TR 33.811
Study on Security aspects
of 5G Network Slicing Management

3GPP‑Page fToC_↓ Partial Content _→

V15.0.0 (Wzip) 2018/06 19 p.

Rapporteur:: Dr. Lei, Zander (Zhongding)
HuaWei Technologies Co., Ltd

full Table of Contents for TR 33.811 Word version: 15.0.0

each clause number in 'red' refers to the equivalent title in the Partial Content

Introduction p. 5

Scope p. 6

References p. 6

Definitions and abbreviations p. 6

3.1	Definitions p. 6
3.2	Abbreviations p. 7

Key issues p. 8

4.1

Key issue #1: Unauthorized access to Management Exposure Interface p. 8

4.1.1	Key issue details p. 8
4.1.2	Security threats p. 8
4.1.3	Potential security requirements p. 8

4.2

Key issue #2: Protecting the results of NSI supervision/reporting p. 9

4.2.1	Key issue details p. 9
4.2.2	Security threats p. 9
4.2.3	Potential security requirements p. 9

4.3

Key issue #3: Protecting Network Slice Subnet Template p. 9

4.3.1	Key issue details p. 9
4.3.2	Security threats p. 9
4.3.3	Potential security requirements p. 10

4.4

Key issue #4: Insecure procedure for capability negotiation p. 10

4.4.1	Key issue details p. 10
4.4.2	Security threats p. 10
4.4.3	Potential security requirements p. 10

Solutions p. 11

5.1

Solution #1.1: Security procedures for Management Exposure Interface p. 11

5.1.1

Introduction p. 11

5.1.2

Solution details p. 11

5.1.2.1

Security within operator's trust domain p. 11

5.1.2.2

Security when CSMF is outside the operator's trust domain p. 11

5.1.2.2.1	Mutual authentication p. 11
5.1.2.2.2	Security profiles p. 11
5.1.2.2.3	Authorization of CSMF's slicing management service requests p. 11

5.1.3

Evaluation p. 11

5.2

Solution #2.1: OAuth based authorization for access to management functions p. 12

5.2.1	Introduction p. 12
5.2.2	Solution details p. 12
5.2.3	Evaluation p. 13

5.3

Solution #3.1: Integrity protection of NSST p. 13

5.3.1	Introduction p. 13
5.3.2	Solution details p. 13
5.3.3	Evaluation p. 15

5.4

Solution #3.2: Confidentiality protection of NSST p. 15

5.4.1	Introduction p. 15
5.4.2	Solution details p. 15
5.4.3	Evaluation p. 17

5.5

Solution #2.2: Security procedures between network slicing management functions p. 17

5.5.1

Introduction p. 17

5.5.2

Solution details p. 17

5.5.2.1	Protection at the network or transport layer p. 17
5.5.2.2	Authorization between network slicing management functions p. 17

5.5.3

Evaluation p. 17

Conclusions p. 18

Change History p. 19

TR 33.811 Study on Security aspects of 5G Network Slicing Management

full Table of Contents for TR 33.811 Word version: 15.0.0

TR 33.811
Study on Security aspects
of 5G Network Slicing Management