Tech-invite3GPPspaceIETF RFCsSIP
Quick21222324252627282931323334353637384‑5x

Content for  TR 33.864  Word version:  17.0.0

Top   Top   Up   Prev   None
0…   4…
4 Architecture and security assumptions of AMF re-allocation5 Key issues6 Solutions7 ConclusionsA AMF re-allocation$ Change history

 

4  Architecture and security assumptions of AMF re-allocationWord‑p. 8

4.1  GeneralWord‑p. 8

4.2  Procedure of Registration with AMF re-allocationWord‑p. 8

4.3  Architecture and security assumptionsWord‑p. 10

5  Key issuesWord‑p. 11

5.1  Key Issue #1: Security of AMF re-allocation proceduresWord‑p. 11

5.1.1  Key issue detailsWord‑p. 11

5.1.2  Security threatsWord‑p. 11

5.1.3  Potential security requirementsWord‑p. 12

6  SolutionsWord‑p. 12

6.1  Solution #1: AMF re-allocation via RAN using existing security statesWord‑p. 12

6.1.1  IntroductionWord‑p. 12

6.1.2  Solution detailsWord‑p. 12

6.1.2.1  OverviewWord‑p. 12

6.1.2.2  Message flowsWord‑p. 13

6.1.3  EvaluationWord‑p. 14

6.2  Solution #2: Security of AMF re-allocation when 5G NAS security context is rerouted via RANWord‑p. 15

6.2.1  IntroductionWord‑p. 15

6.2.2  Solution detailsWord‑p. 15

6.2.3  EvaluationWord‑p. 18

6.3  Solution #3: Solving registration failure with AMF re-allocation via RANWord‑p. 19

6.3.1  Solution OverviewWord‑p. 19

6.3.2  Solution DetailsWord‑p. 19

6.3.3  Security EvaluationWord‑p. 23

6.4  Solution #4: Solution to enable NAS Security for AMF reallocation and reroute via RAN ScenarioWord‑p. 23

6.4.1  IntroductionWord‑p. 23

6.4.2  Solution detailsWord‑p. 23

6.4.3  EvaluationWord‑p. 27

6.5  Solution #5: AMF re-allocation by re-directing UE to new AMFWord‑p. 28

6.5.1  Solution OverviewWord‑p. 28

6.5.2  Solution DetailsWord‑p. 29

6.5.2.1  Handling Different cases of communicating AMFs (Figure 4.3-1)Word‑p. 30

6.5.3  EvaluationWord‑p. 31

6.6  Solution #6: Solution to provide Security context to AMF capable of serving the UE to ensure system availabilityWord‑p. 31

6.6.1  IntroductionWord‑p. 31

6.6.2  Solution detailsWord‑p. 31

6.6.3  EvaluationWord‑p. 36

6.7  Solution #7: Solution to enable Reallocated AMF to serve the UEWord‑p. 37

6.7.1  IntroductionWord‑p. 37

6.7.2  Solution detailsWord‑p. 37

6.7.3  EvaluationWord‑p. 41

6.8  Solution #8: Solution to enable UE connection directly to the slice AMFWord‑p. 42

6.8.1  IntroductionWord‑p. 42

6.8.2  Solution detailsWord‑p. 42

6.8.2.1  Solution phase 1Word‑p. 42

6.8.2.2  Solution phase 2Word‑p. 43

6.8.3  EvaluationWord‑p. 44

6.9  Solution #9: Security of AMF re-allocation when 5G NAS security context is rerouted via RANWord‑p. 45

6.9.1  IntroductionWord‑p. 45

6.9.2  Solution detailsWord‑p. 45

6.9.3  EvaluationWord‑p. 48

6.10  Solution #10: Solution to reroute 5G NAS security context via RANWord‑p. 49

6.10.1  IntroductionWord‑p. 49

6.10.2  Solution detailsWord‑p. 49

6.10.3  EvaluationWord‑p. 52

6.11  Solution #11: Solution for AMF re-allocation by triggering a new registration procedureWord‑p. 53

6.11.1  IntroductionWord‑p. 53

6.11.2  Solution detailsWord‑p. 53

6.11.3  EvaluationWord‑p. 55

6.12  Solution #12: AMF re-allocation and secured reroute via RAN enabled by AUSFWord‑p. 56

6.12.1  IntroductionWord‑p. 56

6.12.2  Solution detailsWord‑p. 56

6.12.3  EvaluationWord‑p. 59

7  ConclusionsWord‑p. 60

7.1  Conclusion for key issue #1 - Security of AMF re-allocation proceduresWord‑p. 60

A  AMF re-allocationWord‑p. 61

A.1  Registration failure issue with AMF re-allocation via RANWord‑p. 61

A.1.1  GeneralWord‑p. 61

A.1.2  Description of Registration Failure IssueWord‑p. 61

$  Change historyWord‑p. 65

Up   Top