TR 33.888
Study on Security issues to support
Group Communication System Enablers (GCSE) for LTE

6.3.4.2.1	UE-to-UE end-to-end security p. 19
6.3.4.2.2	UE-to-GCS AS end-to-end security p. 19
6.3.4.2.3	GCS AS downlink security options considering partial re-usage of MBMS security p. 19

6.3.4.3

Solution: Using MBMS security data protection function for Multicast/Broadcast and EPS security for Unicast in GCS downlink communication p. 19

6.3.4.3.1

General p. 19

6.3.4.3.2

Data Flow p. 20

6.3.4.3.2.1	Assumptions p. 20
6.3.4.3.2.2	Unicast downlink p. 20
6.3.4.3.2.3	Multicast/Broadcast downlink p. 20

6.3.4.3.3

MB2 interface protection p. 20

6.3.4.3.4

GC1 interface protection p. 20

6.3.4.4

Solution: Using MBMS security data protection function for Multicast/Broadcast and Unicast in GCS downlink communication p. 20

6.3.4.4.1

General p. 21

6.3.4.4.2

Data Flow p. 21

6.3.4.4.2.1	Assumptions p. 21
6.3.4.4.2.2	Unicast and Multicast/Broadcast downlink p. 21

6.3.4.4.3

MB2 interface protection p. 21

6.3.4.4.4

GC1 interface protection p. 21

6.3.5

Evaluation p. 21

6.3.5.1	Evaluation of Solution: Using MBMS security data protection function for Multicast/Broadcast and EPS security for Unicast in GCS downlink communication p. 22
6.3.5.2	Evaluation of Solution: Using MBMS security data protection function for Multicast/Broadcast and Unicast in GCS downlink communication p. 22

6.4

Key issue: Level of applying security for mitigation of GCSE risks/threats p. 23

6.4.1

Key issue details p. 23

6.4.2

Threats p. 23

6.4.3

Security requirements p. 23

6.4.4

Solutions p. 23

6.4.4.1	Security options for Unicast Delivery mode and MBMS Delivery mode p. 23
6.4.4.2	Indication and negotiation of supported MBMS security p. 24

6.4.5

Evaluation p. 25

6.4.5.1	Evaluation of the options in MBMS Delivery mode (option A-D) p. 25
6.4.5.2	Optionality of MBMS for Group Communication p. 26

6.5

Key Issue: GCSE security between UE and GCSE AS p. 27

6.5.1	Key issue details p. 27
6.5.2	Security threats p. 27
6.5.3	Security requirements p. 27
6.5.4	Solutions p. 28
6.5.5	Evaluation p. 28

6.6

Key issue: Communication between GCSE AS and BM-SC (MB2 interface) p. 29

6.6.1	Key issue details p. 29
6.6.2	Threats p. 29
6.6.3	Security requirements p. 29
6.6.4	Solutions p. 30
6.6.5	Evaluation p. 30

6.7

Key issue: Transmitting Group Member identification p. 31

6.7.1	Key issue details p. 31
6.7.2	Security threats p. 31
6.7.3	Security requirements p. 31
6.7.4	Solutions p. 31
6.7.5	Evaluation p. 31

6.8

Key issue: Adding and removing group members p. 32

6.8.1	Key issue details p. 32
6.8.2	Security threats p. 32
6.8.3	Security requirements p. 32
6.8.4	Solutions p. 32
6.8.5	Evaluation p. 32

6.9

Key issue: Illegitimate access to UE p. 34

6.9.1	Key issue details p. 34
6.9.2	Threats p. 34
6.9.3	Security requirements p. 34
6.9.4	Solutions p. 34
6.9.5	Evaluation p. 34

6.10

Key Issue: GCSE_LTE interaction with ProSe UE-to-Network Relays p. 35

6.10.1	Key issue details p. 35
6.10.2	Threats p. 35
6.10.3	Security requirements p. 35
6.10.4	Solutions p. 35
6.10.5	Evaluation p. 35

6.11

Key Issue: Group key compromise p. 36

6.11.1	Key issue details p. 36
6.11.2	Threats p. 36
6.11.3	Security requirements p. 36
6.11.4	Solutions p. 36
6.11.5	Evaluation p. 36

6.12

Key issue: Securing keys in the UE p. 37

6.12.1	Key issue details p. 37
6.12.2	Threats p. 37
6.12.3	Security requirements p. 37
6.12.4	Solutions p. 37
6.12.5	Evaluation p. 37

6.13

Key issue: Decision point for using PtP and/or PtM p. 38

6.13.1	Issue details p. 38
6.13.2	Threats p. 38
6.13.3	Security requirements p. 38
6.13.4	Solutions p. 38
6.13.5	Evaluation p. 38

6.14

Key issue: Performance and scalability p. 39

6.14.1	Key issue details p. 39
6.14.2	Security threats p. 39
6.14.3	Security requirements p. 39
6.14.4	Solutions p. 39
6.14.5	Evaluation p. 39

Summary of threat and risk analysis p. 40

Potential security requirements for Rel-12 p. 40

Potential security solutions p. 41

9.1	Solution based on DIAMETER p. 41

Conclusions p. 42

Change History p. 44

TR 33.888 Study on Security issues to support Group Communication System Enablers (GCSE) for LTE

full Table of Contents for TR 33.888 Word version: 12.1.0

TR 33.888
Study on Security issues to support
Group Communication System Enablers (GCSE) for LTE