Page 310 - 5G Basics - Core Network Aspects
P. 310
1 Core network aspects
10 Security considerations
10.1 Security requirement
10.1.1 General requirement
The security goal for MPT is to provide a service with greater security than regular single-path transmission.
This is achieved through a combination of existing security mechanisms (potentially modified to align with
the MPT) and of protection against identified new multipath threats. From the threat analysis and security
goal of the MPT, three key security requirements can be identified. The MPT is required to do the following:
– provide a mechanism to confirm that the entities in an MPT control are the same as the original
connection setup;
– provide verification that the peer can receive traffic at a new address being added;
– provide replay protection, i.e., ensure that a request to add/remove a sub-transmission flow is
'fresh'.
10.1.2 Authentication security
Authentication is the process that verifies the validity of some data attributes or entities and it is a basic
security service that is required to be implemented whether in single-path transmission control or in multi-
path transmission control. These services are provided for the authentication of a communication peer entity
and a source of data as described below.
1) Peer entity authentication
Peer entity authentication is used for validating the identities of one or more communication session
entities of the same transport layer connection. It can be implemented at the initiation or the
duration of a transport layer connection. Peer entity authentication can avoid, to a degree, the
masquerade or unauthorized replay of a previous transport layer connection. A one-way/mutual
peer entity authentication scheme with or without liveness checks can provide different protection
levels. Peer entity authentication service is provided by an appropriate combination of
cryptographically-derived or protected authentication exchanges, protected password exchanges
and signature mechanisms.
2) Data origin authentication
Data origin authentication provides the corroboration of the source of a data unit. The service can
enable the data recipient of MPT to verify whether the incoming messages originated from a
legitimate or specific MPT sender, so as to prevent a malicious attack that poses as a legitimate MPT
sender and sends falsified massages. It can be also used for non-repudiation purposes, preventing
the MPT sender from denying that it has performed a particular action related to data. But it cannot
prevent duplication or modification of data units. This data origin authentication service can be
provided by encryption protection or signature mechanism.
3) Access control
Access control provides protection against unauthorized usage of resources that are accessible via
the multi-path transmission model. This protection service may be applied to various or all types of
access to a resource (e.g., the use of a communications resource; the reading, the writing, or the
deletion of an information resource; the execution of a processing resource).
The access control service can be provided through the appropriate use of specific access control
mechanisms, such as one based on access control information where the access rights of peer MPT-
enhanced MUE are maintained, or one where security labels bound to a resource may be used to
grant or deny access. In order to determine and enforce the access rights of an MPT user entity,
these mechanisms may use the authenticated identity or capabilities of the entity, or information
about the entity (such as membership in a known set of entities). If the MPT user entity attempts to
use an unauthorized resource or use an authorized resource with an improper type of access, the
access control function rejects the attempts and may additionally report the incident for the
purposes of generating an alarm and/or recording it as part of a security audit trail.
300