • The potential solutions addressing the security and privacy issues specific to Ranging based services and sidelink positioning.
Up

2  Referencesp. 9

3  Definitions of terms, symbols and abbreviationsp. 10

3.1  Termsp. 10

3.2  Symbolsp. 10

3.3  Abbreviationsp. 10

4  Architecture assumptionsp. 10

4.1  Reference architecturep. 10

4.2  Reference pointsp. 11

5  Key issuesp. 11

5.1  Key issue #1: Privacy protection for Ranging/SL Positioning servicesp. 11

5.1.1  Key issue detailsp. 11

5.1.2  Security threatsp. 12

5.1.3  Potential security requirementsp. 12

5.2  Key Issue #2: Authorization for Ranging/Sidelink Positioning Servicep. 12

5.2.1  Key issue detailsp. 12

5.2.2  Security threatsp. 13

5.2.3  Potential security requirementsp. 13

5.3  Key issue #3: Protection of discovery procedurep. 13

5.3.1  Key issue detailsp. 13

5.3.2  Security threatsp. 13

5.3.3  Potential security requirementsp. 14

5.4  Key issue #4: Protection of unicast direct communicationp. 14

5.4.1  Key issue detailsp. 14

5.4.2  Security threatsp. 14

5.4.3  Potential security requirementsp. 15

5.5  Key issue #5: Protection of groupcast/broadcastp. 15

5.5.1  Key issue detailsp. 15

5.5.2  Security threatsp. 15

5.5.3  Potential security requirementsp. 15

6  Solutionsp. 16

6.0  Mapping of solutions to key issuesp. 16

6.1  Solution #1: Privacy protection for UEs in Rangingp. 17

6.1.1  Introductionp. 17

6.1.2  Solution detailsp. 17

6.1.3  Evaluationp. 18

6.2  Solution #2: Authorization of 5GC NF for Ranging/SL positioning service exposurep. 18

6.2.1  Introductionp. 18

6.2.2  Solution detailsp. 18

6.2.3  Evaluationp. 20

6.3  Solution #3: Authorization of Application Server for Ranging/SL positioning service exposurep. 20

6.3.1  Introductionp. 20

6.3.2  Solution detailsp. 20

6.3.3  Evaluationp. 22

6.4  Solution #4: Subscription-based authorization of the role of the UE during discoveryp. 23

6.4.1  Introductionp. 23

6.4.2  Solution detailsp. 23

6.4.3  Evaluationp. 27

6.5  Solution #5: Use of authorization tokens at PC5 security establishmentp. 28

6.5.1  Introductionp. 28

6.5.2  Solution detailsp. 28

6.5.2.1  Token based authorization for scenario of SL positioning servicesp. 28

6.5.2.1.1  Security for network assisted Sidelink Positioning with full network coveragep. 28
6.5.2.1.2  Security for network assisted Sidelink Positioning with partial network coveragep. 29

6.5.2.2  Token based authorization for scenario of Ranging servicesp. 30

6.5.2.2.1  Security for Ranging procedure between Reference UE and Target UEp. 30
6.5.2.2.2  Security for Ranging procedure between Reference UE/Target UE and Assistant UEp. 31

6.5.3  Evaluationp. 33

6.6  Solution #6: Protection of direct communication for Sidelink Positioning servicep. 33

6.6.1  Introductionp. 33

6.6.2  Solution detailsp. 33

6.6.3  Evaluationp. 35

6.7  Solution #7: Security policy based protection for Ranging/SL positioning service operationp. 35

6.7.1  Introductionp. 35

6.7.2  Solution detailsp. 36

6.7.3  Evaluationp. 36

6.8  Solution #8: Security policy based protection for ranging result sent to SL Positioning Client UEp. 37

6.8.1  Introductionp. 37

6.8.2  Solution detailsp. 37

6.8.2.1  Security policy configuration for ranging result sent via PC5p. 37

6.8.2.2  Security policy configuration for ranging result sent via 5GCp. 38

6.8.3  Evaluationp. 38

6.9  Solution #9: Ranging/SL Positioning discovery and link establishment procedure for V2X capable UEsp. 39

6.9.1  Introductionp. 39

6.9.2  Solution detailsp. 40

6.9.2.1  Security for direct discovery and communication for V2X capable UEsp. 40

6.9.2.2  Security for Assistant UE discovery and communication for V2X capable UEsp. 42

6.9.3  Evaluationp. 44

6.10  Solution #10: Use of authorization tokens after PC5 security establishmentp. 44

6.10.1  Introductionp. 44

6.10.2  Solution detailsp. 45

6.10.3  Evaluationp. 46

6.11  Solution #11: Client UE authorization for service exposure through sidelinkp. 46

6.11.1  Introductionp. 46

6.11.2  Solution detailsp. 46

6.11.2.1  Authorization of SL Positioning Client UE during direct link establishmentp. 46

6.11.2.2  Authorization of SL Positioning Client UE after direct link establishmentp. 48

6.11.2.3  Authorization of SL Positioning Client UE during direct discoveryp. 49

6.11.3  Evaluationp. 51

6.12  Solution #12: Ranging/SL Positioning discovery security for 5G ProSe capable UEsp. 52

6.12.1  Introductionp. 52

6.12.2  Solution detailsp. 52

6.12.3  Evaluationp. 52

6.13  Solution #13: Security of Ranging unicast communicationp. 52

6.13.1  Introductionp. 52

6.13.2  Solution detailsp. 52

6.13.3  Evaluationp. 53

6.14  Solution #14: Direct communication security for Ranging-based servicesp. 53

6.14.1  Introductionp. 53

6.14.2  Solution detailsp. 53

6.14.3  Evaluationp. 53

6.15  Solution #15: Protection of information over group communication for Ranging/SL Positioning servicep. 54

6.15.1  Introductionp. 54

6.15.2  Solution detailsp. 55

6.15.2.1  Security flowsp. 55

6.15.2.2  Protection of messages between UEsp. 56

6.15.2.2.1  Message processing in the sending UEp. 56
6.15.2.2.2  Protected message processing in the receiving UEp. 57

6.15.3  Evaluationp. 57

6.16  Solution #16: Privacy protection of Located UE during its discovery and selectionp. 57

6.16.1  Introductionp. 57

6.16.2  Solution detailsp. 57

6.16.3  Evaluationp. 60

6.17  Solution #17: Client UE authorization for service exposure through 5GC networkp. 60

6.17.1  Introductionp. 60

6.17.2  Solution detailsp. 61

6.17.3  Evaluationp. 62

6.18  Solution #18: Client UE authorization by 5GC for service exposure through PC5p. 62

6.18.1  Introductionp. 62

6.18.2  Solution detailsp. 63

6.18.2.0  Generalp. 63

6.18.2.1  Authorization of SL Positioning Client UE during direct link establishmentp. 63

6.18.2.2  Authorization of SL Positioning Client UE during Ranging/SL positioning procedurep. 64

6.18.3  Evaluationp. 65

6.19  Solution #19: Protecting Ranging/SL Positioning discovery out of network coveragep. 66

6.19.1  Introductionp. 66

6.19.2  Solution detailsp. 67

6.19.3  Evaluationp. 69

6.20  Solution #20: Secure groupcast/broadcast of SL positioning datap. 69

6.20.1  Introductionp. 69

6.20.2  Solution detailsp. 69

6.20.3  Evaluationp. 70

6.21  Solution #21: Security of ranging/SL positioning groupcast communicationp. 70

6.21.1  Introductionp. 70

6.21.2  Solution detailsp. 70

6.21.3  Evaluationp. 71

6.22  Solution #22: Protection of broadcast Sidelink Positioning data in coverage scenariop. 71

6.22.1  Introductionp. 71

6.22.2  Solution detailsp. 71

6.22.3  Evaluationp. 73

6.23  Solution #23: Provisioning groupcast/broadcast protection key out of coveragep. 73

6.23.1  Introductionp. 73

6.23.2  Solution detailsp. 73

6.23.3  Evaluationp. 76

6.24  Solution #24: Protecting groupcast/broadcast messagesp. 76

6.24.1  Introductionp. 76

6.24.2  Solution detailsp. 77

6.24.2.1  Protecting groupcast messagep. 77

6.24.2.1.1  Groupcast security key hierarchyp. 77
6.24.2.1.2  Groupcast securityp. 77

6.24.2.2  Protecting broadcast messagep. 78

6.24.2.2.1  Broadcast security key hierarchyp. 78
6.24.2.2.2  Broadcast securityp. 78

6.24.3  Evaluationp. 79

6.25  Solution #25: Protection for groupcast of SLPP signallingp. 79

6.25.1  Introductionp. 79

6.25.2  Solution detailsp. 79

6.25.2.1  Generalp. 79

6.25.2.2  Key provisioning for SLPP signalling groupcastp. 80

6.25.2.3  SLPP signaling protection and verificationp. 81

6.25.3  Evaluationp. 82

6.26  Solution #26: Protection of SLPP broadcast based on central key management functionp. 82

6.26.1  Introductionp. 82

6.26.2  Solution detailsp. 82

6.26.2.1  Generalp. 82

6.26.2.2  Key provisioning via the PCFp. 83

6.26.2.3  Key provisioning via the LMFp. 84

6.26.3  Evaluationp. 86

6.27  Solution #27: Protection of broadcast communicationp. 86

6.27.1  Introductionp. 86

6.27.2  Solution detailsp. 87

6.27.3  Solution Evaluationp. 89

6.28  Solution #28: Protection of broadcast communicationp. 89

6.28.1  Introductionp. 89

6.28.2  Solution detailsp. 89

6.28.3  Evaluationp. 91

6.29  Solution #29: Discovery security material and SL session root key provisioning for Ranging/SL positioning UE discoveryp. 92

6.29.1  Introductionp. 92

6.29.2  Solution detailsp. 92

6.29.3  Evaluationp. 94

7  Conclusionsp. 94

7.1  Conclusions on Key Issue #1p. 94

7.2  Conclusions on Key Issue #2p. 95

7.3  Conclusions on Key Issue #3p. 95

7.4  Conclusions on Key Issue #4p. 95

$  Change historyp. 97

Up   Top