Tech-invite3GPPspaceIETF RFCsSIP
Quick21222324252627282931323334353637384‑5x
Top   in Index   Prev   Next

TS 33.521
5G Security Assurance Specification (SCAS) –
Network Data Analytics Function (NWDAF)

V17.2.0 (PDF)2022/06  … p.
Rapporteur:
Mr. Qi, Minpeng
China Mobile Com. Corporation

Content for  TS 33.521  Word version:  17.1.0

Here   Top

 

1  ScopeWord‑p. 6

The present document contains requirements and test cases that are specific to the NWDAF network product class. It refers to the Catalogue of General Security Assurance Requirements and formulates specific adaptions of the requirements and test cases, as well as specifying requirements and test cases unique to the NWDAF network product class.

2  ReferencesWord‑p. 6

The following documents contain provisions which, through reference in this text, constitute provisions of the present document.
  • References are either specific (identified by date of publication, edition number, version number, etc.) or non specific.
  • For a specific reference, subsequent revisions do not apply.
  • For a non-specific reference, the latest version applies. In the case of a reference to a 3GPP document (including a GSM document), a non-specific reference implicitly refers to the latest version of that document in the same Release as the present document.
[1]
TR 21.905: "Vocabulary for 3GPP Specifications".
[2]
TS 23.288: "Architecture enhancements for 5G System (5GS) to support network data analytics services".
[3]
TS 33.117: "Catalogue of general security assurance requirements".
[4]
TR 33.926: "Security Assurance Specification (SCAS) threats and critical assets in 3GPP network product classes".
Up

3  Definitions of terms, symbols and abbreviationsWord‑p. 6

3.1  TermsWord‑p. 6

For the purposes of the present document, the terms given in TR 21.905 and the following apply. A term defined in the present document takes precedence over the definition of the same term, if any, in TR 21.905.

3.2  SymbolsWord‑p. 6

Void

3.3  AbbreviationsWord‑p. 7

For the purposes of the present document, the abbreviations given in TR 21.905 and the following apply. An abbreviation defined in the present document takes precedence over the definition of the same abbreviation, if any, in TR 21.905.

4  NWDAF-specific security requirements and related test casesWord‑p. 7

4.1  IntroductionWord‑p. 7

NWDAF specific security requirements include both requirements derived from NWDAF-specific security functional requirements in relevant specifications as well as security requirements introduced in the present document derived from the threats specific to NWDAF as described in TR 33.926.

4.2  NWDAF-specific security functional requirements and related test casesWord‑p. 7

4.2.1  Technical baselineWord‑p. 7

4.2.1.1  GeneralWord‑p. 7

The present clause provides baseline technical requirements.

4.2.1.2  Protecting data and informationWord‑p. 7

4.2.1.2.1  Protecting data and information - generalWord‑p. 7
There are no NWDAF-specific additions to clause 4.2.3.2.1 of TS 33.117.
4.2.1.2.2  Protecting data and information - Confidential System Internal DataWord‑p. 7
There are no NWDAF-specific additions to clause 4.2.3.2.2 of TS 33.117.
4.2.1.2.3  Protecting data and information in storageWord‑p. 7
There are no NWDAF-specific additions to clause 4.2.3.2.3 of TS 33.117.
4.2.1.2.4  Protecting data and information in transferWord‑p. 7
There are no NWDAF-specific additions to clause 4.2.3.2.4 of TS 33.117.
4.2.1.2.5  Logging access to personal dataWord‑p. 7
There are no NWDAF-specific additions to clause 4.2.3.2.5 of TS 33.117.
4.2.1.2.6  Protecting data and information - Data masking on integration analysisWord‑p. 7
Requirement Name:
Data masking on integration analysis about personal data
Requirement Reference:
TBA.
Requirement Description:
NWDAF can collect data from UE, NF, OAM, etc. used for analytics. Personal data of the UE's user are involved also. When NWDAF uses such personal data in analytics with other information together, such data correlation operation could bind more personal information with the user's identity. Thus, privacy information about that specific user could be revealed to the person who is allowed to operate data correlation for analytics but not allowed to know the privacy information as the result of data correlation. Therefore, applicable measures (e.g. data masking) shall be applied to mitigate such privacy violation risk.
Threat References:
TR 33.926, clause 5.3.6.7, Personal Identification Information Violation
Test case:
Test Name:
TC_DATA_MASKING
Purpose:
Verify that no privacy information of operators' users is revealed to the party who is not allowed to have.
Pre-Condition:
The vendor shall provide the documentation describing how to create an account for accessing the analytics results.
Privacy information list (should be specified based on local policy, regulation and others).
Execution Steps:
  1. Review the documentation provided by the vendor describing how to create the account for accessing the analytics results provided by the NWDAF.
  2. The tester creates the account, and retrieves the analytics results from the NWDAF using the account.
Expected Results:
The tester can create the account, and the account does not reveal subscriber permanent identifier.
Expected format of evidence:
Evidence suitable for the interface, e.g. screenshot containing the results.
Up

4.2.2  Finding the right NF instance are serving the UEWord‑p. 8

Requirement Name:
Finding the right NF instance are serving the UE
Requirement Reference:
Requirement Description:
To retrieve data related to a specific UE, the NWDAF shall first determine which NF instances are serving this UE as stated in Table 4.2.2.1-2 unless the NWDAF has already obtained this information due to recent operations related to this UE.
Type of NF instance (serving the UE) to determine NF to be contacted by NWDAF Service Reference in TS 23.502
UDMNRFNnrf_NFDiscovery 5.2.7.3
AMFUDMNudm_UECM 5.2.3.2
SMFUDMNudm_UECM 5.2.3.2
BSFNRFNnrf_NFDiscovery 5.2.7.3
PCFBSFNbsf_Management 5.2.13.2
NEFNRFNnrf_NFDiscovery 5.2.7.3
"as specified in TS 23.288, clause 6.2.2.1.
Threat Reference:
TS 33.926, clause X.Y.
Test case:
Test Name:
TC_NWDAF_FIND_NF_SRVING_UE
Purpose:
Verify that the NWDAF always find a recent NF from operations related to the UE.
Pre-Conditions:
Test environment with UE, source AMF, and target AMF and UDM. UE, source AMF, target AMF and UDM may be simulated.
The UE is registrered on the source AMF and the UDM, and the NWDAF subscribes analytics A which needs to collect the UE's information on the source AMF.
Execution Steps:
-
Expected Results:
-
Expected format of evidence:
-
Up

4.3  NWDAF-specific adaptations of hardening requirements and related test casesWord‑p. 9

4.3.1  IntroductionWord‑p. 9

The present clause contains NWDAF-specific adaptations of hardening requirements and related test cases.

4.3.2  Technical baselineWord‑p. 9

There are no NWDAF-specific additions to clause 4.3.2 of TS 33.117.

4.3.3  Operating systemsWord‑p. 9

There are no NWDAF-specific additions to clause 4.3.3 of TS 33.117.

4.3.4  Web serversWord‑p. 9

There are no NWDAF-specific additions to clause 4.3.4 of TS 33.117.

4.3.5  Network devicesWord‑p. 9

There are no NWDAF-specific additions to clause 4.3.5 of TS 33.117.

4.3.6  Network functions in service-based architectureWord‑p. 9

There are no NWDAF-specific additions to clause 4.3.6 in TS 33.117.

4.4  NWDAF-specific adaptations of basic vulnerability testing requirements and related test casesWord‑p. 9

There are no NWDAF-specific additions to clause 4.4 of TS 33.117.

$  Change historyWord‑p. 10


Up   Top