Y.5 Authentication and Authorization between message Gateway and MSGin5G Server
33.5013GPPRelease 18Security architecture and procedures for 5G SystemTS
The authentication and authorization between Message Gateway and the MSGin5G Server can reuse the authentication and authorization between network functions in 13.3.2 in this document.
In direct communication, authentication between message gateway and MSGin5GServer shall use one of the following methods:
– If the PLMN uses protection at the transport layer as described in clause 13.1, authentication provided by the transport layer protection solution shall be used for authentication between message gateway and MSGin5GServer.
– If the PLMN does not use protection at the transport layer, authentication between message gateway and MSGin5GServer may be implicit by NDS/IP or physical security.
If the PLMN uses token-based authorization, the network shall use protection at the transport layer as described in clause 13.1.
In indirect communication scenarios, 13.3.2 in this document also applies.
Annex Z (informative):
Change history
|
Change history |
|||||||
|
Date |
Meeting |
TDoc |
CR |
Rev |
Cat |
Subject/Comment |
New version |
|
2018-06 |
SA#80 |
SP-180452 |
0004 |
1 |
B |
Rules on concurrent running of authentication and NAS SMC procedure |
15.1.0 |
|
2018-06 |
SA#80 |
SP-180452 |
0007 |
2 |
F |
Remove EN for initial NAS message protection |
15.1.0 |
|
2018-06 |
SA#80 |
SP-180452 |
0012 |
1 |
F |
Modification on UE’s subscribe privacy requirement |
15.1.0 |
|
2018-06 |
SA#80 |
SP-180452 |
0018 |
– |
D |
Editorial modification on reference |
15.1.0 |
|
2018-06 |
SA#80 |
SP-180452 |
0030 |
1 |
F |
Add condition for reset NAS COUNTs |
15.1.0 |
|
2018-06 |
SA#80 |
SP-180452 |
0038 |
2 |
F |
Editorials to 33.501 |
15.1.0 |
|
2018-06 |
SA#80 |
SP-180454 |
0046 |
2 |
B |
The granularity of NF service discovery |
15.1.0 |
|
2018-06 |
SA#80 |
SP-180452 |
0053 |
2 |
F |
CR for Clause Security algorithm selection, key establishment and security mode command procedure |
15.1.0 |
|
2018-06 |
SA#80 |
SP-180452 |
0064 |
4 |
F |
Corrections to secondary authentication procedure |
15.1.0 |
|
2018-06 |
SA#80 |
SP-180454 |
0066 |
2 |
F |
Clarifications to clause UP security mechanisms |
15.1.0 |
|
2018-06 |
SA#80 |
SP-180452 |
0075 |
1 |
C |
F1-C Protection |
15.1.0 |
|
2018-06 |
SA#80 |
SP-180452 |
0080 |
1 |
F |
Corrections related to authentication related services |
15.1.0 |
|
2018-06 |
SA#80 |
SP-180452 |
0081 |
1 |
F |
Clarifications to: Linking increased home control to subsequent procedures |
15.1.0 |
|
2018-06 |
SA#80 |
SP-180452 |
0084 |
1 |
F |
Clarifications to: Initiation of authentication and selection of authentication method |
15.1.0 |
|
2018-06 |
SA#80 |
SP-180452 |
0090 |
1 |
F |
Clarifications to Idle mode mobility from 5GS to EPS |
15.1.0 |
|
2018-06 |
SA#80 |
SP-180452 |
0095 |
2 |
F |
Multiple NAS connections |
15.1.0 |
|
2018-06 |
SA#80 |
SP-180452 |
0097 |
2 |
F |
Clarifications to Mapping of Security Contexts |
15.1.0 |
|
2018-06 |
SA#80 |
SP-180452 |
0104 |
1 |
F |
KeNB derivation in 5GS to EPS handover |
15.1.0 |
|
2018-06 |
SA#80 |
SP-180455 |
0105 |
3 |
F |
Corrections and clarifications to Handover from EPS to 5GS over N26 |
15.1.0 |
|
2018-06 |
SA#80 |
SP-180455 |
0107 |
– |
F |
Delete Editor’s Note in C.3.4.3 |
15.1.0 |
|
2018-06 |
SA#80 |
SP-180454 |
0111 |
2 |
F |
Misleading title given to clause 6.13 |
15.1.0 |
|
2018-06 |
SA#80 |
SP-180455 |
0115 |
3 |
F |
Clarifications to: Authentication procedures |
15.1.0 |
|
2018-06 |
SA#80 |
SP-180453 |
0118 |
3 |
F |
Clarifications to: Using additional EAP methods for primary authentication |
15.1.0 |
|
2018-06 |
SA#80 |
SP-180454 |
0120 |
1 |
F |
Clarifications on unused 5G authentication vectors, and remaning authentication data |
15.1.0 |
|
2018-06 |
SA#80 |
SP-180453 |
0125 |
3 |
F |
Generalization of key derivation in NG-RAN to cover both gNBs and ng-eNBs |
15.1.0 |
|
2018-06 |
SA#80 |
SP-180455 |
0128 |
1 |
Emergency call redirection scenarios |
15.1.0 |
|
|
2018-06 |
SA#80 |
SP-180453 |
0135 |
1 |
C |
TS 33.501 Resolving Editors notes 5.10.1 Security Visibility |
15.1.0 |
|
2018-06 |
SA#80 |
SP-180453 |
0143 |
3 |
F |
Clarifications to: Key hierarchy, key derivation, and distribution scheme |
15.1.0 |
|
2018-06 |
SA#80 |
SP-180455 |
0145 |
5 |
B |
Clarification to Subscription identifier privacy |
15.1.0 |
|
2018-06 |
SA#80 |
SP-180453 |
0147 |
3 |
B |
Clarifications to: Protection at the network or transport layer, Authorization and authentication between network functions and the NRF |
15.1.0 |
|
2018-06 |
SA#80 |
SP-180453 |
0149 |
3 |
F |
Corrections in clause 6 |
15.1.0 |
|
2018-06 |
SA#80 |
SP-180453 |
0150 |
1 |
F |
Reference corrections in clause 8 |
15.1.0 |
|
2018-06 |
SA#80 |
SP-180453 |
0152 |
3 |
F |
Clarifications to: Definitions and Abbreviations |
15.1.0 |
|
2018-06 |
SA#80 |
SP-180453 |
0153 |
1 |
F |
Editorial changes to claus 10 and 12 |
15.1.0 |
|
2018-06 |
SA#80 |
SP-180453 |
0155 |
2 |
F |
Clarifications to Annex A : Key derivation functions |
15.1.0 |
|
2018-06 |
SA#80 |
SP-180453 |
0156 |
2 |
F |
Clarifications to: Security contexts |
15.1.0 |
|
2018-06 |
SA#80 |
SP-180453 |
0157 |
1 |
F |
Clarifications to: Security handling in state transitions |
15.1.0 |
|
2018-06 |
SA#80 |
SP-180455 |
0160 |
– |
F |
Corrections to Authentication Framework |
15.1.0 |
|
2018-06 |
SA#80 |
SP-180453 |
0161 |
1 |
B |
Clarifications to security requirements and features (clause 5) |
15.1.0 |
|
2018-06 |
SA#80 |
SP-180453 |
0162 |
2 |
F |
Corrections on SUCI protection schemes |
15.1.0 |
|
2018-06 |
SA#80 |
SP-180453 |
0163 |
3 |
F |
Clarifications to: Security handling in mobility |
15.1.0 |
|
2018-06 |
SA#80 |
SP-180453 |
0164 |
– |
F |
Corrections on clause 6.5 |
15.1.0 |
|
2018-06 |
SA#80 |
SP-180453 |
0165 |
1 |
F |
Clarifications on clause 7.2 |
15.1.0 |
|
2018-06 |
SA#80 |
SP-180455 |
0170 |
2 |
F |
Correction for TS 33.501 subclause 4.1 |
15.1.0 |
|
2018-06 |
SA#80 |
SP-180455 |
0172 |
1 |
F |
Correction for TS 33.501 subclause 5.11.2 |
15.1.0 |
|
2018-06 |
SA#80 |
SP-180455 |
0183 |
1 |
B |
Security Negotiation for RRC INACTIVE |
15.1.0 |
|
2018-06 |
SA#80 |
SP-180455 |
0184 |
1 |
B |
Key handling at RRC-INACTIVE state transitions |
15.1.0 |
|
2018-06 |
SA#80 |
SP-180454 |
0185 |
1 |
F |
Security Procedures for Dual Connectivity |
15.1.0 |
|
2018-06 |
SA#80 |
SP-180455 |
0189 |
1 |
F |
Editorial correction to clause 6.12.5 on SIDF |
15.1.0 |
|
2018-06 |
SA#80 |
SP-180454 |
0192 |
1 |
F |
Correction to: 3GPP 5G profile for EAP-AKA’ |
15.1.0 |
|
2018-06 |
SA#80 |
SP-180455 |
0194 |
– |
F |
Corrections to section 4.1 Security domains |
15.1.0 |
|
2018-06 |
SA#80 |
SP-180455 |
0196 |
1 |
F |
Corrections to section 13.4.1.1 |
|
|
2018-06 |
SA#80 |
SP-180454 |
0200 |
– |
F |
Resolving Editor’s Note on USIM |
15.1.0 |
|
2018-06 |
SA#80 |
SP-180455 |
0201 |
1 |
C |
Addition of SBA security requirements for SEPP and NF |
|
|
2018-06 |
SA#80 |
SP-180454 |
0208 |
1 |
F |
Clarification of the IPsec implementation requirements |
15.1.0 |
|
2018-06 |
SA#80 |
SP-180454 |
0209 |
1 |
B |
Protection of internal gNB interfaces |
15.1.0 |
|
2018-06 |
SA#80 |
SP-180454 |
0210 |
1 |
B |
Introduction of DTLS for protection of Xn-C and N2 interfaces |
15.1.0 |
|
2018-06 |
SA#80 |
SP-180454 |
0211 |
– |
F |
Corrections of references to sub-clauses |
15.1.0 |
|
2018-06 |
SA#80 |
SP-180454 |
0212 |
– |
F |
Corrections and clarifications to idle mode mobility from EPS to 5GS over N26 |
15.1.0 |
|
2018-06 |
SA#80 |
SP-180454 |
0213 |
– |
F |
Authorization of Application Function’s requests |
15.1.0 |
|
2018-06 |
SA#80 |
SP-180454 |
0214 |
1 |
B |
Security Mechanism for Steering of Roaming |
15.1.0 |
|
2018-06 |
SA#80 |
SP-180448 |
0215 |
– |
B |
CAPIF support for NEF external exposure interface |
15.1.0 |
|
2018-06 |
SA#80 |
SP-180454 |
0216 |
– |
F |
Clarfication to 6.4.1 NAS security general |
15.1.0 |
|
2018-06 |
SA#80 |
SP-180454 |
0217 |
– |
F |
Clarifications to Annex D.3 Integrity algorithms |
15.1.0 |
|
2018-09 |
SA#81 |
SP-180709 |
0154 |
3 |
D |
Editorial changes to clause 9 |
15.2.0 |
|
2018-09 |
SA#81 |
SP-180708 |
0221 |
1 |
F |
Generic description of 5G security elements |
15.2.0 |
|
2018-09 |
SA#81 |
SP-180708 |
0223 |
2 |
F |
Update on SEAF requirements |
15.2.0 |
|
2018-09 |
SA#81 |
SP-180708 |
0230 |
1 |
F |
Clause 5.2.5 – Modification on subscriber privacy |
15.2.0 |
|
2018-09 |
SA#81 |
SP-180706 |
0236 |
– |
D |
Clause 6.4.5 – Editorial modification on NAS COUNT handling |
15.2.0 |
|
2018-09 |
SA#81 |
SP-180709 |
0238 |
1 |
F |
Clause 6.6.2 – Modification on UP security activation mechanism |
15.2.0 |
|
2018-09 |
SA#81 |
SP-180708 |
0239 |
1 |
F |
Clause 6.7.3.2 – Modification on algorithm selection during N2 handover |
15.2.0 |
|
2018-09 |
SA#81 |
SP-180706 |
0240 |
– |
F |
Clause 6.7.3.5 – Correct reference for RNA update procedure |
15.2.0 |
|
2018-09 |
SA#81 |
SP-180708 |
0242 |
1 |
F |
Mobility – Correcting AS re-keying and NAS re-keying in N2-handover |
15.2.0 |
|
2018-09 |
SA#81 |
SP-180709 |
0249 |
1 |
F |
Add rule for concurrent running of security procedures |
15.2.0 |
|
2018-09 |
SA#81 |
SP-180709 |
0250 |
1 |
F |
Modify rule for concurrent running of security procedures |
15.2.0 |
|
2018-09 |
SA#81 |
SP-180708 |
0251 |
1 |
F |
Annex C clarification on ‘username’ |
15.2.0 |
|
2018-09 |
SA#81 |
SP-180706 |
0252 |
– |
F |
Deletion of Requester ID from ‘Nausf_UEAuthentication_authenticate’ |
15.2.0 |
|
2018-09 |
SA#81 |
SP-180707 |
0253 |
1 |
F |
Removal of KSEAF storage restriction |
15.2.0 |
|
2018-09 |
SA#81 |
SP-180709 |
0257 |
1 |
F |
Deletion of ENs in Clause 5.3 Requirements on the gNB |
15.2.0 |
|
2018-09 |
SA#81 |
SP-180706 |
0258 |
– |
F |
Align NAS connection identifier with access type identifier |
15.2.0 |
|
2018-09 |
SA#81 |
SP-180706 |
0259 |
– |
F |
Correct the encryption key in confidentiality clause |
15.2.0 |
|
2018-09 |
SA#81 |
SP-180706 |
0260 |
– |
F |
Deletion of Editor Note in Annex D.2.1 Ciphering algorithm |
15.2.0 |
|
2018-09 |
SA#81 |
SP-180709 |
0261 |
1 |
F |
Add definition and values for ABBA parameter |
15.2.0 |
|
2018-09 |
SA#81 |
SP-180706 |
0262 |
– |
F |
Deletion of EN in Caluse 10.2.1 Authenticated IMS Emergency Sessions |
15.2.0 |
|
2018-09 |
SA#81 |
SP-180706 |
0268 |
– |
F |
Reference corrections in clause 6.10 |
15.2.0 |
|
2018-09 |
SA#81 |
SP-180709 |
0270 |
1 |
F |
Algorithm Negotiation for Unauthenticated UEs in LSM |
15.2.0 |
|
2018-09 |
SA#81 |
SP-180706 |
0272 |
F |
AS SMC Handling Update |
15.2.0 |
|
|
2018-09 |
SA#81 |
SP-180709 |
0273 |
1 |
F |
Other security procedures for DC |
15.2.0 |
|
2018-09 |
SA#81 |
SP-180707 |
0275 |
1 |
F |
N32 related definitions |
15.2.0 |
|
2018-09 |
SA#81 |
SP-180708 |
0276 |
1 |
F |
Access Token Request updates |
15.2.0 |
|
2018-09 |
SA#81 |
SP-180708 |
0277 |
1 |
F |
Access Token Request for a specific NF service producer |
15.2.0 |
|
2018-09 |
SA#81 |
SP-180709 |
0278 |
1 |
F |
Editorial corrections to TS 33.501 |
15.2.0 |
|
2018-09 |
SA#81 |
SP-180709 |
0279 |
1 |
F |
Corrections on primary authentication |
15.2.0 |
|
2018-09 |
SA#81 |
SP-180706 |
0280 |
– |
F |
Delay the transmission of kseaf after home network verifies the RES |
15.2.0 |
|
2018-09 |
SA#81 |
SP-180709 |
0284 |
1 |
F |
Align AS SMC procedure with SA2 and RAN3 |
15.2.0 |
|
2018-09 |
SA#81 |
SP-180707 |
0287 |
1 |
F |
Remove Editor’s Note on additional claims in the access token |
15.2.0 |
|
2018-09 |
SA#81 |
SP-180707 |
0288 |
1 |
F |
Remove Editor’s Note on additional parameters that may be required in step 1 of Figure 13.4.1.1-2 |
15.2.0 |
|
2018-09 |
SA#81 |
SP-180706 |
0290 |
– |
B |
CR-slice-management-security |
15.2.0 |
|
2018-09 |
SA#81 |
SP-180706 |
0292 |
– |
F |
Authentication for token-based authorization |
15.2.0 |
|
2018-09 |
SA#81 |
SP-180709 |
0295 |
1 |
F |
DC – definition corrections |
15.2.0 |
|
2018-09 |
SA#81 |
SP-180706 |
0301 |
– |
F |
DC – correcting reference |
15.2.0 |
|
2018-09 |
SA#81 |
SP-180709 |
0302 |
1 |
F |
Mobility – Clarification in intra-gNB-CU handover |
15.2.0 |
|
2018-09 |
SA#81 |
SP-180708 |
0305 |
1 |
F |
Mobility – Resolving EN and corrections in AS re-keying |
15.2.0 |
|
2018-09 |
SA#81 |
SP-180708 |
0306 |
1 |
F |
Mobility – Corrections for usage of local policy at AMF |
15.2.0 |
|
2018-09 |
SA#81 |
SP-180708 |
0307 |
1 |
F |
Mobility – Rectification of NAS MAC calculation for NAS Container |
15.2.0 |
|
2018-09 |
SA#81 |
SP-180706 |
0309 |
– |
F |
Mobility – Correction of NAS COUNTs in N2-handover |
15.2.0 |
|
2018-09 |
SA#81 |
SP-180706 |
0310 |
– |
F |
Mobility – Removing an EN in Xn-handover |
15.2.0 |
|
2018-09 |
SA#81 |
SP-180706 |
0311 |
– |
F |
Mobility – Rectification of UE security capabilities in NAS Container |
15.2.0 |
|
2018-09 |
SA#81 |
SP-180707 |
0313 |
1 |
F |
Privacy – adding missing details to SUCI content and format |
15.2.0 |
|
2018-09 |
SA#81 |
SP-180707 |
0314 |
1 |
F |
Privacy – addressing ENs |
15.2.0 |
|
2018-09 |
SA#81 |
SP-180709 |
0315 |
1 |
F |
Update of definition of 5G AS security context for 3GPP access |
15.2.0 |
|
2018-09 |
SA#81 |
SP-180708 |
0316 |
1 |
F |
Use the old KRRCint for calculation of the security token in MSG3 |
15.2.0 |
|
2018-09 |
SA#81 |
SP-180707 |
0319 |
1 |
F |
Removal of token validation by NRF |
15.2.0 |
|
2018-09 |
SA#81 |
SP-180707 |
0323 |
– |
F |
Clarification of ngKSI and ABBA parameter in 5G-AKA |
15.2.0 |
|
2018-09 |
SA#81 |
SP-180707 |
0324 |
1 |
F |
Clarification for ngksi and ABBA parameter for EAP-AKA’ |
15.2.0 |
|
2018-09 |
SA#81 |
SP-180708 |
0327 |
1 |
F |
Corrections and clarifications to interworking clauses |
15.2.0 |
|
2018-09 |
SA#81 |
SP-180708 |
0328 |
1 |
F |
Removal of editor’s note on harmonization between inter and intra system handovers |
15.2.0 |
|
2018-09 |
SA#81 |
SP-180708 |
0329 |
1 |
F |
Clarifications related to the NAS Container calculation during inter system handover |
15.2.0 |
|
2018-09 |
SA#81 |
SP-180706 |
0330 |
– |
F |
Addition of missing reference to RFC on DTLS over SCTP |
15.2.0 |
|
2018-09 |
SA#81 |
SP-180709 |
0331 |
1 |
F |
Correction of Note on physical protection for NDS/IP use |
15.2.0 |
|
2018-09 |
SA#81 |
SP-180709 |
0334 |
1 |
F |
Multiple NAS connections: taking a new security context into use on non-3GPP access |
15.2.0 |
|
2018-09 |
SA#81 |
SP-180706 |
0336 |
– |
F |
Correction to Clause 5.11.2 Requirements for algorithm selection |
15.2.0 |
|
2018-09 |
SA#81 |
SP-180709 |
0337 |
1 |
F |
Removal of Note 2a on Kausf use case restriction |
15.2.0 |
|
2018-09 |
SA#81 |
SP-180706 |
0339 |
– |
D |
Editorial correction to TS 33.501 |
15.2.0 |
|
2018-09 |
SA#81 |
SP-180707 |
0341 |
1 |
F |
Clarification to key hierarchy |
15.2.0 |
|
2018-09 |
SA#81 |
SP-180707 |
0342 |
1 |
F |
Collection of editorial changes |
15.2.0 |
|
2018-09 |
SA#81 |
SP-180708 |
0343 |
1 |
F |
Addition of definitions and corrections to references |
15.2.0 |
|
2018-09 |
SA#81 |
SP-180707 |
0344 |
1 |
F |
Corrections to references and update on authentication vector text |
15.2.0 |
|
2018-09 |
SA#81 |
SP-180707 |
0347 |
2 |
F |
Error handling for SBA authentication and authorization in service layer |
15.2.0 |
|
2018-09 |
SA#81 |
SP-180707 |
0348 |
1 |
F |
Clarification on authentication and authorization in SBA |
15.2.0 |
|
2018-09 |
SA#81 |
SP-180709 |
0349 |
1 |
F |
Adding OAuth related authorization services for SBA security |
15.2.0 |
|
2018-09 |
SA#81 |
SP-180707 |
0354 |
1 |
F |
Clarifications and editorials to clause 13.1 (Transport security for service based interfaces) |
15.2.0 |
|
2018-09 |
SA#81 |
SP-180707 |
0355 |
– |
F |
Updates on Security Mechanism for Steering of Roaming |
15.2.0 |
|
2018-09 |
SA#81 |
SP-180708 |
0360 |
1 |
F |
Simplification of the UE handling of keys at handover |
15.2.0 |
|
2018-09 |
SA#81 |
SP-180707 |
0362 |
1 |
F |
CR on the registration procedure for mobility from EPS to 5GS |
15.2.0 |
|
2018-09 |
SA#81 |
SP-180708 |
0363 |
1 |
F |
CR on adding KAMF change flag in NAS SMC |
15.2.0 |
|
2018-09 |
SA#81 |
SP-180708 |
0364 |
1 |
F |
CR on corrections on the UP security policy confirmation |
15.2.0 |
|
2018-09 |
SA#81 |
SP-180708 |
0365 |
1 |
F |
CR on corrections on the UP security policy confirmation |
15.2.0 |
|
2018-09 |
SA#81 |
SP-180708 |
0366 |
1 |
F |
CR on corrections on the 5GS to EPS handover procedure |
15.2.0 |
|
2018-09 |
SA#81 |
SP-180707 |
0367 |
– |
F |
Handling of initial value of CounterSoR |
15.2.0 |
|
2018-09 |
SA#81 |
SP-180707 |
0368 |
– |
F |
Update on InactiveMAC-I calculation |
15.2.0 |
|
2018-09 |
SA#81 |
SP-180707 |
0370 |
1 |
F |
Clarification to the protection of attributes by the SEPP |
15.2.0 |
|
2018-09 |
SA#81 |
SP-180707 |
0373 |
– |
D |
Editorial correction to 6.7.2 of 33.501 |
15.2.0 |
|
2018-09 |
SA#81 |
SP-180709 |
0374 |
– |
B |
Security mechanisms for non-SBA interfaces in 5GC |
15.2.0 |
|
2018-09 |
SA#81 |
SP-180709 |
0375 |
– |
F |
Clarifications to 13.5 |
15.2.0 |
|
2018-09 |
SA#81 |
SP-180709 |
0376 |
– |
B |
Application layer security on the N32 interface |
15.2.0 |
|
2018-12 |
SA#82 |
SP-181022 |
0377 |
– |
F |
Intra-gNB-CU term synchronization |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181022 |
0378 |
– |
F |
Update RNA Update Procedure Security |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181022 |
0379 |
– |
F |
N2 HO: Handling source algorithms for RRC Reestablishment procedure |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181022 |
0380 |
1 |
F |
Handling of UP security policy in MR-DC |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181022 |
0381 |
– |
F |
Delete EN in SBA Requirements |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181022 |
0382 |
– |
F |
Clarifications on AccessToken_Get Response message |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181022 |
0383 |
– |
F |
Editorial corrections on Authorization of NF service access |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181022 |
0384 |
– |
F |
Add discover procedure as a pre-requisite for obtaining access token |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181022 |
0385 |
– |
F |
correction on the mobility from 5G to 4G |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181022 |
0387 |
– |
F |
Editorial corrections on the 5GS to EPS handover procedure |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181022 |
0388 |
– |
F |
Editorial corrections on the 5GS to EPS handover procedure |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181022 |
0389 |
– |
F |
Multiple NAS connections: clarification on the action of MAC verification in registration request over non-3gpp access |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181022 |
0390 |
1 |
F |
Interworking – correcting keying material in HO request message (EPS to 5GS) |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181022 |
0391 |
– |
F |
Length of IV salt and sequence counter |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181022 |
0392 |
– |
F |
Correction to the Security Service for Steering of Roaming |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181022 |
0393 |
– |
F |
Mobility – Clarification of downlink NAS COUNT in N2 handover |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181022 |
0394 |
– |
F |
NAS key refresh |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181023 |
0395 |
– |
F |
Caching access tokens |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181023 |
0396 |
– |
F |
Addition of multiple instance IDs to OAuth2.0 access token claims |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181023 |
0397 |
– |
F |
Corrections to references for security related service in clause 14 |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181023 |
0398 |
– |
F |
Correction to Nudm_UEAuthentication_ResultConfirmation service |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181023 |
0399 |
– |
F |
Correction to 5G AKA procedure – no need for SUPI or SUCI (in step 10) |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181023 |
0401 |
– |
F |
Acknowledging possibility of early calculation of EMSK |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181023 |
0402 |
– |
F |
Precedence of protection policies on the N32 interface |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181023 |
0403 |
– |
F |
Handling of encrypted IEs on the N32 interface |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181023 |
0404 |
– |
F |
Reference correction and editiorial clarification |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181023 |
0405 |
– |
F |
Removing mandatory text from note |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181023 |
0406 |
– |
F |
Clarification on first bits of EMSK |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181023 |
0407 |
– |
F |
Misleading text with reference regarding serving network name |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181023 |
0408 |
– |
F |
Alignment regarding KEY reference to 33.220 |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181023 |
0409 |
– |
F |
Clarification to support of authentication methods |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181023 |
0410 |
– |
F |
Clarification to AUSF key derivation |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181023 |
0411 |
– |
F |
Corrections and addtions to definition clause |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181023 |
0412 |
– |
F |
Remove EN in 13.2 |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181023 |
0413 |
– |
F |
Clarifications to clause 13.2.1 |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181023 |
0414 |
– |
F |
Remove EN in 13.2.2.1 |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181023 |
0415 |
– |
F |
Correction in step 2 of 13.2.2.2 |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181023 |
0416 |
– |
F |
Corrections in 13.2.2.4 on N32-f context ID |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181023 |
0417 |
– |
F |
Clarifications and corrections in clause 13.2.4 |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181024 |
0418 |
– |
F |
Multiple NAS Connection: Correcting NAS link identifier |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181024 |
0419 |
3 |
F |
Replace 5G-RAN with NG-RAN in TS 33.501 |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181024 |
0424 |
– |
F |
Editorial modification on gNB requirement |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181024 |
0425 |
1 |
F |
AS subscription temperary identifier privacy |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181024 |
0426 |
1 |
F |
Proposal about improvement of the UP security policy |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181024 |
0427 |
1 |
F |
Corrections to definition of 5G AS security context for 3GPP access |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181024 |
0428 |
1 |
F |
SUPI format in KAMF computation |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181024 |
0429 |
1 |
F |
Editorial corrections in 6.9.2.3 |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181024 |
0430 |
1 |
F |
Update RRC reestablishment security procedure based on RAN2 agreement |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181024 |
0431 |
1 |
F |
Adding UP security policy in SN Addition/modification Request message |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181024 |
0433 |
1 |
F |
Clarification: AMF confirming UE SUPI in case NAS SMC failed |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181024 |
0437 |
– |
F |
Corrections to 5.2 Requirements on the UE |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181024 |
0438 |
– |
F |
Corrections to 5.3 Requirements on the gNB |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181024 |
0439 |
– |
F |
Corrections to 9. Security procedures for non-service based interfaces |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181024 |
0441 |
– |
F |
Correction on handover procedure from 5G to 4G |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181024 |
0442 |
– |
F |
Editorial corrections on the UP integrity mechanisms |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181024 |
0443 |
– |
F |
Editorial corrections on the SN Addition/Modification procedure |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181024 |
0446 |
1 |
F |
CR to TS33.501-Registration related text correction |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181024 |
0448 |
1 |
F |
Corrections to N32 Protection policies |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181024 |
0450 |
1 |
F |
Adopting a more normative language in clause 13 |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181024 |
0451 |
1 |
F |
Amendment to secondary re-authentication procedure |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181025 |
0454 |
1 |
F |
Clarification on interworking |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181025 |
0455 |
1 |
F |
Update on access token in roaming scenario |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181025 |
0457 |
– |
F |
Corrections of N32-f key hierarchy |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181025 |
0458 |
1 |
F |
Shift of text from SEPP intro to subclause |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181025 |
0459 |
1 |
F |
Clarification to protection scheme identifier |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181025 |
0460 |
– |
F |
Clarification to the transfer of the authentication success result to UDM |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181025 |
0463 |
– |
F |
Correction of formatting errors |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181025 |
0464 |
1 |
F |
Alignment on Home Network Public Key |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181025 |
0465 |
1 |
F |
N32: remove redundant references to encrypted IEs |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181025 |
0466 |
– |
F |
pSEPP-pNF authentication |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181025 |
0467 |
1 |
F |
Editorial corrections in clauses in 13.2 |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181025 |
0468 |
1 |
F |
Security between SEPP and IPX |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181025 |
0469 |
1 |
F |
Two parallel N32-c connections between SEPPs |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181025 |
0470 |
1 |
F |
Correction to Key hierarchy diagram |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181025 |
0471 |
– |
F |
Corrections to KSEAF derivation in Key distribution and derivation |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181025 |
0473 |
1 |
F |
Handling of NAS COUNTs |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181025 |
0474 |
2 |
F |
NG-RAN – clause 6.9.2.2 |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181026 |
0475 |
2 |
F |
NG-RAN – clause 6.9.2.3.3 |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181026 |
0476 |
2 |
F |
NG-RAN – clause 6.9.2.3.4 |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181026 |
0479 |
– |
F |
Corrections on the number of bits of downlink NAS COUNT value to be delivered in the 5GS to EPS handover procedure |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181026 |
0480 |
– |
F |
Clarification on storing the selected EPS NAS algorithms |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181026 |
0481 |
1 |
F |
Clarification on RRC Inactive procedure support by ng-eNB |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181026 |
0483 |
– |
F |
KgNB derivation in N2 handover |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181026 |
0484 |
1 |
B |
Security mechanism for UE Parameters Update via UDM Control Plane Procedure |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181026 |
0488 |
– |
F |
Aligning the description of the initial NAS security procedures based on the CT1 agreements |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181026 |
0489 |
– |
F |
Inter PLMN Routing |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181026 |
0490 |
– |
F |
Verification of the PLMN-ID by the receiving SEPP |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181026 |
0491 |
– |
F |
Maximum output size of SUPI concealment schemes |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181026 |
0492 |
– |
F |
Support of UP security policy in ng-eNB |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181026 |
0493 |
– |
F |
Update of EAP-AKA’ reference to make it compatible with 5G |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181026 |
0494 |
– |
F |
Clarifications to SUPI and SUCI |
15.3.0 |
|
2018-12 |
SA#82 |
SP-181026 |
0495 |
– |
F |
KgNB derivation in EPS to 5GS handover |
15.3.0 |
|
2018-12 |
SA#82 |
Version including all implementing CRs |
15.3.1 |
||||
|
2018-09 |
SA#83 |
SP-190095 |
0498 |
– |
F |
Clarification and correct clause reference for RNAU w/o context relocation |
15.4.0 |
|
2018-09 |
SA#83 |
SP-190095 |
0501 |
– |
F |
Editorials and minor clarifications for clause 13.1 |
15.4.0 |
|
2018-09 |
SA#83 |
SP-190095 |
0502 |
1 |
F |
Editorials and minor clarifications for clause 13.2 |
15.4.0 |
|
2018-09 |
SA#83 |
SP-190095 |
0503 |
– |
F |
Name correction of the Nudm_SDM_Notification service operation |
15.4.0 |
|
2018-09 |
SA#83 |
SP-190095 |
0515 |
1 |
F |
Clarification for clause 6.10.2.1 |
15.4.0 |
|
2018-09 |
SA#83 |
SP-190095 |
0516 |
1 |
F |
Clarification for UP security in dual connectivity |
15.4.0 |
|
2018-09 |
SA#83 |
SP-190095 |
0517 |
1 |
F |
Clarification on interworking case |
15.4.0 |
|
2018-09 |
SA#83 |
SP-190095 |
0518 |
1 |
F |
Clarification on NAS key activation in multi-NAS connection |
15.4.0 |
|
2018-09 |
SA#83 |
SP-190095 |
0519 |
1 |
F |
Clarification on the UE selecting the 4G or 5G security protection method |
15.4.0 |
|
2018-09 |
SA#83 |
SP-190095 |
0520 |
1 |
F |
Corrections on ng-ran keys for EUTRA connected to 5GC |
15.4.0 |
|
2018-09 |
SA#83 |
SP-190095 |
0524 |
1 |
F |
NAS counter clarification on interworking |
15.4.0 |
|
2018-09 |
SA#83 |
SP-190095 |
0525 |
– |
F |
Update on the token verification |
15.4.0 |
|
2018-09 |
SA#83 |
SP-190095 |
0526 |
2 |
F |
Clarification on service authorization and token verification |
15.4.0 |
|
2018-09 |
SA#83 |
SP-190095 |
0528 |
1 |
F |
Clarification on the Use of the SUPI in the Kamf Derivation |
15.4.0 |
|
2018-09 |
SA#83 |
SP-190095 |
0529 |
2 |
F |
Clarification on the allocation of 5G-GUTI |
15.4.0 |
|
2018-09 |
SA#83 |
SP-190095 |
0530 |
1 |
F |
Corrections to RRC Inactive procedure.and RAN-based notification area update procedure. |
15.4.0 |
|
2018-09 |
SA#83 |
SP-190095 |
0531 |
1 |
F |
EUTRA connected to 5GC: clause 6.6.2 |
15.4.0 |
|
2018-09 |
SA#83 |
SP-190095 |
0532 |
1 |
F |
EUTRA connected to 5GC: clause 6.7.3 |
15.4.0 |
|
2018-09 |
SA#83 |
SP-190095 |
0533 |
1 |
F |
EUTRA connected to 5GC: clause 6.7.4 |
15.4.0 |
|
2018-09 |
SA#83 |
SP-190095 |
0534 |
1 |
F |
EUTRA connected to 5GC: clause 6.8.1 |
15.4.0 |
|
2018-09 |
SA#83 |
SP-190095 |
0535 |
1 |
F |
EUTRA connected to 5GC: clause 6.8.2 |
15.4.0 |
|
2018-09 |
SA#83 |
SP-190096 |
0536 |
1 |
F |
EUTRA connected to 5GC: clause 6.9.2.1 |
15.4.0 |
|
2018-09 |
SA#83 |
SP-190096 |
0538 |
1 |
F |
EUTRA connected to 5GC: clauses 6.9.3 and 6.9.4 |
15.4.0 |
|
2018-09 |
SA#83 |
SP-190096 |
0539 |
1 |
F |
EUTRA connected to 5GC: clause 6.9.5 |
15.4.0 |
|
2018-09 |
SA#83 |
SP-190096 |
0540 |
– |
F |
EUTRA connected to 5GC: clause 6.11 |
15.4.0 |
|
2018-09 |
SA#83 |
SP-190096 |
0541 |
– |
F |
EUTRA connected to 5GC: clause 8 and Annex A |
15.4.0 |
|
2018-09 |
SA#83 |
SP-190096 |
0542 |
– |
F |
Clarification to AKA parameter derivation |
15.4.0 |
|
2018-09 |
SA#83 |
SP-190096 |
0544 |
1 |
F |
Multiple active NAS connections in the same PLMN’s serving network: common algorithm identifiers |
15.4.0 |
|
2018-09 |
SA#83 |
SP-190096 |
0545 |
– |
F |
Clarification to the implementation requirement for the protection of the backhaul and sidehaul interfaces |
15.4.0 |
|
2018-09 |
SA#83 |
SP-190096 |
0546 |
– |
F |
Clarification to idle mode mobility from EPS to 5GS |
15.4.0 |
|
2018-09 |
SA#83 |
SP-190096 |
0547 |
1 |
F |
Allocating new 5G-GUTI during the MO service request procedure |
15.4.0 |
|
2018-09 |
SA#83 |
SP-190096 |
0548 |
– |
F |
Correction to clause 14.2.1 |
15.4.0 |
|
2018-09 |
SA#83 |
SP-190096 |
0550 |
1 |
F |
Correction on RRC states terminology usage |
15.4.0 |
|
2018-09 |
SA#83 |
SP-190096 |
0551 |
1 |
F |
Non-3GPP Access: Correcting Connection Identifier |
15.4.0 |
|
2018-09 |
SA#83 |
SP-190096 |
0553 |
– |
F |
NAS connection identifier in NAS MAC calculation |
15.4.0 |
|
2018-09 |
SA#83 |
SP-190096 |
0554 |
1 |
F |
Clarification on N2 Handover procedure |
15.4.0 |
|
2018-09 |
SA#83 |
SP-190096 |
0555 |
– |
F |
Clarification on KgNB derivation |
15.4.0 |
|
2018-09 |
SA#83 |
SP-190096 |
0557 |
1 |
F |
Input encoding for ECIES protection schemes |
15.4.0 |
|
2018-09 |
SA#83 |
SP-190096 |
0558 |
– |
F |
User Plane Security for 5GC Roaming |
15.4.0 |
|
2018-09 |
SA#83 |
SP-190197 |
0559 |
1 |
F |
Clarification and definition for the term SN Id SNN input in KDFs |
15.4.0 |
|
2019-06 |
SA#84 |
SP-190359 |
0560 |
1 |
F |
Essential clarification of MSIN coding for the ECIES protection shemes |
15.5.0 |
|
2019-06 |
SA#84 |
SP-190359 |
0561 |
1 |
F |
Addition of missing SEPP requirement on JOSE-patch validation |
15.5.0 |
|
2019-06 |
SA#84 |
SP-190359 |
0564 |
1 |
F |
Aligning the storage timing of KAUSF in 5G AKA with EAP-AKA’ |
15.5.0 |
|
2019-06 |
SA#84 |
SP-190359 |
0565 |
1 |
F |
Subscriber privacy: test data for ECIES-based encryption in the UE |
15.5.0 |
|
2019-06 |
SA#84 |
SP-190359 |
0567 |
2 |
F |
Clarification on Subscription Identifier mechanism for De-registration. |
15.5.0 |
|
2019-06 |
SA#84 |
SP-190359 |
0569 |
1 |
F |
Addition of AMF/SMF requirement on security logging |
15.5.0 |
|
2019-06 |
SA#84 |
SP-190359 |
0572 |
1 |
F |
Modification on Use of SUCI in NAS signalling |
15.5.0 |
|
2019-06 |
SA#84 |
SP-190359 |
0573 |
– |
F |
Various corrections to security protocols and cryptography |
15.5.0 |
|
2019-06 |
SA#84 |
SP-190359 |
0575 |
1 |
F |
Slice information for token-based authorization |
15.5.0 |
|
2019-06 |
SA#84 |
SP-190359 |
0576 |
– |
F |
CR to TS33.501 – NAS SMC figure correction |
15.5.0 |
|
2019-06 |
SA#84 |
SP-190359 |
0577 |
1 |
F |
Clarification on the UP integrity mechanisms |
15.5.0 |
|
2019-06 |
SA#84 |
SP-190359 |
0578 |
1 |
F |
Add details on handling UP security in RRC inactive scenario |
15.5.0 |
|
2019-06 |
SA#84 |
SP-190359 |
0581 |
1 |
F |
Clarification for initial NAS message protection |
15.5.0 |
|
2019-06 |
SA#84 |
SP-190359 |
0583 |
1 |
F |
Essential clarification on securing the procedure of idle mobility from 5GS to EPS over N26 interface |
15.5.0 |
|
2019-06 |
SA#84 |
SP-190359 |
0587 |
1 |
F |
Clarification on the SUCI computation |
15.5.0 |
|
2019-06 |
SA#84 |
SP-190359 |
0593 |
1 |
F |
Rectifying incorrect limitation for horiz/vert key derivation |
15.5.0 |
|
2019-06 |
SA#84 |
SP-190359 |
0594 |
1 |
F |
UP policy handling in case of unauthenticated emergency calls |
15.5.0 |
|
2019-06 |
SA#84 |
SP-190359 |
0600 |
1 |
F |
Missing privacy parameters |
15.5.0 |
|
2019-06 |
SA#84 |
SP-190359 |
0602 |
1 |
F |
Correction to the handling of security context in the multi-NAS scenario |
15.5.0 |
|
2019-06 |
SA#84 |
SP-190359 |
0604 |
1 |
F |
Clarification for the NAS MAC failure case in N2 HO |
15.5.0 |
|
2019-06 |
SA#84 |
SP-190359 |
0605 |
1 |
F |
Clarification for the NAS MAC failure case in interworking |
15.5.0 |
|
2019-06 |
SA#84 |
SP-190359 |
0608 |
– |
F |
Clarification for N32 security |
15.5.0 |
|
2019-09 |
SA#85 |
SP-190686 |
0609 |
3 |
F |
Alignment with 29.505 |
15.6.0 |
|
2019-09 |
SA#85 |
SP-190686 |
0610 |
– |
F |
Missing security context handling during registration procedures |
15.6.0 |
|
2019-09 |
SA#85 |
SP-190686 |
0611 |
1 |
F |
NAS Count values in the mapped EPS security context in 5GS to EPS change |
15.6.0 |
|
2019-09 |
SA#85 |
SP-190686 |
0614 |
– |
F |
length of ARFCN-DL |
15.6.0 |
|
2019-09 |
SA#85 |
SP-190686 |
0616 |
1 |
F |
uplink NAS Count for Kasme derivation in idle mode mobility to EPS |
15.6.0 |
|
2019-09 |
SA#85 |
SP-190686 |
0617 |
3 |
F |
Definition of authentication subscription data and update to UDM requirement |
15.6.0 |
|
2019-09 |
SA#85 |
SP-190686 |
0618 |
1 |
F |
Recommendation to run primary authentication after IW HO from 4G to 5G |
15.6.0 |
|
2019-09 |
SA#85 |
SP-190686 |
0622 |
2 |
F |
Update on ARPF |
15.6.0 |
|
2019-09 |
SA#85 |
SP-190686 |
0627 |
1 |
F |
Correction of Reference |
15.6.0 |
|
2019-09 |
SA#85 |
SP-190686 |
0634 |
– |
F |
Changes on handover from EPS to 5GS over N26 |
15.6.0 |
|
2019-09 |
SA#85 |
SP-190686 |
0640 |
1 |
F |
Correction of text on access authentication for untrusted access |
15.6.0 |
|
2019-09 |
SA#85 |
SP-190686 |
0642 |
2 |
F |
General NDS/IP SEG support for non-SBA interfaces |
15.6.0 |
|
2019-09 |
SA#85 |
SP-190686 |
0644 |
1 |
F |
Correcting references |
15.6.0 |
|
2019-09 |
SA#85 |
SP-190686 |
0645 |
1 |
F |
Removing editor notes |
15.6.0 |
|
2019-09 |
SA#85 |
SP-190686 |
0646 |
1 |
F |
Correction of handling of 5G security contexts during EPS to 5GS idle mode mobility |
15.6.0 |
|
2019-09 |
SA#85 |
SP-190686 |
0647 |
1 |
F |
Add missing message flow for Procedure for steering of UE |
15.6.0 |
|
2019-09 |
SA#85 |
SP-190686 |
0648 |
1 |
F |
Security context transfer following the handover from EPS to 5GS |
15.6.0 |
|
2019-09 |
SA#85 |
SP-190686 |
0650 |
3 |
F |
Clarification on UE context transfer in registration with AMF reallocation via direct NAS reroute |
15.6.0 |
|
2019-09 |
SA#85 |
SP-190686 |
0652 |
1 |
F |
Changes on handover from 5GS to EPS over N26 |
15.6.0 |
|
2019-09 |
SA#85 |
SP-190686 |
0653 |
– |
F |
Clarification for Secondary Authentication |
15.6.0 |
|
2019-09 |
SA#85 |
SP-190686 |
0655 |
1 |
F |
Adjust the proceudure of GPSI and IP/MAC notification |
15.6.0 |
|
2019-09 |
SA#85 |
SP-190686 |
0656 |
– |
F |
Security of RRC UE capability transfer procedure in 5GS |
15.6.0 |
|
2019-09 |
SA#85 |
SP-190686 |
0659 |
– |
F |
Aligning KAUSF storage at the UE with SoR and UPU procedures |
15.6.0 |
|
2019-09 |
SA#85 |
SP-190685 |
0636 |
1 |
B |
Clarification to Initial NAS message protection |
16.0.0 |
|
2019-09 |
SA#85 |
SP-190687 |
0641 |
1 |
B |
Security for non-public networks |
16.0.0 |
|
2019-09 |
SA#85 |
SP-190682 |
0660 |
– |
B |
Security for SRVCC for 5G to UTRAN CS |
16.0.0 |
|
2019-12 |
SA#86 |
SP-191132 |
0668 |
– |
A |
Mirror for Adding Missing Procedure for Security Handling for RRCConnectionRe-establishment Procedure |
16.1.0 |
|
2019-12 |
SA#86 |
SP-191132 |
0673 |
1 |
A |
Clarification on primary authentication in direct NAS reroute for Rel-16 |
16.1.0 |
|
2019-12 |
SA#86 |
SP-191131 |
0675 |
1 |
B |
Security for roaming interfaces in indirect communication |
16.1.0 |
|
2019-12 |
SA#86 |
SP-191141 |
0684 |
1 |
F |
Removing editor’s note on capturing all the details for alternative authentication methods |
16.1.0 |
|
2019-12 |
SA#86 |
SP-191132 |
0686 |
– |
A |
Clarification on ARFCN for KNG-RAN derivation |
16.1.0 |
|
2019-12 |
SA#86 |
SP-191132 |
0691 |
1 |
A |
Updates to Counter Check Procedure |
16.1.0 |
|
2019-12 |
SA#86 |
SP-191131 |
0692 |
1 |
B |
Security requirements for SeCoP |
16.1.0 |
|
2019-12 |
SA#86 |
SP-191131 |
0693 |
B |
Authentication and authorization between SeCoP and network functions |
16.1.0 |
|
|
2019-12 |
SA#86 |
SP-191131 |
0694 |
B |
Authentication and authorization between SeCoPs |
16.1.0 |
|
|
2019-12 |
SA#86 |
SP-191131 |
0696 |
1 |
B |
TLS between NF and SEPP based on custom HTTP header |
16.1.0 |
|
2019-12 |
SA#86 |
SP-191141 |
0701 |
– |
F |
Some corrections/clarification for non-public networks |
16.1.0 |
|
2019-12 |
SA#86 |
SP-191141 |
0702 |
– |
F |
Removal of Editor’s Note on conformance tests |
16.1.0 |
|
2019-12 |
SA#86 |
SP-191141 |
0704 |
1 |
B |
Security for 5GLAN services |
16.1.0 |
|
2019-12 |
SA#86 |
SP-191141 |
0705 |
– |
B |
Intro to Security Annex for TSC service |
16.1.0 |
|
2019-12 |
SA#86 |
SP-191141 |
0706 |
1 |
B |
Access security for a TSC-enabled UE |
16.1.0 |
|
2019-12 |
SA#86 |
SP-191141 |
0707 |
2 |
B |
UP security in TSC |
16.1.0 |
|
2019-12 |
SA#86 |
SP-191132 |
0708 |
– |
F |
Correction of handling of 5G security contexts during EPS to 5GS idle mode mobility |
16.1.0 |
|
2019-12 |
SA#86 |
SP-191141 |
0709 |
– |
D |
Adding TSC abbreviation |
16.1.0 |
|
2019-12 |
SA#86 |
SP-191131 |
0710 |
– |
B |
Service access authorization of a NF Set |
16.1.0 |
|
2020-03 |
SA#87E |
SP-200255 |
0689 |
3 |
B |
Protection of N9 interface |
16.2.0 |
|
2020-03 |
SA#87E |
SP-200139 |
0745 |
– |
F |
UE handling on CHO key derivation for NR |
16.2.0 |
|
2020-03 |
SA#87E |
SP-200140 |
0747 |
– |
F |
Authentication in PNI-NPN |
16.2.0 |
|
2020-03 |
SA#87E |
SP-200255 |
0754 |
1 |
B |
Security requirements for Inter-PLMN User Plane Security (IPUPS) Function |
16.2.0 |
|
2020-03 |
SA#87E |
SP-200133 |
0755 |
1 |
B |
Resource Level Authorization using Access Tokens |
16.2.0 |
|
2020-03 |
SA#87E |
SP-200133 |
0756 |
1 |
F |
3gpp-Sbi_Target-apiRoot header and TLS on N32 |
16.2.0 |
|
2020-03 |
SA#87E |
SP-200143 |
0757 |
– |
B |
Using EAP-TLS with TLS 1.3 |
16.2.0 |
|
2020-03 |
SA#87E |
SP-200139 |
0759 |
1 |
C |
Key derivation for CHO (NR R16) |
16.2.0 |
|
2020-03 |
SA#87E |
SP-200134 |
0760 |
1 |
A |
Clarification on native security context activation in handover from EPS to 5GS |
16.2.0 |
|
2020-03 |
SA#87E |
SP-200223 |
0765 |
– |
F |
Editoral Change on reference clauses |
16.2.0 |
|
2020-03 |
SA#87E |
SP-200140 |
0766 |
1 |
B |
UP security policy enforcement in 5GLAN |
|
|
2020-03 |
SA#87E |
SP-200140 |
0767 |
1 |
F |
Referencing Annex for use of authentication methods |
16.2.0 |
|
2020-03 |
SA#87E |
SP-200140 |
0768 |
1 |
D |
Clarifications on authentication methods selection and key derivation |
16.2.0 |
|
2020-03 |
SA#87E |
SP-200140 |
0769 |
– |
F |
Modification of CAG ID list |
16.2.0 |
|
2020-03 |
SA#87E |
SP-200140 |
0770 |
– |
C |
Definition of SN Id for standalone non-public networks |
16.2.0 |
|
2020-03 |
SA#87E |
SP-200140 |
0771 |
1 |
D |
UP integrity enforcement for gPTP messages |
16.2.0 |
|
2020-03 |
SA#87E |
SP-200144 |
0782 |
– |
B |
Solution for IAB Architecture – 5GC |
16.2.0 |
|
2020-03 |
SA#87E |
SP-200142 |
0783 |
– |
B |
Security of 5G URLLC |
16.2.0 |
|
2020-03 |
SA#87E |
SP-200145 |
0784 |
– |
B |
5G security for 5WWC |
16.2.0 |
|
2020-07 |
SA#88E |
SP-200630 |
0762 |
3 |
A |
Clarification on the use of SUPI as the Identity in EAP-AKA’ key derivation |
16.3.0 |
|
2020-07 |
SA#88E |
SP-200369 |
0804 |
1 |
F |
AKMA key generation indication |
16.3.0 |
|
2020-07 |
SA#88E |
SP-200368 |
0805 |
– |
F |
Adding a definition for IAB-UE |
16.3.0 |
|
2020-07 |
SA#88E |
SP-200365 |
0806 |
– |
D |
Aligning abbreviation of Service Communication Proxy with TS 23.501 |
16.3.0 |
|
2020-07 |
SA#88E |
SP-200365 |
0807 |
– |
F |
Clarification on SEPP role regarding the 3gpp-Sbi-Target-apiRoot HTTP header |
16.3.0 |
|
2020-07 |
SA#88E |
SP-200365 |
0808 |
1 |
B |
Authentication in indirect communication scenarios |
16.3.0 |
|
2020-07 |
SA#88E |
SP-200370 |
0824 |
– |
F |
Clarification on SUCI computation |
16.3.0 |
|
2020-07 |
SA#88E |
SP-200370 |
0828 |
1 |
A |
Correction to security capability negotiation between SEPPs |
16.3.0 |
|
2020-07 |
SA#88E |
SP-200370 |
0830 |
– |
A |
Correction to initial EAP Authentication with an external AAA server |
16.3.0 |
|
2020-07 |
SA#88E |
SP-200370 |
0832 |
– |
A |
Editorial changes to TS 33.501 R16 |
16.3.0 |
|
2020-07 |
SA#88E |
SP-200371 |
0833 |
1 |
F |
Security entities at the perimeter of the 5G Core network |
16.3.0 |
|
2020-07 |
SA#88E |
SP-200356 |
0838 |
– |
D |
Several corrections to spec text |
16.3.0 |
|
2020-07 |
SA#88E |
SP-200370 |
0840 |
A |
shortResumeMAC-I calculation |
16.3.0 |
|
|
2020-07 |
SA#88E |
SP-200367 |
0841 |
2 |
B |
Security Aspects of DNS and ICMP |
16.3.0 |
|
2020-07 |
SA#88E |
SP-200368 |
0844 |
1 |
B |
F1 interface security set-up procedure |
16.3.0 |
|
2020-07 |
SA#88E |
SP-200372 |
0846 |
– |
B |
UE pre-configuration for non-3GPP access networks |
16.3.0 |
|
2020-07 |
SA#88E |
SP-200356 |
0847 |
B |
SUCI computation: implementers’ test data for network specific identifier-based SUPI |
16.3.0 |
|
|
2020-07 |
SA#88E |
SP-200368 |
0848 |
– |
F |
Editorial change to the security for IAB |
16.3.0 |
|
2020-07 |
SA#88E |
SP-200372 |
0849 |
– |
F |
CR of 5WWC |
16.3.0 |
|
2020-07 |
SA#88E |
SP-200373 |
0850 |
2 |
B |
5GS LCS work |
16.3.0 |
|
2020-07 |
SA#88E |
SP-200366 |
0851 |
1 |
B |
Normative text for supporting 5G CIoT security |
16.3.0 |
|
2020-07 |
SA#88E |
SP-200628 |
0852 |
1 |
C |
Update to User Plane Integrity Protection |
16.3.0 |
|
2020-07 |
SA#88E |
SP-200553 |
0853 |
– |
B |
Network slice specific authentication and authorization clauses |
16.3.0 |
|
2020-07 |
SA#88E |
SP-200584 |
0854 |
– |
B |
Token-based authorization in indirect communication scenarios |
16.3.0 |
|
2020-09 |
SA#89E |
SP-200709 |
0834 |
3 |
A |
Clarification to 5G AV |
16.4.0 |
|
2020-09 |
SA#89E |
SP-200709 |
0858 |
– |
A |
Resolution of editor’s note in clause 6.3.2.1 – R16 mirror |
16.4.0 |
|
2020-09 |
SA#89E |
SP-200709 |
0860 |
– |
A |
Resolution of editor’s notes in clause 6.8.1.2.0 – R16 mirror |
16.4.0 |
|
2020-09 |
SA#89E |
SP-200709 |
0862 |
– |
A |
Resolution of editor’s note in clause 6.8.1.2.2 – R16 mirror |
16.4.0 |
|
2020-09 |
SA#89E |
SP-200709 |
0864 |
– |
A |
Resolution of editor’s note in clause 6.8.1.2.4 – R16 mirror |
16.4.0 |
|
2020-09 |
SA#89E |
SP-200709 |
0866 |
– |
A |
Resolution of editor’s note in clause 6.9.1 – R16 mirror |
16.4.0 |
|
2020-09 |
SA#89E |
SP-200709 |
0868 |
– |
A |
Resolution of editor’s note in clause 6.9.4.1 – R16 mirror |
16.4.0 |
|
2020-09 |
SA#89E |
SP-200709 |
0870 |
– |
A |
Resolution of editor’s note in clause 6.9.4.2 – R16 mirror |
16.4.0 |
|
2020-09 |
SA#89E |
SP-200709 |
0872 |
– |
A |
Resolution of editor’s note in clause 6.9.4.3 – R16 mirror |
16.4.0 |
|
2020-09 |
SA#89E |
SP-200709 |
0874 |
1 |
A |
Resolution of editor’s note in clause 10.2.2.2 – R16 mirror |
16.4.0 |
|
2020-09 |
SA#89E |
SP-200709 |
0876 |
– |
A |
Resolution of editor’s note in clause 13.2.4.4.1 – R16 mirror |
16.4.0 |
|
2020-09 |
SA#89E |
SP-200709 |
0878 |
– |
A |
Resolution of editor’s note in clause 13.5 – R16 mirror |
16.4.0 |
|
2020-09 |
SA#89E |
SP-200709 |
0879 |
– |
A |
Access Token Signature using MAC with symmetric key |
16.4.0 |
|
2020-09 |
SA#89E |
SP-200706 |
0880 |
1 |
F |
Static authorization details |
16.4.0 |
|
2020-09 |
SA#89E |
SP-200710 |
0882 |
– |
F |
Removing rel-15 text relating to N9 roaming UP |
16.4.0 |
|
2020-09 |
SA#89E |
SP-200773 |
0883 |
1 |
F |
Deletion of confusing text on KSEAF |
16.4.0 |
|
2020-09 |
SA#89E |
SP-200773 |
0885 |
1 |
F |
Clarification of ECIES Profile B uncompressed mode text |
16.4.0 |
|
2020-09 |
SA#89E |
SP-200773 |
0888 |
1 |
A |
Editorials on 13.4.1.2 Service access authorization in roaming scenarios-R15 |
16.4.0 |
|
2020-09 |
SA#89E |
SP-200706 |
0900 |
1 |
F |
Alignment and clarifications to SBA network or transport layer protocol |
16.4.0 |
|
2020-09 |
SA#89E |
SP-200773 |
0901 |
2 |
A |
N32 interface |
16.4.0 |
|
2020-09 |
SA#89E |
SP-200706 |
0903 |
1 |
F |
Authentication and static authorization |
16.4.0 |
|
2020-09 |
SA#89E |
SP-200706 |
0904 |
1 |
F |
Overview clause on communication models |
16.4.0 |
|
2020-09 |
SA#89E |
SP-200706 |
0905 |
2 |
F |
Authorization of NF service access |
16.4.0 |
|
2020-09 |
SA#89E |
SP-200716 |
0909 |
– |
F |
Modification on AAA Server triggered Slice-Specific Authorization Revocation procedure |
16.4.0 |
|
2020-09 |
SA#89E |
SP-200716 |
0913 |
1 |
F |
Editorial changes to Clause 16 |
16.4.0 |
|
2020-09 |
SA#89E |
SP-200773 |
0915 |
1 |
A |
Mirror: change the long-lived TLS connection of N32-C to the short-lived |
16.4.0 |
|
2020-09 |
SA#89E |
SP-200773 |
0917 |
1 |
A |
Update the N32-f context ID negotiation procedure |
16.4.0 |
|
2020-09 |
SA#89E |
SP-200773 |
0921 |
1 |
A |
Mirror: Clarification on AMF reallocation with direct NAS reroute |
16.4.0 |
|
2020-09 |
SA#89E |
SP-200773 |
0924 |
– |
F |
Correction to Clause 6.10.2.1. SN Addition or modification |
16.4.0 |
|
2020-09 |
SA#89E |
SP-200773 |
0926 |
– |
A |
Correction of the full form of the abbreviation NRF |
16.4.0 |
|
2020-09 |
SA#89E |
SP-200707 |
0937 |
1 |
F |
Allocation of FC values for KIAB derivation function |
16.4.0 |
|
2020-09 |
SA#89E |
SP-200773 |
0944 |
1 |
A |
Clarifications to SoR integrity protection mechanism |
16.4.0 |
|
2020-09 |
SA#89E |
SP-200773 |
0947 |
– |
A |
Error handling by the receiving NF |
16.4.0 |
|
2020-09 |
SA#89E |
SP-200773 |
0951 |
– |
A |
NF Service Producer authorization |
16.4.0 |
|
2020-12 |
SA#90e |
SP-201012 |
0835 |
3 |
A |
Clarification to SEAF |
16.5.0 |
|
2020-12 |
SA#90e |
SP-201011 |
0907 |
2 |
F |
Re-using of access token in indirect communication with delegated discovery |
16.5.0 |
|
2020-12 |
SA#90e |
SP-201012 |
0955 |
1 |
A |
NRF authorization during NF service consumer Access Token Get Request |
16.5.0 |
|
2020-12 |
SA#90e |
SP-201007 |
0958 |
– |
F |
Removal of AKMA related changes to TS 33.501 in Rel-16 |
16.5.0 |
|
2020-12 |
SA#90e |
SP-201115 |
0960 |
3 |
F |
Error correction and clarification of Annex O |
16.5.0 |
|
2020-12 |
SA#90e |
SP-201009 |
0961 |
1 |
F |
Storage of 5G security context for each access type during multiple PLMN registration |
16.5.0 |
|
2020-12 |
SA#90e |
SP-201012 |
0968 |
1 |
A |
Secondary authentication/authorization revocation |
16.5.0 |
|
2020-12 |
SA#90e |
SP-201013 |
0970 |
– |
F |
Correction to Nnssaaf_NSSAA services |
16.5.0 |
|
2020-12 |
SA#90e |
SP-201013 |
0971 |
– |
F |
Clean up to the Nnssaaf_NSSAA services |
16.5.0 |
|
2020-12 |
SA#90e |
SP-201011 |
0972 |
1 |
F |
Input parameters of access token request addition and verification |
16.5.0 |
|
2020-12 |
SA#90e |
SP-201009 |
0976 |
– |
F |
Modification policy clarification in Rel16 |
16.5.0 |
|
2020-12 |
SA#90e |
SP-201012 |
0984 |
1 |
A |
Corrections for the NRF token request service |
16.5.0 |
|
2020-12 |
SA#90e |
SP-201011 |
0987 |
1 |
F |
Resolving Editor’s Note on SCP performing token-based authorization on behalf of Network Functions |
16.5.0 |
|
2020-12 |
SA#90e |
SP-201012 |
0998 |
– |
A |
NFc and NFp alignment in static authorization |
16.5.0 |
|
2020-12 |
SA#90e |
SP-201012 |
1002 |
– |
A |
Authorization of NF service access – removal of ambigious terminology |
16.5.0 |
|
2020-12 |
SA#90e |
SP-201012 |
1004 |
1 |
A |
Authorization of NF service access – service request process steps |
16.5.0 |
|
2020-12 |
SA#90e |
SP-201011 |
1005 |
– |
F |
NF Service Consumer authentication |
16.5.0 |
|
2020-12 |
SA#90e |
SP-201011 |
1006 |
1 |
F |
Authorization between NFs and SCP |
16.5.0 |
|
2020-12 |
SA#90e |
SP-201012 |
1011 |
– |
A |
[Mirror]Correction to derivation of KSN for dual connectivity |
16.5.0 |
|
2020-12 |
SA#90e |
SP-201009 |
1013 |
1 |
F |
Support for mutual authentication between network entities |
16.5.0 |
|
2020-12 |
SA#90e |
SP-201009 |
1017 |
1 |
F |
Correcting use of (D)TLS in 33.501 |
16.5.0 |
|
2020-12 |
SA#90e |
SP-201008 |
0959 |
1 |
B |
CR for AKMA changes to TS 33.501 in Rel-17 |
17.0.0 |
|
2021-03 |
SA#91e |
SP-210113 |
1019 |
1 |
A |
Resolving editor’s note on encryption policy mismatch between SEPPs |
17.1.0 |
|
2021-03 |
SA#91e |
SP-210111 |
1022 |
1 |
A |
NF Service Consumer and Producer in Service Request Process |
17.1.0 |
|
2021-03 |
SA#91e |
SP-210111 |
1023 |
1 |
A |
Access token misuse prevention |
17.1.0 |
|
2021-03 |
SA#91e |
SP-210109 |
1035 |
1 |
A |
Correction to access token storage in NF service consumer |
17.1.0 |
|
2021-03 |
SA#91e |
SP-210111 |
1037 |
2 |
A |
Correction to service request process in OAuth 2.0 based authorization |
17.1.0 |
|
2021-03 |
SA#91e |
SP-210114 |
1044 |
– |
A |
Authentication method selection for N5CW |
17.1.0 |
|
2021-03 |
SA#91e |
SP-210113 |
1048 |
1 |
A |
Mirror: align the JSON format on encryption IE with CT4 in Rel17 |
17.1.0 |
|
2021-03 |
SA#91e |
SP-210109 |
1051 |
1 |
A |
Adding the security requirement with encBlockIndex in Rel17 |
17.1.0 |
|
2021-03 |
SA#91e |
SP-210111 |
1055 |
– |
A |
Corrections for the NRF token request service |
17.1.0 |
|
2021-03 |
SA#91e |
SP-210116 |
1073 |
– |
B |
Extend UPIP support in 5GS for all 5GC connected RAN architecture (NG-RAN) options |
17.1.0 |
|
2021-03 |
SA#91e |
SP-210109 |
1074 |
– |
A |
Correcting notation used for inter-AMF mobility key derivation |
17.1.0 |
|
2021-03 |
SA#91e |
SP-210109 |
1075 |
– |
A |
Correct NAS uplink COUNT for KgNB/KeNB derivation |
17.1.0 |
|
2021-03 |
SA#91e |
SP-210109 |
1076 |
– |
A |
Correct current uplink EPS NAS COUNT used at derivation of a mapped 5G security context |
17.1.0 |
|
2021-03 |
SA#91e |
SP-210115 |
1077 |
– |
A |
5G GUTI re-allocation |
17.1.0 |
|
2021-03 |
SA#91e |
SP-210115 |
1078 |
– |
A |
5G CIoT KNG-RAN derivation |
17.1.0 |
|
2021-03 |
SA#91e |
SP-210109 |
1079 |
1 |
A |
Mirror_Clarification on security protection in AMF reallocation |
17.1.0 |
|
2021-06 |
SA#92e |
SP-210433 |
1081 |
1 |
A |
Clarification on the number of PLMN IDuse by SEPP over N32 |
17.2.0 |
|
2021-06 |
SA#92e |
SP-210435 |
1090 |
1 |
A |
Assign FC Value for KTIPSec and KTNAP Derivation in R17 |
17.2.0 |
|
2021-06 |
SA#92e |
SP-210441 |
1091 |
1 |
F |
Change the procedure of network slice re-authentication and revocation by AAA-S |
17.2.0 |
|
2021-06 |
SA#92e |
SP-210441 |
1094 |
– |
A |
Addressing impersonate attack from AAA-S |
17.2.0 |
|
2021-06 |
SA#92e |
SP-210434 |
1107 |
1 |
A |
Clarify the usage of TLS and PRINS between SEPPs |
17.2.0 |
|
2021-06 |
SA#92e |
SP-210433 |
1109 |
– |
A |
Correction to JOSE profile Reference |
17.2.0 |
|
2021-06 |
SA#92e |
SP-210434 |
1112 |
– |
A |
Downlink NAS COUNT handling after creating NAS container in EPS to 5GS Handover |
17.2.0 |
|
2021-06 |
SA#92e |
SP-210451 |
1114 |
– |
A |
Clarifying the support for authentication methods in an SNPN |
17.2.0 |
|
2021-06 |
SA#92e |
SP-210450 |
1120 |
1 |
F |
Clarification on AMF transparency for SoR |
17.2.0 |
|
2021-06 |
SA#92e |
SP-210451 |
1123 |
A |
Editor’s note of the security of 5GLAN services removal in R17 |
17.2.0 |
|
|
2021-06 |
SA#92e |
SP-210433 |
1128 |
1 |
A |
N32-c and N32-f clarification |
17.2.0 |
|
2021-06 |
SA#92e |
SP-210433 |
1130 |
1 |
A |
Deployment models |
17.2.0 |
|
2021-06 |
SA#92e |
SP-210434 |
1135 |
1 |
A |
Removal of ENs for draft-ietf-emu-rfc5448bis- Rel-17 |
17.2.0 |
|
2021-06 |
SA#92e |
SP-210449 |
1138 |
1 |
A |
Handling of KAUSF upon successful primary authentication |
17.2.0 |
|
2021-06 |
SA#92e |
SP-210439 |
1140 |
– |
B |
PTP aspects |
17.2.0 |
|
2021-06 |
SA#92e |
SP-210439 |
1141 |
– |
B |
NEF-AF aspects |
17.2.0 |
|
2021-06 |
SA#92e |
SP-210441 |
1142 |
– |
A |
Slice privacy protection in NSSAA related procedures (Rel-17) |
17.2.0 |
|
2021-06 |
SA#92e |
SP-210449 |
1143 |
– |
A |
Solving misalignment on mapped security derivation |
17.2.0 |
|
2021-06 |
SA#92e |
Editorial fix on KAUSF to make it subscript. |
17.2.1 |
||||
|
2021-09 |
SA#93e |
SP-210851 |
1150 |
1 |
A |
Rel17 Align KAUSF handling for 5G AKA and EAP-AKA’ for Release 17 |
17.3.0 |
|
2021-09 |
SA#93e |
SP-210842 |
1151 |
– |
F |
Add Routing indicator into the Nudm_UEAuthentication_Get Response |
17.3.0 |
|
2021-09 |
SA#93e |
SP-210852 |
1158 |
1 |
F |
Clairfication on AS key generation after runing NAS SMC |
17.3.0 |
|
2021-09 |
SA#93e |
SP-210851 |
1159 |
1 |
A |
Clarification on Kausf storage in multi-NAS connection |
17.3.0 |
|
2021-09 |
SA#93e |
SP-210850 |
1164 |
– |
A |
Add missing reference |
17.3.0 |
|
2021-09 |
SA#93e |
SP-210852 |
1168 |
F |
Clarification on transparent SoR container |
17.3.0 |
|
|
2021-09 |
SA#93e |
SP-210851 |
1170 |
2 |
A |
Editorial Clarifications for Trusted non-3GPP Access using TNGF |
17.3.0 |
|
2021-09 |
SA#93e |
SP-210852 |
1174 |
1 |
F |
Clarification on AMF transparency for UPU |
17.3.0 |
|
2021-09 |
SA#93e |
SP-210851 |
1176 |
– |
A |
Correction of UDM behaviour |
17.3.0 |
|
2021-09 |
SA#93e |
SP-210852 |
1182 |
3 |
F |
Security context handling in IRAT |
17.3.0 |
|
2021-09 |
SA#93e |
SP-210850 |
1187 |
1 |
A |
NRF service definition |
17.3.0 |
|
2021-09 |
SA#93e |
SP-210840 |
1191 |
1 |
A |
Oauth2.0 misalignment |
17.3.0 |
|
2021-12 |
SA#94e |
SP-211359 |
1202 |
1 |
B |
Support for NSWO in 5GS |
17.4.0 |
|
2021-12 |
SA#94e |
SP-211378 |
1210 |
– |
F |
Integrity check during context transfer scenario 1 |
17.4.0 |
|
2021-12 |
SA#94e |
SP-211381 |
1214 |
1 |
A |
Correction to Authorization for indirect communication |
17.4.0 |
|
2021-12 |
SA#94e |
SP-211389 |
1222 |
1 |
B |
New Annex for Edge computing security |
17.4.0 |
|
2021-12 |
SA#94e |
SP-211381 |
1232 |
1 |
A |
Mutual authentiation NRF-NRF in roaming |
17.4.0 |
|
2021-12 |
SA#94e |
SP-211381 |
1238 |
1 |
A |
N32 for interconnect security |
17.4.0 |
|
2021-12 |
SA#94e |
SP-211380 |
1241 |
— |
A |
[Rel-17]Clarification on KIAB generation for CP-UP separation |
17.4.0 |
|
2021-12 |
SA#94e |
SP-211378 |
1242 |
— |
B |
KIAB generation for NR-DC scenario |
17.4.0 |
|
2021-12 |
SA#94e |
SP-211381 |
1246 |
– |
A |
Clarification on the audience of CCA |
17.4.0 |
|
2021-12 |
SA#94e |
SP-211383 |
1252 |
– |
B |
Security aspects of eNPN |
17.4.0 |
|
2021-12 |
SA#94e |
SP-211384 |
1253 |
– |
B |
User Plane Integrity Protection Policy Handling in IW handover from EPS to 5GS |
17.4.0 |
|
2021-12 |
SA#94e |
SP-211385 |
1254 |
B |
UC3S in TS 33.501 |
17.4.0 |
|
|
2021-12 |
SA#94e |
SP-211386 |
1255 |
– |
B |
Security aspects of 5MBS |
17.4.0 |
|
2021-12 |
SA#94e |
SP-211388 |
1256 |
– |
B |
Security aspects of eNA |
17.4.0 |
|
2021-12 |
SA#94e |
SP-211390 |
1257 |
– |
B |
Security aspects of MSGin5G |
17.4.0 |
|
2022-01 |
Editorial change for the headers of annex U and V |
17.4.1 |
|||||
|
2022-01 |
Removing wrongly implemented CR1219 (which was sent back to SA3 in SA) |
17.4.2 |
|||||
|
2022-03 |
SA#95e |
SP-220203 |
1261 |
1 |
A |
Clarification when the responder SEPP establish a second N32-C connection |
17.5.0 |
|
2022-03 |
SA#95e |
SP-220223 |
1262 |
1 |
F |
Editor note removal from Annex S |
17.5.0 |
|
2022-03 |
SA#95e |
SP-220210 |
1267 |
– |
F |
Delete EN on defining EIA7 in clause 6.6.4.3 |
17.5.0 |
|
2022-03 |
SA#95e |
SP-220216 |
1269 |
1 |
B |
AF Authorization for accessing network slice quota-usage information |
17.5.0 |
|
2022-03 |
SA#95e |
SP-220223 |
1273 |
1 |
F |
Clarification and corrections to NSWO SBI Interface methods |
17.5.0 |
|
2022-03 |
SA#95e |
SP-220228 |
1274 |
1 |
F |
Resolution of authorization issue |
17.5.0 |
|
2022-03 |
SA#95e |
SP-220228 |
1276 |
1 |
F |
Corrections and clarifications in the security mechanisms for MBS |
17.5.0 |
|
2022-03 |
SA#95e |
SP-220225 |
1279 |
1 |
F |
Delete Editor’s Note in UC3S |
17.5.0 |
|
2022-03 |
SA#95e |
SP-220214 |
1283 |
1 |
F |
Refer to User Consent Requirements for eNA |
17.5.0 |
|
2022-03 |
SA#95e |
SP-220215 |
1289 |
1 |
F |
Removing Editor’s note on SUPI sent to AAA |
17.5.0 |
|
2022-03 |
SA#95e |
SP-220194 |
1293 |
– |
B |
Security aspects on MINT feature |
17.5.0 |
|
2022-03 |
SA#95e |
SP-220228 |
1294 |
1 |
F |
Clarification on AS security aspect in 5MBS |
17.5.0 |
|
2022-03 |
SA#95e |
SP-220212 |
1295 |
1 |
A |
Editorial correction on clause 11.1.3 and 11.1.4 |
17.5.0 |
|
2022-03 |
SA#95e |
SP-220227 |
1304 |
– |
A |
Removing Editor’s Note on PNi-NPN security aspects |
17.5.0 |
|
2022-03 |
SA#95e |
SP-220215 |
1307 |
– |
F |
Removing Editor’s note on Credentials Holder using AUSF and UDM for primary authentication |
17.5.0 |
|
2022-03 |
SA#95e |
SP-220215 |
1309 |
– |
F |
Editorial for the Figure on key hierarchy for Credentials Holder using AAA |
17.5.0 |
|
2022-03 |
SA#95e |
SP-220206 |
1312 |
– |
A |
Updating reference to RFC 9048 (EAP-AKA’) |
17.5.0 |
|
2022-03 |
SA#95e |
SP-220223 |
1317 |
– |
F |
Usage of AN ID for NSWO authentication |
17.5.0 |
|
2022-03 |
SA#95e |
SP-220205 |
1319 |
1 |
F |
Resolving EN on authorization in MSGin5G |
17.5.0 |
|
2022-03 |
SA#95e |
SP-220228 |
1322 |
1 |
B |
Security indication in MBS security context |
17.5.0 |
|
2022-03 |
SA#95e |
SP-220222 |
1323 |
– |
F |
Clarification to IAB in EN-DC architecture |
17.5.0 |
|
2022-03 |
SA#95e |
SP-220215 |
1326 |
1 |
F |
Clarification and corrections to UE Onboarding in SNPNs |
17.5.0 |
|
2022-03 |
SA#95e |
SP-220223 |
1327 |
1 |
F |
Co-existence with EPS NSWO |
17.5.0 |
|
2022-03 |
SA#95e |
SP-220223 |
1328 |
1 |
B |
5G NSWO roaming aspects |
17.5.0 |
|
2022-03 |
SA#95e |
SP-220204 |
1329 |
1 |
B |
SBA service operations for Prose L3 U2N security CP solution |
17.5.0 |
|
2022-03 |
SA#95e |
SP-220210 |
1336 |
– |
F |
SEPP reference |
17.5.0 |
|
2022-03 |
SA#95e |
SP-220213 |
1338 |
1 |
A |
Reference to N5CW and key derivation correction |
17.5.0 |
|
2022-03 |
SA#95e |
SP-220219 |
1343 |
– |
F |
Update of references for the GBA related UDM service operations |
17.5.0 |
|
2022-03 |
SA#95e |
SP-220210 |
1344 |
1 |
F |
Clarification of the Registration Request handling for the direct AMF re-allocation |
17.5.0 |
|
2022-03 |
SA#95e |
SP-220210 |
1345 |
1 |
C |
Protect additional SoR information (CPSOR-CMCI) (future proof alternative) |
17.5.0 |
|
2022-03 |
SA#95e |
SP-220215 |
1347 |
1 |
F |
Resolution of editor’s note related to NSSAAF and AUSF selection |
17.5.0 |
|
2022-03 |
SA#95e |
SP-220215 |
1349 |
1 |
F |
Resolution of editor notes related UDM selection |
17.5.0 |
|
2022-03 |
SA#95e |
SP-220215 |
1350 |
1 |
F |
Resolution of editor notes related to protocol between NSSAAF and AAA |
17.5.0 |
|
2022-03 |
SA#95e |
SP-220206 |
1356 |
– |
A |
Remove ambiguous phrase for rekeying error scenario in clause 6.9.2.3.2. |
17.5.0 |
|
2022-06 |
SA#96 |
SP-220542 |
1334 |
2 |
A |
Clarification on separate handling of N32-c and N32-f |
17.6.0 |
|
2022-06 |
SA#96 |
SP-220559 |
1359 |
1 |
A |
Clarifications to secondary authentication PDU Session Container |
17.6.0 |
|
2022-06 |
SA#96 |
SP-220554 |
1363 |
1 |
F |
NSWO alignment with SA2 specs |
17.6.0 |
|
2022-06 |
SA#96 |
SP-220543 |
1365 |
1 |
A |
Clarification on N32-f connection establishment with TLS |
17.6.0 |
|
2022-06 |
SA#96 |
SP-220557 |
1373 |
1 |
F |
Removing the Editor’s Note and add clarifications in the security mechanisms for MBS |
17.6.0 |
|
2022-06 |
SA#96 |
SP-220557 |
1374 |
1 |
F |
Clarifications on the control-plane and user-plane procedures |
17.6.0 |
|
2022-06 |
SA#96 |
SP-220557 |
1375 |
1 |
F |
Enhancement for the service announcement |
17.6.0 |
|
2022-06 |
SA#96 |
SP-220557 |
1379 |
1 |
F |
Clarifications on the multicast security context handling in session creation procedure |
17.6.0 |
|
2022-06 |
SA#96 |
SP-220551 |
1380 |
1 |
F |
Configuration of Anonymous SUCI |
17.6.0 |
|
2022-06 |
SA#96 |
SP-220551 |
1381 |
1 |
F |
UDM interaction for Anonymous SUCI |
17.6.0 |
|
2022-06 |
SA#96 |
SP-220550 |
1386 |
– |
F |
eNA – Editorial corrections and clarification to 33.501 |
17.6.0 |
|
2022-06 |
SA#96 |
SP-220551 |
1387 |
– |
F |
Terminology correction for security of UE onboarding |
17.6.0 |
|
2022-06 |
SA#96 |
SP-220551 |
1388 |
1 |
F |
Corrections and clarifications to secondary authentication during UE onboarding |
17.6.0 |
|
2022-06 |
SA#96 |
SP-220551 |
1391 |
– |
F |
Implementation correction of CR1309 |
17.6.0 |
|
2022-06 |
SA#96 |
SP-220551 |
1397 |
1 |
F |
Resolving Editor’s note on using only null-scheme SUCI |
17.6.0 |
|
2022-06 |
SA#96 |
SP-220551 |
1401 |
1 |
F |
Resolution of inconsistency in SUCI usage during UE onboarding. |
17.6.0 |
|
2022-06 |
SA#96 |
SP-220551 |
1402 |
1 |
F |
Resolving Editor’s Note related to UE onboarding |
17.6.0 |
|
2022-06 |
SA#96 |
SP-220543 |
1412 |
– |
A |
Editorial changes for ENSI |
17.6.0 |
|
2022-06 |
SA#96 |
SP-220556 |
1413 |
1 |
F |
Clarification on the NSWO in the UE side |
17.6.0 |
|
2022-06 |
SA#96 |
SP-220544 |
1414 |
1 |
F |
Resolving the EN on the authorization between SCPs |
17.6.0 |
|
2022-09 |
SA#97e |
SP-220877 |
1427 |
– |
F |
NSWO alignment for MSK and PMK |
17.7.0 |
|
2022-09 |
SA#97e |
SP-220877 |
1428 |
1 |
F |
Correction in AUSF api related to NSWO |
17.7.0 |
|
2022-09 |
SA#97e |
SP-220881 |
1436 |
1 |
F |
pSEPP authorization for PLM ID in access token claim |
17.7.0 |
|
2022-09 |
SA#97e |
SP-220884 |
1444 |
1 |
A |
Alignment of NAS transport protocol for 5G-RG over Wireline |
17.7.0 |
|
2022-09 |
SA#97e |
SP-220878 |
1445 |
F |
Clarification on the authorzation of NF Service Consumers for data access via DCCF |
17.7.0 |
|
|
2022-09 |
SA#97e |
SP-220881 |
1446 |
– |
F |
Confidentiality protection of SMS content over N32 |
17.7.0 |
|
2022-09 |
SA#97e |
SP-220881 |
1447 |
1 |
F |
Clarification of SNI usage for NF clients and servers |
17.7.0 |
|
2022-09 |
SA#97e |
SP-220877 |
1459 |
1 |
F |
Clarification on Authentication for UE behind 5G-RG and FN-RG |
17.7.0 |
|
2022-09 |
SA#97e |
SP-220882 |
1465 |
– |
A |
Revise the subject that performs verificaiton of access token(mirror) |
17.7.0 |
|
2022-09 |
SA#97e |
SP-220892 |
1468 |
1 |
F |
Address EN for UC3S |
17.7.0 |
|
2022-09 |
SA#97e |
SP-220889 |
1469 |
1 |
F |
clarification on the internal authentication and an external authentication |
17.7.0 |
|
2022-09 |
SA#97e |
SP-220890 |
1471 |
1 |
F |
Correction of Transport security protection for MSGin5G interfaces |
17.7.0 |
|
2022-09 |
SA#97e |
SP-220882 |
1482 |
– |
A |
Clarification on OAuth2.0 in interconnect and roaming scenarios |
17.7.0 |
|
2022-12 |
SA#98e |
SP-221155 |
1430 |
2 |
F |
User plane security for Non-SBA based interfaces |
17.8.0 |
|
2022-12 |
SA#98e |
SP-221155 |
1434 |
2 |
F |
NF Service Set ID alignment |
17.8.0 |
|
2022-12 |
SA#98e |
SP-221155 |
1435 |
2 |
F |
Clarification on N32-f connection establishment with TLS |
17.8.0 |
|
2022-12 |
SA#98e |
SP-221154 |
1491 |
– |
A |
Revise the pre-requisite of access token request(mirror) |
17.8.0 |
|
2022-12 |
SA#98e |
SP-221155 |
1500 |
1 |
F |
Authentication in user plane procedure in MBS |
17.8.0 |
|
2022-12 |
SA#98e |
SP-221155 |
1501 |
1 |
F |
Clarification on SNPN ID verification |
17.8.0 |
|
2022-12 |
SA#98e |
SP-221155 |
1512 |
– |
F |
Remove the redundant part of Figure I.2.3.2-1 |
17.8.0 |
|
2022-12 |
SA#98e |
SP-221155 |
1513 |
1 |
F |
Update A.17 for SoR transparent container |
17.8.0 |
|
2022-12 |
SA#98e |
SP-221155 |
1514 |
1 |
F |
Update A.18 to define SoR-XMAC-IUE |
17.8.0 |
|
2022-12 |
SA#98e |
SP-221155 |
1515 |
1 |
F |
Update A.20 to define UPU-XMAC-IUE |
17.8.0 |
|
2022-12 |
SA#98e |
SP-221155 |
1516 |
– |
F |
Update step 15 of clause I.2.2.2.1 |
17.8.0 |
|
2022-12 |
SA#98e |
SP-221156 |
1437 |
1 |
B |
NRF deployments |
18.0.0 |
|
2022-12 |
SA#98e |
SP-221156 |
1525 |
– |
B |
Verification of NSSAIs for preventing slice attack |
18.0.0 |