Tech-invite3GPPspaceIETF RFCsSIP
Quick21222324252627282931323334353637384‑5x

Content for  TR 33.847  Word version:  17.1.0

Top   Top   Up   Prev   None
1…   4…   6…

 

6  SolutionsWord‑p. 29

6.0  Mapping of Solutions to Key IssuesWord‑p. 29

6.1  Solution #1: Solution for key management in 5G Proximity Services relay communicationWord‑p. 30

6.1.1  IntroductionWord‑p. 30

6.1.2  Solution detailsWord‑p. 30

6.1.3  EvaluationWord‑p. 33

6.2  Solution #2: Secure data transfer between UE and 5GDDNMFWord‑p. 33

6.2.1  IntroductionWord‑p. 33

6.2.2  Solution detailsWord‑p. 33

6.2.3  EvaluationWord‑p. 34

6.3  Solution #3: Reuse LTE security mechanism for 5G ProSe open discoveryWord‑p. 34

6.3.1  IntroductionWord‑p. 34

6.3.2  Solution detailsWord‑p. 35

6.3.3  EvaluationWord‑p. 37

6.4  Solution #4: Reuse LTE security mechanism for 5G ProSe restricted discoveryWord‑p. 37

6.5  Solution #5: Protection of the PC3 interface using AKMA and TLSWord‑p. 44

6.5.1  IntroductionWord‑p. 44

6.5.2  Solution detailsWord‑p. 44

6.5.3  EvaluationWord‑p. 45

6.6  Solution #6: Key management for UE-to-Network Relays and Remote UE'sWord‑p. 46

6.6.1  IntroductionWord‑p. 46

6.6.2  Solution detailsWord‑p. 46

6.6.3  EvaluationWord‑p. 49

6.7  Solution #7: Security establishment of one-to-one PC5 communicationWord‑p. 50

6.7.1  Solution overviewWord‑p. 50

6.7.2  Solution detailsWord‑p. 51

6.7.3  EvaluationWord‑p. 51

6.8  Solution #8: Confidential protection against UE-to-UE relay using asymmetric cryptographyWord‑p. 52

6.8.1  IntroductionWord‑p. 52

6.8.2  Solution detailsWord‑p. 52

6.8.2.1  ProcedureWord‑p. 52

6.8.3  EvaluationWord‑p. 53

6.9  Solution #9: Key management in discovery procedureWord‑p. 53

6.9.1  IntroductionWord‑p. 53

6.9.2  Solution detailsWord‑p. 53

6.9.3  EvaluationWord‑p. 54

6.10  Solution #10: Authorization and security with UE-to-Network relay using Remote UE network primary authenticationWord‑p. 54

6.11  Solution #11: Protection of the PC3 interface using GBAWord‑p. 62

6.11.1  IntroductionWord‑p. 62

6.11.2  Solution detailsWord‑p. 62

6.11.3  EvaluationWord‑p. 62

6.12  Solution #12: Privacy handling for Layer-3 UE-to-UE Relay based on IP routingWord‑p. 62

6.12.1  IntroductionWord‑p. 62

6.12.2  Solution detailsWord‑p. 63

6.12.3  EvaluationWord‑p. 65

6.13  Solution #13: Secondary Authentication for a Layer 3 Remote UEWord‑p. 65

6.14  Solution #14: A security solution for UE-to-Network Relay based on Layer 2 RelayWord‑p. 70

6.14.1  IntroductionWord‑p. 70

6.14.2  Solution detailsWord‑p. 71

6.14.3  EvaluationWord‑p. 72

6.15  Solution #15: Key management in UE-to-Network Relay based on primary authenticationWord‑p. 72

6.15.1  IntroductionWord‑p. 72

6.15.2  Solution detailsWord‑p. 72

6.15.2.1  ProcedureWord‑p. 72

6.15.2.2  Derivation of P-TIDWord‑p. 74

6.15.3  Solution EvaluationWord‑p. 75

6.16  Solution #16: Security establishment procedures between two UEs in the UE-to-UE relay scenarioWord‑p. 75

6.16.1  IntroductionWord‑p. 75

6.16.2  Solution detailsWord‑p. 75

6.16.3  EvaluationWord‑p. 76

6.17  Solution #17: Solution on securely creating destination Layer-2 ID in groupcast communicationWord‑p. 76

6.17.1  IntroductionWord‑p. 76

6.17.2  Solution detailsWord‑p. 76

6.17.3  EvaluationWord‑p. 77

6.18  Solution #18: Authorization and PC5 link setup for UE-to-Network relayWord‑p. 77

6.18.1  IntroductionWord‑p. 77

6.18.2  Solution detailsWord‑p. 78

6.18.3  EvaluationWord‑p. 80

6.19  Solution #19: End-to-end security for the L3 UE-to-Network relayWord‑p. 80

6.19.1  IntroductionWord‑p. 80

6.19.2  Solution detailsWord‑p. 80

6.19.2.1  ProcedureWord‑p. 80

6.19.2.2  Protocol StackWord‑p. 81

6.19.3  EvaluationWord‑p. 82

6.20  Solution #20: PC5 link setup for UE-to-UE relayWord‑p. 82

6.20.1  IntroductionWord‑p. 82

6.20.2  Solution detailsWord‑p. 82

6.20.3  EvaluationWord‑p. 83

6.21  Solution #21: 5G PKMF for key management in PC5 communicationWord‑p. 83

6.21.1  IntroductionWord‑p. 83

6.21.2  Solution detailsWord‑p. 84

6.21.3  EvaluationWord‑p. 88

6.22  Solution #22: Representation of identities during broadcastWord‑p. 90

6.22.1  IntroductionWord‑p. 90

6.22.2  Solution detailsWord‑p. 90

6.22.3  EvaluationWord‑p. 93

6.23  Solution #23: Initial key with validity timeWord‑p. 94

6.23.1  IntroductionWord‑p. 94

6.23.2  Solution detailsWord‑p. 94

6.23.2.1  OverviewWord‑p. 94

6.23.2.2  ProceduresWord‑p. 94

6.23.3  EvaluationWord‑p. 96

6.24  Solution #24: NSSAA for Remote UE with L3 UE-to-Network relayWord‑p. 97

6.25  Solution #25: Secondary authentication of Remote UE with L3 UE-to-Network relayWord‑p. 104

6.26  Solution #26: Protecting PDU session-related parameters for L2 relay with existing mechanismWord‑p. 109

6.26.1  IntroductionWord‑p. 109

6.26.2  Solution detailsWord‑p. 109

6.26.3  EvaluationWord‑p. 110

6.27  Solution #27: Mitigating the conflict between security policies using match report proceduresWord‑p. 110

6.27.1  IntroductionWord‑p. 110

6.27.2  Solution detailsWord‑p. 110

6.27.3  EvaluationWord‑p. 113

6.28  Solution #28: Mitigating the conflict between security policies using restricted discovery procedures on network sideWord‑p. 113

6.28.1  IntroductionWord‑p. 113

6.28.2  Solution detailsWord‑p. 113

6.28.3  EvaluationWord‑p. 115

6.29  Solution #29: Security flow for Layer-3 UE-to-Network RelayWord‑p. 115

6.29.1  IntroductionWord‑p. 115

6.29.2  Solution detailsWord‑p. 116

6.29.3  EvaluationWord‑p. 117

6.30  Solution #30: UE-to-Network Relay security based on primary authenticationWord‑p. 118

6.30.1  IntroductionWord‑p. 118

6.30.2  Solution detailsWord‑p. 118

6.30.3  EvaluationWord‑p. 120

6.31  Solution #31: Use of authorization tokens in UE-to-UE relayWord‑p. 121

6.31.1  IntroductionWord‑p. 121

6.31.2  Solution detailsWord‑p. 121

6.31.3  EvaluationWord‑p. 124

6.32  Solution #32: Mitigating privacy issues of user info IDs, relay service codes and PDU parameters for L3 UE-to-NW relaysWord‑p. 124

6.32.1  IntroductionWord‑p. 124

6.32.2  Solution DetailsWord‑p. 125

6.32.3  EvaluationWord‑p. 129

6.33  Solution #33: Security establishment of one-to-one PC5 communication rekeyingWord‑p. 131

6.33.1  IntroductionWord‑p. 131

6.33.2  Solution DetailsWord‑p. 131

6.33.3  EvaluationWord‑p. 132

6.34  Solution #34: Authorization of the remote UE in L3 U2N relayWord‑p. 132

6.34.1  IntroductionWord‑p. 132

6.34.2  Solution detailsWord‑p. 132

6.34.3  EvaluationWord‑p. 133

6.35  Solution #35: Discovery procedures for UE-to-network relaysWord‑p. 133

6.36  Solution #36: UE-to-Network Relay security based on AKMAWord‑p. 136

6.36.1  IntroductionWord‑p. 136

6.36.2  Solution detailsWord‑p. 136

6.36.3  EvaluationWord‑p. 138

6.37  Solution #37: Keying procedures for Group Member and Relay discovery: public safety caseWord‑p. 138

6.38  Solution #38: Mitigating the conflict between security policies using restricted discovery procedures on network sideWord‑p. 141

6.38.1  IntroductionWord‑p. 141

6.38.2  Solution detailsWord‑p. 142

6.38.3  EvaluationWord‑p. 143

6.39  Solution #39: Key management in UE-to-Network Relay based on shared key generated during primary authenticationWord‑p. 143

6.39.1  IntroductionWord‑p. 143

6.39.2  Solution detailsWord‑p. 143

6.39.2.1  ProcedureWord‑p. 143

6.39.2.2  Derivation of P-TIDWord‑p. 145

6.39.2.3  Derivation of P-TID*Word‑p. 146

6.39.3  EvaluationWord‑p. 146

6.40  Solution #40: Protection with Security Policies for PC5 Direct CommunicationWord‑p. 146

6.41  Solution #41: Security protection for 5G ProSe indirect network communicationWord‑p. 147

6.42  Solution #42: Privacy enhancements during PC5 link setup for UE-to-Network relayWord‑p. 150

6.43  Solution #43: Improved LTE security mechanism for 5G ProSe restricted discovery to ensure source authentication in out of coverage use casesWord‑p. 152

6.44  Solution #44: PC5 anchor key generation via GBA PushWord‑p. 156

6.44.1  IntroductionWord‑p. 156

6.44.2  Solution detailsWord‑p. 157

6.44.3  EvaluationWord‑p. 159

7  ConclusionsWord‑p. 159

7.1  Key Issue #1: Discovery message protectionWord‑p. 159

7.2  Key Issue #2: Keys in ProSe discovery scenarioWord‑p. 159

7.3  Key Issue #3: Security of UE-to-Network RelayWord‑p. 159

7.4  Key issue #4: Authorization in the UE-to-Network relay scenarioWord‑p. 161

7.5  Key Issue #5: Privacy protection over the UE-to-Network RelayWord‑p. 161

7.6  Key Issue #6: Integrity and confidentiality of information over the UE-to-UE RelayWord‑p. 161

7.7  Key issue #7: Authorization in the UE-to-UE relay scenarioWord‑p. 162

7.8  Key Issue #8: Privacy of information over the UE-to-UE RelayWord‑p. 162

7.9  Key Issue #9: Key management in 5G Proximity Services for UE-to-Network relay communicationWord‑p. 162

7.10  Key Issue #10: Key issue on secure data transfer between UE and 5GDDNMFWord‑p. 162

7.11  Key Issue #11: UE identity protection during ProSe discoveryWord‑p. 162

7.12  Key Issue #12: Security of one-to-one communication over PC5Word‑p. 163

7.13  Key Issue #13: Security and privacy of groupcast communicationWord‑p. 163

7.14  Key Issue #14: security for support of Non-IP trafficWord‑p. 163

7.15  Key Issue #15: privacy of ProSe entities while supporting Non-IP trafficWord‑p. 163

7.16  Key Issue #16: Privacy protection of PDU session-related parameters for relayingWord‑p. 164

7.17  Key Issue #17: Supporting security policy handling for PC5 connection of 5G ProSe servicesWord‑p. 164

$  Change historyWord‑p. 165


Up   Top