Development of 5G IAM Architecture

Development of 5G IAM Architecture
© 2019 Verizon. Development of 5G IAM Architecture Transitioning to a User Centric View Bjorn Hjelm June 28, 2019
© 2019 Verizon. Why, What and How 2
© 2019 Verizon. 3 5G Currencies / Capabilities
© 2019 Verizon. 5G Core Network Key Principles and Concepts 4 Service-based interactions between Control Plane Network Functions (NF) where authorized NFs can access any other NF services. Separation between Control Plane and User Plane allowing for independent scalability, evolution and flexible deployments. Modularization of functions to enable flexible network slicing and support for capability exposure. 1 2 3
© 2019 Verizon. 5G Core Network redefined as Service-Based Architecture (SBA) 5 UE (R)AN UPF AF AMF SMF PCF UDM DNN6 NRFNEF N3 N2 N4 AUSF Nausf Namf Nsmf NpcfNnrfNnef Nudm Naf NSSF Nnssf SBA entities User Plane entities 1 3GPP TS 23.501, “System Architecture for the 5G System,” v.15.5.0, March 2019. 5G System Architecture1
© 2019 Verizon. 6 Study on a Layer for User Centric Identifiers and Authentication followed by User Identities and Authentication (UIA) that introduce normative requirements and study on the Usage of User Identifiers in the 5G System for architecture development. Developed use cases focused on IoT and generated requirements for a service- and layer- agnostic Identity as an Abstraction Layer in 5G as part of the input to 3GPP. Defined a 5G Vision around business context based on use cases, business models and value creation with a user-centric view and the identity of the entity. Development of 5G IAM Requirements
© 2019 Verizon. 7 Identity as an Abstraction Layer in 5G Service- and Layer- agnostic Identity An identity that bridges between network access technologies. 5G IAM architecture needs to abstract from domain related identifiers and network technologies. An identity that bridges between different services offered by one provider. An identity that bridges between operators and other identity providers, providing a global identity business proposition.
© 2019 Verizon. 8 Basic Concept and Relations of 5G Identity Management Relationship between User, Identities, Identifiers and Attributes2 A user is an entity in the context of identity management. The identity can depend on the role of the entity in the system. A user can have several user identities (professional, private, etc.). A user identity is associated with some pieces of information generally referred to as attributes where identifiers are one special form of attribute. Attributes that are not identifiers may be associated with one or more identities. 2 3GPP TR 22.904, “Study on user centric identifiers and authentication,” v.16.1.0, Sep. 2018.
© 2019 Verizon. 9 5G User Centric Authentication Layer 2 3GPP TR 22.904, “Study on user centric identifiers and authentication,” v.16.1.0, Sep. 2018. Shall exist on top of the existing subscription authentication. Shall not replace existing subscription credentials. Shall support various authentication mechanisms and interactions with authentication system. Shall support a service- and layer- identity of the user. The user centric authentication layer2…
© 2019 Verizon. 10 • Slice authentication (and authorization) by 3rd party. ▶ A slice can represent a tier of service. • Industrial factory automation and discrete automation. • Several users or devices (IoT, wearables etc.) behind one gateway. • Access via non-3GPP device to a subscription in the 3GPP system. • Sharing of devices / services configuration of shared devices. • Authorizing others to access one’s resources. 5G UIA Use Cases
© 2019 Verizon. In addition... 11 Authorization of 5G Network Function (NF) service access1 and 3rd- party Application Functions (AF)3 are based on OAuth 2.0 framework. Identity management and user authentication functionality for 3GPP Mission Critical (MC) services is based on OpenID Connect and OAuth 2.0.4 1 3GPP TS 23.501, “System Architecture for the 5G System,” v.15.5.0, March 2019. 3 3GPP TS 33.501, “Security architecture and procedures for 5G system,” v.15.4.0, Mar. 2019. 4 3GPP TS 33.180, “Security of the mission critical service,” v.14.6.0, Mar. 2019.
© 2019 Verizon. Summary 12 The 5G Vision focuses on business context based on use cases, business models and value creation with a user-centric view. The concept of User Identity in a 5G system has been defined and agreed upon within 3GPP with architecture work in development. Some of the basic building blocks to support 5G User Centric Authentication Layer already exist. 1 2 3
© 2019 Verizon.

Check these out next

Development of 5G IAM Architecture

Recommended

More Related Content

Slideshows for you(20)

Similar to Development of 5G IAM Architecture(20)

More from Bjorn Hjelm(17)

Recently uploaded(20)

Development of 5G IAM Architecture