Tech-invite3GPPspaceIETFspace
21222324252627282931323334353637384‑5x

Content for  TR 33.835  Word version:  16.1.0

Top   Top   None   None   Next
1…   4…
1 Scope2 References3 Definitions of terms, symbols and abbreviations3.1 Terms3.2 Symbols3.3 Abbreviations
...

 

1  Scopep. 10

The present document specifies key issues, derived requirements and potential solutions to support authentication and key management aspects for applications and 3GPP services based on 3GPP credentials in 5G, including the IoT use case. It analyses issues and requirements for:
  • providing authentication and key management procedures to applications and 3GPP services in 5G scenarios which allow the UE to securely exchange data with an application server;
  • decoupling these procedures from the transport protocol, in order to allow for the adaption to different application layer protocols.
The present document takes into account new solutions as well as potential adaptations to existing ones such as GBA described in TS 33.220 and BEST described in TS 33.163, in order to support the above mentioned requirements with procedures and protocols defined in SBA.
Up

2  Referencesp. 10

The following documents contain provisions which, through reference in this text, constitute provisions of the present document.
  • References are either specific (identified by date of publication, edition number, version number, etc.) or non-specific.
  • For a specific reference, subsequent revisions do not apply.
  • For a non-specific reference, the latest version applies. In the case of a reference to a 3GPP document (including a GSM document), a non-specific reference implicitly refers to the latest version of that document in the same Release as the present document.
[1]
TR 21.905: "Vocabulary for 3GPP Specifications".
[2]
TS 33.220: "Generic Authentication Architecture (GAA); Generic Bootstrapping Architecture (GBA)".
[3]
TS 33.163: "Battery Efficient Security for very low Throughput Machine Type Communication (MTC) device (BEST)".
[4]
RFC 3748:  "Extensible Authentication Protocol (EAP)".
[5]
TS 33.905: "Recommendations for trusted open platforms".
[6]
ISO/IEC JTC 1/SC 17 "Cards and security devices for personal identification".
[7]
TS 27.007: "AT command set for User Equipment (UE) V15.3.0".
[8]
RFC 5191:  "Protocol for Carrying Authentication for Network Access (PANA)".
[9]
IEEE 802.1X™: "Port-Based Network Access Control".
[10]
TS 33.501: "Security architecture and procedures for 5G system (Release 15)".
[11]
TS 33.102: "3G Security; Security architecture (Release 15)".
[12]
RFC 5448:  "Improved Extensible Authentication Protocol Method for 3rd Generation Authentication and Key Agreement (EAP-AKA')".
[13]
TS 33.223: (V15.0.0): "Generic Authentication Architecture (GAA); Generic Bootstrapping Architecture (GBA) Push function".
[14]
TS 23.434: " Service Enabler Architecture Layer for Verticals (SEAL); Functional architecture and information flows".
Up

3  Definitions of terms, symbols and abbreviationsp. 11

3.1  Termsp. 11

Void

3.2  Symbolsp. 11

Void

3.3  Abbreviationsp. 11

For the purposes of the present document, the abbreviations given in TR 21.905 and the following apply. An abbreviation defined in the present document takes precedence over the definition of the same abbreviation, if any, in TR 21.905.
5GS
5G System
5GC
5G Core
AApF
AKMA Application Function
AAuF
AKMA Authentication Function
ABBA
Anti-Bidding down Between Architectures
AKA
Authentication and Key Agreement
AKAF
AKMA Anchor Function
AKMA
Authentication and Key Management for Applications
AKMA AF
AKMA Application Function
AKRS
AKMA Key Repository Service
AMF
Access and Mobility Management Function
AP
Application Processor
APDU
Application Protocol Data Unit
ARPF
Authentication credential Repository and Processing Function
AUSF
Authentication Server Function
AUTN
AUthentication TokeN
AV
Authentication Vector
BEST
Battery Efficient Security for very low Throughput Machine Type Communication (MTC) devices
BSF
Bootstrapping Server Function
CK
Cipher Key
CoAP
Constrained Application Protocol
DoS
Denial of Service
EAP
Extensible Authentication Protocol
EAPoL
EAP over LANs
EMSK
Extended Master Session
KeyEPS
Evolved Packet System
FQDN
Fully Qualified Domain Name
GBA
Generic Bootstrapping Architecture
GAA
Generic Authentication Architecture
GUTI
Globally Unique Temporary UE Identity
GPSI
Generic Public Subscription Identifier
HPLMN
Home Public Land Mobile Network
HRES
Hash RESponse
HSS
Home Subscriber Server
HTTP
HyperText Transfer Protocol
HXRES
Hash eXpected RESponse
IK
Integrity Key
KDF
Key Derivation Function
ME
Mobile Equipment
MME
Mobility Management Entity
MQTT
Message Queuing Telemetry Transport
ngKSI
Key Set Identifier in 5G
NAF
Network Application Function
NAI
Network Access Identifier
NAS
Non Access Stratum
NEF
Network Exposure Function
NF
Network Function
OBU
On Board Unit
PANA
Protocol for Carrying Authentication for Network Access
PDCP
Packet Data Convergence Protocol
PLMN
Public Land Mobile Network
RES
RESponse
SBA
Service Based Architecture
SE
Secure Element
SEAF
SEcurity Anchor Function
SoR
Steering of Roaming
SUCI
SUbscription Concealed Identifier
SUPI
SUbscription Permanent Identifier
UDM
Unified Data Management
UE
User Equipment
UICC
Universal Integrated Circuit Card
UMTS
Universal Mobile Telecommunications System
USIM
Universal Subscriber Identity Module
UPF
User Plane Function
XRES
eXpected RESponse
Up

Up   Top   ToC