Tech-invite3GPPspaceIETFspace
21222324252627282931323334353637384‑5x
Top   in Index   Prev   Next

TR 33.754
Study on Security aspects for Multi-Access for
DualSteer devices and ATSSS Phase 4

3GPP‑Page   fToC   Partial Content
V19.0.0 (Wzip)  2024/12  29 p.
Rapporteur:
Mr. Kolekar, Abhijeet
Intel Corporation (UK) Ltd

full Table of Contents for  TR 33.754  Word version:  19.0.0

each clause number in 'red' refers to the equivalent title in the Partial Content
Here   Top
1Scope  p. 8
2References  p. 8
3Definitions of terms, symbols and abbreviations  p. 9
3.1Terms  p. 9
3.2Symbols  p. 9
3.3Abbreviations  p. 9
4Voidp. …
5Key issues  p. 9
5.1Key Issue #1: Authentication of UE in ATSSS over Non-Integrated Non-3GPP Access  p. 9
5.1.1Key issue details  p. 9
5.1.2Security threats  p. 10
5.1.3Potential security requirements  p. 10
5.2Key Issue #2: Confidentiality and integrity protection of the communication between UE and 5GCore in Non-Integrated Non-3GPP Access.  p. 10
5.2.1Key issue details  p. 10
5.2.2Security threats  p. 10
5.2.3Potential security requirements  p. 11
6Solutions  p. 11
6.0Mapping of solutions to key issues  p. 11
6.1Solution #1: Using 3GPP security context to derive authentication pre-shared key for NIN3A  p. 11
6.1.1Introduction  p. 11
6.1.2Solution details  p. 11
6.1.3Evaluation  p. 12
6.2Solution #2: AUSF based authentication mechanism for UE and UPF  p. 12
6.2.1Introduction  p. 12
6.2.2Solution details  p. 13
6.2.2.1Delivery of UPF information  p. 13
6.2.2.2Authentication based on AUSF  p. 13
6.2.3Evaluation  p. 14
6.3Solution #3: Authentication, confidentiality, and integrity protection of UE in ATSSS while selecting MPQUIC  p. 14
6.3.1Introduction  p. 14
6.3.2Solution details  p. 15
6.3.3Evaluation  p. 16
6.4Solution #4: Secure Authentication and Connectivity for UE in ATSSS over NIN3A  p. 16
6.4.1Introduction  p. 16
6.4.2Solution details  p. 16
6.4.3Evaluation  p. 19
6.5Solution #5: UE authentication and traffic protection in ATSSS-Lite  p. 19
6.5.1Introduction  p. 19
6.5.2Solution details  p. 19
6.5.2.1Background  p. 19
6.5.2.2UE authentication and PDU establishment over 3GPP access  p. 20
6.5.2.3UE authentication over non-3GPP access  p. 21
6.5.2.4UPF IP address exposure  p. 22
6.5.3Evaluation  p. 22
6.5.3.1UE authentication (KI#1)  p. 22
6.5.3.2Confidentiality and integrity protection (KI#2)  p. 23
6.5.3.3Privacy considerations (KI#1)  p. 23
6.5.3.4System impact  p. 23
6.6Solution #6: Using IPsec to authenticate UE and UPF for non-3GPP access  p. 23
6.6.1Introduction  p. 23
6.6.2Solution details  p. 23
6.6.3Evaluation  p. 25
6.7Solution #7: Omitting IPsec for MPQUIC traffic over non-3GPP access  p. 25
6.7.1Introduction  p. 25
6.7.2Solution details  p. 26
6.7.3Evaluation  p. 27
6.8Solution #8: User plane data protection mechanism between UE and UPF  p. 27
6.8.1Introduction  p. 27
6.8.2Solution details  p. 28
6.8.3Evaluation  p. 28
7Conclusions  p. 28
7.1Key Issue #1: Authentication of UE in ATSSS over Non-Integrated Non-3GPP Access  p. 28
7.2Key Issue #2: Confidentiality and integrity protection of the communication between UE and 5GCore in Non-Integrated Non-3GPP Access.  p. 28
$Change history  p. 29

Up   Top