Tech-invite3GPPspaceIETF RFCsSIP
index21222324252627282931323334353637384‑5x

Content for  TR 33.864  Word version:  17.0.0

Top   Top   Up   Prev   None
0…   4…
4 Architecture and security assumptions of AMF re-allocation5 Key issues6 Solutions7 ConclusionsA AMF re-allocation$ Change history

 

4  Architecture and security assumptions of AMF re-allocationp. 8

4.1  Generalp. 8

4.2  Procedure of Registration with AMF re-allocationp. 8

4.3  Architecture and security assumptionsp. 10

5  Key issuesp. 11

5.1  Key Issue #1: Security of AMF re-allocation proceduresp. 11

5.1.1  Key issue detailsp. 11

5.1.2  Security threatsp. 11

5.1.3  Potential security requirementsp. 12

6  Solutionsp. 12

6.1  Solution #1: AMF re-allocation via RAN using existing security statesp. 12

6.1.1  Introductionp. 12

6.1.2  Solution detailsp. 12

6.1.2.1  Overviewp. 12

6.1.2.2  Message flowsp. 13

6.1.3  Evaluationp. 14

6.2  Solution #2: Security of AMF re-allocation when 5G NAS security context is rerouted via RANp. 15

6.2.1  Introductionp. 15

6.2.2  Solution detailsp. 15

6.2.3  Evaluationp. 18

6.3  Solution #3: Solving registration failure with AMF re-allocation via RANp. 19

6.3.1  Solution Overviewp. 19

6.3.2  Solution Detailsp. 19

6.3.3  Security Evaluationp. 23

6.4  Solution #4: Solution to enable NAS Security for AMF reallocation and reroute via RAN Scenariop. 23

6.4.1  Introductionp. 23

6.4.2  Solution detailsp. 23

6.4.3  Evaluationp. 27

6.5  Solution #5: AMF re-allocation by re-directing UE to new AMFp. 28

6.5.1  Solution Overviewp. 28

6.5.2  Solution Detailsp. 29

6.5.2.1  Handling Different cases of communicating AMFs (Figure 4.3-1)p. 30

6.5.3  Evaluationp. 31

6.6  Solution #6: Solution to provide Security context to AMF capable of serving the UE to ensure system availabilityp. 31

6.6.1  Introductionp. 31

6.6.2  Solution detailsp. 31

6.6.3  Evaluationp. 36

6.7  Solution #7: Solution to enable Reallocated AMF to serve the UEp. 37

6.7.1  Introductionp. 37

6.7.2  Solution detailsp. 37

6.7.3  Evaluationp. 41

6.8  Solution #8: Solution to enable UE connection directly to the slice AMFp. 42

6.8.1  Introductionp. 42

6.8.2  Solution detailsp. 42

6.8.2.1  Solution phase 1p. 42

6.8.2.2  Solution phase 2p. 43

6.8.3  Evaluationp. 44

6.9  Solution #9: Security of AMF re-allocation when 5G NAS security context is rerouted via RANp. 45

6.9.1  Introductionp. 45

6.9.2  Solution detailsp. 45

6.9.3  Evaluationp. 48

6.10  Solution #10: Solution to reroute 5G NAS security context via RANp. 49

6.10.1  Introductionp. 49

6.10.2  Solution detailsp. 49

6.10.3  Evaluationp. 52

6.11  Solution #11: Solution for AMF re-allocation by triggering a new registration procedurep. 53

6.11.1  Introductionp. 53

6.11.2  Solution detailsp. 53

6.11.3  Evaluationp. 55

6.12  Solution #12: AMF re-allocation and secured reroute via RAN enabled by AUSFp. 56

6.12.1  Introductionp. 56

6.12.2  Solution detailsp. 56

6.12.3  Evaluationp. 59

7  Conclusionsp. 60

7.1  Conclusion for key issue #1 - Security of AMF re-allocation proceduresp. 60

A  AMF re-allocationp. 61

A.1  Registration failure issue with AMF re-allocation via RANp. 61

A.1.1  Generalp. 61

A.1.2  Description of Registration Failure Issuep. 61

$  Change historyp. 65

Up   Top