TR 33.784
Study on Security aspects of Core Network enhanced support
for Artificial Intelligence/Machine Learning (AI/ML)

3GPP‑Page fToC_↓ Partial Content _→

V19.0.0 (Wzip) 2024/12 48 p.

Rapporteur:: Mr. Liu, Chang
China Mobile Com. Corporation

full Table of Contents for TR 33.784 Word version: 19.0.0

each clause number in 'red' refers to the equivalent title in the Partial Content

Scope p. 8

References p. 8

Definitions of terms, symbols and abbreviations p. 8

3.1	Terms p. 8
3.2	Symbols p. 9
3.3	Abbreviations p. 9

Overview p. 9

Key issues p. 9

5.1

Key Issue #1: Security aspects on enhancements to LCS to support AIML p. 9

5.1.1	Key issue details p. 9
5.1.2	Security Threats p. 9
5.1.3	Potential security requirements p. 10

5.2

Key Issue #2: Authorization mechanism of candidate VFL participants for the same VFL process p. 10

5.2.1	Key issue details p. 10
5.2.2	Security threats p. 10
5.2.3	Potential security requirements p. 10

5.3

Key Issue #3: Privacy of VFL between VFL participants p. 11

5.3.1	Description p. 11
5.3.2	Security threats p. 11
5.3.3	Potential security requirements p. 11

5.4

Key issue #4: Security of communication data used in VFL training process p. 11

5.4.1	Key issue details p. 11
5.4.2	Security threats p. 11
5.4.3	Potential security requirements p. 11

Solutions p. 12

6.1

Solution #1: Security aspects on enhancements to LCS to support AIML p. 12

6.1.1	Introduction p. 12
6.1.2	Solution details p. 13
6.1.3	Evaluation p. 13

6.2

Solution #2: LMF authorization mechanism in the AI/ML model retrieving scenarios p. 14

6.2.1	Introduction p. 14
6.2.2	Solution details p. 14
6.2.3	Evaluation p. 14

6.3

Solution #3: Solution for VFL member authorization p. 14

6.3.1

Introduction p. 14

6.3.2

Solution details p. 14

6.3.2.1	AF (VFL Server) requesting the NWDAF p. 15
6.3.2.2	NWDAF (VFL Server) requesting the AF p. 16

6.3.3

Evaluation p. 17

6.4

Solution #4: Authorization of VFL member selection p. 17

6.4.1

Introduction p. 17

6.4.2

Solution details p. 18

6.4.2.1	NWDAF is VFL Server p. 18
6.4.2.2	AF is VFL Server p. 19

6.4.3

Evaluation p. 20

6.5

Solution #5: Authorization of VFL participants involving NWDAF and AF p. 21

6.5.1

Introduction p. 21

6.5.2

Solution details p. 22

6.5.2.1	External AF acts as VFL Server p. 22
6.5.2.2	NWDAF acts as VFL Server and external AF as VFL client p. 23

6.5.3

Evaluation p. 24

6.6

Solution #6: Authorization mechanism through NRF and NEF for AF outside the PLMN p. 25

6.6.1	Introduction p. 25
6.6.2	Solution details p. 25
6.6.3	Evaluation p. 26

6.7

Solution #7: Authorization for selection of participant NWDAF instances for the 3rd party AF-initiated federated learning p. 26

6.7.1	Introduction p. 26
6.7.2	Solution details p. 27
6.7.3	Evaluation p. 29

6.8

Solution #8: Authorization for selection of participant AF for the NWDAF-initiated federated Learning p. 29

6.8.1	Introduction p. 29
6.8.2	Solution details p. 30
6.8.3	Evaluation p. 31

6.9

Solution #9: UE ID privacy protection of VFL between VFL members p. 32

6.9.1

Introduction p. 32

6.9.2

Solution details p. 33

6.9.2.1	Sample alignment procedure for Vertical Federated Learning when NWDAF is acting as the VFL server p. 33
6.9.2.2	Sample alignment procedure for Vertical Federated Learning when External AF is acting as the VFL server p. 34

6.9.3

Evaluation p. 35

6.10

Solution #10: Privacy of sample alignment p. 35

6.10.1	Introduction p. 35
6.10.2	Solution details p. 35
6.10.3	Evaluation p. 36

6.11

Solution #11: Protection of Privacy of VFL between VFL members p. 37

6.11.1

Introduction p. 37

6.11.2

Solution details p. 37

6.11.2.1	NWDAF acting as FL server p. 37
6.11.2.2	External AF acting as FL server p. 38

6.11.3

Evaluation p. 39

6.12

Solution #12: VFL sample alignment initialled by NWDAF p. 39

6.12.1	Introduction p. 39
6.12.2	Solution details p. 39
6.12.3	Evaluation p. 40

6.13

Solution #13: Privacy protect mechanism for sample alignment p. 40

6.13.1	Introduction p. 40
6.13.2	Solution details p. 40
6.13.3	Evaluation p. 40

6.14

Solution #14: Authorization for LCS Data Storage and Retrieval p. 41

6.14.1	Introduction p. 41
6.14.2	Solution details p. 42
6.14.3	Evaluation p. 43

6.15

Solution #15: Reuse the existing SBA mechanisms for protection of communication data in VFL training process. p. 43

6.15.1	Introduction p. 43
6.15.2	Solution details p. 43
6.15.3	Evaluation p. 43

6.16

Solution #16: LMF authorization for AI/ML model retrieval from NWDAF containing MTLF p. 44

6.16.1	Introduction p. 44
6.16.2	Solution details p. 44
6.16.3	Evaluation p. 45

6.17

Solution #17: Privacy of VFL between VFL members p. 45

6.17.1

Introduction p. 45

6.17.2

Solution details p. 45

6.17.2.1

General procedures p. 45

6.17.3

Evaluation p. 46

Conclusions p. 46

7.1	Conclusion on Key Issue #1 p. 46
7.2	Conclusion on Key issue #2 p. 47
7.3	Conclusion on Key Issue #3 p. 47
7.4	Conclusion on Key issue #4 p. 47

Change history p. 48

TR 33.784 Study on Security aspects of Core Network enhanced support for Artificial Intelligence/Machine Learning (AI/ML)

full Table of Contents for TR 33.784 Word version: 19.0.0

TR 33.784
Study on Security aspects of Core Network enhanced support
for Artificial Intelligence/Machine Learning (AI/ML)