Content for TR 33.843 Word version: 15.1.0
5 Key issues p. 8
5.1 Key Issue #1: Authorization for indirect 3GPP communication p. 8
5.2 Key Issue #2: Authentication of eRemote-UE via eRelay-UE p. 9
5.2.1 Introduction p. 9
5.2.2 Key Issue Details p. 9
5.2.3 Security Threats p. 9
5.2.4 Potential Security Requirements p. 9
5.3 Key Issue #3: IMSI Privacy of eRemote-UE p. 10
5.3.1 Introduction p. 10
5.3.2 Key Issue Details p. 10
5.3.3 Security Threats p. 10
5.3.4 Potential Security Requirements p. 10
5.4 Key Issues #4: Discovery p. 11
5.4.1 Key Issue details p. 11
5.4.2 Security threats p. 11
5.4.3 Potential security requirements p. 11
5.5 Key Issues #5: Security of CP between eRemote-UE and network p. 12
5.6 Key Issue #6: Security of Service Continuity p. 12
5.6.1 Issue detail p. 12
5.6.1.1 Handover between indirect and direct mode and vice versa p. 13
5.6.1.1.1 Handover from direct mode to indirect mode p. 13
5.6.1.1.2 Handover from indirect mode to direct mode p. 13
5.6.1.2 Handover between eRelay-UEs p. 14
5.6.1.3 Handover of eRelay-UEs p. 14
5.6.2 Security threats p. 14
5.6.3 Potential security requirements p. 14
5.7 Key Issues #7: Authentication of eRemote-UE during Setting Up Indirect 3GPP Communication p. 15
5.7.1 Key Issue details p. 15
5.7.2 Security threats p. 15
5.7.3 Potential security requirements p. 15
5.8 Key Issue #8: Authentication of eRelay-UE p. 15
5.9 Key Issue #9: User Plane protection between eRemote-UE and eNB p. 16
6 Solutions p. 16
6.1 Solution #1: Authentication of eRemote-UE via eRelay-UE p. 16
6.2 Solution #2: eRemote-UE Authentication with MITM detection p. 17
6.2.1 Introduction p. 17
6.2.2 Solution details p. 17
6.2.2.1 Authorization and Authentication of an eRemote-UE to Core Network and security context establishment between eRemote-UE and eRelay-UE p. 17
6.2.2.2 Man in the middle attack detection mechanism p. 18
6.2.3 Evaluation p. 19
6.3 Solution #3: Authentication of eRelay-UE p. 19
6.4 Solution #4: Solution of Authorization for Indirect 3GPP Communication p. 19
6.5 Solution #5: Protection of the UP between eRemote-UE and eRelay-UE p. 20
6.6 Solution #6: Solution for protection of CP between eRemote-UE and Network p. 20
6.7 Solution #7: Solution of IMSI privacy for attach via eRelay-UE p. 21
6.8 Solution #8: eRelay Discovery p. 23
6.9 Solution #9: Path Switch of direct to indirect 3GPP Communication and vice versa p. 24
6.9.1 Introduction p. 24
6.9.2 Solution details p. 24
6.9.2.1 eRemote-UE path switch under the same eNB p. 24
6.9.2.1.1 Preconditions p. 24
6.9.2.1.2 Solution Variant a): Without special relay key p. 25
6.9.2.1.3 Solution Variant b): With special relay key p. 25
6.9.2.2 eRemote-UE Mobility under a different eNB p. 25
6.9.3 Evaluation p. 26
6.10 Solution #10: Handover of eRemote-UE from one eRelay to another p. 27
6.10.1 Introduction p. 27
6.10.2 Solution details p. 27
6.10.2.1 Handover under the same eNB p. 27
6.10.2.1.1 Preconditions p. 27
6.10.2.1.2 Solution Variant a): Without special relay key p. 27
6.10.2.1.3 Solution Variant b): With special relay key p. 27
6.10.2.2 Handover under a different eNB p. 28
6.10.3 Evaluation p. 29
6.11 Solution #11: Handover of eRelay-UE p. 29
6.11.1 Introduction p. 29
6.11.2 Solution details p. 29
6.11.3 Evaluation p. 30
6.12 Solution #12: Enhancement of Setting Up Connection between eRemote-UE and eRelay-UE p. 30
6.13 Solution #13: Security Parameters Configuration on eRemote-UE during Dynamic Trust Relationship Establishment p. 32
7 Conclusions p. 33
7.1 Key Issue 1 p. 33
7.2 Key Issue 2 p. 33
7.3 Key Issue 3 p. 33
7.4 Key Issue 4 p. 34
7.5 Key Issue 5 p. 34
7.6 Key Issue 6 p. 34
7.7 Key Issue 7 p. 34
7.8 Key Issue 8 p. 34
7.9 Key Issue 9 p. 34
7.10 Overall conclusions p. 34
$ Change History p. 35
