The subscriber identification mechanism is represented in Figure 23 This may be

The subscriber identification mechanism is represented in Figure 2.3. This may be invoked by the servingnetwork when the UE cannot be identified by means of a temporary identity (5G-GUTI). It should be usedwhen the serving network cannot retrieve the SUPI based on the 5G-GUTI by which the subscriber identifiesitself on the radio path.

14The Evolution of Security in 5G- 5G Americas White PaperFigure2.3.Subscriber Identification Mechanism.32.1.15 PERMANENT EQUIPMENT IDENTIFIEREach UE accessing the 5G System shall be assigned a Permanent Equipment Identifier (PEI).The PEI shall be securely stored in the UE to ensure the integrity of the PEIThe UE shall only send the PEI in the NAS protocol after NAS security context is established,unless during emergency registration when no NAS security context can be established2.1.16 SUBSCRIPTION IDENTIFIER DE-CONCEALING FUNCTIONThe Subscription Identifier De-Concealing Function (SIDF) is responsible for de-concealing the SUPI fromthe SUCI. The SIDF uses the private key part of the privacy-related home network public/private key pairthat is securely stored in the home operator's network. The de-concealment shall take place at the UDM.Access rights to the SIDF shall be defined, such that only a network element of the home network is allowedto request SIDF.2.1.17 5G GLOBALLY UNIQUE TEMPORARY IDENTIFIERThe AMF shall allocate a 5G Globally Unique Temporary Identifier (5G-GUTI) to the UE that is common toboth 3GPP and non-3GPP access. It shall be possible to use the same 5G-GUTI for accessing 3GPPaccess and non-3GPP access security context within the AMF for the given UE. An AMF may re-assign anew 5G-GUTI to the UE at any time. The AMF may delay updating the UE with its new 5G-GUTI until thenext NAS transaction.The 5GServing Temporary Mobile Subscriber Identity(S-TMSI) is the shortened form of the GUTI to enablemore efficient radio signaling procedures, for example, during Paging and Service Request.2.1.18 PROCEDURE FOR USING SUBSCRIPTION TEMPORARY IDENTIFIERThe procedure for using a subscription temporary identifier is an important element of 5G security asdescribed:33GPP TS 33.501.AMFUEIdentifier RequestIdentifier Response (SUCI)

15The Evolution of Security in 5G- 5G Americas White PaperA new 5G-GUTI shall be sent to a UE only after a successful activation of NAS security. The 5G-GUTI is defined in the 3GPP TS 23.003Upon receiving registration request message of type "initial registration" or "mobility registrationupdate" from a UE, the AMF shall send a new 5G-GUTI to the UE in a registration accept messageUpon receiving registration request message of type "periodic registration update" from a UE, theAMF should send a new 5G-GUTI to the UE in a registration accept messageUpon receiving a network-triggered service request message from the UE (therefore, a servicerequest message sent by the UE in response to a paging message), the AMF shall use a UEConfiguration Update procedure to send a new 5G-GUTI to the UE

Upload your study docs or become a

Course Hero member to access this document

Upload your study docs or become a

Course Hero member to access this document

End of preview. Want to read all 62 pages?

Upload your study docs or become a

Course Hero member to access this document

Term

Fall

Professor

John fernes

The subscriber identification mechanism is

Share this link with a friend:

Other Related Materials

Newly uploaded documents

Newly uploaded documents