Content for  TS 33.163  Word version:  18.0.0

To use the BEST service, the UE shall setup a PDN connection (EPS) or PDU Session (5GS) to connect to the HSE. The UE may either use a locally stored IP address to locate the HSE or use a "BEST APN" (EPS) or "BEST DNN" (5GS) where the traffic is directed by the PDN Gateway (EPS) or UPF (5GS) to the correct HSE for that UE. Once a connection to the HSE exists, the UE may initiate the BEST service. It is up to the UE as to when it establishes the PDN connection (EPS) or PDU session (5GS) that is used for BEST control plane and user plane messages. The BEST service consists of 5 general processes between the UE and the HSE: session initiation and key agreement, key management, data transfer, session termination, and message rejection. The details of the End to Middle Secure Data Protocol (EMSDP) used for the BEST control plane service and optionally for user plane security service, is detailed in clause 6. When BEST user plane (UP) security services are used, UP data plane messages are between the UE and the HSE in UE to HSE security mode, and between the UE and the EAS in UE to EAS security mode.

The UE shall initiate a BEST session using the EMSDP Session Request message following the establishment of the PDN connection (EPS) or PDU Session (5GS). To optimise the message flow for battery constrained devices, the EMSDP Session Response is combined with Session Key Agreement. The EMSDP Session Request message shall include the UE Identity, BEST capabilities of the UE (i.e. BEST UE configuration), the UE serving network (conditionally, cf. clause 6.2.6.1.5) and details of the enterprise service including the Enterprise server Id (EAS Id) that the BEST service is being used for. The BEST capabilities of the UE includes the BEST release supported by the UE and it also includes the BEST key agreement(s) that are supported (e.g. UMTS, EPS, 5G, etc.). The EMSDP Session Start message shall include the information needed for a key agreement of the BEST keys, the BEST service parameters (i.e. BEST Service configuration), and a checksum validating the previous EMSDP Session Request message. The BEST service parameters include an indication of the BEST key agreement selected by the HSE. The HSE shall determine the parameters for the BEST service. The HSE may use the location information provided by the UE to determine whether aspects of the BEST service, such as cyphering, can be used in that location. The UE may request that the BEST user plane is confidentiality protected in the EMSDP Session Request message, in this case the HSE should take this information into account to decide whether to activate the user plane confidential service for the UE. As a result of the key agreement exchange the UE and HSE shall derive the UE-to-HSE keys. In case of UE-to-EAS security mode and in case of Key agreement only service, the UE and HSE shall also derive the intermediate key and the EAS PSK. To optimise the BEST service for battery constrained devices, confirmation of the BEST session start is not required. The UE sending a UP message to the HSE or EAS is by itself is an implied confirmation. However, if the BEST service is being used for key agreement only, the HSE shall require the UE to send EMSDP Session Start Confirmation by setting the indicator in the EMSDP Session Start message.

At any time during the BEST session, either the UE or the HSE may trigger a re-negotiation of the keys being used for the BEST service using the EMSDP Manage Keys Request and Response exchange. To avoid overloading of the HSE and the HSS, the HSE may throttle or not support UE triggered key renegotiation. The newly generated keys take effect immediately for EMSDP based BEST UP services. For procedures when BEST Key management service is used to provide a pre-shared key to the application layer protocol, refer clause 4.4.4 for additional details.

At any time, either the UE or the HSE may terminate the current BEST session using the EMSDP Session Termination Request and Response message exchange. Once terminated, all relevant keys and IDs shall be discarded and both the UE and HSE shall ignore further messages using that session ID, unless a session with that ID is re-established using the session initiation process.

Either the UE or the HSE may at any time respond with a EMSDP Message Reject message, upon which the recipient shall discard all relevant keys and IDs of the session, and both the UE and HSE shall ignore further messages using that session ID. The EMSDP Message Reject is also used when the HSE needs to prompt a UE to initiate a new session using the Session Start message. For example, if it receives a UP packet from the UE on a BEST session for which it aged out the context.

The message exchanges between the HSE and the EAS are essentially a mirror of the ones between the UE and the HSE. All BEST control plane messages are terminated or initiated by the HSE. When BEST user plane security services are used in UE-to-EAS mode, the user plane security is end-to-end between the UE and the EAS.

As a prerequisite to using BEST service, the EAS shall register with the HSE over a secure connection by providing its identity (Enterprise server Id). This results in a session context to be established in the HSE for the registered EAS. A secure connection is established between the HSE and the EAS as part of the management of the BEST service between the Enterprise and the HSE, cf clause 7.1. NOTE: The procedures for establishing up a secure connection and EAS registration with the HSE are out of scope of this TS.

During the Key agreement procedure, described in clause 4.3.2, HSE may forward the derived key to the EAS in the EAS Session Request message. When BEST is used for Key agreement only or when BEST UP service is used in UE-to-EAS mode, the HSE shall forward the pre-shared key (KEAS_PSK) that is specifically derived for the enterprise as defined by key definition rules in clause 5.1.2. It also includes the Intermediate Key Id in this message. The EAS shall respond with the EAS Session Start message. When BEST is used for Key agreement only, the EAS may initiate a Key Request by sending the EAS Session Request message. The UE includes Intermediate Key Id needed to identify the UE-specific Intermediate key and the associated EAS specific pre-shared key in the HSE. The EAS obtains the key identifier from the UE during application layer session establishment. The HSE shall respond with the pre-shared key (KEAS_PSK).

At any time during the BEST session, either the UE or the HSE or the EAS may trigger a re-negotiation of the keys being used for the BEST service. It is optional for the HSE to support UE initiated key refresh, which it signals to the UE in the Session Start message. If not supporting it, an HSE will ignore UE triggered key refresh messages.The UE and the HSE triggered re-negotiation is described in clause 4.3.3. For UE-to-EAS mode BEST UP service and BEST Key agreement only service, the newly derived pre-shared key (EAS PSK) may be sent by the HSE to the EAS. This is further described in clause 6.2.7.2. The EAS-triggered re-negotiation of keys applies to BEST UP Service in UE-to-EAS mode. The trigger for generating new keys is appropriately propagated to the UE using EMSDP Manage Keys Request. The EAS is provided with newly derived EAS PSK from the HSE. For BEST key-agreement only service, there is no provision for the application layer to trigger generation of the new EAS PSK. The application layer continues to use the existing pre-shared key to generate fresh session keys for consecutive instances of the protocol. When a new EAS PSK is generated in the HSE, the application layer obtains it either via an update from the HSE or when the EAS contacts the HSE again when a new application layer session is set up.

At any time, any of the BEST functions, the UE or the EAS or the HSE may terminate the current BEST session using the BEST or EAS Session Termination Request and Response message exchange. The session terminate request shall be applied to all the involved functions for a given session. Once terminated, all relevant keys and IDs shall be discarded and the UE, the EAS and HSE shall ignore further messages using that session ID, unless a session with that ID is re-established using the session initiation process.

The UE or the EAS or the HSE may at any time trigger a EAS Message Reject message, upon which the recipient shall discard all relevant keys and IDs of the session, and the UE, the EAS and HSE shall ignore further messages using that session ID.