Tech-invite3GPPspaceIETFspace
21222324252627282931323334353637384‑5x

Content for  TS 33.303  Word version:  18.0.0

Top   Top   None   None   Next
1…   4…   A…
1 Scope2 References3 Definitions and abbreviations3.1 Definitions3.2 Abbreviations
...

 

1  Scopep. 8

The present document specifies the security aspects of the Proximity Services (ProSe) features in EPS.
Based on the common security procedures (clause 5) for
  • interfaces between network entities (using NDS),
  • configuration of ProSe-enabled UEs, and
  • data transfer between the ProSe Function and a ProSe enabled UE (PC3 interface)
    security for the following ProSe features is covered:
  • Open ProSe Direct Discovery in network coverage (clause 6.1);
  • One-to-many ProSe direct communication for ProSe-enabled Public Safety UEs (clause 6.2);
  • EPC-level Discovery of ProSe-enabled UEs (clause 6.3);
  • EPC support for WLAN Direct Discovery and Communication (clause 6.4) ;
  • One-to-one ProSe direct communication for ProSe-enabled Public Safety UEs (clause 6.5);
  • Prose Public Safety Discovery (clause 6.6);
  • Prose UE-to-network relays (clause 6.7);
Up

2  Referencesp. 8

The following documents contain provisions which, through reference in this text, constitute provisions of the present document.
  • References are either specific (identified by date of publication, edition number, version number, etc.) or non-specific.
  • For a specific reference, subsequent revisions do not apply.
  • For a non-specific reference, the latest version applies. In the case of a reference to a 3GPP document (including a GSM document), a non-specific reference implicitly refers to the latest version of that document in the same Release as the present document.
[1]
TR 21.905: "Vocabulary for 3GPP Specifications".
[2]
TS 23.303: "Proximity-based services (ProSe); Stage 2".
[3]
TS 33.210: "3G security; Network Domain Security (NDS); IP network layer security".
[4]
TS 33.310: "Network Domain Security (NDS); Authentication Framework (AF)".
[5]
TS 33.220: "Generic Authentication Architecture (GAA); Generic Bootstrapping Architecture (GBA)".
[6]
ETSI TS 102 225: "Smart Cards; Secured packet structure for UICC based applications".
[7]
ETSI TS 102 226: "Smart cards; Remote APDU structure for UICC based applications".
[8]
TS 31.115: "Secured packet structure for (Universal) Subscriber Identity Module (U)SIM Toolkit applications".
[9]
TS 31.116: "Remote APDU Structure for (U)SIM Toolkit applications ".
[10]  Void.
[11]  Void.
[12]
RFC 6509:  "MIKEY-SAKKE: Sakai-Kasahara Key Encryption in Multimedia Internet KEYing (MIKEY)".
[13]
RFC 3830:  "MIKEY: Multimedia Internet KEYing".
[14]
RFC 6507:  "Elliptic Curve-Based Certificateless Signatures for Identity-Based Encryption (ECCSI)".
[15]
NIST FIPS 186-4: "Digital Signature Standard (DSS)".
[16]
BSI TR-03111: "Technical Guideline TR-03111; Elliptic Curve Cryptography".
[17]
RFC 5639:  "Elliptic Curve Cryptography (ECC) Brainpool Standard; Curves and Curve Generation".
[18]
RFC 3339:  "Date and Time on the Internet: Timestamps".
[19]
RFC 5280:  "Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile".
[20]
NIST FIPS 180-4: "Secure Hash Standard (SHS)".
[21]
TS 33.401: "3GPP System Architecture Evolution (SAE); Security architecture".
[22]
TS 33.222: "Generic Authentication Architecture (GAA); Access to network application functions using Hypertext Transfer Protocol over Transport Layer Security (HTTPS)".
[23]  Void.
[24]
RFC 6508:  "Sakai-Kasahara Key Encryption (SAKKE)".
[25]  Void.
[26]  Void.
[27]  Void.
[28]  Void.
[29]  Void.
[30]  Void.
[31]
RFC 5116:  "An Interface and Algorithms for Authenticated Encryption".
[32]  Void.
[33]  Void.
[34]  Void.
[35]
RFC 4563:  "The Key ID Information Type for the General Extension Payload in Multimedia Internet KEYing (MIKEY)".
[36]
W3C REC-xmlschema-2-20041028: "XML Schema Part 2: Datatypes".
[37]
RFC 2616:  "Hypertext Transfer Protocol -- HTTP/1.1".
[38]
TS 33.223: "Generic Authentication Architecture (GAA); Generic Bootstrapping Architecture (GBA) Push function".
[39]
TS 23.003: "Numbering, addressing and identification".
[40]
TS 36.331: "Evolved Universal Terrestrial Radio Access (E-UTRA); Radio Resource Control (RRC); Protocol specification".
[41]
TS 29.368: "Tsp interface protocol between the MTC Interworking Function (MTC-IWF) and Service Capability Server (SCS)".
[42]
TS 33.102: "3G Security; Security architecture".
[43]
TS 33.179: "Security of Mission Critical Push-To-Talk (MCPTT)".
Up

3  Definitions and abbreviationsp. 10

3.1  Definitionsp. 10

For the purposes of the present document, the terms and definitions given in TR 21.905 and the following apply.
A term defined in the present document takes precedence over the definition of the same term, if any, in TR 21.905.
Application Level Container:
See TS 23.303
Discovery Filter:
See [2]
Discovery Group ID:
See [2]
ProSe Application ID:
See [2]
ProSe Application Code:
See [2]
ProSe Application Mask:
See [2]
ProSe Direct Communication:
See [2]
ProSe Direct Discovery:
See [2]
ProSe-enabled non-Public Safety UE:
See [2]
ProSe-enabled Public Safety UE:
See [2]
ProSe-enabled UE:
See [2]
ProSe Query Code:
See [2]
ProSe Response Code:
See [2]
ProSe Restricted Code:
See [2]
Relay Service Code:
See [2]
Restricted ProSe Application User ID:
See [2]
Validity Timer:
See [2]

3.2  Abbreviationsp. 10

For the purposes of the present document, the abbreviations given in TR 21.905 and the following apply.
An abbreviation defined in the present document takes precedence over the definition of the same abbreviation, if any, in TR 21.905.
ADF
Accounting Data Forwarding
ALUID
Application Layer User ID
AS
Application Server
BSF
Bootstrapping Server Function
CA
Certificate Authority
CTF
Charging Trigger Function
DSA
Digital Signature Algorithm
ECCSI
Elliptic Curve-based Certificateless Signatures for Identity-based Encryption
ECDSA
Elliptic Curve DSA
EPUID
EPC Level User ID
GBA
Generic Bootstrapping Architecture
GMK
Group Master Key
GPS
Global Positioning System
GSK
Group Session Key
ID
Identity
KMS
Key Management System
LCID
Logical Channel Identifier
MIC
Message Integrity Code
MIKEY
Multimedia Internet Keying
NAF
Network Application Function
NITZ
Network Identity and Time Zone
NTP
Network Time Protocol
OTA
Over The Air
PEK
ProSe Encryption Key
PIK
ProSe Integrity Key
PFID
ProSe Function ID
PGK
ProSe Group Key
ProSe
Proximity-based Services
PSDK
Public Safety Discovery Key
PTK
ProSe Traffic Key
RPAUID
Restricted ProSe Application User ID
RSC
Relay Service Code
RTP
Real-Time Transport Protocol
RTCP
RTP Control Protocol
SAKKE
Sakai-Kasahara Key Encryption
SDP
Session Description Protocol
SEG
Security Gateway
SRTP
Secure Real-Time Transport Protocol
UID
User ID
UTC
Universal Time Coordinated
Up

Up   Top   ToC