TS 33.514
Security Assurance Specification (SCAS)
for the UDM Network Product Class

3GPP‑Page ETSI‑search fToC_↓ Partial Content _→

V19.1.0 (PDF) 2025/06 17 p.

V18.3.0 2024/06 20 p.

V17.1.0 2024/06 17 p.

V16.5.0 2024/06 15 p.

Rapporteur:: Dr. Yoshizawa, Taka
NEC Europe Ltd

full Table of Contents for TS 33.514 Word version: 19.1.0

each clause number in 'red' refers to the equivalent title in the Partial Content

Scope p. 6

References p. 6

Definitions of terms, symbols and abbreviations p. 6

3.1	Terms p. 6
3.2	Symbols p. 6
3.3	Abbreviations p. 7

UDM-specific security requirements and related test cases p. 7

4.1

Introduction p. 7

4.2

Security functional requirements on the UDM derived from 3GPP specifications and related test cases p. 7

4.2.0

General p. 7

4.2.1

User Privacy Procedure p. 7

4.2.1.1	De-concealment of SUPI from the SUCI based on the protection scheme used to generate the SUCI p. 7
4.2.1.2	Rejection of SUCIs using an ECIES protection scheme with an invalid public key. p. 8
4.2.1.3	Rejection of SUCIs using an uncompressed point with Profile B. p. 9

4.2.2

Authentication and key agreement procedure p. 10

4.2.2.1	Synchronization failure handling p. 10
4.2.2.2	Storing of authentication status of UE by UDM p. 11

4.2.3

Technical Baseline p. 12

4.2.3.1

Introduction p. 12

4.2.3.2

Protecting data and information p. 12

4.2.3.2.1	Protecting data and information - general p. 12
4.2.3.2.2	Protecting data and information - unauthorized viewing p. 12
4.2.3.2.3	Protecting data and information in storage p. 12
4.2.3.2.4	Protecting data and information in transfer p. 12
4.2.3.2.5	Logging access to personal data p. 12

4.2.3.3

Protecting availability and integrity p. 12

4.2.3.4

Authentication and authorization p. 12

4.2.3.5

Protecting sessions p. 12

4.2.3.6

Logging p. 12

4.2.4

Operating Systems p. 12

4.2.5

Web Servers p. 12

4.2.6

Network Devices p. 13

4.2.7

User plane security procedures p. 13

4.2.7.1

UP Security enforcement configuration for TSC service p. 13

4.2.8

User plane security procedures p. 14

4.2.8.1

UP security policy configuration for 5G LAN service p. 14

4.3

UDM-specific adaptations of hardening requirements and related test cases p. 15

4.3.1	Introduction p. 15
4.3.2	Technical baseline p. 15
4.3.3	Operating systems p. 15
4.3.4	Web servers p. 15
4.3.5	Network devices p. 15
4.3.6	Network functions in service-based architecture p. 15

4.4

UDM-specific adaptations of basic vulnerability testing requirements and related test cases p. 15

4.4.1	Introduction p. 15
4.4.2	Port scanning p. 15
4.4.3	Vulnerability scanning p. 16
4.4.4	Robustness and fuzz testing p. 16

Change history p. 17

TS 33.514 Security Assurance Specification (SCAS) for the UDM Network Product Class

full Table of Contents for TS 33.514 Word version: 19.1.0

TS 33.514
Security Assurance Specification (SCAS)
for the UDM Network Product Class