Tech-invite3GPPspaceIETFspace
21222324252627282931323334353637384‑5x

Content for  TR 33.816  Word version:  10.0.0

Top   Top   Up   Prev   Next
1…   4…   10…
4 Relay Architecture5 Threats6 Requirements7 Security Architecture8 Security Procedures9 Device Security

 

4  Relay Architecturep. 10

5  Threatsp. 12

5.1  Generalp. 12

5.2  Assumptions for threat analysisp. 12

5.3  Security threatsp. 12

6  Requirementsp. 15

6.1  General Requirementsp. 15

6.2  Security Requirementsp. 15

6.3  Requirements on enrolment and RN start-up procedurep. 16

6.3.1  Generalp. 16

6.3.2  Enrolmentp. 16

6.3.3  Start of IPsecp. 16

6.4  Access restrictions for the RNp. 17

6.5  RN Managementp. 17

7  Security Architecturep. 17

7.1  Security protection type for relay node on User UE's S1 interface and X2 interfacep. 17

7.1.1  Analysisp. 17

7.1.2  Security protection architecturep. 18

7.2  Security protection type for relay node about OAM communicationp. 18

7.2.1  Analysisp. 18

7.2.2  Security protection architecturep. 18

8  Security Proceduresp. 19

8.1  Analysis of Un interface securityp. 19

8.1.1  General aspect on Un security for Relay architecturep. 19

8.1.2  Analysis of options for Un interface securityp. 19

8.1.2.1  Option 1: NDS/IP and AS security over the Un interfacep. 20

8.1.2.1.1  Generalp. 20
8.1.2.1.2  Residual Threats for Option 1p. 20
8.1.2.1.2.1  NDS/IP for all user plane traffic on Unp. 20
8.1.2.1.2.2  NDS/IP for part of the user plane traffic on Unp. 21
8.1.2.1.2.3  Conclusion of option 1p. 21

8.1.2.2  Option 2: AS security over the Un interfacep. 21

8.1.2.2.1  Generalp. 21
8.1.2.2.2  Residual Threats for Option 2p. 22

8.1.2.3  Option 3: NDS/IP over the Un interfacep. 22

8.1.2.3.1  Generalp. 22
8.1.2.3.2  Residual Threats for Option 3p. 22

8.1.3  Comparison of Optionsp. 22

8.2  Security for the RN NAS trafficp. 23

8.3  Security for the RN RRC trafficp. 23

8.4  Mutual Authenticationp. 23

8.5  Enrolment procedures for RNsp. 23

8.6  Location verificationp. 24

8.7  Security handling in handoverp. 24

8.7.1  UE Handover scenariop. 24

8.7.2  Security handling for UE Handover from/to RNp. 25

8.7.2.1  Generalp. 25

8.7.2.2  Security handling on the source nodep. 25

8.7.2.3  Security handling on the target nodep. 25

8.8  Analysis of key interaction on Un interfacep. 26

8.8.1  Key relationship on Un interfacep. 26

8.8.2  Analysis of the key interaction on Un interfacep. 26

8.9  Differentiation the RN and UE by the DeNBp. 26

8.10  NAS signalling securityp. 27

8.11  Algorithm negotiation for RBs on Un interfacep. 27

9  Device Securityp. 28

9.1  Security requirements on Relay Nodesp. 28

9.2  Device Integrity checkp. 29

9.3  RN Platform Validationp. 29

9.4  UICC aspectsp. 29

Up   Top   ToC