Tech-invite3GPPspaceIETFspace
21222324252627282931323334353637384‑5x
Top   in Index   Prev   Next

TS 33.512
5G Security Assurance Specification (SCAS) –
Access and Mobility management Function (AMF)

3GPP‑Page   ETSI‑search   fToC   Partial Content
V19.0.0 (PDF)  2025/06  28 p.
V18.2.0  2024/06  31 p.
V17.3.0  2022/03  26 p.
V16.6.0  2021/12  22 p.
Rapporteur:
Ms. Deng, Juan
HuaWei Technologies Co., Ltd

full Table of Contents for  TS 33.512  Word version:  19.0.0

each clause number in 'red' refers to the equivalent title in the Partial Content
Here   Top
1Scope  p. 7
2References  p. 7
3Definitions of terms, symbols and abbreviations  p. 7
3.1Terms  p. 7
3.2Symbols  p. 7
3.3Abbreviations  p. 8
4AMF-specific security requirements and related test cases  p. 8
4.1Introduction  p. 8
4.2AMF-specific adaptations of security functional requirements and related test cases.  p. 8
4.2.1Introduction  p. 8
4.2.2Security functional requirements on the AMF deriving from 3GPP specifications and related test cases  p. 8
4.2.2.0General  p. 8
4.2.2.1Authentication and key agreement procedure  p. 8
4.2.2.1.1Synchronization failure handling  p. 8
4.2.2.1.2RES* verification failure handling  p. 10
4.2.2.1.3NAS based redirection from 5GS to EPS  p. 13
4.2.2.1.4NAS integrity failure  p. 13
4.2.2.2Voidp. …
4.2.2.3Security mode command procedure  p. 14
4.2.2.3.1Replay protection of NAS signalling messages  p. 14
4.2.2.3.2NAS NULL integrity protection  p. 15
4.2.2.3.3NAS integrity algorithm selection and use  p. 16
4.2.2.4Security in intra-RAT mobility  p. 17
4.2.2.4.1Bidding down prevention in Xn-handover  p. 17
4.2.2.4.2NAS protection algorithm selection in AMF change  p. 18
4.2.2.55G-GUTI allocation  p. 19
4.2.2.5.15G-GUTI allocation  p. 19
4.2.2.6Security in registration procedure  p. 20
4.2.2.6.1Invalid or unacceptable UE security capabilities handling  p. 20
4.2.2.6.2Correct transfer of UE security capabilities in AS security establishment  p. 21
4.2.2.7RRCRestablishment in Control Plane CIoT 5GS Optimization  p. 22
4.2.2.8Security in PDU session establishment procedure  p. 23
4.2.2.8.1Validation of S-NSSAIs in PDU session establishment request  p. 23
4.2.2.9Network Slice Specific Authentication and Authorization  p. 24
4.2.2.9.1NSSAA revocation  p. 24
4.2.3Technical Baseline  p. 25
4.2.3.1Introduction  p. 25
4.2.3.2Protecting data and information  p. 25
4.2.3.2.1Protecting data and information - general  p. 25
4.2.3.2.2Protecting data and information - unauthorized viewing  p. 25
4.2.3.2.3Protecting data and information in storage  p. 25
4.2.3.2.4Protecting data and information in transfer  p. 25
4.2.3.2.5Logging access to personal data  p. 25
4.2.3.3Protecting availability and integrity  p. 25
4.2.3.4Authentication and authorization  p. 25
4.2.3.5Protecting sessions  p. 25
4.2.3.6Logging  p. 25
4.2.4Operating Systems  p. 25
4.2.5Web Servers  p. 25
4.2.6Network Devices  p. 25
4.3AMF-specific adaptations of hardening requirements and related test cases  p. 26
4.3.1Introduction  p. 26
4.3.2Technical baseline  p. 26
4.3.3Operating systems  p. 26
4.3.4Web servers  p. 26
4.3.5Network devices  p. 26
4.3.6Network functions in service-based architecture  p. 26
4.4AMF-specific adaptations of basic vulnerability testing requirements and related test cases  p. 26
4.4.1Introduction  p. 26
4.4.2Port Scanning  p. 26
4.4.3Vulnerability scanning  p. 26
4.4.4Robustness and fuzz testing  p. 26
$Change history  p. 28

Up   Top