A.3 On-network operation

33.1793GPPRelease 13Security of Mission Critical Push To Talk (MCPTT) over LTETS

Tools: ARFCN - Frequency Conversion for 5G NR/LTE/UMTS/GSM

[33.179 MCPTT-A.3-001] All users of the MCPTT service shall be authenticated to prevent an adversary impersonating a user for the purpose of denial of service.

[33.179 MCPTT-A.3-002] The MCPTT service should take measures to detect and mitigate DoS attacks to minimize the impact on the network and on MCPTT users.

[33.179 MCPTT-A.3-003] The MCPTT user shall be authenticated by the MCPTT application.authorized

[33.179 MCPTT-A.3-004] A mechanism shall exist that allows the MCPTT application to be authenticated by the MCPTT user.

[33.179 MCPTT-A.3-005] The MCPTT UE and MCPTT service should enforce the result of the authentication for the duration of communications (e.g. by integrity protection or implicit authentication by encryption with a key that is derived from the authentication and is unknown to the adversary).

[33.179 MCPTT-A.3-006] The security solution should minimize the impact of a compromised MCPTT UE on other MCPTT UEs.

[33.179 MCPTT-A.3-007] The MCPTT Service shall provide a means to ensure integrity of all MCPTT user signalling at the application layer.

[33.179 MCPTT-A.3-008] The MCPTT Service shall protect the administrative and security management parameters from manipulation by individuals who are not explicitly authorized by the Mission Critical Organization.

[33.179 MCPTT-A.3-009] The MCPTT service shall provide a means to support confidentiality of MCPTT user identities from all entities outside the MCPTT service.

[33.179 MCPTT-A.3-010] The MCPTT service shall provide a means to support confidentiality of MCPTT signalling from all entities outside the MCPTT service.

[33.179 MCPTT-A.3-011] The MCPTT Service shall provide a means to support end-to-end confidentiality and integrity protection for all media traffic transmitted between MCPTT UEs.

[33.179 MCPTT-A.3-012] The MCPTT Service shall provide a means to support the confidentiality and integrity protection of location information transmitted from the MCPTT UE to the MCPTT application server.