Tech-invite3GPPspaceIETF RFCsSIP

Content for  TR 33.854  Word version:  17.1.0

Top   Top   Up   Prev   Next
1…   5…   6…   6.1…   6.2…   6.3…   6.4…   6.5…   6.6…   6.7…   6.8…   6.9…   6.10…   6.11…   6.12…   6.13…   6.14…   6.15…   6.16…   7…


6.16  Solution #16: Preventing malicious revocation from unauthorized UTM/USSp. 58

6.16.1  Solution overviewp. 58

This solution proposes to address the fake UTM/USS issue in KI#1. Unauthorized UTM/USS, including fake UTM/USS and competitor UTM/USS, may perform malicious UAV service revocation due to the lack of authorization checking by the 3GPP network, the contribution provides a solution to prevent the malicious revocation sent by the unauthorized UTM/USS.
According to the conclusion in TR 23.754, the UTM/USS shows the 3GPP UAV ID (i.e. GPSI) to invoke MNO services and to revoke authentication & authorization. However, an unauthorized UTM/USS may perform malicious revocation to 3GPP network by sending 3GPP UAV ID captured from other places (e.g. the same 3GPP UAV ID is reused for multiple UTM/USSs or eavesdropping on the GPSIs which are sent out from 3GPP network). To prevent the above attack, this solution allows the UAV-NF to check the revocation request is sent from the serving UTM/USS of the UAV (i.e. the authorized UTM/USS).

6.16.2  Solution detailsp. 59

Upon a successful USS UAV Authentication and Authorization (UUAA) procedure between UAV and UTM/USS, the UAV-NF (a UAVF or UFES as specified in TR 23.754) stores a UUAA identity mapping between the 3GPP UAV ID and the UTM/USS identifier. Upon a successful pairing authorization procedure, the UAV-NF stores a pairing identity mapping between the 3GPP UAV ID and the UTM/USS identifier.
During either UUAA revocation or pairing revocation, the UTM/USS uses 3GPP UAV ID to invoke the corresponding revocation, the revocation request message sent from UTM/USS includes its UTM/USS identifier. The UAV-NF verifies the revocation request by checking the 3GPP UAV ID and UTM/USS identifier match the previously maintained mapping relationships accordingly (either UUAA ID mapping or pairing ID mapping). The UAV-NF stops the subsequent revocation procedures if the 3GPP UAV ID and the UTM/USS identifier sent from the UTM/USS do not match the previously maintained mapping relationships.

6.16.3  Solution evaluationp. 59

This solution addresses the fake UTM/USS issue in Key Issue #1 by introducing additional checks at UAV-NF (aka UAVF or UFES) to avoid unauthorized revocation (UUAA revocation or pairing revocation). This solution requires UAV-NF to associate the 3GPP UAV ID with the UTM/USS identifier after UUAA procedures. The UTM/USS is required to send both 3GPP UAV ID and UTM/USS identifier to UAV-NF to perform revocation(s). The UAV-NF needs to verify the associated identities provided by the UTM/USS before the rest revocation procedures.

Up   Top   ToC