Content for TR 33.754 Word version: 19.0.0
5 Key issues p. 9
5.1 Key Issue #1: Authentication of UE in ATSSS over Non-Integrated Non-3GPP Access p. 9
5.1.1 Key issue details p. 9
5.1.2 Security threats p. 10
5.1.3 Potential security requirements p. 10
5.2 Key Issue #2: Confidentiality and integrity protection of the communication between UE and 5GCore in Non-Integrated Non-3GPP Access. p. 10
6 Solutions p. 11
6.0 Mapping of solutions to key issues p. 11
6.1 Solution #1: Using 3GPP security context to derive authentication pre-shared key for NIN3A p. 11
6.2 Solution #2: AUSF based authentication mechanism for UE and UPF p. 12
6.3 Solution #3: Authentication, confidentiality, and integrity protection of UE in ATSSS while selecting MPQUIC p. 14
6.4 Solution #4: Secure Authentication and Connectivity for UE in ATSSS over NIN3A p. 16
6.5 Solution #5: UE authentication and traffic protection in ATSSS-Lite p. 19
6.5.1 Introduction p. 19
6.5.2 Solution details p. 19
6.5.2.1 Background p. 19
6.5.2.2 UE authentication and PDU establishment over 3GPP access p. 20
6.5.2.3 UE authentication over non-3GPP access p. 21
6.5.2.4 UPF IP address exposure p. 22
6.5.3 Evaluation p. 22
6.6 Solution #6: Using IPsec to authenticate UE and UPF for non-3GPP access p. 23
6.7 Solution #7: Omitting IPsec for MPQUIC traffic over non-3GPP access p. 25
6.8 Solution #8: User plane data protection mechanism between UE and UPF p. 27
7 Conclusions p. 28
7.1 Key Issue #1: Authentication of UE in ATSSS over Non-Integrated Non-3GPP Access p. 28
7.2 Key Issue #2: Confidentiality and integrity protection of the communication between UE and 5GCore in Non-Integrated Non-3GPP Access. p. 28
$ Change history p. 29
