[{"name":"S2-1901410","title":"LS from GSMA 5GJA: User Plane Security for 5GC Roaming","source":"GSMA 5GJA","contact":"Scott Bailey","contact-id":71585,"tdoctype":"LS in","for":"Action","abstract":"Description: 5GJA welcomes the Release 15 specifications for the SEPP in 3GPP to protect the HTTP-based signalling via the N32 reference point between VPMN and HPMN when both PMNs are using the service-based 5G Core Network. Based on discussion in 5GJA#5 on 7th November 2018, 5GJA also sees a need for security enforcement between UPFs in the VPMN and HPMN via the N9 reference point, to protect the PMN core network. This applies to the Roaming 5G System architecture - Home Routed scenario. The PMN needs to distinguish valid incoming traffic on N9 that belongs to a successfully initiated subscriber session through N32, from any other traffic, where the PMN would only accept the former. 5GJA expects that a solution is flexible enough to allow different levels of protection, ranging from no protection at all, to providing only integrity protection, and to providing integrity protection and confidentiality. Any solution proposed, must take into account impacts to processing capabilities and end-to-end delay. Without N9 security policy enforcement being implemented, the GTP-U tunnels will be exposed to the IPX data roaming transport solutions contravening GSMA guidelines, putting PMNs core at risk. Currently, GSMA PRD's IR.77, IR.88, FS.20 and IR.34 require 'application aware' security policy enforcement for International Roaming using IPX and for MVNO\/MVNE use cases that involve direct connection. Action: TSG SA and its associated working groups SA WG2 and SA WG3 are kindly requested to provide feedback on the requirements to deliver security enforcement on the N9 reference point, and also when such specifications providing a solution will be made available.","secretary_remarks":"Postponed S2-1900026 from S2#130. Noted in parallel session","agenda_item_sort_order":21,"ainumber":"6.5.4","ainame":"Security related functions and flows","tdoc_agenda_sort_order":11690,"status":"noted","reservation_date":"2019-02-05 10:23:56","uploaded":"2019-02-05 10:27:19","revisionof":"S2-1900026","revisedto":"","release":"","crspec":"","crspecversion":"","workitem":"","crnumber":"","crrevision":"","crcategory":"","tsg_crp":"","lsreplyto":"","lsto":"TSG SA, SA WG2, SA WG3","Cc":"","lsoriginalls":"5GJA05_118","lsreply":"","link":"http:\/\/www.3gpp.org\/ftp\/tsg_sa\/WG2_Arch\/TSGS2_131_Tenerife\/Docs\/S2-1901410.zip","group":"S2","meeting":"S2-131","year":2019,"uicc_affected":null,"me_affected":null,"ran_affected":null,"cn_affected":null,"clauses_affected":null,"crsinpack":null,"crsinpacknumber":0},
{"name":"S2-1901412","title":"LS from CT WG1: Reply LS on Routing ID","source":"CT WG1","contact":"Jennifer Liu","contact-id":43418,"tdoctype":"LS in","for":"Action","abstract":"CT WG1 thanks SA WG3, TSG CT and SA WG2 for their LS on Routing ID. CT WG1 has agreed stage 3 solution in CR C1-188946. Action: CT WG1 kindly asks SA WG3 and SA WG2 to take the CT WG1 agreements into account.","secretary_remarks":"Postponed S2-1900034 from S2#130. Noted in parallel session","agenda_item_sort_order":21,"ainumber":"6.5.4","ainame":"Security related functions and flows","tdoc_agenda_sort_order":11760,"status":"noted","reservation_date":"2019-02-05 10:23:57","uploaded":"2019-02-05 10:27:19","revisionof":"S2-1900034","revisedto":"","release":"Rel-15","crspec":"","crspecversion":"","workitem":"","crnumber":"","crrevision":"","crcategory":"","tsg_crp":"","lsreplyto":"","lsto":"SA WG3, SA WG2","Cc":"TSG CT, CT WG4, CT WG6","lsoriginalls":"C1-188979","lsreply":"","link":"http:\/\/www.3gpp.org\/ftp\/tsg_sa\/WG2_Arch\/TSGS2_131_Tenerife\/Docs\/S2-1901412.zip","group":"S2","meeting":"S2-131","year":2019,"uicc_affected":null,"me_affected":null,"ran_affected":null,"cn_affected":null,"clauses_affected":null,"crsinpack":null,"crsinpacknumber":0},
{"name":"S2-1901419","title":"LS from ETSI TC LI: Reporting All Cell IDs in 5G","source":"ETSI TC LI","contact":"Gerald McQuaid","contact-id":25351,"tdoctype":"LS in","for":"Action","abstract":"Lawful Interception standards have provided for the reporting of the location of a target of interception, if lawfully authorized, since 2G standards were developed. 3G systems and 4G systems continued to support this requirement and at a minimum were able to report the Cell Id of the respective 2G, or 3G, or 4G Cell to which the target (UE) was attached and utilizing for mobile services. With Dual\/Multi Connectivity the UE will be attached to two or more cells, but only the master cell ID is reported to the core network. This means that the secondary cell id(s) to which the UE is actually attached is not currently known to the core network. In case of multi-connectivity, the handover information (e.g., change of secondary cell ID) is also not transmitted to the core network. For LI purposes, the requirement is for the service provider to report the cell ID(s) to which the UE is actually attached, i.e., the secondary cell ID(s) as well as the master cell ID, for mobile services (e.g., internet access services, VoNR). This requirement is not currently fulfilled for Dual\/Multi Connectivity. ETSI TC LI is kindly requesting 3GPP to develop a mechanism to ensure that the all serving cells (including the secondary cell ID(s) and the master cell ID of the cell(s)) attached to by a UE are available to the core network.","secretary_remarks":"Postponed S2-1900050 from S2#130. Postponed","agenda_item_sort_order":21,"ainumber":"6.5.4","ainame":"Security related functions and flows","tdoc_agenda_sort_order":11670,"status":"postponed","reservation_date":"2019-02-05 10:23:57","uploaded":"2019-02-05 10:27:19","revisionof":"S2-1900050","revisedto":"","release":"","crspec":"","crspecversion":"","workitem":"","crnumber":"","crrevision":"","crcategory":"","tsg_crp":"","lsreplyto":"","lsto":"SA WG2, CT WG1, CT WG 3, RAN WG3, SA WG3-LI","Cc":"","lsoriginalls":"LI(18)R45019r1","lsreply":"","link":"http:\/\/www.3gpp.org\/ftp\/tsg_sa\/WG2_Arch\/TSGS2_131_Tenerife\/Docs\/S2-1901419.zip","group":"S2","meeting":"S2-131","year":2019,"uicc_affected":null,"me_affected":null,"ran_affected":null,"cn_affected":null,"clauses_affected":null,"crsinpack":null,"crsinpacknumber":0},
{"name":"S2-1901429","title":"LS from SA WG3: LS on User Plane Security for 5GC Roaming","source":"SA WG3","contact":"Alex Leadbeater","contact-id":71428,"tdoctype":"LS in","for":"Action","abstract":"SA WG3 would like to inform TSG SA that SA WG3 has reviewed the liaison statement from GSMA 5GJA on User Plane Security for 5GC Roaming in SP-181202 \/ S3-190019 and the subsequent Action: set by TSG SA plenary at TSG SA#82 on SA WG3 and SA WG2 to provide guidance to SA on technical solutions to address the issues raised by GSMA. SA WG3 has agreed to extend the scope of the existing study FS_SBA-SEC in the attached S3-190464 to address binding of signalling sessions to N9 sessions and develop the necessary N9 security function to achieve this. SA WG3 consider that this may require a function equivalent to the SEPP used on N32 to be standardised on N9. SA WG3 also considers that work with SA WG2 may be needed to identify any necessary 5GC architecture changes within R16 timescales. The need for any SEPP equivalent N9 functional would be subject to the conclusions of the extended FS_SBA-SEC study. Furthermore, SA WG3 has agreed to add a recommendation to TS 33.501 R15 in attached S3-190408, to provide guidance on implementation restrictions which can be applied to reduce the impact of the issues identified in the GSMA LS. Both the revised study item and TS 33.501 CR are provided to SA#83 for approval. Action: Take the above information into account and assist SA WG3 in making any necessary architecture enhancements to mitigate the issues raised in the GSMA LS within Rel-16 timescales.","secretary_remarks":"Noted in parallel session","agenda_item_sort_order":21,"ainumber":"6.5.4","ainame":"Security related functions and flows","tdoc_agenda_sort_order":11700,"status":"noted","reservation_date":"2019-02-05 10:23:58","uploaded":"2019-02-05 10:27:18","revisionof":"","revisedto":"","release":"Rel-16","crspec":"","crspecversion":"","workitem":"","crnumber":"","crrevision":"","crcategory":"","tsg_crp":"","lsreplyto":"","lsto":"TSG SA, SA WG2","Cc":"TSG CT, CT WG4","lsoriginalls":"S3-190409","lsreply":"","link":"http:\/\/www.3gpp.org\/ftp\/tsg_sa\/WG2_Arch\/TSGS2_131_Tenerife\/Docs\/S2-1901429.zip","group":"S2","meeting":"S2-131","year":2019,"uicc_affected":null,"me_affected":null,"ran_affected":null,"cn_affected":null,"clauses_affected":null,"crsinpack":null,"crsinpacknumber":0},
{"name":"S2-1901431","title":"LS from SA WG3: Reply to LS on Security Result Exchange Between NG-RAN and SMF in DC","source":"SA WG3","contact":"Suresh Nair","contact-id":70166,"tdoctype":"LS in","for":"Action","abstract":"SA WG3 thanks RAN WG3 and SA WG2 for the LSs on Security Result Exchange Between NG-RAN and SMF in DC. SA WG3 observes that, If the security policy for a PDU session includes 'IP (Integrity Protection) preferred', there is no security requirement to inform SMF about the Security Result exchange between NG-RAN node and SMF in DC mobility scenarios. In successive handovers, the security policy should not be lost or get modified. Action: Please take the above observation in to account.","secretary_remarks":"Noted in parallel session","agenda_item_sort_order":21,"ainumber":"6.5.4","ainame":"Security related functions and flows","tdoc_agenda_sort_order":11800,"status":"noted","reservation_date":"2019-02-05 10:23:58","uploaded":"2019-02-05 10:27:18","revisionof":"","revisedto":"","release":"Rel-15","crspec":"","crspecversion":"","workitem":"","crnumber":"","crrevision":"","crcategory":"","tsg_crp":"","lsreplyto":"","lsto":"RAN WG3, SA WG2","Cc":"","lsoriginalls":"S3-190412","lsreply":"","link":"http:\/\/www.3gpp.org\/ftp\/tsg_sa\/WG2_Arch\/TSGS2_131_Tenerife\/Docs\/S2-1901431.zip","group":"S2","meeting":"S2-131","year":2019,"uicc_affected":null,"me_affected":null,"ran_affected":null,"cn_affected":null,"clauses_affected":null,"crsinpack":null,"crsinpacknumber":0},
{"name":"S2-1901432","title":"LS from SA WG3: Reply LS on the need to update home network public key and key ID during Routing indicator update","source":"SA WG3","contact":"Tim Evans","contact-id":49202,"tdoctype":"LS in","for":"Information","abstract":"SA WG3 thanks CT WG1 for their liaison on the need to update the home network public key and key ID during Routing indicator update. SA WG3 have agreed that \u2026 See TS 33.501 clause 5.2.5: 'Provisioning, and updating the Home Network Public Key in the USIM shall be in the control of the home network operator. NOTE 2: The provisioning and updating of the Home Network Public Key is out of the scope of the present document. It can be implemented using, e.g. the Over the Air (OTA) mechanism.' This means that a new mechanism to update the home network public key and key ID during Routing indicator update is not required. Please note: provisioning of the home network public key and key ID is within the scope of SA WG3.","secretary_remarks":"Noted in parallel session","agenda_item_sort_order":21,"ainumber":"6.5.4","ainame":"Security related functions and flows","tdoc_agenda_sort_order":11750,"status":"noted","reservation_date":"2019-02-05 10:23:58","uploaded":"2019-02-05 10:27:18","revisionof":"","revisedto":"","release":"Rel-15","crspec":"","crspecversion":"","workitem":"","crnumber":"","crrevision":"","crcategory":"","tsg_crp":"","lsreplyto":"","lsto":"CT WG1","Cc":"SA WG2, CT WG6","lsoriginalls":"S3-190413","lsreply":"","link":"http:\/\/www.3gpp.org\/ftp\/tsg_sa\/WG2_Arch\/TSGS2_131_Tenerife\/Docs\/S2-1901432.zip","group":"S2","meeting":"S2-131","year":2019,"uicc_affected":null,"me_affected":null,"ran_affected":null,"cn_affected":null,"clauses_affected":null,"crsinpack":null,"crsinpacknumber":0},
{"name":"S2-1901437","title":"LS from SA WG3LI: Reporting All Cell IDs in 5G","source":"SA WG3LI","contact":"Koen Jaspers","contact-id":9291,"tdoctype":"LS in","for":"Action","abstract":"SA WG3LI thanks ETSI TC LI for their LS on 5G cell reporting (LI(18)R45019r1). SA WG3LI agrees to the analysis of TC LI that there is a requirement from law enforcement to have all the cell IDs used by a target in order to increase the probability of getting the most accurate target location reported by the network based on cell IDs. It is SA WG3LI's understanding that Secondary Node Change of 3GPP TS 37.340 does not currently report 5G secondary cells to a 4G or 5G core network. Although the scenario with 5G secondary cells in a 4G network with 4G master cells (EN-DC) is foreseen as a temporary situation, it is not clear how long this situation will remain. In order to meet LI requirements, SA WG3LI requires that secondary CGI is available for all dual\/multi-connectivity scenarios in real-time in the core network. Action: SA WG3LI asks the CT and SA WG2 groups, contingent on RAN WG3 and RAN groups decisions, to enhance their own specifications.","secretary_remarks":"This LS was postponed.","agenda_item_sort_order":21,"ainumber":"6.5.4","ainame":"Security related functions and flows","tdoc_agenda_sort_order":11680,"status":"postponed","reservation_date":"2019-02-05 10:23:58","uploaded":"2019-02-05 10:27:18","revisionof":"","revisedto":"","release":"Rel-16","crspec":"","crspecversion":"","workitem":"","crnumber":"","crrevision":"","crcategory":"","tsg_crp":"","lsreplyto":"","lsto":"ETSI TC LI, TSG RAN, RAN WG3, SA WG2, TSG CT","Cc":"CT WG1, CT WG3","lsoriginalls":"S3i190043","lsreply":"","link":"http:\/\/www.3gpp.org\/ftp\/tsg_sa\/WG2_Arch\/TSGS2_131_Tenerife\/Docs\/S2-1901437.zip","group":"S2","meeting":"S2-131","year":2019,"uicc_affected":null,"me_affected":null,"ran_affected":null,"cn_affected":null,"clauses_affected":null,"crsinpack":null,"crsinpacknumber":0},
{"name":"S2-1901438","title":"LS from SA WG3LI: Interception of voice services over new radio in a 5GS environment","source":"SA WG3LI","contact":"Nagaraja Rao","contact-id":67300,"tdoctype":"LS in","for":"Action","abstract":"SA WG3-LI would like to inform SA WG2 that the interception of IMS based voice services with 5GS is to be done using the IMS LI concepts as defined in TS 33.107 (e.g. interception of CC at the IMS-AGW). To support the interception of voice services related to the inbound roamers with home-routed roaming architecture where the HPLMN offers IMS-based voice services, the SMF\/UPF in the VPLMN may have to implement the S8HR LI like concepts as defined in TS 33.107 for S-GW. SA WG3-LI is aware that S8HR LI solution places restrictions on SA WG3 IMS security solutions. Therefore, SA WG3-LI would like SA WG3 to explore alternative IMS security solutions for 5GS which will have less impacts to SA WG3 security architecture. Have SA WG2 defined an N9 equivalent of S8HR for 5GS? If yes, SA WG3-LI would like to get clarification on the references where it is described. SA WG3-LI would like GSMA ROAM to consider the above LI issue and inform us on the progress of their work on VoNR N9HR roaming. Action: - Have SA WG2 defined an N9 equivalent of S8HR for 5GS? -- If yes, SA WG3-LI would like to get clarification on the references where it is described.","secretary_remarks":"Response drafted in S2-1901618. Final response in S2-1902799","agenda_item_sort_order":21,"ainumber":"6.5.4","ainame":"Security related functions and flows","tdoc_agenda_sort_order":11710,"status":"replied to","reservation_date":"2019-02-05 10:23:58","uploaded":"2019-02-05 10:27:18","revisionof":"","revisedto":"","release":"Rel-15","crspec":"","crspecversion":"","workitem":"","crnumber":"","crrevision":"","crcategory":"","tsg_crp":"","lsreplyto":"","lsto":"SA WG2, SA WG3, GSMA ROAM","Cc":"GSMA, CT WG1","lsoriginalls":"S3i190057","lsreply":"S2-1902799, S2-1902799","link":"http:\/\/www.3gpp.org\/ftp\/tsg_sa\/WG2_Arch\/TSGS2_131_Tenerife\/Docs\/S2-1901438.zip","group":"S2","meeting":"S2-131","year":2019,"uicc_affected":null,"me_affected":null,"ran_affected":null,"cn_affected":null,"clauses_affected":null,"crsinpack":null,"crsinpacknumber":0},
{"name":"S2-1901444","title":"LS from CT WG1: LS on the need to update home network public key and key ID during Routing indicator update","source":"CT WG1","contact":"Lena Chaponniere","contact-id":38080,"tdoctype":"LS in","for":"Information","abstract":"While specifying the stage 3 for the UE parameters update procedure enabling the network to update the Routing indicator at the UE, there was no consensus on whether, when the Routing indicator is updated due to UDM migration, the home network public key and home network public key ID may also need to be updated. Thus CT WG1 would like to ask SA WG3 the following question: Question: Does the UE parameters update procedure which enables update of the Routing indicator at the UE due to UDM migration also need to enable, optionally, update of the home network public key and home network public key ID at the UE?","secretary_remarks":"Noted in parallel session","agenda_item_sort_order":21,"ainumber":"6.5.4","ainame":"Security related functions and flows","tdoc_agenda_sort_order":11770,"status":"noted","reservation_date":"2019-02-05 14:31:35","uploaded":"2019-02-05 14:31:52","revisionof":"","revisedto":"","release":"Rel-15","crspec":"","crspecversion":"","workitem":"","crnumber":"","crrevision":"","crcategory":"","tsg_crp":"","lsreplyto":"","lsto":"SA WG3","Cc":"SA WG2, CT WG6","lsoriginalls":"C1-190377","lsreply":"","link":"http:\/\/www.3gpp.org\/ftp\/tsg_sa\/WG2_Arch\/TSGS2_131_Tenerife\/Docs\/S2-1901444.zip","group":"S2","meeting":"S2-131","year":2019,"uicc_affected":null,"me_affected":null,"ran_affected":null,"cn_affected":null,"clauses_affected":null,"crsinpack":null,"crsinpacknumber":0},
{"name":"S2-1901506","title":"UE Identity during the Registration procedure","source":"Tencent","contact":"Chunshan Xiong","contact-id":79110,"tdoctype":"CR","for":"Approval","abstract":"Summary of change: The SUPI is replaced with SUCI during the intial registration procedure and emergencry procedure.","secretary_remarks":"Agreed in parallel session. This was Block approved","agenda_item_sort_order":21,"ainumber":"6.5.4","ainame":"Security related functions and flows","tdoc_agenda_sort_order":11870,"status":"agreed","reservation_date":"2019-02-15 07:09:53","uploaded":"2019-02-19 13:26:37","revisionof":"","revisedto":"","release":"Rel-15","crspec":23.502,"crspecversion":"15.4.1","workitem":[{"winame":"5GS_Ph1"}],"crnumber":1000.0,"crrevision":"","crcategory":"F","tsg_crp":"SP-190158","lsreplyto":"","lsto":"","Cc":"","lsoriginalls":"","lsreply":"","link":"http:\/\/www.3gpp.org\/ftp\/tsg_sa\/WG2_Arch\/TSGS2_131_Tenerife\/Docs\/S2-1901506.zip","group":"S2","meeting":"S2-131","year":2019,"uicc_affected":null,"me_affected":null,"ran_affected":null,"cn_affected":null,"clauses_affected":null,"crsinpack":null,"crsinpacknumber":0},
{"name":"S2-1901543","title":"Correction for enforcement of user plane integrity protection","source":"Qualcomm Incorporated","contact":"Faccin Stefano","contact-id":79506,"tdoctype":"CR","for":"Approval","abstract":"Summary of change: It is clarified that it is the responsibility of the RAN to ensure that the UP IP data rate delivered to the UE in downlink is kept below the maximum. It is clarified that it is the responsibility of the UE to ensure that the UP IP data rate delivered in uplink is kept below the maximum.","secretary_remarks":"Revised in parallel session to S2-1902736.","agenda_item_sort_order":21,"ainumber":"6.5.4","ainame":"Security related functions and flows","tdoc_agenda_sort_order":11830,"status":"revised","reservation_date":"2019-02-15 15:55:57","uploaded":"2019-02-19 03:54:25","revisionof":"","revisedto":"S2-1902736","release":"Rel-15","crspec":23.501,"crspecversion":"15.4.0","workitem":[{"winame":"5GS_Ph1"}],"crnumber":922.0,"crrevision":"","crcategory":"F","tsg_crp":"","lsreplyto":"","lsto":"","Cc":"","lsoriginalls":"","lsreply":"","link":"http:\/\/www.3gpp.org\/ftp\/tsg_sa\/WG2_Arch\/TSGS2_131_Tenerife\/Docs\/S2-1901543.zip","group":"S2","meeting":"S2-131","year":2019,"uicc_affected":null,"me_affected":null,"ran_affected":null,"cn_affected":null,"clauses_affected":null,"crsinpack":null,"crsinpacknumber":0},
{"name":"S2-1901618","title":"[DRAFT] Reply LS on Interception of voice services over new radio in a 5GS environment","source":"Nokia","contact":"Laurent Thiebaut","contact-id":68713,"tdoctype":"LS out","for":"Approval","abstract":"Reply LS on Interception of voice services over new radio in a 5GS environment","secretary_remarks":"Response to S2-1901438. Revised in parallel session to S2-1902715.","agenda_item_sort_order":21,"ainumber":"6.5.4","ainame":"Security related functions and flows","tdoc_agenda_sort_order":11720,"status":"revised","reservation_date":"2019-02-17 20:57:09","uploaded":"2019-02-19 09:12:00","revisionof":"","revisedto":"S2-1902715","release":"Rel-15","crspec":"","crspecversion":"","workitem":"","crnumber":"","crrevision":"","crcategory":"","tsg_crp":"","lsreplyto":"","lsto":"SA WG3-LI, SA WG3, GSMA ROAM","Cc":"GSMA, CT WG1","lsoriginalls":"","lsreply":"","link":"http:\/\/www.3gpp.org\/ftp\/tsg_sa\/WG2_Arch\/TSGS2_131_Tenerife\/Docs\/S2-1901618.zip","group":"S2","meeting":"S2-131","year":2019,"uicc_affected":null,"me_affected":null,"ran_affected":null,"cn_affected":null,"clauses_affected":null,"crsinpack":null,"crsinpacknumber":0},
{"name":"S2-1901662","title":"Undelivered Steering of Roaming information","source":"NTT DOCOMO","contact":"Riccardo Guerzoni","contact-id":65697,"tdoctype":"CR","for":"Approval","abstract":"Summary of change: The SMF may use the indication of Identity(s) of 5G-AN N3 terminations of a W-AGF (Ie.g. FQDN of W-AGF UP capability) to select a possibly co-located UPF.","secretary_remarks":"Revised in parallel session to S2-1902714.","agenda_item_sort_order":21,"ainumber":"6.5.4","ainame":"Security related functions and flows","tdoc_agenda_sort_order":11880,"status":"revised","reservation_date":"2019-02-18 10:05:54","uploaded":"2019-02-19 10:32:04","revisionof":"","revisedto":"S2-1902714","release":"Rel-15","crspec":23.502,"crspecversion":"15.4.1","workitem":[{"winame":"5GS_Ph1"}],"crnumber":1040.0,"crrevision":"","crcategory":"C","tsg_crp":"","lsreplyto":"","lsto":"","Cc":"","lsoriginalls":"","lsreply":"","link":"http:\/\/www.3gpp.org\/ftp\/tsg_sa\/WG2_Arch\/TSGS2_131_Tenerife\/Docs\/S2-1901662.zip","group":"S2","meeting":"S2-131","year":2019,"uicc_affected":null,"me_affected":null,"ran_affected":null,"cn_affected":null,"clauses_affected":null,"crsinpack":null,"crsinpacknumber":0},
{"name":"S2-1902180","title":"Clarification on user plane integrity protection","source":"Intel","contact":"Saso Stojanovski","contact-id":24932,"tdoctype":"CR","for":"Approval","abstract":"","secretary_remarks":"LATE DOC: Rx 19\/02, 16:25. Postponed","agenda_item_sort_order":21,"ainumber":"6.5.4","ainame":"Security related functions and flows","tdoc_agenda_sort_order":11860,"status":"postponed","reservation_date":"2019-02-19 14:59:04","uploaded":"2019-02-19 15:23:47","revisionof":"","revisedto":"","release":"Rel-15","crspec":23.501,"crspecversion":"15.4.0","workitem":[{"winame":"5GS_Ph1"}],"crnumber":1023.0,"crrevision":"","crcategory":"F","tsg_crp":"","lsreplyto":"","lsto":"","Cc":"","lsoriginalls":"","lsreply":"","link":"http:\/\/www.3gpp.org\/ftp\/tsg_sa\/WG2_Arch\/TSGS2_131_Tenerife\/Docs\/S2-1902180.zip","group":"S2","meeting":"S2-131","year":2019,"uicc_affected":null,"me_affected":null,"ran_affected":null,"cn_affected":null,"clauses_affected":null,"crsinpack":null,"crsinpacknumber":0},
{"name":"S2-1902181","title":"LS from ETSI TC Cyber: Initialisation of Sensitive Functions in a Virtualised Environment","source":"ETSI TC Cyber","contact":"Alex Leadbeater","contact-id":71428,"tdoctype":"LS in","for":"Information","abstract":"TC Cyber would like to inform ETSI ISG NFV that TC CYBER has recently completed the attached specification, TS 103 457 Interface to offload sensitive functions to a trusted domain. ISG NFV SEC had previously requested TC CYBER advice on initialisation of sensitive functions and run-time trust domain isolation within an NFV network. TC CYBER believes that TS 103 457 would be applicable in addressing requirements for a number of NFV SEC sensitive function scenarios. TC CYBER would welcome feedback from ISG NFV and ISG NFV SEC on suitability of TS 103 457 to meet sensitive function initialisation, isolation, provisioning and orchestration requirement. TC CYBER would be happy to develop further extensions to TS 103 457 to address any applicable gaps ISG NFV identifies.","secretary_remarks":"Noted in parallel session","agenda_item_sort_order":21,"ainumber":"6.5.4","ainame":"Security related functions and flows","tdoc_agenda_sort_order":11780,"status":"noted","reservation_date":"2019-02-20 08:31:58","uploaded":"2019-02-20 08:32:27","revisionof":"","revisedto":"","release":"","crspec":"","crspecversion":"","workitem":"","crnumber":"","crrevision":"","crcategory":"","tsg_crp":"","lsreplyto":"","lsto":"ETSI ISG NFV, ETSI ISG NFV SEC","Cc":"SA WG3, SA WG3-LI, SA WG2","lsoriginalls":"CYBER(19)000009r1","lsreply":"","link":"http:\/\/www.3gpp.org\/ftp\/tsg_sa\/WG2_Arch\/TSGS2_131_Tenerife\/Docs\/S2-1902181.zip","group":"S2","meeting":"S2-131","year":2019,"uicc_affected":null,"me_affected":null,"ran_affected":null,"cn_affected":null,"clauses_affected":null,"crsinpack":null,"crsinpacknumber":0},
{"name":"S2-1902182","title":"LS from GSMA 5GJA: HTTP\/s SMS roaming interface evolution","source":"GSMA 5GJA","contact":"Maurice Pope","contact-id":648,"tdoctype":"LS in","for":"Action","abstract":"Introduction: The GSMA 5G Joint Activity (5GJA) is responsible for all 5G related items and topics within the Networks Group (NG) domain. The GSMA 5GJA will work in cooperation with GSMA working groups, GSMA program, as well as external organizations. The scope of the GSMA 5GJA includes, but is not limited to, the following topics: \u00b7 - UNI for operator-provided communication services (i.e. Voice, Video, messaging) over 5G - Guidelines for technical aspects of deployment of 5G. - Guidelines for 5G roaming and interconnection. Background: GSMA NG welcomes the Release 15 specifications for the SEPP in 3GPP to protect the HTTP-based signalling via the N32 reference point between VPMN and HPMN when both PMNs are using the service-based 5G Core Network. Based on discussion in 5GJA#5 on 7 November 2018, GSMA 5GJA also see a need for SMS roaming interface to benefit from this security improvement. By also including the SMS roaming interface based on HTTP\/S to compliment the MAP and Diameter interfaces already proposed, it will be possible to provide integrity and confidentiality protection for the SMS user plane. Without HTTP\/S for SMS roaming interface and associated policy enforcement provided by SEPP, SMS would be excluded from the 5G design objective to secure all roaming interfaces. Action: to TSG SA and SA WG2: TSG SA and it associated working group of SA WG2 are kindly requested to include this requirement of the SMS roaming architecture to also use the HTTP\/s interface and SEPP security enforcement, and also when such specifications providing a solution will be made available.","secretary_remarks":"Postponed","agenda_item_sort_order":21,"ainumber":"6.5.4","ainame":"Security related functions and flows","tdoc_agenda_sort_order":11790,"status":"postponed","reservation_date":"2019-02-20 08:31:58","uploaded":"2019-02-20 08:32:28","revisionof":"","revisedto":"","release":"","crspec":"","crspecversion":"","workitem":"","crnumber":"","crrevision":"","crcategory":"","tsg_crp":"","lsreplyto":"","lsto":"TSG SA, SA WG2","Cc":"CT WG4","lsoriginalls":"5GJA5_120","lsreply":"","link":"http:\/\/www.3gpp.org\/ftp\/tsg_sa\/WG2_Arch\/TSGS2_131_Tenerife\/Docs\/S2-1902182.zip","group":"S2","meeting":"S2-131","year":2019,"uicc_affected":null,"me_affected":null,"ran_affected":null,"cn_affected":null,"clauses_affected":null,"crsinpack":null,"crsinpacknumber":0},
{"name":"S2-1902714","title":"Undelivered Steering of Roaming information","source":"NTT DOCOMO","contact":"Riccardo Guerzoni","contact-id":65697,"tdoctype":"CR","for":"Approval","abstract":"Summary of change: Add missing UE behavior in Step 1, when NSSAI Inclusion Mode is used","secretary_remarks":"Revision of S2-1901662. WITHDRAWN","agenda_item_sort_order":21,"ainumber":"6.5.4","ainame":"Security related functions and flows","tdoc_agenda_sort_order":11890,"status":"withdrawn","reservation_date":"2019-02-26 16:16:40","uploaded":null,"revisionof":"S2-1901662","revisedto":"","release":"Rel-15","crspec":23.502,"crspecversion":"15.4.1","workitem":[{"winame":"5GS_Ph1"}],"crnumber":1040.0,"crrevision":1.0,"crcategory":"C","tsg_crp":"","lsreplyto":"","lsto":"","Cc":"","lsoriginalls":"","lsreply":"","link":"","group":"S2","meeting":"S2-131","year":2019,"uicc_affected":null,"me_affected":null,"ran_affected":null,"cn_affected":null,"clauses_affected":null,"crsinpack":null,"crsinpacknumber":0},
{"name":"S2-1902715","title":"[DRAFT] Reply LS on Interception of voice services over new radio in a 5GS environment","source":"SA WG2","contact":"Laurent Thiebaut","contact-id":68713,"tdoctype":"LS out","for":"Approval","abstract":"Reply LS on Interception of voice services over new radio in a 5GS environment","secretary_remarks":"Revision of S2-1901618. Revised in parallel session to S2-1902799.","agenda_item_sort_order":21,"ainumber":"6.5.4","ainame":"Security related functions and flows","tdoc_agenda_sort_order":11730,"status":"revised","reservation_date":"2019-02-26 16:16:41","uploaded":"2019-03-08 10:59:07","revisionof":"S2-1901618","revisedto":"S2-1902799","release":"Rel-15","crspec":"","crspecversion":"","workitem":"","crnumber":"","crrevision":"","crcategory":"","tsg_crp":"","lsreplyto":"","lsto":"SA WG3-LI, SA WG3, GSMA ROAM","Cc":"GSMA, CT WG1","lsoriginalls":"","lsreply":"","link":"http:\/\/www.3gpp.org\/ftp\/tsg_sa\/WG2_Arch\/TSGS2_131_Tenerife\/Docs\/S2-1902715.zip","group":"S2","meeting":"S2-131","year":2019,"uicc_affected":null,"me_affected":null,"ran_affected":null,"cn_affected":null,"clauses_affected":null,"crsinpack":null,"crsinpacknumber":0},
{"name":"S2-1902736","title":"Correction for enforcement of user plane integrity protection","source":"Qualcomm Incorporated","contact":"Faccin Stefano","contact-id":79506,"tdoctype":"CR","for":"Approval","abstract":"Summary of change: In step 5, SMF starts a timer to release N3 CN TUNNEL in PSA, after timer expires, the SMF removes the N3 tunnel in PSA. Correct the incorrect step number in the description and the figure.","secretary_remarks":"Revision of S2-1901543. Revised in parallel session to S2-1902738.","agenda_item_sort_order":21,"ainumber":"6.5.4","ainame":"Security related functions and flows","tdoc_agenda_sort_order":11840,"status":"revised","reservation_date":"2019-02-26 17:14:25","uploaded":"2019-03-08 10:59:12","revisionof":"S2-1901543","revisedto":"S2-1902738","release":"Rel-15","crspec":23.501,"crspecversion":"15.4.0","workitem":[{"winame":"5GS_Ph1"}],"crnumber":922.0,"crrevision":1.0,"crcategory":"F","tsg_crp":"","lsreplyto":"","lsto":"","Cc":"","lsoriginalls":"","lsreply":"","link":"http:\/\/www.3gpp.org\/ftp\/tsg_sa\/WG2_Arch\/TSGS2_131_Tenerife\/Docs\/S2-1902736.zip","group":"S2","meeting":"S2-131","year":2019,"uicc_affected":null,"me_affected":null,"ran_affected":null,"cn_affected":null,"clauses_affected":null,"crsinpack":null,"crsinpacknumber":0},
{"name":"S2-1902738","title":"Correction for enforcement of user plane integrity protection","source":"Qualcomm Incorporated","contact":"Faccin Stefano","contact-id":79506,"tdoctype":"CR","for":"Approval","abstract":"Summary of change: It is clarified that it is the responsibility of the RAN to ensure that the UP IP data rate delivered to the UE in downlink is kept below the maximum.","secretary_remarks":"Revision of S2-1902736. Agreed in parallel session. This was Block approved","agenda_item_sort_order":21,"ainumber":"6.5.4","ainame":"Security related functions and flows","tdoc_agenda_sort_order":11850,"status":"agreed","reservation_date":"2019-02-26 17:20:10","uploaded":"2019-03-08 10:59:12","revisionof":"S2-1902736","revisedto":"","release":"Rel-15","crspec":23.501,"crspecversion":"15.4.0","workitem":[{"winame":"5GS_Ph1"}],"crnumber":922.0,"crrevision":2.0,"crcategory":"F","tsg_crp":"SP-190155","lsreplyto":"","lsto":"","Cc":"","lsoriginalls":"","lsreply":"","link":"http:\/\/www.3gpp.org\/ftp\/tsg_sa\/WG2_Arch\/TSGS2_131_Tenerife\/Docs\/S2-1902738.zip","group":"S2","meeting":"S2-131","year":2019,"uicc_affected":null,"me_affected":null,"ran_affected":null,"cn_affected":null,"clauses_affected":null,"crsinpack":null,"crsinpacknumber":0},
{"name":"S2-1902799","title":"Reply LS on Interception of voice services over new radio in a 5GS environment","source":"SA WG2","contact":"Laurent Thiebaut","contact-id":68713,"tdoctype":"LS out","for":"Approval","abstract":"To: SA WG3-LI, SA WG3, GSMA 5GJA TF. CC: GSMA Network Group, CT WG1","secretary_remarks":"Revision of S2-1902715. Agreed in parallel session. This was Block approved","agenda_item_sort_order":21,"ainumber":"6.5.4","ainame":"Security related functions and flows","tdoc_agenda_sort_order":11740,"status":"approved","reservation_date":"2019-02-28 10:33:27","uploaded":"2019-03-08 13:43:28","revisionof":"S2-1902715","revisedto":"","release":"Rel-15","crspec":"","crspecversion":"","workitem":"","crnumber":"","crrevision":"","crcategory":"","tsg_crp":"","lsreplyto":"S2-1901438","lsto":"SA WG3-LI, SA WG3, GSMA 5GJA TF","Cc":"GSMA Network Group, CT WG1","lsoriginalls":"","lsreply":"","link":"http:\/\/www.3gpp.org\/ftp\/tsg_sa\/WG2_Arch\/TSGS2_131_Tenerife\/Docs\/S2-1902799.zip","group":"S2","meeting":"S2-131","year":2019,"uicc_affected":null,"me_affected":null,"ran_affected":null,"cn_affected":null,"clauses_affected":null,"crsinpack":null,"crsinpacknumber":0}]