Tech-invite3GPPspaceIETF RFCsSIP
Quick21222324252627282931323334353637384‑5x

Content for  TR 33.851  Word version:  17.1.0

Top   Top   Up   Prev   None
1…   5…
5 Key issues6 Solutions7 ConclusionsA Security considerationsB Prevention of spoofing attacks due to tampered Domain NumberC Asymmetric delay attacks$ Change history

 

5  Key issuesp. 9

5.1  Key issue#1: Security for time synchronization messagesp. 9

5.1.1  Key issue detailsp. 9

5.1.2  Security threatsp. 9

5.1.3  Potential security requirementsp. 9

5.2  Key issue #2: Multiple TSN working domainsp. 9

5.2.1  Key issue detailsp. 9

5.2.2  Threatsp. 10

5.2.3  Potential security requirementsp. 10

5.3  Key Issue #3: Protection of UE-UE TSC communicationp. 10

5.3.1  Key issue detailsp. 10

5.3.2  Security threatsp. 10

5.3.3  Potential security requirementsp. 11

5.4  Key Issue #4: Protection of AF-NEF interfacep. 11

5.4.1  Key issue detailsp. 11

5.4.2  Security threatsp. 11

5.4.3  Potential security requirementsp. 11

6  Solutionsp. 12

6.0  Mapping of solutions to key issuesp. 12

6.1  Solution#1: Protection on time synchronization messages in TSN bridge modep. 12

6.1.1  Introductionp. 12

6.1.2  Solution detailsp. 12

6.1.3  Evaluationp. 13

6.2  Solution #2: Security solution for protection of AF-NEF interfacep. 13

6.2.1  Introductionp. 13

6.2.2  Solution detailsp. 14

6.2.3  Evaluationp. 14

6.3  Solution #3: Protection on time synchronization messages by fixing the security protection policyp. 14

6.3.1  Introductionp. 14

6.3.2  Solution detailsp. 14

6.3.3  Evaluationp. 15

7  Conclusionsp. 15

7.1  Conclusions on Key Issue #1: Security for time synchronization messagesp. 15

7.2  Conclusion on Key Issue #2: Multiple TSN working domainsp. 15

7.3  Conclusions on Key Issue #3: Protection of UE-UE TSC communicationp. 15

7.4  Conclusion for Key Issue #4: Protection of AF-NEF interface for TSN bridge modep. 15

A  Security considerationsp. 15

A.1  Guidance on TSN AF - CUC/CNC interface security for integration with TSNp. 15

B  Prevention of spoofing attacks due to tampered Domain Numberp. 16

B.1  Filtering incoming messages based on authorization policiesp. 16

B.1.1  Generalp. 16

B.1.2  Threat descriptionp. 16

B.1.3  Countermeasuresp. 17

C  Asymmetric delay attacksp. 17

C.1  Introductionp. 17

C.2  Calculation of offset between clocksp. 17

C.3  Delay attacks on time synchronisation messagesp. 17

C.4  Considerationsp. 18

$  Change historyp. 19

Up   Top