Your SlideShare is downloading. ×
3GPP Rel-12 Security, and Future 3GPP Security Work
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Introducing the official SlideShare app

Stunning, full-screen experience for iPhone and Android

Text the download link to your phone

Standard text messaging rates apply

3GPP Rel-12 Security, and Future 3GPP Security Work

12,951
views

Published on

From the 9th ETSI Security Workshop, 15 - 16 JANUARY 2014 …

From the 9th ETSI Security Workshop, 15 - 16 JANUARY 2014

Presented by Bengt Sahlin, 3GPP TSG SA WG3 Chairman 2010 -2013, Ericsson Research NomadicLab

Published in: Technology, News & Politics

1 Comment
0 Likes
Statistics
Notes
  • Be the first to like this

No Downloads
Views
Total Views
12,951
On Slideshare
0
From Embeds
0
Number of Embeds
26
Actions
Shares
0
Downloads
116
Comments
1
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. 3GPP Rel-12 Security, and Future 3GPP Security Work © 3GPP 2012 Bengt Sahlin 3GPP TSG SA WG3 Chairman 2010 -2013 Ericsson Research NomadicLab 9th ETSI Security Workshop, 15 - 16 JANUARY 2014 © 3GPP 2014 1
  • 2. Outline About SA3 Security work in Rel-12 Future 3GPP Security work © 3GPP 2012 http://www.3gpp.org/news-events/partners-news/1514-tccajoins-3gpp-for-critical-work 9th ETSI Security Workshop, 15 - 16 JANUARY 2014 © 3GPP 2014 2
  • 3. 3GPP TSG SA WG3 (Security) The WG has the overall responsibility for security and privacy in 3GPP systems • performs analysis of potential threats to these systems • determines the security and privacy requirements for 3GPP © 3GPP 2012 systems • specifies the security architectures and protocols • ensures the availability of cryptographic algorithms which need to be part of the specifications http://www.3gpp.org/Specifications-groups/saplenary/54-sa3-security 9th ETSI Security Workshop, 15 - 16 JANUARY 2014 © 3GPP 2014 3
  • 4. Elections at SA3 #73 (November 2013) Old SA3 Leadership • Chair: Bengt Sahlin (Ericsson) • Vice-chairs • Magnus Aldén (TeliaSonera) • Anand Prasad (NEC) © 3GPP 2012 New SA3 Leadership • Chair: Anand Prasad (NEC) • Vice-chairs: • Alf Zugenmaier (NTT DOCOMO) • Judy Zhu (China Mobile Com Corporation) 9th ETSI Security Workshop, 15 - 16 JANUARY 2014 © 3GPP 2014 4
  • 5. © 3GPP 2012 9th ETSI Security Workshop, 15 - 16 JANUARY 2014 © 3GPP 2014 5
  • 6. © 3GPP 2012 9th ETSI Security Workshop, 15 - 16 JANUARY 2014 © 3GPP 2014 6
  • 7. Document Statistics 2010 350 300 250 200 Number of Documents 150 © 3GPP 2012 CRs Approved 100 50 SA3 #58 SA3 #59 SA3 #60 SA3 #61 SA3 #62 SA3 #63 SA3 #64 SA3 #65 SA3 #66 SA3 #67 SA3 #68 SA3 #69 SA3 #70 SA3 #71 SA# #72 SA3 #73 0 9th ETSI Security Workshop, 15 - 16 JANUARY 2014 © 3GPP 2014 7
  • 8. Rel-12 © 3GPP 2012 9th ETSI Security Workshop, 15 - 16 JANUARY 2014 © 3GPP 2014 8
  • 9. Extended IMS Media Plane Security Support for real-time media in Rel-9 Work completed in Rel12: © 3GPP 2012 IMS signalling and media plane entities relevant to e2ae security • IMS Messaging, and in particular MSRP/TCP based media • IMS Conferencing • Communications diversion • Secure fax Reference model for key management for the KMS based solution 9th ETSI Security Workshop, 15 - 16 JANUARY 2014 © 3GPP 2014 9
  • 10. Tunnelling of UE Services over Restrictive Access Networks (I) For IMS in TS 33.203 Annex W • Tunnelling of IMS Services over Restrictive Access Networks © 3GPP 2012 9th ETSI Security Workshop, 15 - 16 JANUARY 2014 © 3GPP 2014 10
  • 11. Tunnelling of UE Services over Restrictive Access Networks (II) For non-3GPP access in TS 33.402 annex B • Tunnelling of UE Services over Restrictive Access Networks © 3GPP 2012 9th ETSI Security Workshop, 15 - 16 JANUARY 2014 © 3GPP 2014 11
  • 12. Generic Bootstrapping Architecture (GBA) Security enhancements for usage of GBA from the browser • specified in Annexes of TS © 3GPP 2012 33.222 9th ETSI Security Workshop, 15 - 16 JANUARY 2014 © 3GPP 2014 12
  • 13. Small Cell Enhancements Dual connectivity Security analysis started at SA3 #73 in November SA #63 (March 2014) will evaluate in which time frame this can be specified 9th ETSI Security Workshop, 15 - 16 JANUARY 2014 © 3GPP 2012 © 3GPP 2014 13
  • 14. Exceptions for Rel-12 © 3GPP 2012 9th ETSI Security Workshop, 15 - 16 JANUARY 2014 © 3GPP 2014 14
  • 15. Machine Type Communication Security procedures for secure connection • provide key material for securing the application protocol between UE and a SCS (indirect model) or between UE and a MTC Application Server (direct model) • GBA for a UE initiated Secure Connection © 3GPP Secure Connection • GBAPush for a network initiated 2012 Exception for continuing work on “Security procedures for restricting the USIM to specific UEs” until March 2014 9th ETSI Security Workshop, 15 - 16 JANUARY 2014 © 3GPP 2014 15
  • 16. Proximity-based Services (ProSe) Work on security for ProSe discovery, configuration and communication Exception granted until June 2014 © 3GPP 2012 9th ETSI Security Workshop, 15 - 16 JANUARY 2014 © 3GPP 2014 16
  • 17. Group Communication System Enablers for LTE (GCSE_LTE) Work on security aspects for group communication over LTE Exception granted until June 2014 © 3GPP 2012 9th ETSI Security Workshop, 15 - 16 JANUARY 2014 © 3GPP 2014 17
  • 18. Security for WebRTC IMS Client access to IMS Work on authentication and required enhancements to IMS media plane security Exception granted until June 2014 © 3GPP 2012 9th ETSI Security Workshop, 15 - 16 JANUARY 2014 © 3GPP 2014 18
  • 19. WLAN Network Selection Working assumption: • Information provided by a WLAN access point is considered untrusted from 3GPP point of view Exception granted until March 2014 © 3GPP 2012 9th ETSI Security Workshop, 15 - 16 JANUARY 2014 © 3GPP 2014 19
  • 20. TUAK New authentication and key agreement algorithm • Alternative to MILENAGE • Based on Keccak (SHA-3 winner) Specified by ETSI SAGE Algorithm specifications approved by SA #62 in December Exception granted until March 2014 9th ETSI Security Workshop, 15 - 16 JANUARY 2014 © 3GPP 2012 © 3GPP 2014 20
  • 21. Rel-13 © 3GPP 2012 9th ETSI Security Workshop, 15 - 16 JANUARY 2014 © 3GPP 2014 21
  • 22. Security Assurance Specification for 3GPP Network Products Study started in 3GPP SA3 #68 in July 2012 Goal to identify a Security Assurance Methodology The study was finished at SA3 #73 in November 2013 and a new work item was agreed to start normative work News article published on the 3GPP site: © 3GPP 2012 • http://www.3gpp.org/news-events/3gpp-news/1569secam_for_3gpp_nodes 9th ETSI Security Workshop, 15 - 16 JANUARY 2014 © 3GPP 2014 22
  • 23. Security Assurance Methodology © 3GPP 2012 http://www.3gpp.org/DynaReport/33805.htm 9th ETSI Security Workshop, 15 - 16 JANUARY 2014 © 3GPP 2014 23
  • 24. Security Assurance: Next Steps 3GPP • • • • Technical Report describing the process Security Assurance scheme for 3GPP Network Products Security Assurance Specifications (SAS) The first SAS will be specified for the MME network product class © 3GPP 2012 GSM Association • Will accredit evaluators • The evalutators can be vendors or 3rd parties • Will evaluate and accredit vendor development process • NESAG is the sub-WG of GSMA SG that will create the vendor development process 9th ETSI Security Workshop, 15 - 16 JANUARY 2014 © 3GPP 2014 24
  • 25. Public Warning System (PWS) Security © 3GPP 2012 Conclusion reached on the way forward at SA3 #73: • Create a 900 series TR (public TR) to document the candidate solutions and their characteristics 9th ETSI Security Workshop, 15 - 16 JANUARY 2014 © 3GPP 2014 25
  • 26. Work expected to continue ProSe GCSE Study on Subscriber Privacy Impact in 3GPP • Started at SA3 #73 Security Study on Spoofed ©Call2012 3GPP Detection and Prevention • Close to completion Study on Security aspects of Integration of Single Sign-On (SSO) frameworks with 3GPP networks • ongoing 9th ETSI Security Workshop, 15 - 16 JANUARY 2014 © 3GPP 2014 26
  • 27. Thank You ! Bengt Sahlin 3GPP TSG SA WG3 Chairman 2010 -2013 © 3GPP 2012 More Information about 3GPP: www.3gpp.org contact@3gpp.org 9th ETSI Security Workshop, 15 - 16 JANUARY 2014 © 3GPP 2014 27