Content for TR 33.926 Word version: 19.1.0

1… 4… 5… 6… A… B… C… D… E… F… G… H… I… J… K… L… M… N… O… P… Q… R… S… T… U… V… W… X… Y…

T.1 Network product class description for the gNB-CU-UP T.2 Assets and threats specific to the gNB-CU-UP
...

T Aspects specific to the network product class gNB-CU-UP |R18| p. 95

T.1 Network product class description for the gNB-CU-UP p. 95

T.1.1 Introduction p. 95

The present document captures the network product class descriptions, threats and critical assets that have been identified in the course of the work on 3GPP security assurance specifications. The main body of the present document contains generic aspects that are believed to apply to more than one network product class, while Annexes cover the aspects specific to one network product class.

T.1.2 Minimum set of functions defining the gNB-CU-UP network product class p. 95

As part of the gNB-CU-UP network product, it is expected that the gNB-CU-UP contains gNB-CU-UP application, a set of running processes (typically more than one) executing the software package for the gNB-CU-UP functions and OAM functions that are specific to the gNB-CU network product model. Functionalities specific to the gNB-CU-UP network product introduce additional threats and/or critical assets as described below. Related security requirements and test cases have been captured in TS 33.523.

T.2 Assets and threats specific to the gNB-CU-UP p. 95

T.2.1 Critical assets p. 95

In addition to the critical assets of a GNP described in clause 5.2 of the present document, the critical assets specific to the gNB-CU-UP to be protected are:

gNB-CU-UP Application;
Mobility Management data: subscriber keys (i.e. KUPenc, KUPint), UE's IP address, etc., QoS and so on, etc;
User plane data;
The interfaces of gNB-CU-UP whose data needs to be protected and which are within SCAS scope;
- E1 interface;
- Xn interface;
- N3 interface;
- Uu interface;
- F1 interface;
- Console interface, for local access: local interface on gNB-CU-UP; and
- OAM interface, for remote access: interface between gNB-CU-UP and OAM system; and
NOTE 1:
The detailed interfaces of the gNB-CU-UP class are described in clause 4, Network Product Class Description of the present document.
gNB-CU-UP Software: binary code or executable code.

NOTE 2:
gNB-CU-UP files may be any file owned by a user (root user as well as non-root uses), including User account data and credentials, Log data, configuration data, OS files, gNB-CU-UP application, Mobility Management data or gNB-CU-UP Software.

T.2.2 Threats related to Control plane and User plane in the network p. 96

T.2.2.1 Control plane data confidentiality protection p. 96

Threat name: gNB-CU-UP control plane data confidentiality protection.
Threat Category: Information Disclosure.
Threat Description: If the gNB-CU-UP does not provide confidentiality protection for control plane packets on the E1 reference point, then the control plane packets sent over E1 reference points can be compromised by attackers. This means the UE identifiers, security capabilities, the security algorithms and key materials exchanged can be accessed by the attackers leading to huge security breach. This threat scenario assumes that the E1 reference point is not within the security environment.
Threatened Asset: Mobility Management data.

T.2.2.2 Control plane data integrity protection p. 96

Threat name: Control plane data integrity protection.
Threat Category: Tampering data, Denial of Service.
Threat Description: If the gNB-CU-UP does not provide integrity protection for control plane packets on E1 reference point, the control plane packets sent over this reference point can be modified without detection. The intruder manipulations on control plane packets can lead to denial of service to legitimate users. This threat scenario assumes that the E1 reference point are not within the security environment.
Threatened Asset: Sufficient Processing Capacity, Mobility Management data.

T.2.2.3 User plane data confidentiality protection p. 96

Threat name: User plane data confidentiality protection.
Threat Category: Information Disclosure.
Threat Description: If the gNB-CU-UP does not cipher and decipher user plane packets on the N3/Xn/Uu/F1 reference points, then the attackers can compromise user packets on F1, Uu, Xn-U and N3. The attackers can gain access to user identifiers, serving network identifiers, location information and can perform user tracking. This threat scenario assumes that the N3, F1 and Xn reference points are not within the security environment.
Threatened Asset: user plane data.

T.2.2.4 User plane data integrity protection p. 96

Threat name: User plane data integrity protection.
Threat Category: Tampering data, Denial of Service.
Threat Description: If the gNB-CU-UP does not handle integrity protection for user plane packets for the Xn/N3/Uu/F1 reference points then all the uplink/downlink user plane packets can be manipulated by intruders to launch Denial of Service attack. This threat scenario assumes that the Xn, F1 and N3 reference points are not within the security environment.
Threatened Asset: Sufficient Processing Capacity, User plane data.