Content for TR 33.850 Word version: 17.0.0
5 Key issues Word‑p. 8
5.1 Key issue #1: Security of authentication and authorization for multicast communication services Word‑p. 8
5.1.1 Key issue details Word‑p. 8
5.1.2 Security threats Word‑p. 9
5.1.3 Potential security requirements Word‑p. 9
5.2 Key Issue #2: Security protection of MBS traffic Word‑p. 9
5.2.1 Key issue details Word‑p. 9
5.2.2 Security threats Word‑p. 9
5.2.3 Potential security requirements Word‑p. 10
5.3 Key Issue #3: Security protection of key distribution Word‑p. 10
5.3.1 Key issue details Word‑p. 10
5.3.2 Security threats Word‑p. 10
5.3.3 Potential security requirements Word‑p. 10
5.4 Key Issue # 4: Security protection between AF and 5GC Word‑p. 10
5.4.1 Key issue details Word‑p. 10
5.4.2 Security threats Word‑p. 11
5.4.3 Potential security requirements Word‑p. 11
6 Proposed solutions Word‑p. 11
6.0 Mapping of solutions to key issues Word‑p. 11
6.1 Solution #1: Protection of MBS traffic in transport layer Word‑p. 11
6.1.1 Solution overview Word‑p. 11
6.1.2 Solution details Word‑p. 12
6.1.2.1 Security handling in handover Word‑p. 13
6.1.3 Solution evaluation Word‑p. 13
6.2 Solution #2: protect MBS traffic in service layer Word‑p. 13
6.2.1 Solution overview Word‑p. 13
6.2.2 Solution details Word‑p. 14
6.2.3 Solution evaluation Word‑p. 16
6.3 Solution #3: MBS Traffic Protection Word‑p. 16
6.3.1 Solution overview Word‑p. 16
6.3.2 Solution details Word‑p. 17
6.3.3 Solution evaluation Word‑p. 18
6.4 Solution #4: Authentication and authorization for multicast communication service Word‑p. 18
6.4.1 Solution overview Word‑p. 18
6.4.2 Solution details Word‑p. 18
6.4.2.1 Authentication and authorization Word‑p. 19
6.4.2.2 Authorization revocation Word‑p. 20
6.4.3 Solution evaluation Word‑p. 20
6.5 Solution #5: Authorization revocation Word‑p. 20
6.5.1 Solution overview Word‑p. 20
6.5.2 Solution details Word‑p. 20
6.5.3 Solution evaluation Word‑p. 21
6.6 Solution #6: Authentication and authorization for multicast communication service based on AKMA Word‑p. 21
6.6.1 Solution overview Word‑p. 21
6.6.2 Solution details Word‑p. 22
6.6.3 Solution evaluation Word‑p. 22
6.7 Solution # 7: security protection between AF and 5GC Word‑p. 23
6.7.1 Solution overview Word‑p. 23
6.7.2 Solution details Word‑p. 23
6.7.3 Solution evaluation Word‑p. 23
6.8 Solution #8: MBS Traffic Protection Word‑p. 23
6.8.1 Solution overview Word‑p. 23
6.8.2 Solution details Word‑p. 23
6.8.3 Solution evaluation Word‑p. 25
6.9 Solution #9: Key update solution Word‑p. 25
6.9.1 Solution overview Word‑p. 25
6.9.2 Solution Details Word‑p. 25
6.9.2.1 Comparison between the default and optimized approaches Word‑p. 28
6.9.2.2 Key update conditions Word‑p. 32
6.9.2.3 Applicability to other solutions Word‑p. 32
6.9.3 Evaluation Word‑p. 33
6.10 Solution #10: Secure framework for Key distribution in MBS Word‑p. 35
6.10.1 Solution overview Word‑p. 35
6.10.2 Solution details Word‑p. 35
6.10.2.1 MBS key generation Word‑p. 35
6.10.2.2 MBS procedure for key generation and traffic protection Word‑p. 36
6.10.2.3 MBS procedure for re-keying Word‑p. 38
6.10.3 Solution Evaluation Word‑p. 41
6.11 Solution #11: Update the keys used to protect the MBS traffic Word‑p. 41
6.12 Solution #12: Protection of MBS traffic at service layer based on GBA Word‑p. 42
6.12.1 Solution overview Word‑p. 42
6.12.2 Solution details Word‑p. 42
6.12.3 Solution evaluation Word‑p. 44
6.13 Solution #13: Key generation and distribution for MBS Word‑p. 44
6.13.1 Solution overview Word‑p. 44
6.13.2 Solution details Word‑p. 45
6.13.2.1 Key generation and distribution Word‑p. 45
6.13.2.2 Key hierarchy Word‑p. 46
6.13.3 Solution evaluation Word‑p. 47
6.14 Solution #14: Secure key delivery in service layer Word‑p. 48
6.14.1 Solution overview Word‑p. 48
6.14.2 Solution details Word‑p. 48
6.14.3 Solution evaluation Word‑p. 49
7 Conclusions Word‑p. 49
7.1 Conclusions on Key Issue #1 Word‑p. 49
7.2 Conclusions on Key Issue #2 Word‑p. 49
7.3 Conclusions for Key Issue #3 Word‑p. 50
7.4 Conclusions on Key Issue #4 Word‑p. 50
$ Change history Word‑p. 51
