The present document studies the security aspects on the support of the 5GMSG Service defined in TR 23.700-24
, determines key issues of potential security requirements and proposed possible security solutions to meet these security requirements.
The following documents contain provisions which, through reference in this text, constitute provisions of the present document.
References are either specific (identified by date of publication, edition number, version number, etc.) or non specific.
For a specific reference, subsequent revisions do not apply.
For a non-specific reference, the latest version applies. In the case of a reference to a 3GPP document (including a GSM document), a non-specific reference implicitly refers to the latest version of that document in the same Release as the present document.
: "Vocabulary for 3GPP Specifications".
: " Functional architecture and information flows to support Common API Framework for 3GPP Northbound APIs; Stage 2".
: "Service Enabler Architecture Layer (SEAL); Security aspects for Verticals".
: "Security architecture and procedures for 5G System".
: "Network Domain Security (NDS); IP network layer security".
: "Message Service within the 5G System; Stage 1 ".
: "Feasibility study on 5G message service for MIoT; Stage 1 ".
: "Authentication and Key Management for Applications (AKMA) based on 3GPP credentials in the 5G System (5GS)".
: "Procedures for the 5G System (5GS); Stage 2".
: "Network Domain Security (NDS); Authentication Framework (AF) (Release 16)".
: "Security of the Mission Critical (MC) service".
For the purposes of the present document, the terms given in TR 21.905
and the following apply. A term defined in the present document takes precedence over the definition of the same term, if any, in TR 21.905
For the purposes of the present document, the abbreviations given in TR 21.905
and the following apply. An abbreviation defined in the present document takes precedence over the definition of the same abbreviation, if any, in TR 21.905
and TR 22.824
define the stage 1 requirements of the MSGin5G Service (message service for MIoT over 5G System), TR 23.700-24
is under progress of defining the architecture and procedures to support the MSGin5G service. The above specifications form the baseline for the present document on security aspects of MSGin5G Service for the 5G system (5GS). MSGin5G Service enables an UE sending/receiving message of text, voice, video or data to/from another UE or application server. It is basically designed for IoT device communication, including thing-to-thing communication and person-to-thing communication. The emerging IoT device communication will introduce new requirements of messaging service in terms of service capabilities, performance, charging, and security etc.
For example, for the following scenarios from TS 22.262
, the contents of the messages are required to be integrity and confidentially protected. For each scenario and for different UE types (5GMSGS UE, Legacy 3GPP UE, Non-3GPP UE), whether existing security mechanisms can be used to achieve the integrity and confidentiality protection under the architecture defined by TR 23.700-24
need to be investigated.