Scribd Logo
Upload

Welcome to Scribd!

  • 59 views

    3GPP SA3: Mobile Communications Security Specification Group

    Uploaded by

    Francisco de Assis

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd

    3GPP SA3: Mobile Communications Security Specification Group

    Uploaded by

    Francisco de Assis
    59 views12 pages

    Original Title

    3GPPSA3_PRASAD

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    59 views12 pages

    3GPP SA3: Mobile Communications Security Specification Group

    Uploaded by

    Francisco de Assis

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    of 12

    3GPP‐SA3

    Mobile communications security specification group

    Dr. Anand R. Prasad, NEC Corporation, Chairman 3GPP SA3

    © ETSI 2015. All rights reserved
    3GPP SA3 makes mobile
    business happen!
    Cyber 2050 is in 5 Years!
    (7 cyber years is 1 human year)
    3GPP TSG SA WG3 (Security) Terms of Reference

    The WG has the overall responsibility for security and privacy 
    in 3GPP systems
    • performs analysis of potential threats to these systems
    • determines the security and privacy requirements for 3GPP 
    systems
    • specifies the security architectures and protocols
    • ensures the availability of cryptographic algorithms which need to be 
    part of the specifications
    http://www.3gpp.org/Specifications‐groups/sa‐plenary/54‐sa3‐security

    3GPP SA3 specification location:


    http://www.3gpp.org/ftp/Specs/html-info/33-series.htm
    Finding specific specification:
    http://www.3gpp.org/ftp/Specs/html-info/xxyyy.htm
    Replace xxyyy by specification number, e.g., 33401 for TS 33.401
    3GPP SA3 Work Items

    Security Aspects of Proximity‐based Services (ProSe)
    Mission Critical Push to Talk over LTE (MCPTT)
    Security Assurance Specification for 3GPP Network Products 
    (SCAS)
    IP Multimedia Subsystem (IMS) Security
    • Security Aspects of Web Real Time Communication (WebRTC) Access 
    to IMS etc.
    Security Aspects related to Machine‐Type Communication 
    (MTC)
    Network Domain Security (NDS)
    Multimedia Broadcast/Multicast Service (MBMS)
    SAE/LTE Security etc.
    3GPP SA3 Study Items

    Security for Proximity‐based Services
    Security Aspects of Isolated E‐UTRAN Operation for Public 
    Safety
    Cellular IOT
    • EGPRS access security enhancements with relation to Cellular IoT
    • Battery Efficient Security for very low Throughput Machine Type 
    Communication Devices
    Security Assurance Methodology for 3GPP Network Elements 
    (SECAM)
    Subscriber Privacy Impact in 3GPP
    IMS Enhanced Spoofed Call Prevention and Detection
    Mission Critical Push to Talk (MCPTT)

    MCPTT brings several new services that could potentially be 
    used for commercial purposes, e.g. ambient listening, discreet 
    listening etc.
    • Commercial use of MCPTT services can have serious implications
    • Current activity is based on the assumption that MCPTT is only meant 
    for public safety
    Besides that of services, several security issues needs to be 
    tackled in MCPTT. A known example is authentication

    MCPTT MCPTT
    MCPTT MCPTT PLMN Service Application
    User UE Access Access Registration

    Where and what to authenticate?


    Ref.: S3-151461, TR 33.879, and S3-151444
    Isolated E‐UTRAN Operation for Public Safety 
    (IOPS)

    eNodeB does not have 
    any backhaul connectivity 
    Local EPC is available

    Ref.: S3-151513, TR 33.997 Evolved Universal Terrestrial Radio Access


    Network (E-UTRAN)
    Proximity based Services (ProSe)

    Work on security for ProSe discovery, configuration and 
    communication
    Focus is currently on UE as relay which brings obvious security 
    requirements of authentication, key management etc.
    Out‐of‐network

    ProSe UE‐to‐ Public 
    Remote
    Network  eNB Safety
    UE EPC
    Relay Uu AS
    PC5 SGi

    Ref.: S3-151530, TR 33.833, and TS 33.303


    Cellular IOT (cIoT)

    There are two topics:
    • EGPRS access security enhancements with relation to 
    Cellular IoT
    Ref.: S3‐151520, TR 33.860
    • Enhancement of GPRS while keeping the current architecture
    • Battery Efficient Security for very low Throughput Machine 
    Type Communication Devices
    Ref.: S3‐151521, TR 33.863
    • Allows modification of current architecture (GPRS)
    • Requires very low data‐rate (few bps) and long battery life (upto 10 yrs.)
    Security Assurance

    Phase 1: Security Assurance Methodology (SECAM) in 3GPP – 2012
    • Study existing methodologies & adapt them to 3GPP needs
    • Goal to have only testable requirements
    Phase 2: Security Assurance Specification (SCAS) – 2014
    • Use methodology agreed in phase 1 (TR 33.805 cleaned up into TR 33.916)
    • Developing test‐cases and SCAS, started from MME (TR 33.806 and TS 33.116, 
    general test‐cases in TS 33.117)
    3GPP Evaluator Operator
    Security
    Assurance
    Legend: Operator
    Specification Evaluation (Self) security
    s (SCAS) Evaluation
    Product / Report Declaration acceptance
    Documentation decision
    Vendor
    Role
    Network
    Product

    Process
    GSMA Security Assurance Makes the final decision based on
    Group (SECAG) output documents and internal
    Accreditation
    policies
    © ETSI 2015. All rights reserved
    Contact Details: 
    Anand R. Prasad
    [email protected]
    https://jp.linkedin.com/in/arprasad
    http://www.prasad.bz/

    Thank you!

    © ETSI 2015. All rights reserved

    You might also like