Tech-invite3GPPspaceIETFspace
21222324252627282931323334353637384‑5x

Content for  TR 33.937  Word version:  18.0.0

Top   Top   Up   Prev   Next
1…   4…   7…
4 System Environment for PUCI5 PUCI Risk Analysis6 Security Requirements

 

4  System Environment for PUCIp. 10

4.1  Architectural Issuesp. 10

4.1.1  Introductionp. 10

4.1.2  Originating/Terminating UC Identification and Scoringp. 11

4.1.3  Central/Distributed UC Identification and Scoringp. 12

4.1.3.1  Distributed UC Identification and Distributed UC Scoringp. 12

4.1.3.2  Distributed UC Identification and Central UC Scoringp. 14

4.1.4  Standardized/Vendor-Specific UC Scoring Algorithmsp. 14

4.2  Non-Technical Conditionsp. 16

4.2.1  Prevention of Unsolicited Communication in an Operator Controlled Environmentp. 16

4.2.1.1  Introductionp. 16

4.2.1.2  Current SPIT/UC Prevention Measuresp. 16

4.3  Technical versus Legal Issuesp. 18

4.3.1  Introductionp. 18

4.3.2  UC Legislationp. 18

4.3.2.1  Definition of UCp. 18

4.3.2.2  Definition of UC Communication Servicesp. 19

4.3.2.3  Consent Achievement about UC Communicationp. 20

4.3.3  Liabilityp. 20

4.3.4  Privacyp. 21

4.3.5  Conclusionp. 22

4.4  Coexistence with Single Radio-VCC, ICS, and SCp. 22

5  PUCI Risk Analysisp. 24

5.1  Generalp. 24

5.2  UC Threats & Scenariosp. 24

5.2.2  General Scenariop. 24

5.2.3  Privacy Violationp. 25

5.2.3.1  Privacy Violation Scenariosp. 25

5.2.3.1.1  Bulk UC (Advertising)p. 25
5.2.3.1.2  Targeted UC (Stalker)p. 25

5.2.3.2  Privacy Violation Risksp. 26

5.2.4  Contentious Incoming Call Service Chargep. 26

5.2.4.1  Contentious Incoming Call Service Charge Scenariosp. 27

5.2.4.1.1  UC While Call Forwarding is Enabledp. 27

5.2.4.2  Contentious Incoming Call Service Charge Risksp. 27

5.2.5  Contentious Roaming Costp. 27

5.2.5.1  Contentious Roaming Cost Scenariosp. 27

5.2.5.1.1  UC While Roamingp. 27

5.2.5.2  Contentious Roaming Cost Risksp. 27

5.2.6  Non-disclosure of Call Back Costp. 27

5.2.6.1  Non-disclosure of Call Back Cost Scenariosp. 27

5.2.6.1.1  Baiting for Premium Number Call Backp. 27

5.2.6.2  Non-disclosure of Call Back Cost Risksp. 28

5.2.7  Phishingp. 28

5.2.7.1  Phishing Scenariosp. 28

5.2.7.1.1  Messaging/Voice Phishing for Bank Account Informationp. 28
5.2.7.1.2  Voice Phishing for Identity Theftp. 28

5.2.7.2  Phishing Risksp. 28

5.2.8  Network Equipment Hijackingp. 28

5.2.8.1  Network Equipment Hijacking Scenariosp. 28

5.2.8.1.1  Compromised IMS Network Elementp. 28

5.2.8.2  Network Equipment Hijacking Risksp. 28

5.2.9  User Equipment Hijackingp. 29

5.2.9.1  User Equipment Hijacking Scenariosp. 29

5.2.9.1.1  Botnets Using User Equipmentp. 29
5.2.9.1.2  Malware Distribution Through Bulk UCp. 29

5.2.9.2  User Equipment Hijacking Risksp. 29

5.2.10  Mobile Phone Virusp. 29

5.2.10.1  Mobile Phone Virus Scenariosp. 29

5.2.10.1.1  Exposure of User Privacyp. 29
5.2.10.1.2  Destroying Mobile Phone Software and Hardwarep. 29
5.2.10.1.3  Distributing Illegal Information and Virusp. 29
5.2.10.1.4  Junk Data Distribution through Bulk UC Resulting in User Additional Charges & Network Traffic Jamp. 29

5.2.10.2  Mobile Phone Virus Risksp. 30

5.2.11  Sender Impersonation UCp. 30

5.2.11.1  Sender Impersonation UC Scenariosp. 30

5.2.11.1.1  Forged Sender UC Received through Interworking with VoIP Operatorp. 30

5.2.11.2  Sender Impersonation UC Risksp. 30

5.2.12  Unavailability of Service or Degraded Service Qualityp. 30

5.2.12.1  Unavailability of Service or Degraded Service Quality Scenariosp. 30

5.2.12.1.1  UC flood leads to Degraded Service Qualityp. 30

5.2.12.2  Unavailability of Service or Degraded Service Quality Risksp. 30

5.2.13  Negative Service Preconception Leading to Non-adoptionp. 30

5.3  Specific UC threats in non-IMS inter-connectionsp. 31

5.3.1  Introductionp. 31

5.3.2  Legal assumptionsp. 31

5.3.3  Network assumptionsp. 31

5.3.4  Security assumptionsp. 33

5.3.5  High risk specific threatsp. 33

6  Security Requirementsp. 35

6.1Void

6.2  3GPP Security Requirementsp. 35

Up   Top   ToC