Tech-invite3GPP-SpecsReleasesFeaturesEntitiesInterfacesSBIsIdentifiersTi+Search in Tech-invite

Top   in Index   Prev   Next

TR 33.835SA3
Study on Authentication and Key Management
for Applications based on 3GPP Credential in 5G

use "3GPP‑Page" to get the Word version
for a better overview, the Table of Contents (ToC) is reproduced
V16.0.0 (Wzip)2019/12  82 p.

Rapporteur:  Miss Huang, Xiaoting

The present document specifies key issues, derived requirements and potential solutions to support authentication and key management aspects for applications and 3GPP services based on 3GPP credentials in 5G, including the IoT use case. It analyzes issues and requirements for:
  • providing authentication and key management procedures to applications and 3GPP services in 5G scenarios which allow the UE to securely exchange data with an application server
  • decoupling these procedures from the the transport protocol, in order to allow for the adaption to differernt application layer protocols
The document takes into account new solutions as well as potential adaptations to existing ones such as GBA described in TS 33.220 and BEST described in TS 33.163, in order to support the above mentioned requirements with procedures and protocols defined in SBA.

full Table of Contents for  TR 33.835  Word version:   16.0.0

Here   Top
1  ScopeWord-p. 10
2  References
3  Definitions of terms, symbols and abbreviationsWord-p. 11
4  Key IssuesWord-p. 12
4.1  Key Issue#1: Security Anchor
4.2  Key Issue #2: Transport independent procedure definition
4.3  Key Issue #3: Mutual authentication between UE and anchor function
4.4  Key Issue #4: Authentication frameworkWord-p. 16
4.5  Key Issue #5: User privacy
4.6  Key Issue #6: Secure communication between UE and application server
4.7  Key Issue #7: Protecting subscriber's personal information in control and data traffic
4.8  Key Issue #8: Protection of AKMA architecture interfaces
4.9  Key Issue #9: Key separation for AKMA AFs
4.10  Key Issue #10: Compliance with local rules and regulationsWord-p. 19
4.11  Key Issue #11: Generic battery efficient end-to-end security
4.12  Key Issue #12: Key lifetimes
4.13  Key Issue #13: API for AKMA keys in UE
4.14  Key Issue #14: Key revocation
4.15  Key Issue #15: Synchronization of keys when using established keys
4.16  Key Issue #16: Application key freshness of AKMA
4.17  Key Issue #17: AKMA push
5  Candidate Solutions
5.1  Solution #1: Introducing third party key to AKMA
5.2  Solution #2: Access independent architecture solution for AKMAUp
5.3  Solution #3: Architecture solution for AKMA with standalone anchorWord-p. 28
5.4  Solution #4: Bootstrapping authentication of AKMA
5.5  Solution #5: Transport independent procedure using existing protocols by applying OneM2M protocol binding mechanism
5.6  Solution #6: Transport independent procedure using existing protocols by introducing a protocol transfer gateway
5.7  Solution #7: UE implementation scheme- AKMA framework and application on modem
5.8  Solution #8: UE implementation scheme- AKMA framework on UICC and application on modemWord-p. 40
5.9  Solution #9: UE implementation scheme- Application Processor (AP) scheme with AKMA framework on modem
5.10  Solution #10: UE implementation scheme- Application Processor (AP) scheme with AKMA framework on UICC
5.11  Solution #11: UE implementation scheme- AKMA framework implemented on Secure Element (SE)
5.12  Solution #12: UE implementation scheme- AKMA framework implemented on application processor's OS
5.13  Solution #13: AKMA authentication via the control plane
5.14  Solution #14: Key revocationWord-p. 48
5.15  Solution #15: Implicit bootstrappingWord-p. 49
5.16  Solution #16: Use of KSEAF as root key for KAKMAWord-p. 54
5.17  Solution #17: Efficient key derivation for end-to-end securityWord-p. 58
5.18  Solution #18: Key separation for AKMA AFs using countersUp
5.19  Solution #19: Reusing KAUSF for AKMAWord-p. 67
5.20  Solution #20: Key identification when implicit bootstrapping is used
5.21  Solution #21: Combining implicit bootstrapping solutions for usage of KAUSF or KSEAF as AKMA root keyWord-p. 70
5.22  Solution #22: Key freshness in AKMA
5.23  Solution #23: Implicit bootstrapping using NEF as the AKMA Anchor FunctionsWord-p. 74
5.24  Solution #24: AKMA push
5.25  Solution #25: Key lifetimes
6  Evaluation and conclusion
A  Change historyWord-p. 83

Up   Top