4 AAnF-specific security requirements and related test cases
33.5373GPPRelease 18Security Assurance Specification (SCAS) for the Authentication and Key Management for Applications (AKMA) Anchor Function Function (AAnF)TS
4.1 Introduction
AAnF specific security requirements include both AAnF-specific security functional requirements in relevant specifications as well as security requirements introduced in the present document derived from the threats specific to AAnF as described in TR 33.926 [3].
4.2 AAnF-specific adaptations of security functional requirements and related test cases
4.2.1 Introduction
The present clause contains AAnF-specific security functional adaptations of requirements and related test cases.
4.2.2 Security functional requirements on the AAnF deriving from 3GPP specifications and related test cases
4.2.2.0 General
The general approach in TS 33.117 [2] clause 4.2.2.1 and all the requirements and test cases in TS 33.117 [2] clause 4.2.2.2 related to SBA/SBI aspects apply to the AAnF network product class.
4.2.2.1 AKMA key storage and update
Requirement Name: AKMA key storage update
Requirement Reference: TS 33.535 [4], clause 6.1
Requirement Description: “The AAnF shall store the latest information sent by the AUSF. After receiving the new generated A-KID and KAKMA, the AAnF deletes the old A-KID and KAKMA and stores the new generated A-KID and KAKMA.” as specified in TS 33.535[4], clause 6.1.
Threat References: TR 33.926 [6], clause X.2.2.Y, AKMA key storage and update
Test Case:
Test Name: TC_AKMA_Key_Storage_Update
Purpose:
Verify that the AAnF stores only the latest AKMA context received by the AUSF.
Pre-Conditions:
– Test environment with AUSF and AF. The AUSF and the AF may be simulated.
– AAnF network product is connected in emulated/real network environment.
Execution Steps
Test A:
- Primary authentication is simulated for a specific UE, leading to the simulated AUSF pushing SUPI, A-KID1, KAKMA1 to the AAnF.
- The AF requests a KAF from the AAnF by proving A-KID1 and AF_ID.
- Another primary authentication is simulated for the same UE, leading to the simulated AUSF pushing SUPI, A-KID2, KAKMA2 to the AAnF.
- The AF requests a KAF by providing A-KID1 to the AAnF.
- The AF requests a KAF by providing A-KID2 to the AAnF.
Expected Results:
The AF received an error message indicating the AKMA context related to A-KID 1 is not found after step 4). After step 5), the AF received a KAF which is different from the KAF that received after step 2).
Expected format of evidence:
Evidence suitable for the interface, e.g., Screenshot containing the operational results.
4.2.3 Technical Baseline
4.2.3.1 Introduction
The present clause provides baseline technical requirements.
4.2.3.2 Protecting data and information
4.2.3.2.1 Protecting data and information – general
There are no AAnF-specific additions to clause 4.2.3.2.1 of TS 33.117 [2].
4.2.3.2.2 Protecting data and information – unauthorized viewing
There are no AAnF -specific additions to clause 4.2.3.2.2 of TS 33.117 [2].
4.2.3.2.3 Protecting data and information in storage
There are no AAnF -specific additions to clause 4.2.3.2.3 of TS 33.117 [2].
4.2.3.2.4 Protecting data and information in transfer
4.2.3.2.4.1 Confidentiality, integrity and replay protections over SBA interface
Requirement Name: Confidentiality, integrity and replay protections over SBA interface
Requirement Reference: TS 33.535 [4], clause 4.4.0
Requirement Description: "The SBA interface between the AAnF and the AUSF shall be confidentiality, integrity and replay protected." as specified in TS 33.535 [4], clause 4.4.0
Threat References: TR 33.926 [3], clause Annex X.2.2.1, Control plane data protection with AUSF
Test Case:
Test Name: TC_PROTECT_SBA_AAnF_AUSF
Purpose:
Verify that the transported data between AAnF and AUSF are confidentiality, integrity and replay protected over SBA interface.
Pre-Conditions:
- AAnF and AUSF network products are connected in simulated/real network environment.
- Network product documentation containing information about supported TLS protocol and certificates is provided by the vendor.
- Tester shall have access to the SBA interface between AAnF and AUSF.
Execution Steps:
The requirement mentioned in this clause is tested in accordance with the procedure mentioned in clause 4.2.2.2.2 of TS 33.117 [2].
Expected Results:
The user data transported between AAnF and AUSF is confidentiality, integrity and replay protected.
Expected format of evidence:
Evidence suitable for the interface, e.g., evidence can be presented in the form of screenshot/screen-capture or pcap traces.
4.2.3.2.4.2 Confidentiality, integrity and replay protections over SBA interface
Requirement Name: Confidentiality, integrity and replay protections over SBA interface
Requirement Reference: TS 33.535 [4], clause 4.4.0
Requirement Description: "The SBA interface between AAnF and AF/NEF shall be confidentiality, integrity and replay protected." as specified in TS 33.535 [4], clause 4.4.0
Threat References: TR 33.926 [3], clause Annex X.2.2.2, Control plane data protection with AF/NEF
Test Case:
Test Name: TC_PROTECT_AAnF_AF_NEF
Purpose:
Verify that the transported data between AAnF and AF/NEF are confidentiality, integrity and replay protected over SBA interface.
Pre-Conditions:
– AAnF and AF/NEF network products are connected in simulated/real network environment.
– Network product documentation containing information about supported TLS protocol and certificates is provided by the vendor.
– Tester shall have access to the SBA interface between AAnF and AF/NEF.
Execution Steps:
The requirement mentioned in this clause is tested in accordance with the procedure mentioned in clause 4.2.2.2.2 of TS 33.117 [2].
Expected Results:
The user data transported between AAnF and AF/NEF is confidentiality, integrity and replay protected.
Expected format of evidence:
Evidence suitable for the interface, e.g., evidence can be presented in the form of screenshot/screen-capture or pcap traces.
4.2.3.2.5 Logging access to personal data
There are no AAnF-specific additions to clause 4.2.3.2.5 of TS 33.117 [2].
4.2.3.3 Protecting availability and integrity
There are no AAnF-specific additions to clause 4.2.3.3 of TS 33.117 [2].
4.2.3.4 Authentication and authorization
There are no AAnF-specific additions to clause 4.2.3.4 of TS 33.117 [2].
4.2.3.5 Protecting sessions
There are no AAnF-specific additions to clause 4.2.3.5 of TS 33.117 [2].
4.2.3.6 Logging
There are no AAnF-specific additions to clause 4.2.3.6 of TS 33.117 [2].
4.2.4 Operating systems
There are no AAnF-specific additions to clause 4.2.4 of TS 33.117 [2].
4.2.5 Web servers
There are no AAnF-specific additions to clause 4.2.5 of TS 33.117 [2].
4.2.6 Network devices
There are no AAnF-specific additions to clause 4.2.6 of TS 33.117 [2].
4.3 AAnF-specific adaptations of hardening requirements and related test cases.
4.3.1 Introduction
The present clause contains AAnF-specific adaptations of hardening requirements and related test cases.
4.3.2 Technical Baseline
There are no AAnF-specific additions to clause 4.3.2 of TS 33.117 [2].
4.3.3 Operating Systems
There are no AAnF-specific additions to clause 4.3.3 of TS 33.117 [2].
4.3.4 Web Servers
There are no AAnF-specific additions to clause 4.3.4 of TS 33.117 [2].
4.3.5 Network Devices
There are no AAnF-specific additions to clause 4.3.5 of TS 33.117 [2].
4.3.6 Network Functions in service-based architecture
There are no AAnF-specific additions to clause 4.3.6 of TS 33.117 [2].
4.4 AAnF-specific adaptations of basic vulnerability testing requirements and related test cases
There are no AAnF-specific additions to clause 4.4 of TS 33.117 [2].Annex <X> (informative):
Change history
|
Change history |
|||||||
|
Date |
Meeting |
TDoc |
CR |
Rev |
Cat |
Subject/Comment |
New version |
|
2022-05 |
SA3#107-e |
S3-221168 |
TS skeleton |
0.0.0 |
|||
|
2022-06 |
SA3#107-e |
S3-221168 |
S3-220809, S3-221156, S3-221159 |
0.1.0 |
|||
|
2022-08 |
SA3#108-e |
S3-222276 |
S3-221752, S3-222134, S3-222135, S3-222138. S3-222139. S3-222140. S3-222141 |
0.2.0 |
|||
|
2022-11 |
SA3#109-e |
S3-224098 |
S3-223457 |
0.3.0 |
|||
|
2023-02 |
SA3#110 |
S3-231468 |
S3-231086 |
0.4.0 |
|||