TR 33.868
SA3
★
Study on Security aspects of
Machine-Type Communications (MTC)
and other Mobile Data Applications Communications enhancements
use "3GPP‑Page" to get the Word version
for a better overview, the Table of Contents (ToC) is reproduced
for a better overview, the Table of Contents (ToC) is reproduced
V12.1.0 (Wzip)
2014/06 116 p.
Rapporteur: Mr. Rajadurai, Rajavelsamy
This TR studies the security aspects of System Improvements for Machine Type Communication. In
particular, the goals of the present document are:
Machine-type communication aspects of (x)SIMs and/or new models for the management of (x)SIM are out of scope of
the present document.
- To identify and analyze the threats to the MTC system within the scope of the service requirements, functionality and use cases as specified in TS 22.368.
- To identify possible security and privacy impacts induced by the system architecture improvement for machine type communications based on TR 23.887 and TS 23.682.
- To determine possible security requirements based on the analysis above and describe the possible solutions to meet those requirements.
full Table of Contents for TR 33.868 Word version: 12.1.0
1 Scope Word-p. 8
2 References
3 Definitions and abbreviations Word-p. 10
4 Overview of Security Architecture Word-p. 13
5 Description of envisioned security aspects of Machine-Type and other Mobile Data Applications Communications Enhancements Word-p. 15
5.1 Device Triggering Enhancements
6 General Security Requirement Word-p. 109
7 Conclusions
A Key Issues and Solutions deferred from Rel-12 Word-p. 110
5.1.1 Issue Details
5.1.2 Threats
5.1.3 Security Requirements Word-p. 16
5.2 Secure Connection Word-p. 32
5.1.3.0 General
5.1.3.1 SMS based triggering
5.1.3.2 NAS Signalling based triggering Word-p. 17
5.1.3.3 User Plane based triggering
5.1.4 Solutions
5.1.4.0 General
5.1.4.1 For offline Device Triggering:
5.1.4.2 For online Device Triggering
5.1.5 Evaluation Word-p. 29
5.1.4.2.1 General description
5.1.4.2.2 Solution 1: Triggering via NAS signalling
5.1.4.2.3 Solution 2: Solution for fake SMS triggering from normal UE in the same network as UE used only for MTC Word-p. 19
5.1.4.2.4 Solution 3: Solutions protecting SMS triggering Word-p. 20
5.1.4.2.5 Solution 4: Triggering via User plane Word-p. 21
5.1.4.2.6 Solution 5: Using GBA Push to secure Device triggering procedure over Tsp and T4
5.1.4.2.7 Solution 6: Secure Trigger Delivery with Security Association between MTC-IWF and UE Word-p. 24
5.1.4.2.8 Solution 7: Using regular GBA and GPL to secure Device triggering procedure over Tsp and T4
5.1.4.2.9 Solution 8: Using GBA Push to secure Device triggering procedure over Tsms Word-p. 26
5.1.4.2.10 Impacts on existing nodes or functionality Word-p. 28
5.2.1 Issue Details
5.2.2 Threats
5.2.3 Security Requirements
5.2.4 Solutions
5.3 External Interface Security Word-p. 40
5.2.4.1 GBA based solution
5.2.5 Evaluation
5.2.4.1.1 UE initiated Secure Connection based on GBA
5.2.4.1.2 Network initiated Secure Connection based on GBApush Word-p. 34
5.2.4.2 EAP based solution Word-p. 36
5.3.1 Issue Details
5.3.2 Threats
5.3.3 Security requirements Word-p. 41
5.3.4 Solutions Word-p. 42
5.4 Restricting the USIM to specific UEs
5.3.4.0 General
5.3.4.1 Tsp interface security for MTC Server outside the operator domain
5.3.4.2 MTC Server inside the operator domain Word-p. 43
5.3.5 Evaluation
5.4.1 Issues Details
5.4.2 Threats Word-p. 44
5.4.3 Security Requirements
5.4.4 Solutions
5.5 Privacy concern
5.4.4.0 General
5.4.4.1 User Equipment-based pairings
5.4.5 Evaluation Word-p. 62
5.4.4.1.0 General
5.4.4.1.1 Secure Channel pairing
5.4.4.1.2 USAT application pairing Word-p. 45
5.4.4.1.3 PIN presentation pairing Word-p. 46
5.4.4.2 Network based pairings
5.5.1 Issue Details
5.5.2 Threats Word-p. 68
5.5.3 Security Requirements
5.5.4 Solutions
5.5.5 Evaluation Word-p. 70
5.6 UE Power Consumption Optimizations
5.7 Security of Small Data Transmission Word-p. 71
5.7.1 Issue Details
5.7.2 Threats
5.7.2.1 Small data encapsulation in the NAS
5.7.2.2 Small data fast path in the user plane Word-p. 72
5.7.3 Security requirements Word-p. 74
5.7.4 Solutions Word-p. 75
5.7.4.1 Small data transfer in NAS PDU
5.7.6 Evaluation Word-p. 104
5.7.4.1.1 General description
5.7.4.1.2 Solution 1: Partly ciphering
5.7.4.1.3 Analysis of NAS signalling key management in LTE Word-p. 77
5.7.4.2 Small Data Fast Path in User Plane Word-p. 78
5.7.4.2.0 General
5.7.4.2.1 Termination point of security for small data in the network
5.7.4.2.2 General description of proposed solution Word-p. 79
5.7.4.2.3 Small data transfer security context
5.7.4.2.3A Small data transfer security protocol Word-p. 81
5.7.4.2.4 Small data transfer security context establishment at Attach procedure Word-p. 82
5.7.4.2.5 UE initiated uplink (UL) small data Word-p. 84
5.7.4.2.6 Network initiated downlink (DL) small data Word-p. 85
5.7.4.2.7 S-GW relocation Word-p. 86
5.7.4.2.8 Switching between small data fast path and regular UP Word-p. 87
5.7.4.3 Connectionless Data Transmission solution
5.7.4.2.3A Small data transfer security protocol Word-p. 81
5.7.4.2.4 Small data transfer security context establishment at Attach procedure Word-p. 82
5.7.4.2.5 UE initiated uplink (UL) small data Word-p. 84
5.7.4.2.6 Network initiated downlink (DL) small data Word-p. 85
5.7.4.2.7 S-GW relocation Word-p. 86
5.7.4.2.8 Switching between small data fast path and regular UP Word-p. 87
5.7.4.3.0 General
5.7.4.3.1 UE Initial Access and Token Allocation
5.7.4.3.2 Use of a Token for Subsequent Network Access Word-p. 89
5.7.4.3.3 Cached Context Invalidation and Deletion Word-p. 91
5.7.4.3.4 Token Lifetime Management.
5.7.4.3.5 Threat scenarios Word-p. 92
5.7.4.4 MTC-IWF based Secure Solution for Small data transmission Word-p. 93
5.7.4.4.1 Background and requirements
5.7.4.4.2 Potential solutions
5.7.4.4.3 Solution overview
5.7.4.4.4 Detailed Solution Word-p. 94
5.7.4.5 Connectionless Data Transmission Solution Using Separate Security Context Word-p. 100
5.7.6.1 General
5.7.6.2 Connectionless Data Transmission Solution
5.7.6.3 MTC-IWF based Secure Solution for Small data transmission
5.7.6.3.0 General
5.7.6.3.1 Benefits
5.7.6.3.2 Impacts to existing system Word-p. 106
5.7.6.3.3 Open issues
5.7.6.4 Security Solutions of Small Data Transfer in NAS PDU
5.7.6.5 Security Solution of Small Data Fast Path in User Plane
5.7.6.6 Security Evaluation on Different Solutions of Small Data Optimization Word-p. 107
5.7.6.7 Overall Evaluation Word-p. 108
5.7.6.3.2 Impacts to existing system Word-p. 106
5.7.6.3.3 Open issues
A.1 Time controlled
B Change history Word-p. 119
A.1.1 Issue Details
A.1.2 Threats
A.1.3 Security requirements
A.1.4 Solutions
A.1.5 Evaluation Word-p. 111
A.2 Low Mobility
A.3 Security of UE Configuration
A.3.1 Issues Details
A.3.2 Threats
A.3.3 Security Requirements
A.3.4 Solutions Word-p. 112
A.3.5 Evaluation Word-p. 113
A.4 Reject message without integrity protection
A.5 Congestion Control
A.5.1 Issue Details
A.5.2 Threats
A.5.3 Security requirements
A.5.4 Solutions Word-p. 114
A.5.5 Evaluation
A.6 Group Based Feature
A.6.1 Issue Details
A.6.2 Threats Word-p. 115
A.6.3 Security Requirements
A.6.4 Solutions
A.7 Monitoring
A.6.2 Threats Word-p. 115
A.6.3 Security Requirements
A.6.4 Solutions
A.6.4.1 Solution 1: Application layer based protection
A.6.4.2 Solution 2: Network based protection for cell broadcast
A.6.4.3 Solution 3: MBMS based method Word-p. 116
A.6.4.4 Solution 4: Authentication of UEs of a group Word-p. 117
A.6.5 Evaluation
