Tech-invite 3GPPspecs RFCs

Gen 21 22 23 24 25 26 27 28 29 31 32 33 34 35 36 37 38 4‑5x
Fs NEs RPs SBIs IDs T_i+

TS 33.512 (SA3) ★
5G Security Assurance Specification (SCAS) –
Access and Mobility management Function (AMF)

use "3GPP‑Page" to get the Word version
for a better overview, the Table of Contents (ToC) is reproduced

V16.0.1 (Wzip) 2019/09 16 p.

Rapporteur: Ms. Deng, Juan

The present document contains objectives, requirements and test cases that are specific to the AMF network product class. It refers to the Catalogue of General Security Assurance Requirements and formulates specific adaptions of the requirements and test cases given there, as well as specifying requirements and test cases unique to the AMF network product class.

full Table of Contents for TS 33.512 Word version: 16.0.0

1 Scope Word-p. 5

3 Definitions and abbreviations

3.1 Definitions

3.2 Abbreviations

4 AMF-specific security requirements and related test cases Word-p. 6

4.1 Introduction

4.2.1 Introduction

4.2.2 Security functional requirements on the AMF deriving from 3GPP specifications and related test cases

4.2.2.1 Authentication and key agreement procedure

4.2.2.1.1 Synchronization failure handling

4.2.2.1.2 RES* verification failure handling Word-p. 7

4.2.2.2 Key derivation and distribution Word-p. 8

4.2.2.3 Security mode command procedure

4.2.2.3.1 Replay protection of NAS signalling messages

4.2.2.3.2 NAS NULL integrity protection Word-p. 9

4.2.2.4 Security in intra-RAT mobility Word-p. 10

4.2.2.4.1 Bidding down prevention in Xn-handover

4.2.2.4.2 NAS protection algorithm selection in AMF change

4.2.2.5 5G-GUTI allocation Word-p. 11

4.2.2.5.1 5G-GUTI allocation

4.2.2.6 Security in registration procedure Word-p. 13

4.2.2.6.1 Invalid or unacceptable UE security capabilities handling

4.2.3 Technical Baseline

4.2.3.1 Introduction

4.2.3.2 Protecting data and information

4.2.3.2.1 Protecting data and information - general Word-p. 14

4.2.3.2.2 Protecting data and information - unauthorized viewing

4.2.3.2.3 Protecting data and information in storage

4.2.3.2.4 Protecting data and information in transfer

4.2.3.2.5 Logging access to personal data

4.2.3.3 Protecting availability and integrity

4.2.3.4 Authentication and authorization

4.2.3.5 Protecting sessions

4.2.3.6 Logging

4.2.4 Operating Systems

4.2.5 Web Servers

4.2.6 Network Devices

4.3 AMF-specific adaptations of hardening requirements and related test cases

4.3.1 Introduction

4.3.2 Technical Baseline Word-p. 15

4.3.3 Operating Systems

4.3.4 Web Servers

4.3.5 Network Devices

4.4 AMF-specific adaptations of basic vulnerability testing requirements and related test cases

A Change history Word-p. 16