Upload File

security in 5g inter network signalling - etsi

20
Security in 5G inter-network SiGnallinG Stefan Schröder Telekom Security

Upload: others

Post on 19-Oct-2021

4 views

Category:

Documents


0 download

Report

TRANSCRIPT

Page 1: Security in 5G inter network SiGnallinG - ETSI

Security in 5G inter-network SiGnallinG

Stefan SchröderTelekom Security

Page 2: Security in 5G inter network SiGnallinG - ETSI

Security in 5G inter-network SiGnallinG

Stefan SchröderTelekom Security

aPi callS

Page 3: Security in 5G inter network SiGnallinG - ETSI

5G Service baSed architecture (Sba)

01 Where we are: Current situation

02 Where we go: Network service bus

03 What we send: The 5GC protocol stack

04 What we want: SA3‘s goals for SBA

05 What we hear: Agenda for today

Page 4: Security in 5G inter network SiGnallinG - ETSI

01 Where We are:current Situation

Page 5: Security in 5G inter network SiGnallinG - ETSI

March 2018: eniSa Study on SiGnallinG Security.

5

Sources: Heise.de, Telecoms.com, Internetofbusiness,com

Some citations from the study:

“Wild West” running on legacy infrastructure

Consider revising the current legal landscape

[in 5G] grace period between vulnerability discovery and real exploitation will become much shorter compared to SS7 and Diameter

Page 6: Security in 5G inter network SiGnallinG - ETSI

3GPP releaSe 15 – 5G reference Point rePreSentation

6

NSSF: Network Slice Selection FunctionUDM: Unified Data ManagementAUSF: Authentication Server Function PCF: Policy Control function AMF: Access and Mobility Management FunctionSMF: Session Management Function UPF : User plane Function(R)AN: (Radio) Access Network UE: User Equipment.DN: Data network, e.g. operator services, Internet access or 3rd party services.

AF: Application FunctionDSF: Data Storage network function.NEF : Network Exposure FunctionNRF: NF Repository Function

Page 7: Security in 5G inter network SiGnallinG - ETSI

Main ideaS of reference PointS

Point-to-point communication within the core network

Well-defined interfaces for certain data exchanges

Pre-5G: different signalling protocols (MAP, RADIUS, GTP-C, …)

Monolithic conception of network functions

Tight coupling of network functions, statically configured security

Fine-grained network segmentation possible

7

Page 8: Security in 5G inter network SiGnallinG - ETSI

02 Where We Go:network Service buS

Page 9: Security in 5G inter network SiGnallinG - ETSI

3GPP releaSe 15 – Service-baSed rePreSentation

9SBA: Service Based Architecture

SBI: Service Based Interfaces

NSSF: Network Slice Selection FunctionUDM: Unified Data ManagementAUSF: Authentication Server Function PCF: Policy Control function AMF: Access and Mobility Management FunctionSMF: Session Management Function UPF : User plane Function(R)AN: (Radio) Access Network UE: User Equipment.DN: Data network, e.g. operator services, Internet access or 3rd party services.

AF: Application FunctionDSF: Data Storage network function.NEF : Network Exposure FunctionNRF: NF Repository Function

Page 10: Security in 5G inter network SiGnallinG - ETSI

Main ideaS of Sba

Replace signalling messages by API calls

Core network = logically-uniform service bus

No longer point-to-point communication, but „everyone-to-everyone“

Well-defined interfaces for available services on uniform protocol stack

Network Functions in the cloud

Consumer/Producer model: easily deployable NF building-blocks

Basic NF service interactions: Request/Response Subscribe/Notify (Me) Subscribe/Notify (Someone else)

10

Page 11: Security in 5G inter network SiGnallinG - ETSI

03 What We send:the 5Gc Protocol Stack

Page 12: Security in 5G inter network SiGnallinG - ETSI

the 5Gc Protocol StackaccordinG to 3GPP ts 29.50x

Binary framing Multiplexing of requests over the same connection Header compression

HTTP/2

De-facto industry standard for HTTP web services More widespread than SCTP Redundancy and load balancing via “cloudification magic”

TCP

Serialization data format for the 3GPP 5GC protocol information elements (IE) De-facto industry standard for web services Simple, straightforward specification, immense tooling

JSON

12

Page 13: Security in 5G inter network SiGnallinG - ETSI

related concePtSadoPted by 3GPP architecture and core netWork GrouPs

Client/Server communication URL-addressable resources Uniform HTTP-interface Statelessness + Cacheable responses (?)

RESTful services

RESTful API description language Open source collaborative project by the Linux Foundation

JSON object, represented either in JSON or YAML format

OpenAPI specification (aka Swagger)

Necessary in Subscribe/Notify scenarios Subscriber to inform Notifier about receiving endpoint

Two HTTP client-server pairs

13REST: Representational State Transfer

Page 14: Security in 5G inter network SiGnallinG - ETSI

Protocol evolutionexamPle: uPdate location request

14

D/MAP

TCAP

SCCP

MTP1-3

Update-Location

2G

N8/JSON

HTTP/2

TCP

IP

Update-Location

5G

D/MAP

TCAP

SCCP

SIGTRAN

Update-Location

3G

S6a

Diameter

SCTP

IP

Update-Location

4G

Page 15: Security in 5G inter network SiGnallinG - ETSI

04 What We Want:Sa3 GoalS for Sba

Page 16: Security in 5G inter network SiGnallinG - ETSI

Message content authorization

“Is the consumer legitimized to request or be subscribed to a specific service?”

Security Goal #1 for releaSe 15

Message protection (integrity /confidentiality)

“Was the message modified/read?”

Message origin authentication

“Who is the real sender?”

Cross-layer anti-spoofing enforcement

“Do identities used on different protocol layers all belong to the same sender?”

Standardize all of these aspects in 5G

16

Page 17: Security in 5G inter network SiGnallinG - ETSI

A 5G signalling edge proxy is required to protect traffic crossing a security domain boundary,and thus needs to be included in the architecture.

Security Goal #3 for 3GPP releaSe 15

17SEPP: Security Edge Protection Proxy

Page 18: Security in 5G inter network SiGnallinG - ETSI

05 What We‘ll hear:aGenda for today

Page 19: Security in 5G inter network SiGnallinG - ETSI

aGenda Part 1

19

Page 20: Security in 5G inter network SiGnallinG - ETSI

aGenda Part 2

20


TS 129 509 - V15.1.0 - 5G; 5G System; Authentication ... · ETSI 3GPP TS 29.509 version 15.1.0 Release 15 2 ETSI TS 129 509 V15.1.0 (2018-10) Intellectual Property Rights Essential

NFV AS A 5G INFRASTRUCTURE ENABLER - ETSI · PDF fileETSI SUMMIT ON 5G NETWORK INFRASTRUCTURE NFV AS A 5G INFRASTRUCTURE ENABLER Presented by Joan Triay (DOCOMO Euro

TS 123 501 - V16.6.0 - 5G; System architecture for the 5G ... · ETSI 3GPP TS 23.501 version 16.6.0 Release 16 2 ETSI TS 123 501 V16.6.0 (2020-10) Intellectual Property Rights Essential

Offload Solutions for 5G-NR - ETSI · Join ETSI – OSA Workshop Open Implementation and Standardization Offload Solutions for 5G-NR P. ROBERT SYRTEM Dec 13 2018

TS 123 502 - V15.5.1 - 5G; Procedures for the 5G System ...€¦ · ETSI TS 123 502 V15.5.1 (2019-05) 5G; Procedures for the 5G System (5GS) (3GPP TS 23.502 version 15.5.1 Release

The 5G Infrastructure Public-Private Partnership 5G Vision ... · The 5G Infrastructure Public-Private Partnership 05/03/2015 1 ... Asynchronous Signalling ... • Reducing the average

TS 129 520 - V15.0.0 - 5G; 5G System; Network Data ... · ETSI 3GPP TS 29.520 version 15.0.0 Release 15 6 ETSI TS 129 520 V15.0.0 (2018-07) Foreword This Technical Specification has

Verizon 5G TF; Network and Signalling Working Group ...5gtf.net/V5G_331_v1p2.pdf · Verizon 5G TF; Network and Signalling Working ... Ericsson, Intel Corp., LG ... The present document

TS 129 510 - V15.1.0 - 5G; 5G System; Network function ... · ETSI 3GPP TS 29.510 version 15.1.0 Release 15 2 ETSI TS 129 510 V15.1.0 (2018-10) Intellectual Property Rights Essential

DevOps in Service Chains and 5G Network Slices · 2017. 5. 16. · © ETSI 2017 DevOps in Service Chains and 5G Network Slices ETSI OSM PoC #1 Telenor, Arctos Labs, Intel, Netrounds,

Signalling Security in Telecom SS7/Diameter/5G

ETSI TS 103 285 V1.1 - ETSI - Welcome to the World of ... 6 ETSI TS 103 285 V1.1.1 (2015-05) 11.8 Audio/Video Switching Across Period Boundaries 66 11.9 Signalling multiple serving

5G and Energy Efficiency - ETSI€¦ · 5G and Energy Efficiency, I • 5G key technical performance requirements – KPI target: 90% reduction in energy usage! – Network EE is

TS 133 512 - V16.3.0 - 5G; 5G Security Assurance Specification (SCAS… · 2020. 8. 10. · ETSI TS 133 512 V16.3.0 (2020-08) 5G; 5G Security Assurance Specification (SCAS); Access

Overview of ETSI initiatives on 5G and beyond with focus on Multi … · 2019-12-17 · ETSI Building Blocks for 5G Standardization Technical Committees (TCs) contd: •TC INT/AFI

TS 129 503 - V15.0.0 - 5G; 5G System; Unified Data ... · ETSI 3GPP TS 29.503 version 15.0.0 Release 15 2 ETSI TS 129 503 V15.0.0 (2018-07) Intellectual Property Rights Essential

TS 123 501 - V15.3.0 - 5G; System Architecture for the 5G System … · 2018-09-27 · ETSI 3GPP TS 23.501 version 15.3.0 Release 15 1 ETSI TS 123 501 V15.3.0 (2018-09) Reference

TS 129 521 - V15.0.0 - 5G; 5G System; Binding Support ... · ETSI 3GPP TS 29.521 version 15.0.0 Release 15 5 ETSI TS 129 521 V15.0.0 (2018-07) Foreword This Technical Specification

TS 129 512 - V15.0.0 - 5G; 5G System; Session ......ETSI 3GPP TS 29.512 version 15.0.0 Release 15 2 ETSI TS 129 512 V15.0.0 (2018-06) Intellectual Property Rights Essential patents

ETSI TS 138 133 - V16.4.0 - 5G; NR; Requirements for

TS 129 571 - V15.3.0 - 5G; 5G System; Common Data Types ...€¦ · ETSI 3GPP TS 29.571 version 15.3.0 Release 15 2 ETSI TS 129 571 V15.3.0 (2019-04) Intellectual Property Rights

TS 129 520 - V15.8.0 - 5G; 5G System; Network Data Analytics Services; Stage … · 2021. 1. 15. · ETSI TS 129 520 V15.8.0 (2021-01) 5G; 5G System; Network Data Analytics Services;

TS 129 510 - V15.6.0 - 5G; 5G System; Network function ... · ETSI 3GPP TS 29.510 version 15.6.0 Release 15 1 ETSI TS 129 510 V15.6.0 (2020-01) Reference RTS/TSGC-0429510vf60 Keywords

TS 123 502 - V15.8.0 - 5G; Procedures for the 5G System ......2000/08/15  · ETSI 3GPP TS 23.502 version 15.8.0 Release 15 2 ETSI TS 123 502 V15.8.0 (2020-01) Intellectual Property

TS 129 508 - V15.0.0 - 5G; 5G System; Session ......ETSI 3GPP TS 29.508 version 15.0.0 Release 15 2 ETSI TS 129 508 V15.0.0 (2018-06) Intellectual Property Rights Essential patents

Verizon 5G TF; Network and Signalling Working Group; 5G ...5gtf.net/V5G_322_v1p2.pdf · 5G Radio Link Control Protocol (5G-RLC) Specification (Release 1) ... This document provides

TS 122 261 - V16.13.0 - 5G; Service requirements for the 5G … · 2020. 11. 16. · ETSI 3GPP TS 22.261 version 16.13.0 Release 16 1 ETSI TS 122 261 V16.13.0 (2020-11) Reference

5G End-to-End Architecture Framework · in 5G Network Slicing PoC White Paper #3) [22] ETSI, “ Generic Framework for Multi-Domain Federated ETSI GANA Knowledge Planes (KPs) for

TS 129 573 - V15.1.0 - 5G; 5G System; Public Land Mobile ...2000/01/15  · ETSI TS 129 573 V15.1.0 (2019-04) 5G; 5G System; Public Land Mobile Network (PLMN) Interconnection; Stage

TS 123 502 - V15.9.0 - 5G; Procedures for the 5G System (5GS) … · 2020. 3. 31. · ETSI 3GPP TS 23.502 version 15.9.0 Release 15 2 ETSI TS 123 502 V15.9.0 (2020-03) Intellectual

TS 123 502 - V15.4.1 - 5G; Procedures for the 5G System ...€¦ · ETSI 3GPP TS 23.502 version 15.4.1 Release 15 2 ETSI TS 123 502 V15.4.1 (2019-03) Intellectual Property Rights

TS 128 313 - V16.1.0 - 5G; Self-Organizing Networks (SON) for 5G … · 2021. 1. 6. · ETSI 3GPP TS 28.313 version 16.1.0 Release 16 1 ETSI TS 128 313 V16.1.0 (2021-01) Reference

TS 129 540 - V15.1.0 - 5G; 5G System; SMS Services; Stage ... · ETSI TS 129 540 V15.1.0 (2018-10) 5G; 5G System; SMS Services; Stage 3 (3GPP TS 29.540 version 15.1.0 Release 15)

ETSI GANA in 5G Network Slicing PoC by ETSI NTECH AFI WG

TS 123 501 - V15.2.0 - 5G; System Architecture for the 5G ... · ETSI TS 123 501 V15.2.0 (2018-06) 5G; System Architecture for the 5G System (3GPP TS 23.501 version 15.2.0 Release