Tech-invite3GPPspaceIETFspace
21222324252627282931323334353637384‑5x
Top   in Index   Prev   Next

TR 33.843
Study on Security aspect of Architecture enhancements to
ProSe UE-to-network Relay

3GPP‑Page   fToC   Partial Content
V15.1.0 (Wzip)  2018/06  35 p.
Rapporteur:
Mr. Li, He
HUAWEI TECHNOLOGIES Co. Ltd.

full Table of Contents for  TR 33.843  Word version:  15.1.0

each clause number in 'red' refers to the equivalent title in the Partial Content
Here   Top
1Scope  p. 7
2References  p. 7
3Definitions and abbreviations  p. 7
3.1Definitions  p. 7
3.2Abbreviations  p. 7
4Overview of REAR  p. 8
4.1Introduction  p. 8
4.2Architecture  p. 8
5Key issues  p. 8
5.1Key Issue #1: Authorization for indirect 3GPP communication  p. 8
5.1.1Key Issue details  p. 8
5.1.2Security threats  p. 8
5.1.3Potential security requirements  p. 9
5.2Key Issue #2: Authentication of eRemote-UE via eRelay-UE  p. 9
5.2.1Introduction  p. 9
5.2.2Key Issue Details  p. 9
5.2.3Security Threats  p. 9
5.2.4Potential Security Requirements  p. 9
5.3Key Issue #3: IMSI Privacy of eRemote-UE  p. 10
5.3.1Introduction  p. 10
5.3.2Key Issue Details  p. 10
5.3.3Security Threats  p. 10
5.3.4Potential Security Requirements  p. 10
5.4Key Issues #4: Discovery  p. 11
5.4.1Key Issue details  p. 11
5.4.2Security threats  p. 11
5.4.3Potential security requirements  p. 11
5.5Key Issues #5: Security of CP between eRemote-UE and network  p. 12
5.5.1Issue detail  p. 12
5.5.2Security threats  p. 12
5.5.3 Potential security requirements  p. 12
5.6Key Issue #6: Security of Service Continuity  p. 12
5.6.1Issue detail  p. 12
5.6.1.1Handover between indirect and direct mode and vice versa  p. 13
5.6.1.1.1Handover from direct mode to indirect mode  p. 13
5.6.1.1.2Handover from indirect mode to direct mode  p. 13
5.6.1.2Handover between eRelay-UEs  p. 14
5.6.1.3Handover of eRelay-UEs  p. 14
5.6.2Security threats  p. 14
5.6.3 Potential security requirements  p. 14
5.7Key Issues #7: Authentication of eRemote-UE during Setting Up Indirect 3GPP Communication  p. 15
5.7.1Key Issue details  p. 15
5.7.2Security threats  p. 15
5.7.3Potential security requirements  p. 15
5.8Key Issue #8: Authentication of eRelay-UE  p. 15
5.8.1Issue Detail  p. 15
5.8.3Security Threats  p. 15
5.8.4Potential Security Requirements  p. 16
5.9Key Issue #9: User Plane protection between eRemote-UE and eNB  p. 16
5.9.1Issue detail  p. 16
5.9.2Security threats  p. 16
5.9.3 Potential security requirements  p. 16
6Solutions  p. 16
6.1Solution #1: Authentication of eRemote-UE via eRelay-UE  p. 16
6.1.1Introduction  p. 16
6.1.2Solution details  p. 16
6.1.3Evaluation  p. 16
6.2Solution #2: eRemote-UE Authentication with MITM detection  p. 17
6.2.1Introduction  p. 17
6.2.2Solution details  p. 17
6.2.2.1Authorization and Authentication of an eRemote-UE to Core Network and security context establishment between eRemote-UE and eRelay-UE  p. 17
6.2.2.2Man in the middle attack detection mechanism  p. 18
6.2.3Evaluation  p. 19
6.3Solution #3: Authentication of eRelay-UE  p. 19
6.3.1Introduction  p. 19
6.3.2Solution details  p. 19
6.3.3Evaluation  p. 19
6.4Solution #4: Solution of Authorization for Indirect 3GPP Communication  p. 19
6.4.1Introduction  p. 19
6.4.2Solution details  p. 19
6.4.2.1eRelay-UE Authorization  p. 19
6.4.2.2eRemote-UE Authorization  p. 20
6.4.3Evaluation  p. 20
6.5Solution #5: Protection of the UP between eRemote-UE and eRelay-UE  p. 20
6.5.1Introduction  p. 20
6.5.2Solution details  p. 20
6.5.3Evaluation  p. 20
6.6Solution #6: Solution for protection of CP between eRemote-UE and Network  p. 20
6.6.1Introduction  p. 20
6.6.2Solution details  p. 20
6.6.3Evaluation  p. 21
6.7Solution #7: Solution of IMSI privacy for attach via eRelay-UE  p. 21
6.7.1Introduction  p. 21
6.7.2Solution details  p. 21
6.7.3Evaluation  p. 23
6.8Solution #8: eRelay Discovery  p. 23
6.8.1General  p. 23
6.8.2Solution details  p. 23
6.8.2.1eRelay Open Discovery  p. 23
6.8.2.2eRelay Restricted Discovery  p. 24
6.8.3Evaluation  p. 24
6.9Solution #9: Path Switch of direct to indirect 3GPP Communication and vice versa  p. 24
6.9.1Introduction  p. 24
6.9.2Solution details  p. 24
6.9.2.1eRemote-UE path switch under the same eNB  p. 24
6.9.2.1.1Preconditions  p. 24
6.9.2.1.2Solution Variant a): Without special relay key  p. 25
6.9.2.1.3Solution Variant b): With special relay key  p. 25
6.9.2.2eRemote-UE Mobility under a different eNB  p. 25
6.9.2.2.1Preconditions  p. 25
6.9.2.2.2Solution Variant a): Without special relay key  p. 26
6.9.2.2.3Solution Variant b): With special relay key  p. 26
6.9.3Evaluation  p. 26
6.10Solution #10: Handover of eRemote-UE from one eRelay to another  p. 27
6.10.1Introduction  p. 27
6.10.2Solution details  p. 27
6.10.2.1Handover under the same eNB  p. 27
6.10.2.1.1Preconditions  p. 27
6.10.2.1.2Solution Variant a): Without special relay key  p. 27
6.10.2.1.3Solution Variant b): With special relay key  p. 27
6.10.2.2Handover under a different eNB  p. 28
6.10.2.2.1Preconditions  p. 28
6.10.2.2.2Solution Variant a): Without special relay key  p. 28
6.10.2.2.3Solution Variant b): With special relay key  p. 28
6.10.3Evaluation  p. 29
6.11Solution #11: Handover of eRelay-UE  p. 29
6.11.1Introduction  p. 29
6.11.2Solution details  p. 29
6.11.2.1Handover of the eRelay-UE  p. 29
6.11.2.1.1Preconditions  p. 29
6.11.2.1.2Solution Variant a): Without special relay key  p. 29
6.11.2.1.3Solution Variant b): With special relay key  p. 29
6.11.3Evaluation  p. 30
6.12Solution #12: Enhancement of Setting Up Connection between eRemote-UE and eRelay-UE  p. 30
6.12.1Introduction  p. 30
6.12.2Solution details  p. 31
6.12.3Evaluation  p. 32
6.13Solution #13: Security Parameters Configuration on eRemote-UE during Dynamic Trust Relationship Establishment  p. 32
6.13.1Introduction  p. 32
6.13.2Solution details  p. 32
6.13.3Evaluation  p. 33
7Conclusions  p. 33
7.1Key Issue 1  p. 33
7.2Key Issue 2  p. 33
7.3Key Issue 3  p. 33
7.4Key Issue 4  p. 34
7.5Key Issue 5  p. 34
7.6Key Issue 6  p. 34
7.7Key Issue 7  p. 34
7.8Key Issue 8  p. 34
7.9Key Issue 9  p. 34
7.10Overall conclusions  p. 34
$Change History  p. 35

Up   Top