Tech-invite 3GPPspace IETFspace

21 22 23 24 25 26 27 28 29 31 32 33 34 35 36 37 38 4‑5x

Content for TR 33.881 Word version: 17.1.0

0… 5…

5 Key issues p. 7

5.1 Key Issue #1: Support of EAP-AKA' authentication for NSWO p. 7

5.1.1 Key issue details p. 7

5.1.2 Security threats p. 7

5.1.3 Potential security requirements p. 7

6 Solutions p. 8

6.1 Solution #1: Non-Seamless WLAN offload Authentication in 5GS p. 8

6.1.1 Introduction p. 8

6.1.2 Solution details p. 8

6.1.2.1 Architectural overview p. 8

6.1.2.2 NSWO authentication procedure p. 9

6.1.3 System impact p. 10

6.1.4 Evaluation p. 11

6.2 Solution #2: NSWO authentication using credentials retrieved from UDM/ARPF p. 11

6.2.1 Introduction p. 11

6.2.2 Solution Details p. 11

6.2.2.1 Architecture Overview p. 11

6.2.2.2 Flows p. 12

6.2.2.3 Subscriber Privacy p. 14

6.2.2.4 Key derivation p. 14

6.2.3 System impact p. 14

6.2.4 Evaluation p. 15

6.3 Solution #3: NSWO authentication using credentials retrieved from UDM/ARPF via HSS p. 15

6.3.1 Introduction p. 15

6.3.2 Solution Details p. 15

6.3.2.1 Architecture Overview p. 15

6.3.2.2 Flows p. 17

6.3.2.3 SUPI Privacy p. 18

6.3.2.4 Key derivation p. 18

6.3.3 System impact p. 18

6.3.4 Evaluation p. 19

7 Conclusions p. 19

7.1 Conclusion for key issue #1 p. 19

$ Change history p. 21