2019/03 15 p.
The present document studies the SECAM (Security Assurance Methodology) and SCAS (Security Assurance Specification) for 3GPP virtualized network products based on SECAM and SCAS defined in TR 33.916
It makes thorough gap analysis between current SECAM/SCAS work in TR 33.916 and SECAM/SCAS work for 3GPP virtualized network products. It also identifies, defines ToE and roles of SECAM/SCAS for 3GPP virtualized network products according to deployment scenarios and decoupling ways.
Based on the identified ToE and roles, the present document details the needed change or additional work to current security assurance methodology for the creation, evaluation procedure of related SCAS documents, etc. It studies new threats of the identified ToE and identifies the additional security requirements of the ToE, or/and identifies existing relevant/supporting requirements specified in other SDOs. The present document also provides potential new SECAM/SCAS proposals and points out the impact to existing SECAM/SCAS documents (including TR 33.916, TR 33.926, TS 33.117, etc.).
full Table of Contents for TR 33.818 Word version: 0.2.0