Tech-invite3GPPspaceIETFspace
21222324252627282931323334353637384‑5x

Content for  TR 33.861  Word version:  16.1.0

Top   Top   Up   Prev   None
0…   5…
5 Key issues6 Solutions7 Conclusions$ Change history

 

5  Key issuesp. 12

5.1  Key Issue #1: Efficient frequent small data transmissionsp. 12

5.1.1  Key issue detailsp. 12

5.1.2  Security threatsp. 12

5.1.3  Potential security requirementsp. 12

5.2  Key Issue #2: Integrity protection of small datap. 12

5.2.1  Key issue detailsp. 12

5.2.2  Security threatsp. 13

5.2.3  Potential security requirementsp. 13

5.3  Key Issue #3: Encryption of small datap. 13

5.3.1  Key issue detailsp. 13

5.3.2  Security threatsp. 13

5.3.3  Potential security requirementsp. 14

5.4  Key Issue #4: Signalling overload due to Malicious Applications on the UEp. 14

5.4.1  Introductionp. 14

5.4.2  Security Threatsp. 14

5.4.3  Potential security requirementsp. 14

5.5  Key Issue #5: gNB Protection from CIoT DoS attackp. 14

5.5.1  Key issue detailsp. 14

5.5.2  Security threatsp. 15

5.5.3  Potential Security requirementsp. 15

5.6  Key issue #6: Avoiding AS security for application security enabled UEs.p. 15

5.6.0  Generalp. 15

5.6.1  Potential security threatp. 15

5.6.2  Potential security requirementsp. 15

5.7  Key Issue #7: Key refreshing for protection of small datap. 16

5.7.1  Key issue detailsp. 16

5.7.2  Security threatsp. 16

5.7.3  Potential security requirementsp. 16

5.8  Key Issue #8: Key and mac size for protection of small datap. 16

5.8.1  Key issue detailsp. 16

5.8.2  Security threatsp. 16

5.8.3  Potential security requirementsp. 16

5.9  Key Issue #9: Protection of NIDD interfacesp. 17

5.9.2  Security Threatsp. 17

5.9.3  Potential security requirementsp. 17

5.10  Key issue #10: User Plane data transmission with Connectionless signalling.p. 17

5.10.1  Descriptionp. 17

5.10.2  Potential security threatp. 17

5.10.3  Potential security requirementsp. 18

5.11  Key Issue #11: Bidding down attack for NAS based redirection between core networksp. 18

5.11.1  Key issue detailsp. 18

5.11.2  Security threatsp. 18

5.11.3  Potential security requirementsp. 18

5.12  Key Issue #12: Privacy protection of new parameters for CIoT included in NAS messagep. 19

5.12.1  Key issue detailsp. 19

5.12.2  Security threatsp. 19

5.12.3  Potential security requirementsp. 19

5.13  Key Issue #13: Security Handling in RRC Connection Re-Establishment for the control plane for NB-IoT connected to 5GCp. 19

5.13.1  Key issue detailsp. 19

5.13.2  Security threatsp. 20

5.13.3  Potential security requirementsp. 20

5.14  Key issue #14: Preventing User Plane Botnet Attacks from Improper CIOT Device Usagep. 20

5.14.1  Descriptionp. 20

5.14.2  Potential security threatp. 20

5.14.3  Potential security requirementsp. 20

5.15  Key Issue #15: Protection of UE capability transfer for UEs without AS securityp. 20

5.15.1  Key issue detailsp. 20

5.15.2  Security threatsp. 21

5.15.3  Potential security requirementsp. 21

6  Solutionsp. 21

6.1  Solution #1: Security Solution for small data transmission via NAS signalingp. 21

6.1.1  Introductionp. 21

6.1.2  Solution detailsp. 22

6.1.3  Evaluationp. 22

6.2  Solution #2: Efficient integrity protection for frequent small data transmissionsp. 22

6.2.1  Introductionp. 22

6.2.2  Solution detailsp. 22

6.2.3  Evaluationp. 23

6.3  Solution #3: Security solution for MO SMS at AMF re-allocationp. 24

6.3.1  Introductionp. 24

6.3.2  Solution detailsp. 24

6.3.2.1  MO SMS included in initial NAS messagep. 24

6.3.3  Evaluationp. 26

6.4  Solution #4: Security solution for UL small data transfer in RRC Suspend and Resume with early data transmission (EDT)p. 26

6.4.1  Introductionp. 26

6.4.2  Solution detailsp. 26

6.4.2.1  UL data transmission from CM-IDLE (SUSPEND) with Early Data Transmission to old eNBp. 26

6.4.2.2  UL UP EDT from RRC SUSPEND to new eNBp. 28

6.4.2.3  Connection Suspend procedure using the Early Data Transmission (EDT) featurep. 28

6.4.3  Evaluationp. 28

6.5  Solution #5: Security solution for small data included in initial NAS signalling at mobilityp. 28

6.5.1  Introductionp. 28

6.5.2  Solution detailsp. 29

6.5.3  Evaluationp. 31

6.6  Solution #6: Detecting and handling signalling overload due to Malicious Applications on the UEp. 31

6.6.1  Introductionp. 31

6.6.2  Solution detailsp. 31

6.6.2.1  Architecturep. 31

6.6.2.2  Proceduresp. 33

6.6.3  Evaluationp. 34

6.7  Solution #7: Procedure for protecting gNB from RRC resume and RRC Re-establishment DoS attackp. 34

6.7.1  Introductionp. 34

6.7.2  Solution detailsp. 35

6.7.3  Evaluationp. 37

6.8  Solution #8: Security solution for protection of interface used by NIDD proceduresp. 37

6.8.1  Introductionp. 37

6.8.2  Solution detailsp. 37

6.8.3  Evaluationp. 37

6.9  Solution #9: Security protection of small data at idle mobilityp. 37

6.9.1  Introductionp. 37

6.9.2  Solution detailsp. 38

6.9.3  Evaluationp. 39

6.10  Solution #10: Security solution for small data at idle mobility using the Registration Complete messagep. 39

6.10.1  Introductionp. 39

6.10.2  Solution detailsp. 39

6.10.3  Evaluationp. 40

6.11  Solution #11: Security-Property-Group-based Mitigation for DDoS Attack Triggered by Malicious Applications on the UEp. 41

6.11.1  Introductionp. 41

6.11.2  Solution detailsp. 41

6.11.2.1  Security-Property-Group assignment mechanismp. 41

6.11.2.1.1  Principle of assignmentp. 41
6.11.2.1.2  Assignment Procedurep. 42

6.11.2.2  DDoS attack mitigationp. 42

6.11.2.2.1  DDoS attack on AMF/SMFp. 42
6.11.2.2.2  DDoS attack on UPF/NEFp. 42

6.11.3  Evaluationp. 43

6.12  Solution #12: Security Solution on DDoS attack mitigationp. 43

6.12.1  Introductionp. 43

6.12.2  Solution detailsp. 43

6.12.2.1  Architecturep. 43

6.12.2.2  Procedurep. 43

6.12.3  Evaluationp. 44

6.13  Solution #13: Security solution for small data using key refreshingp. 45

6.13.1  Introductionp. 45

6.13.2  Solution detailsp. 45

6.13.2.1  Support for infrequent small data transmissionp. 45

6.13.2.2  Frequent small data communicationp. 45

6.13.3  Evaluationp. 45

6.14  Solution #14: Privacy protection of new parameters for CIoT included in NAS messagesp. 45

6.14.1  Introductionp. 45

6.14.2  Solution detailsp. 45

6.14.3  Evaluationp. 46

6.15  Solution #15: Efficient integrity protection for small data transmissions with immediate resultp. 46

6.15.1  Introductionp. 46

6.15.2  Solution detailsp. 46

6.15.2.1  Generalp. 46

6.15.2.2  Receiver behaviourp. 47

6.15.3  Evaluationp. 47

6.16  Solution #16: Solution to Identify Misbehaving UEsp. 48

6.16.1  Introductionp. 48

6.16.2  Solution detailsp. 48

6.16.3  Evaluationp. 48

6.17  Solution #17: Solution to Mitigate DDoS Attack based on RAN caused by Massive Number of Misbehaving CIoT UEsp. 48

6.17.1  Introductionp. 48

6.17.2  Solution detailsp. 49

6.17.2.1  Architecturep. 49

6.17.2.2  Procedurep. 49

6.17.3  Evaluationp. 50

6.18  Solution #18: Security solution for UL small data transfer in RRC Suspend and Resume with early data transmission (EDT)p. 51

6.18.1  Introductionp. 51

6.18.2  Solution detailsp. 51

6.18.2.1  UL data transmission from CM-IDLE with Early Data Transmissionp. 51

6.18.2.2  Connection Suspend procedure using the Early Data Transmission (EDT) featurep. 52

6.18.3  Evaluationp. 52

6.19  Solution #19: Solution to Mitigate DDoS Attack on AMF caused by Massive Number of Misbehaving CIoT UEsp. 52

6.19.1  Introductionp. 52

6.19.2  Solution detailsp. 52

6.19.2.1  Architecturep. 52

6.19.2.2  Procedurep. 53

6.19.3  Evaluationp. 54

6.20  Solution 20: RRC Connection Re-Establishment for the Control Plane for NB-IoT connected to 5GCp. 54

6.20.1  Introductionp. 54

6.20.2  Solution Detailsp. 55

6.20.2.1  RRC Connection Re-Establishment Procedure without KAMF Changep. 55

6.20.2.2  RRC Connection Re-Establishment Procedure with KAMF Changep. 55

6.20.3  Evaluationp. 56

6.21  Solution 21: Protection of NAS Redirection Messagep. 56

6.21.1  Introductionp. 56

6.21.2  Solution Detailsp. 57

6.21.2.1  Procedure of Authorization for Public Key of the AMFp. 57

6.21.2.2  Procedure of Protection of NAS messagep. 58

6.21.2.3  Abnormal Casesp. 58

6.21.3  Evaluationp. 59

6.22  Solution #22: Security solution for UP IP in PDCP to protect UL EDT data in Msg 3p. 60

6.22.1  Introductionp. 60

6.22.2  Solution detailsp. 60

6.22.2.1  UL data transmission from CM-IDLE with Early Data Transmissionp. 60

6.22.2.2  Connection Suspend procedure using the Early Data Transmission (EDT) featurep. 61

6.22.3  Evaluationp. 61

6.23  Solution #23: Mitigate DDoS Attack on RAN based on RANs coordinationp. 62

6.23.1  Introductionp. 62

6.23.2  Solution detailsp. 62

6.23.3  Evaluationp. 62

6.24  Solution #24: Using NAS security for protection of NAS Redirection messagep. 62

6.24.1  Introductionp. 62

6.24.2  Solution detailsp. 62

6.24.3  Evaluationp. 62

6.25  Solution #25: Security solution for preventing Botnet Attacks from Improper CIOT Device Usep. 63

6.25.1  Introductionp. 63

6.25.2  Solution A detailsp. 63

6.25.3  Solution B detailsp. 63

6.25.4  Solution C detailsp. 64

6.25.5  Evaluationp. 64

6.26  Solution #26: Hash based UE capability protection for CP optimization only CIoT UEp. 64

6.26.1  Introductionp. 64

6.26.2  Solution detailsp. 64

6.26.3  Evaluationp. 65

6.27  Solution #27: Network resilience for UEs without AS securityp. 66

6.27.1  Introductionp. 66

6.27.2  Solution detailsp. 66

6.27.3  Evaluationp. 66

6.28  Solution #28: Protection of UE capability transfer for UEs without AS securityp. 66

6.28.1  Introductionp. 66

6.28.2  Solution detailsp. 66

6.28.3  Evaluationp. 67

6.29  Solution #29: Security solution for UE Capability Transfer for UE with no AS security.p. 67

6.29.1  Introductionp. 67

6.29.2  Solution detailsp. 68

6.29.3  Evaluationp. 68

6.30  Solution #30: AMF verification of the UE radio capabilities for CP optimization only CIoT UEp. 69

6.30.1  Introductionp. 69

6.30.2  Solution detailsp. 69

6.30.3  Evaluationp. 70

7  Conclusionsp. 70

7.1  Key Issue #1: Efficient frequent small data transmissionsp. 70

7.2  Key Issue 2: Integrity protection of small datap. 70

7.3  Key Issue 3: Encryption of small datap. 70

7.4  Key Issue 4: Signalling overload due to Malicious Applications on the UEp. 70

7.5  Key Issue 5: gNB Protection from CIoT DoS attackp. 70

7.6  Key Issue 6: Avoiding AS security for application security enabled UEs.p. 70

7.7  Key Issue 7: Key refreshing for protection of small datap. 71

7.8  Key Issue 8: Key and mac size for protection of small datap. 71

7.9  Key Issue 9: Protection of NIDD interfacesp. 71

7.10  Key Issue 10: User Plane data transmission with Connectionless signalling.p. 71

7.11  Key Issue 11: Bidding down attack for NAS based redirection between core networksp. 71

7.12  Key Issue 12: Privacy protection of new parameters for CIoT included in NAS messagep. 71

7.13  Key Issue 13: Security Handling in RRC Connection Re-Establishment for the control plane for NB-IoT connected to 5GCp. 71

7.14  Key Issue 14: Preventing User Plane Botnet Attacks from Improper CIOT Device Usagep. 71

$  Change historyp. 72

Up   Top