Proposal for Enhancing Security in RRC Connection Setup Procedure

Study the security mechanisms to secure the RRC connection setup process for the exchange of sensitive information between authentic network elements (BS and AMF) even before UE authentication. Addressing the lack of security in RRC Msg5 is crucial for various functionalities like Network Slicing and Non-terrestrial Networks. Securing Msg5 can pave the way for resolving multiple issues and enabling features like Network Slicing, Non-terrestrial Networks, etc.

• Security Enhancement
• RRC Connection Setup
• Sensitive Information Exchange
• Network Elements
• Network Slicing

alby Follow

Uploaded on Jul 23, 2024 | 1 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

Presentation Transcript

1. SID proposal for Secure RRC connection Setup Nokia Jan 2022

2. RRC Connection Setup up to Msg5 is not secure UE AMF gNB RACH Preamble (Msg1) RACH Response (Msg2) Until UE specific NAS context is setup, UE cannot share any sensitive information to the network RRC Setup Request (Msg3) Unse cure mess ages RRC Setup Response (Msg4) RRC Setup Complete+ NAS Registration Request (Msg5) NAS Security Context Setup AS Security context setup Until UE specific AS Security context is setup, UE cannot share any sensitive information with BS

3. Lack of security for RRC Msg5 Since security is lacking for RRC Msg5, sensitive information cannot be shared with the AMF/network or the base station. This is a basic issue for multiple features, for e.g. in Network Slicing, Non terrestrial networks etc. If this Msg5 is made secure, Network Slice selection parameter could be included outside the NAS packet for BS to parse and route the NAS RR to correct AMF in the desired NS. For Non-Terrestrial UEs, location information can be included outside the NAS packet for BS to parse and route the NAS RR to correct AMF. Msg5 is the last of the remaining messages to be secured and if this is secured a host of issues can be solved with multiple features, like Network Slicing, NTN etc.

4. SID Proposal: Secure RRC connection setup Objective: Study security mechanisms to secure the RRC connection setup procedure so that sensitive information can be shared between genuine network elements BS and AMF even before UE is authenticated and UE specific security context is established. Both roaming and as well as non-roaming UEs should be under the scope of the study. Once the UE is authenticated and UE specific NAS and AS security contexts are established, as currently done, messages shall be protected by the UE specific security context. Parameters within the RRC connection setup messages are not within the scope of the study. They will be defined by respective WGs as necessary based on features.