Content for TR 33.926 Word version: 17.6.0

1… 4… 5… 6… A… B… C… D… E… F… G… H… I… J… K… L… M… O… P…

M.1 Threat to send EAP-Identity Request by N3IWF N.1 Network product class description for the NWDAF N.2 Assets and threats specific to the NWDAF N.2.1 Critical assets
...

M Aspects specific to the network product class N3IWF |R17| p. 66

M.1 Threat to send EAP-Identity Request by N3IWF p. 66

Threat name: N3IWF sends EAP-Identity Request
Threat Category: Denial of service.
Threat Description: EAP-5G is used between UE and N3IWF. As specificed in TS 33.501, the N3IWF shall refrain from sending an EAP-Identity request. The UE may ignore an EAP Identity request or respond with the SUCI it sent in the Registration Request. This means if the N3IWF happens to send an EAP-Identity Request to the UE, the N3IWF shall not look forward an EAP-Identity Reply. This is different from normal EAP framework. If the N3IWF behaves the same as normal EAP framework, the N3IWF will wait for a reply till time expires. This may casue the UE cannot access to the network via an N3IWF.
Threatened Asset: GNP services.

N Aspects specific to the network product class NWDAF |R17| p. 67

N.1 Network product class description for the NWDAF p. 67

N.1.1 Introduction p. 67

This Annex covers the aspects specific to the NWDAF network product class.

N.1.2 Minimum set of functions defining the NWDAF network product class p. 67

As part of the NWDAF network product, it is expected that the NWDAF to contain NWDAF application (for data analysis), a set of running processes (typically more than one) executing the software package for the NWDAF functions and OAM functions that is specific to the NWDAF network product model. Functionalities specific to the NWDAF network product introduce additional threats and/or critical assets as described below. Related security requirements and test cases have been captured in TS 33.521.

N.2 Assets and threats specific to the NWDAF p. 67

N.2.1 Critical assets p. 67

In addition to the critical assets of a GNP described in clause 5.2 of the present document, the critical assets specific to the NWDAF to be protected are:

NWDAF Application;
Collected Data from NFs: e.g. part of mobility management data as depicted in clause K.2.1 collected from AMF, part of Session related data, user plane data as depicted in clause J.2.1 collected from SMF, part of user subscription data as depicted in clause E.2.1 collected from UDM, part of NF and User Data as depicted in clause I.2.1 collected from NEF, data collectd from NRF, PCF, AF and OAM, etc.
The interfaces of NWDAF to be protected and which are within SECAM scope:
- Service based interface, Nnwdaf, for providing services to AMF, SMF, NEF, PCF, NSSF, OAM and AF.
- Service based interface for consuming services from AMF, SMF, UDM, PCF, NRF, NEF and AF.
- Console interface, for local access: local interface on NWDAF
- OAM interface, for remote access and data collection: interface between NWDAF and OAM system
NOTE 1:
The detailed interfaces of the NWDAF class are described in clause 4, Network Product Class Description of the present document.
NWDAF Software: binary code or executable code

NOTE 2:
NWDAF files may be any file owned by a user (root user as well as non-root uses), including User account data and credentials, Log data, configuration data, OS files, NWDAF application, Collected Data from NFs or NWDAF Software.