Security Framework for (e)HRPD 1 S40-20100621-005 3GPP2 TSG-S WG4 Source: QUALCOMM Incorporated Contact(s): Anand Palanigounder

Slides:

Advertisements

Similar presentations

Binding of cdma2000 access subscription with specific device(s) 3GPP2 TSG-S WG4 S Source: Qualcomm Incorporated Contact(s): Anand Palanigounder,

Advertisements

Use cases for Device Binding 3GPP2 TSG-S WG4 S Source: Qualcomm Incorporated Contact(s): Anand Palanigounder,

WLAN IW Enhancement for IMS Support

Page 1 Title: Traffic Detection Function Extensions for cdma2000 1x and HRPD Networks Sources: Qualcomm Contact: George Cherian

Mobile IPv4 FA CoA Support in WLAN Interworking Raymond Hsu Qualcomm Inc. Notice: QUALCOMM Incorporated grants a free, irrevocable license.

Dynamic HA Assignment for MIPv4 in WLAN Interworking Raymond Hsu, Qualcomm Inc., Wing C. Lau, Qualcomm Inc., Notice:

Tunneling Protocol Support for 1x CSFB from E-UTRAN

IP Connectivity for E911 in HRPD/PDS Networks Page 1 IP Connectivity for Emergency Calls in HRPD/PDS Networks 3GPP2 Meeting, 1/07 IP Connectivity for Emergency.

XHRPD Example Scenario for MSS Masa Shirota Qualcomm Inc. July 15, GPP2 Dalian Meeting Recommendation: FYI Notice QUALCOMM Incorporated grants a.

3GPP2 A r0 3GPP2 C xxxr0 TSG-A WG3 and TSG-C WG2 Title: HRPD Redirect on EPC Unavailable Source: Mike DolanAlcatel-Lucent Dave.

1 IP Service Authorization Support and Mobility Selection for X.S0011-E Source: QUALCOMM Inc.: Masa Shirota, George Cherian, Jun Wang,

Proposed High Level Solution for Device Binding 3GPP2 TSG-SX WG4 SX Source: Qualcomm Incorporated and Alcatel-Lucent Contact(s): Anand Palanigounder,

China Telecomm Peirong Xie ZTE Corporation Rajesh Bhalla Huawei Jixing Liu

1 Title: Need for the Message Integrity of User traffic Abstract: From both: competitive and security standpoints, UMB standard should add the option of.

1 May 14, 2007 Zhibi Wang, Simon Mizikovsky – Alcatel-Lucent Vidya Narayanan, Anand Palanigounder – QUALCOMM ABSTRACT: Access authentication architecture.

ABSTRACT: This contribution proposes the HRPD-WiMAX handoff solution. TITLE: HRPD-WiMAX Handoff TSG-A WG4 RECOMMENDATION: Review and Adopt Samsung Electronics.

3GPP2 Network Evolution: Inter-working Across Technologies January 08, 2007 QUALCOMM Inc Notice Contributors grant a free, irrevocable license to 3GPP2.

1 cdma2000® Data Service Transition to NULL Support Jun Wang Ravi Patwardhan June 5, 2003 Recommendation -

1x Device Binding Framework Overview to TSG-AC 3GPP2 TSG-AC AC Source: TSG-SX WG4 Contact(s): Anand Palanigounder,

Revised Solution for Device Binding Revised from S GPP2 TSG-SX WG4 SX Source: Qualcomm Incorporated Contact(s): Anand Palanigounder,

Broadcast Area Based Management for BCMCS Quanzhong Gao Weidong Wu 04/05/2005.

1 IPsec-based MIP6 Security Qualcomm Inc. Starent Inc. Notice: Contributors grant free, irrevocable license to 3GPP2 and its Organization Partners to incorporate.

Authentication Profile for UICC- less eHRPD Terminals QUALCOMM Incorporated Contact(s): Anand Palanigounder Jun Wang.

80-VXXX-X A July 2008 Page 1 QUALCOMM Confidential and Proprietary PCC Support for cdma2000 QUALCOMM Inc. Jun Wang, George Cherian, Masa Shirota

Broadcast/Multicast Priority List JUNHYUK SONG SAMSUNG Incorporated grants a free, irrevocable license to 3GPP2 and its Organization Partners to incorporate.

QUALCOMM PROPRIETARY 3GPP2 Network Evolution Architecture Dec. 04, 2006 Lucent Technologies Nortel Networks Qualcomm Inc. Hitachi, Ltd Huawei Technologies.

1 Flow Mobility Support QUALCOMM Inc. George Cherian, Jun Wang, Masa Shirota

C August 24, 2004 Page 1 SMS Spam Control Nobuyuki Uchida QUALCOMM Incorporated Notice ©2004 QUALCOMM Incorporated. All rights reserved.

1 SeGW Certificate profile (Revised) 3GPP2 TSG-S WG4 /TSG-X WG5 (PDS) S X xx Source: QUALCOMM Incorporated Contact(s): Anand.

Page 1 January 16, 2008 Source: 3GPP2 TSG-S WG4 (Security) Contacts: Anand Palanigounder, Chair, TSG-S WG4 ( Zhibi Wang,

Proposed 1x Device Binding Solution Based on SX & SX GPP2 TSG-SX WG4 SX Source(s): Qualcomm Incorporated.

80-VXXX-X A July 2008 Page 1 QUALCOMM Confidential and Proprietary PCC Support for cdma2000 QUALCOMM Inc. Jun Wang, George Cherian, Masa Shirota

Proposed Solution for Device Binding 3GPP2 TSG-S WG4 S Source: Qualcomm Incorporated Contact(s): Anand Palanigounder,

May 12, 2008 Alcatel Lucent, Cisco, Motorola, Nortel, Verizon ABSTRACT: Proposed is additional key hierarchy and derivation for EPS access over eHRPD.

TSG-X Title: Network Initiated Bearer Setup in eHRPD ____________________________________________________________________________________________________________________.

1 Title: eHRPD offline charging proposal Sources: China Telecom Contact: CT: Peirong Wenyi ZTE:

FMS/TR-069 File Download Security Source: QUALCOMM Incorporated Contact(s): Anand Palanigounder Yinian Mao

1 Authentication and User Profile April 24, 2007 Jun Wang QUALCOMM Inc. Notice Contributors grant a free, irrevocable license to 3GPP2 and its Organization.

Jun Wang Anand Palanigounder Peerapol Tinnakornsrisuphap

UMB AIS Document Structure Ravi Patwardhan, Qualcomm QUALCOMM Incorporated grants a free, irrevocable license to 3GPP2 and its Organizational.

July 21, 2008 Alcatel Lucent ABSTRACT: Proposed is key derivation for eHRPD RAN Handoff. RECOMMENDATION: Review and approve. Notice Contributors grant.

Background Both RoHCv1 and RoHC v2 are supported in 3GPP LTE R8 and R9

ABSTRACT: This contribution proposes the HRPD-WiMAX handoff solution. TITLE: HRPD-WiMAX Handoff TSG-A WG4 RECOMMENDATION: Review and Adopt Samsung Electronics.

Supporting Local Breakout in HRPD Femto Peerapol Tinnakornsrisuphap Qualcomm Doug Knisely

Jun Wang Anand Palanigounder Peerapol Tinnakornsrisuphap

3GPP2 Network Evolution: UMB->HRPD Handoff October 16, 2007 Qualcomm Inc. Contact: Jun Wang Notice Contributors grant a free, irrevocable license to 3GPP2.

Remote access to Local IP network via Femto Peerapol Tinnakornsrisuphap Anand Palanigounder

X xxx ZTE Discussion on cdma2000 Charging with PCC Title: Inter-RAT RAN information management protocol Stack Sources: NSN Contact: Scott Marin,

3GPP2 X xxx Title: Subscriber QoS Profile Support in eHRPD System Sources: China Telecom, ZTE Contact: CT: Peirong Li Wenyi.

Page 1 Notice © All rights reserved. Qualcomm Incorporated grants a free, irrevocable license to 3GPP2 and its Organizational Partners to incorporate.

Comment to Limited Idle Mode Nortel Networksgrants a free, irrevocable license to 3GPP2 and its Organizational Partners to incorporate text or other copyrightable.

Jun Wang Anand Palanigounder Peerapol Tinnakornsrisuphap

EHRPD-LTE Inter Technology Spectrum Optimization Source: Qualcomm Incorporated Contact: Jun Wang/George Cherian September 9, 2013 Notice ©2013. All rights.

EAP over HRPD Comments Qualcomm, Inc. Vidya Narayanan, Dondeti, Lakshminath, Jun Wang, Pete Barany Notice: QUALCOMM Incorporated grants a free, irrevocable.

1 MAPSUP in eHRPD: Data forwarding Tunnel Sources: ZTE Contact: Bi YiFeng Rajesh Bhalla

X xx CT+ZTE PCC for cdma2000 MS Init Call Flows 1 1 Title: PCC for cdma2000 – MS-Init Call Flow Example Sources: CTC, ZTE Contact: CHINA TELECOM.

1 Title: Performance of Default Parameters for 1xEV-DO RTCMAC Source: Christopher Lott, QUALCOMM Incorporated , Date: Februrary.

80-VXXX-X A July 2008 Page 1 QUALCOMM Confidential and Proprietary PCC Support for cdma2000 QUALCOMM Inc. Jun Wang, George Cherian, Masa Shirota

0 软交换应用的探讨赵慧玲 2004 年 05 月 Dynamically Coverage Management By Caiqin Zhu(Catherine Zhu) China Telecom Apr © GPP2 China Telecom.

Adding LTE-1x CSFB IOS specification in 3GPP2 Sources: China Telecom, Contact: Li Wenyi ABSTRACT: This contribution is to analyze the.

1 On 3GPP2 Femto Security Anand Palanigounder Qualcomm Inc. Notice: Contributors grant a free, irrevocable license to 3GPP2 and its Organization.

1 OMP for Dual Rx AT in LTE tunneled mode Contributors grants a free, irrevocable license to 3GPP2 and its Organizational Partners to incorporate text.

Signaling Packet Routing for Layer 3 approach in UMB-HRPD/1x interworking KDDI Corporation, Tsunehiko Chiba, Osamu.

C August 19, 2003 Page 1 SMS Push Teleservice Nobuyuki Uchida QUALCOMM Incorporated Notice ©2003 QUALCOMM Incorporated. All rights reserved.QUALCOMM.

1 MSI (Multiple Service Instances) Ravindra Patwardhan QUALCOMM Incorporated Review and approve for D Notice QUALCOMM.

WLAN IW Enhancement for Multiple Authentications Support QUALCOMM Inc.: Raymond Hsu, QUALCOMM Inc.: Masa Shirota,

1 IP Service Authorization Support and Mobility Selection Source: QUALCOMM Inc.: Masa Shirota, George Cherian, Jun Wang,

Inter-RAT Measurement Control Jungsoo Jung Samsung Electronics Samsung Electronics grants a free, irrevocable license to 3GPP2 and.

Source: Qualcomm Incorporated Contact: Jun Wang, George Cherian March 1, 2010 Page 1 3GPP2 Femtocell Phase II Femto Access Control Enhancement Notice ©

E-UTRAN - HRPD rev B Interworking

Presentation transcript:

Security Framework for (e)HRPD 1 S GPP2 TSG-S WG4 Source: QUALCOMM Incorporated Contact(s): Anand Palanigounder Recommendation: For Discussion Notice QUALCOMM Incorporated grants a free, irrevocable license to 3GPP2 and its Organizational Partners to incorporate text or other copyrightable material contained in the contribution and any modifications thereof in the creation of 3GPP2 publications; to copyright and sell in Organizational Partner’s name any Organizational Partner’s standards publication even though it may include all or portions of this contribution; and at the Organizational Partner’s sole discretion to permit others to reproduce in whole or in part such contribution or the resulting Organizational Partner’s standards publication. QUALCOMM Incorporated is also willing to grant licenses under such contributor copyrights to third parties on reasonable, non- discriminatory terms and conditions for purpose of practicing an Organizational Partner’s standard which incorporates this contribution. This document has been prepared by QUALCOMM Incorporated to assist the development of specifications by 3GPP2. It is proposed to the Committee as a basis for discussion and is not to be construed as a binding proposal on QUALCOMM Incorporated. QUALCOMM Incorporated specifically reserves the right to amend or modify the material contained herein and nothing herein shall be construed as conferring or offering licenses or rights with respect to any intellectual property of QUALCOMM Incorporated other than provided in the copyright statement above.

Overview Scope & Goal Security Considerations – “Assets” of the system Requirements – Security Requirements – Other Requirements Proposed Design for AALS 2

Scope and Goal Scope: Specify how to use AALS with HRPD and eHRPD Access Networks Goals: Specify a security framework for (e)HRPD access security that – Minimizes changes to the existing core and access network elements 3

SECURITY CONSIDERATIONS 4

The following “Assets” are in scope Confidentiality of User data – Includes user data sent/received by the AT, preventing tracking of used resources/services Integrity of Signaling Exceptions: – Messages required to establish the security context – Emergency calls for unauthenticated ATs 5

Existing HRPD Default Protocols* 6 The HRPD Security Layer provides security services to upper layers The Default Protocols are “None” * Figure from C.P C v0.5

Existing HRPD Non-Default Protocols* 7 The Non-Default Protocols of Security Layer * Figure from C.P C v0.5

REQUIREMENTS 8

AALS Security Requirements Authentication – Mutual authentication support is required EAP-AKA (HRPD) or EAP-AKA’ (eHRPD) for authentication Signaling – Encryption and integrity protection of all signaling that terminates at the AALS layer; – The exceptions are: Messages required to establish the security context Emergency calls for unauthenticated UEs Any messages that are identified explicitly by the specifications as being not protected User Data – Encryption of the user plane data Security Protocols – Specify allowed AALS profile(s) for the Security Protocols (e.g., encryption, integrity and key exchange) Mechanisms to perform Key Update/change 9

PROPOSED DESIGN 10

AALS Security Architecture Encryption always terminated at the AN in the HRPD Air-interface Application Layer – May allow encryption to be “turned on” on a per RLP flow basis – How the AN determines which RLP flows require encryption is FFS AALS Signaling integrity terminated at AN 11

AALS Authentication Requirements HRPD: EAP-AKA between the UE and PDSN/AAA as defined in X.S0011-E is required for AALS – Use of CHAP between the UE and PDSN/AAA with AALS is not acceptable from security perspective eHRPD: EAP-AKA’ with HSGW & EPC core as defined in X.S0057 is required with AALS – No other authentication method supported in eHRPD PDSN / HSGW derives PMK (from the MSK of the EAP authentication ) and sends it to the AN No changes to HRPD Access (A12) Authentication – i.e., use of CHAP authentication is acceptable with AALS for A12 12

AALS & Security Layer Protocols Key Exchange – Use of GKE/MKE defined in C.S0067-A with AALS acceptable from security perspective; DH is not acceptable – How the GKE/MKE used with AALS is FFS Integrity Protocol – Use of AES-CMAC (needs to added) Encryption Protocol – Use of AES-CBC with AALS Co-existence of Security Layer protocols with both AALS & the existing HRPD Security Layer 13