Tdoc List

2016-07-29 16:20

TDoc Title Source Type For Agenda Avail Treated Decision Wdrn Replaced-by Replaces
S3‑160900 Agenda WG Chairman agenda  
2Approval of Agenda and Meeting Objectives
Yes
Yes
approved No    
S3‑160901 Report from SA3#83 MCC report  
4.1Approval of the Report from SA3 #82
Yes
Yes
approved No    
S3‑160902 SA3 Work Plan MCC Work Plan  
9Review and Update of Work Plan
Yes
Yes
noted No    
S3‑160903 Report from last SA meeting WG Chairman report  
4.2Report from SA #71
Yes
Yes
noted No    
S3‑160904 SA3 meeting calendar MCC other  
10Future Meeting Dates and Venues
Yes
Yes
revised No S3‑161291  
S3‑160905 Work Plan input from Rapporteurs MCC other  
9Review and Update of Work Plan
Yes
Yes
revised No S3‑161283  
S3‑160906 LS response on LS on confidentiality protection of an identity in a value of an XML attribute of an XML element of an XML document included in a SIP message. C1-162978 LS in  
7.6.10Security of MCPTT (MCPTT)
Yes
YesCESG commented that SA3 had already commented that there is nothing to do here. Why does CT1 want to investigate an option where we have said this is not feasible? Why discussing this in CT1 and not in SA3?
replied to No    
S3‑160907 LS on identification of originating MCPTT ID in GMS C1-163039 LS in  
7.6.10Security of MCPTT (MCPTT)
Yes
Yes
replied to No    
S3‑160908 LS on Protecting UE network capabilities from Ďbidding down attack GSMA FSAG LS in  
7.1SAE/LTE Security
Yes
Yes
replied to No    
S3‑160909 LS on Solving Legacy Security Issues GSMA FSAG LS in  
7.6.4GERAN Network Access Security
Yes
Yes
replied to No    
S3‑160910 Liaison Statement on 5G Capabilities and Requirements GSMA LS in  
6.4GSMA
Yes
YesPresented by David Hutton (GSMA). Vodafone: a guide to obsolete features and suplementary services? David (GSMA): this is directed to other players, not 3GPP SA3. Nokia: Interconnection network is not secure is weak. Using the Internet backbone is multiplying the security issues too. David: A secure model for IPX is the way forward. Nokia: it doesnít help for misbehaving end points. David: We are working towards that point, e.g.more firewall mechanisms for SS7. The Chairman commented that this LS will help SA3 in the NSA work item. Interdigital: Slicing in serving network for home environment. A slice can be created on demand? David: it can be done that way or operators know who their roaming partners are and build it statically.
replied to No    
S3‑160911 Reply to: LS on Clarifications on RRC Resume Request R2-164414 LS in  
7.4Security Aspects of Narrowband IOT (CIoT)
Yes
Yes
noted No    
S3‑160912 LS to SA3 on LWIP counter R2-164551 LS in  
7.1SAE/LTE Security
Yes
Yes
noted No    
S3‑160913 LS on PDCP ciphering for high data rates in eLWA R2-164557 LS in  
7.1SAE/LTE Security
Yes
Yes
replied to No    
S3‑160914 LS on eDRX paging timing calculation and security concern R2-164582 LS in  
6.13GPP Working Groups
Yes
YesDocomo: clashing on paging needs to be resolved.
replied to No    
S3‑160915 Response LS on Clarifications on RRC Resume Request R3-161426 LS in  
7.4Security Aspects of Narrowband IOT (CIoT)
Yes
Yes
noted No    
S3‑160916 LS on Support of EAP Re-authentication for WLAN Interworking S2-162796 LS in  
6.13GPP Working Groups
Yes
YesDiscussed together with 1146 (WID).
noted No    
S3‑160917 LS on progress of FS_xMBMS study item S4-160837 LS in  
6.13GPP Working Groups
Yes
YesNagendra (Nokia) commented that Diameter based MB2 interface should be reused. This would force SA3 to look at the security aspects. Vodafone: there is an editor's note in the TR that refers to security aspects to be dealt with SA3. It was decided to note it.
noted No    
S3‑160918 Response LS on Progress on Security for LWIP SP-160457 LS in  
7.1SAE/LTE Security
Yes
Yes
noted No    
S3‑160919 LS on I-WLAN handling and specification withdrawal SP-160508 LS in  
6.13GPP Working Groups
Yes
YesDiscussed with 1045. Ericsson will take action on this as stated in 1045.
noted No    
S3‑160920 pCR to 33.863 - addition of recomendation section VODAFONE Group Plc pCR Approval
8.8.3Study on Battery Efficient Security for very low Throughput Machine Type Communication Devices
Yes
Yes
revised No S3‑161255  
S3‑160921 WID for normaitive work of BEST VODAFONE Group Plc WID new Agreement
8.8.3Study on Battery Efficient Security for very low Throughput Machine Type Communication Devices
Yes
YesHuawei rejected having point a. Vodafone would not agree on a WID without point a. The general agreement was to keep a).
revised No S3‑161256  
S3‑160922 pCR to 33.863 - Editorial updates VODAFONE Group Plc pCR Approval
8.8.3Study on Battery Efficient Security for very low Throughput Machine Type Communication Devices
Yes
Yes
approved No    
S3‑160923 pCR to 33.863 - Addition of annex detailing suggested normaitive changes VODAFONE Group Plc pCR Approval
8.8.3Study on Battery Efficient Security for very low Throughput Machine Type Communication Devices
Yes
YesNokia wanted to evaluate the solutions from this meeting. Orange: there is no contribution from Nokia to challenge solution 8 and 9. Juniper: no time to re-evaluate all the solutions that we have right now. Nokia: the definition of the protocol itself should not be mandated here. We would agree to have the option of having other new solutions. Vodafone: Nokia's concerns are normative work concerns. This is a TR. The detail will go into normative work. Nokia: letís put solutions in the TR and with contributions we decide which ones will go to the TS. Orange: the TR will give recommendations. Solution 8 and 9 are the way forward. We cannot have a conclusion saying that we can have any solution. Nokia: we need additional work to be done in the TS to make it modular. Vodafone commented that Nokia's rejection to this normative work is clearly delaying the work on purpose.
revised No S3‑161284  
S3‑160924 pCR to 33.899 - update of the Introduction section VODAFONE Group Plc pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
YesEricsson and Docomo commented that reference to 3GPP working groups and work items should be removed. They also commented that when referring to white papers of other organizations there should be references to them. This was confirmed by MCC.
revised No S3‑161184  
S3‑160925 pCR to TR 33.899 - update of section 4.2 High level security requirements VODAFONE Group Plc pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
YesOrange suggested to add a clause on signalling. Claus (G&D): difference between service, network service and NextGen services? Vodafone: to distinguish the new services that donít exist in legacy networks. Claus (G&D): we should distinguish the different services. Juniper: an editor's note on the need for clear definitions for these services. Qualcomm: no need to have different clauses, the radio interface clause is too detailed to be high level. NTT-Docomo: subscriber privacy left out? It was agreed to be added.
revised No S3‑161185  
S3‑160926 pCR to 33.899 - update of 5.1.2 Security assumptions (Architectural aspects of 5G security) VODAFONE Group Plc pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
No
No
withdrawn Yes    
S3‑160927 pCR to 33.899 - Reword section 5.2.3.2.2 and 5.2.3.3 as per editors notes VODAFONE Group Plc pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
No
No
withdrawn Yes    
S3‑160928 Discussion document on the progress of EASE ALGO work item. VODAFONE Group Plc discussion Information
7.5New GPRS algorithms for EASE (EASE_ALGOs_SA3)
Yes
YesNTT-Docomo commented that trying to rush it didnít look appropiate and a delay would be acceptable. Orange: SA3 will not comment much on the specs given the lack of expertise in cryptography. Docomo commented that they have insisted on public review, not just in SA3 so external review would be also possible. MCC commented that apparently the papers would be sent on Monday of the meeting week, but they needed confirmation from ETSI. It was agreed to choose option one with an exception to be submitted to SA.
noted No    
S3‑160929 TCG progress report INTERDIGITAL COMMUNICATIONS report Information
6.7TCG
Yes
YesNokia: Network equipment subgroup? Interidigital: It's fdor routers, servers, endpoints in the network. The difference would lie in virtualization. Interdigital agreed to contribute with more info on this group.
noted No    
S3‑160930 Removing Editorís Note in 6.1.2.2 TNO pCR Approval
8.8.3Study on Battery Efficient Security for very low Throughput Machine Type Communication Devices
Yes
Yes
revised No S3‑161250  
S3‑160931 Removing Editorís Note in 6.1.2.3 of TR 33.863 TNO pCR Approval
8.8.3Study on Battery Efficient Security for very low Throughput Machine Type Communication Devices
Yes
Yes
approved No    
S3‑160932 Removing Editorís Note in 6.1.2.6 TNO pCR Approval
8.8.3Study on Battery Efficient Security for very low Throughput Machine Type Communication Devices
Yes
Yes
approved No    
S3‑160933 Removing Editorís Note in 6.2.2.2 TNO pCR Approval
8.8.3Study on Battery Efficient Security for very low Throughput Machine Type Communication Devices
Yes
Yes
approved No    
S3‑160934 Correction of some implementation errors MCC CR Agreement
7.6.10Security of MCPTT (MCPTT)
Yes
Yes
agreed No    
S3‑160935 pCR to TS 33.117 on TC_CONFIDENTIAL_SYSTEM_INTERNAL_DATA Deutsche Telekom AG pCR Approval
7.2.2TS 33.117 (SCAS-SA3)
Yes
Yes
revised No S3‑160943  
S3‑160936 pCR to TS 33.117 adding test case for "Protecting data and information in transfer" Deutsche Telekom AG pCR Approval
7.2.2TS 33.117 (SCAS-SA3)
Yes
Yes
revised No S3‑160942  
S3‑160937 NESAS Pilot Release Documents GSMA SECAG LS in  
6.4GSMA
Yes
Yes
postponed No    
S3‑160938 Recording and discreet listening of private communications Airbus Group SAS discussion Endorsement
7.6.10Security of MCPTT (MCPTT)
Yes
YesCESG commented that they preferred solution1. BT commented that recordings can be kept for a long time. We need a requirement for end users.Both features are needed. Motorola didnít have a preference on the options. CESG commented that more discussion was needed. Maybe to be discussed in SA3-LI? BT: the LI community are not the end users of this. CESG proposed to send an LS to SA3-LI and SA6.
noted No    
S3‑160939 Key issue #2.4: Device identifier authentication INTERDIGITAL COMMUNICATIONS pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
YesQualcomm suggested for Non tampered: secure and protected instead. Interdigital disagreed. BT: associated device identity credentials and not just credentials storage. Claus:we havenít agreed on device credentials, agree with BT. Device auth more than device identifier auth. Nokia: device auth is a key issue, auth without credentials would be too difficult. Gemalto didnít agree with addressing the issue of having device authentication as the only auth needed and performed. The editor's note was removed.
revised No S3‑161202  
S3‑160940 Key issue #5.1: Secure storage and processing of credentials and identities INTERDIGITAL COMMUNICATIONS pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
postponed No    
S3‑160941 Key Issue #11.3: User control of security INTERDIGITAL COMMUNICATIONS pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
postponed No    
S3‑160942 pCR to TS 33.117 adding test case for "Protecting data and information in transfer" Deutsche Telekom AG pCR Approval
7.2.2TS 33.117 (SCAS-SA3)
Yes
YesEricsson didnít support the test case addition. Huawei and Nokia supported Ericsson.
revised No S3‑161237 S3‑160936
S3‑160943 pCR to TS 33.117 on TC_CONFIDENTIAL_SYSTEM_INTERNAL_DATA Deutsche Telekom AG pCR Approval
7.2.2TS 33.117 (SCAS-SA3)
Yes
Yes
revised No S3‑161236 S3‑160935
S3‑160944 Key Issue #11.4: On demand security framework INTERDIGITAL COMMUNICATIONS pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
postponed No    
S3‑160945 pCR to TR 33.899: Radio interface user plane integrity protection, Solution details VODAFONE Group Plc pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
approved No    
S3‑160946 pCR to TR 33.899: Authentication section introduction VODAFONE Group Plc pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
revised No S3‑161198  
S3‑160947 pCR to TR 33.899: Radio interface key exchange protocol VODAFONE Group Plc pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
revised No S3‑161268  
S3‑160948 pCR to TR 33.899: interception of radio interface keys sent between operator entities VODAFONE Group Plc pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
YesEricsson: this is not really a requirement. It was agreed to re-word the requirements and the key-issue details.
revised No S3‑161270  
S3‑160949 pCR to TR 33.899: UE action if network does not update session keys VODAFONE Group Plc pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
revised No S3‑161271  
S3‑160950 Key Issue #8.1: Security isolation of network slices INTERDIGITAL COMMUNICATIONS pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
YesVodafone: the breach can happen in the network, not only in the UE. Huawei didnít see clear the data leakage issue. Vodafone: accessing two separate slices forces the UE to avoid the data going through to the different slices. Ericsson: how do you avoid that? BT agreed with this. LG: UE is not aware of network slices. It was agreed to add an editor's note, on the isolation of the UE from several network slices,if it's in scope. Vodafone: two interconnected UEs in different slices (e.g. wearable devices) would need to be addressed too.
merged No S3‑161213  
S3‑160951 Key issue #6.y: Authorization decoupled from Authentication INTERDIGITAL COMMUNICATIONS pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
YesEricsson: scenarios in SA2 that support this decoupling? An editor's note was added for this. Nokia: First sentence in key issue details is not true: we have user subscriber profiles.
postponed No    
S3‑160952 pCR to TR 33.899: Proposal of key hierarchy for 5G security NEC pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
YesVodafone: no requirements without security threats. Interdigital: one set of control plane keys in the figure. A slice is not a complete network from end to end. This contribution was discussed with the similar 1101 from Qualcomm. Qualcomm: is the control plane the same for all slices? NEC: only one common control plane. Vodafone: it is likely that there will slices in both user and control planes. Nokia: control function common or split is still being discussed in SA2. Orange: slicing is also being defined in RAN so we also depend on their outcome. NEC: Key hierarchy should be defined separately from the architecture.
revised No S3‑161192  
S3‑160953 pCR to TR 33.899: Proposal of solution for key issue of network slicing security NEC pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
YesOrange: Roaming case and privacy aspects to be considered. Nokia: slice security server? How do you define this? How different is from the HSS? Interdigital: SSS has policies per slice. Orange: what are the interfaces to the HSS? We need to figure out these details. Huawei agreed.
revised No S3‑161265  
S3‑160954 pCR adding the skeleton of TS 33.250 China Mobile Com. Corporation, ZTE, Telecom Italia draft TS Approval
7.2.3TS 33.zzz (SCAS_PGW)
Yes
Yes
revised No S3‑161242  
S3‑160955 Correction of CR implementation omissions MCC CR Agreement
7.3Enhanced Access Security for Extended Coverage GSM in relation to Cellular IoT (EASE_EC_GSM)
Yes
YesMCC commented that these were implementation errors brought to this meeting for formal agreement. These issues were agreed already in CR#0040. This CR was merged with 1092 which clashed with the figure change proposed in 1092.
merged No S3‑161179  
S3‑160956 Split of key issue #7.1 on subscriber identifier privacy Ericsson, Nokia, Telecom Italia discussion Discussion
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
noted No    
S3‑160957 Update of key issue #7.2 on refreshing of temporary subscriber identifier Ericsson, Nokia, Telecom Italia pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
approved No    
S3‑160958 New privacy key issue on concealing permanent or long-term subscriber identifier Ericsson, Nokia, Telecom Italia pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
revised No S3‑161285  
S3‑160959 New privacy key issue on concealing permanent or long-term device identifier Ericsson, Nokia, Telecom Italia pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
approved No    
S3‑160960 New privacy key issue on using effective temporary or short-term subscriber identifiers Ericsson, Nokia, Telecom Italia pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
approved No    
S3‑160961 New privacy key issue on transmitting permanent identifiers in secure interface Ericsson, Nokia, Telecom Italia pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
approved No    
S3‑160962 New privacy key issue on transmitting permanent subscriber identifiers only when needed Ericsson, Nokia, Telecom Italia pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
approved No    
S3‑160963 Deletion of key issue #7.1 on subscriber identifier privacy Ericsson, Nokia, Telecom Italia pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
approved No    
S3‑160964 An overview of NextGen security architecture ZTE Corporation pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
YesEricsson: virtualised or not they are network functions (VsF in figure). Orange: network access security and secure access to services. What's the intention here? ZTE: it's coming from 33.401. Orange: what is the trusted storage computing? Where is this figure coming from? Huawei: no connection from the 3GPP AN to the core network. ZTE: this is coming from 33.401 and 23.799, combined with some modifications. Orange: we need to be clear on where this figure is coming from. Nokia didnít agree with the figure capturing SA2 agreements. 3GPP AN access, network slice connections donít capture the agreements. We need to wait for SA2 before having such a figure. BT: it would be good to agree on a figure like this for 33.401.Orange supported this, although they didnít agree on this one.
noted No    
S3‑160965 Key hierarchy schems for network slicing ZTE Corporation pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
revised No S3‑161140  
S3‑160966 Security for serving functions not in physical protected place ZTE Corporation pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
YesInterdigital: access networks are not insecure in principle. Vodafone: access networks are harder to protect, it does not necessarily means that are insecure. We need a mechanism to know where to locate the function. Close or far is not enough. What do they mean? Vodafone: this document needs heavy re-wording.
revised No S3‑161193  
S3‑160967 Signing of Access Tokens Motorola Solutions Danmark A/S CR Agreement
7.6.10Security of MCPTT (MCPTT)
Yes
Yes
revised No S3‑161195  
S3‑160968 Fix Identity Management interface Motorola Solutions Danmark A/S CR Agreement
7.6.10Security of MCPTT (MCPTT)
Yes
Yes
revised No S3‑161227  
S3‑160969 Key Issue for inter-domain identity management operation Motorola Solutions Danmark A/S pCR Approval
8.7Study on Mission Critical Security Enhancements (FS_MC_Sec)
Yes
Yes
revised No S3‑161218  
S3‑160970 Identity management for inter-domain operation Motorola Solutions Danmark A/S pCR Approval
8.7Study on Mission Critical Security Enhancements (FS_MC_Sec)
Yes
Yes
revised No S3‑161219  
S3‑160971 New work item for Security Architecture for Mission Critical Services Motorola Solutions Danmark A/S WID new Agreement
7.6.10Security of MCPTT (MCPTT)
Yes
Yes
revised No S3‑161196  
S3‑160972 R-14 mission critical TS strategy Motorola Solutions Danmark A/S discussion Endorsement
7.6.10Security of MCPTT (MCPTT)
Yes
YesNokia supported approach #2. This was agreed by SA3 as well.
endorsed No    
S3‑160973 SA3 response to LS S3-160907 (C1-162780) Motorola Solutions Danmark A/S LS out Approval
7.6.10Security of MCPTT (MCPTT)
Yes
Yes
revised No S3‑161151  
S3‑160974 3.1 Definitions - Device INTERDIGITAL COMMUNICATIONS pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
postponed No    
S3‑160975 pCR to TR 33.899: Authentication of the user VODAFONE Group Plc pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
YesNokia: Associating the user with the device is associating two identities. Vodafone: the device is the UE. The content will be reviewed according to the discussion on the definition of device.
revised No S3‑161260  
S3‑160976 New privacy key issue on temporary device identifier Nokia, Ericsson, Telecom Italia pCR  
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
approved No    
S3‑160977 NSA Adding new security area on broadcast multicast Nokia pCR  
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
revised No S3‑161186  
S3‑160978 NSA new security area on interworking and migration Nokia pCR  
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
YesMCC commented that all references to 3GPP working groups, working methods, tdoc numbers and so on should be removed from the Introduction. The specification should refer to other 3GPP specifications in this case. It was agreed to move such references to the Editor's note in the Introduction.
revised No S3‑161188  
S3‑160979 NSA - 5.3.3.3 - addressing ENs on bidding down attack and requirements reformulation Nokia pCR  
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
approved No    
S3‑160980 V2X requirement on updating of crypto Nokia pCR  
8.5Study on security aspects for LTE support of V2X services (FS_V2XLTE)
Yes
YesCESG pointed out the issue of management of updating the algorithms. This was put in an editor's note. Klaus: clarify security maintaninability in the requirement. This was agreed.
revised No S3‑161172  
S3‑160981 V2X Discussion on privacy requirements by regulation Nokia discussion  
8.5Study on security aspects for LTE support of V2X services (FS_V2XLTE)
Yes
YesOrange: the operators are aligned with this, no problems with LTE related procedures in EU. Itís already compliant. In the US part, we identify network identities linked to billing identity, not V2X identities. The security network is not impacted, it's about the identity part. This is outside the scope of 3GPP. Vodafone: we can use these V2X identities in our specs. Orange: in SA3 we donít work at application level. Itís a separate issue from the IMSI. Qualcomm: it's up to SA1 to decide on the regulator requirements.An LS was sent for clarification already. They are meeting in August. Ericsson: ITS document on privacy issues should also be considered here.
noted No    
S3‑160982 V2X Annex on privacy by regulation EU Nokia pCR  
8.5Study on security aspects for LTE support of V2X services (FS_V2XLTE)
Yes
YesWaiting for SA1 to take action.
postponed No    
S3‑160983 V2X Annex on privacy by regulation US Nokia pCR  
8.5Study on security aspects for LTE support of V2X services (FS_V2XLTE)
Yes
YesWaiting for SA1 to take action.
postponed No    
S3‑160984 NBIoT UP Solution CR Nokia, Ericsson CR Approval
7.4Security Aspects of Narrowband IOT (CIoT)
Yes
Yes
agreed No    
S3‑160985 Discussion paper on disabling PDCP ciphering Nokia, Intel discussion Discussion
7.1SAE/LTE Security
Yes
YesQualcomm: If we disable PDCP cyphering the solutions described here will not work. The concept of trusted/untrusted is not available in the serving network. We donít agree with disabling PDCP cyphering. Nokia: RAN should work to get that information in the eNodeB (trusted/untrusted concept). Docomo: we had this discussion before, we should have PDCP active. BT: performance issue with double encryption. The UE is getting more complex. Qualcomm: the performance will not be affected. Turning on and off would be more effective.
noted No    
S3‑160986 draft_LS response on disabling PDCP ciphering Nokia, Intel LS out Approval
7.1SAE/LTE Security
Yes
Yes
noted No    
S3‑160987 Network Slice: EN in 5.8 intro and assumptions Nokia pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
YesDiscussed with 1126 since they overlap.
merged No S3‑161212  
S3‑160988 Network Slice: 5.8.3.1 key issue isolation of slices Nokia pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
YesVodafone: we need a definition of tenant. Orange: multi tenants concept is a SA2 definition. It was agreed to have an editor's note on this and ask SA2 on the tenant,multi-tenant concepts. Ericsson: network slice type is not defined in SA2. The text in the key issue is one understanding, but it is not how it is going to work. It needs to be clarified how it is going to work in the end, there is no agreement in SA2 for this. Interdigital: also the issue of being an UE, NG UE or device what we are referring to here. Interdigital: add roaming scenarios in the potential requirements.
merged No S3‑161213  
S3‑160989 Network Slice: EN in 5.8.3.2 Slice differentiation Nokia pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
YesEricsson: the network selection procedure is still being discussed in SA2, still one interpretation. Vodafone: default network slice, controller node,..there are a lot of new definitions that need to be specified in the document. Adding this controller node means new threats and new requirements associated to this new definition. An editor's note was agreed for this, Ericsson: "it should be possible to define access security mechanisms" is not a real requirement, it's not how we define requirements in here. Orange and BT found the requirement vague. This had to be discussed offline.
revised No S3‑161215  
S3‑160990 Network slice: EN in 5.8.3.7 interslice communication Nokia pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
YesEricsson: there is no refrence point defined between slices. Orange agreed. It was agreed to create a document for all those definitions that need to be discussed (1263). Huawei and Orange: what is sensitivity level? It should be defined somewhere else. An editor's note was added.
revised No S3‑161264  
S3‑160991 Security aspects of Connectionless RAN-CN interface Nokia pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
YesEricsson: no need to describe all solutions, just enumerate them.
revised No S3‑161189  
S3‑160992 pCR to TR 33.899: Network public keys VODAFONE Group Plc pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
YesEricsson suggested to add an editor's note. Orange: managing a global CA is a problem among the operators. Vodafone: this is an evaluation of the solution. Orange: it's for FFS if it's achievable.
revised No S3‑161282  
S3‑160993 V2X privacy - a way forward LG Electronics France discussion Discussion
8.5Study on security aspects for LTE support of V2X services (FS_V2XLTE)
Yes
YesThere is no decision on having IMSI anonymised. Orange doesnít agree with this. The Chairman asked whether there was anyone agreeing with proposal one. No one replied, so this was gone. Orange: we sent an LS to SA1 already since we didnít understand those requirements. We donít need to send this LS. Ericsson preferred to have clarification on this privacy regulation by sending this LS. Vodafone commented that V2X is a 5G feature and expressed their surprise of this not being in NSA. Huawei: it is defined for LTE now. Vodafone: so this is not working in 5G? The Chairman commented that V2X is potentially in 5G. Vodafone: the privacy in 5G may have an effect on the solution we find for V2X.
noted No    
S3‑160994 Draft LS on V2X privacy clarification LG Electronics France LS out Approval
8.5Study on security aspects for LTE support of V2X services (FS_V2XLTE)
Yes
YesVodafone: does this mean that we have to create a special case for V2X? Not clear. The Chairman commented that since proposal one in the previous contribution was discarded the content here could not be sent.
noted No    
S3‑160995 Enhancing the concealment of permanent or long-term subscriber identifier Ericsson,Telecom Italia pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
revised No S3‑161288  
S3‑160996 Update of V2X attach id obfuscation LG Electronics France pCR Approval
8.5Study on security aspects for LTE support of V2X services (FS_V2XLTE)
Yes
YesOrange: Anonimty with respect to the third party who knows the IMSI. So there is no anonimity. It doesnít solve the problem. We are also waiting for SA1's response. Huawei: this is a study that can be continued without having to submit it for the next SA plenary as originally planned. Orange wanted an editor's note with their comments: anonymity with respect to the third party.This was agreed.
revised No S3‑161158  
S3‑160997 Solution for Network Slicing Security LG Electronics France pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
revised No S3‑161266  
S3‑160998 Solution for NSA security context sharing LG Electronics France pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
YesNokia: this only applies to trusted access, not untrusted access. Some other comments from Nokia were treated offline.
noted No    
S3‑160999 Update of NSA security area #11 Security visibility and configurability LG Electronics France pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
postponed No    
S3‑161000 Secure Mechanism to Achieve Remote Credential Provisioning for IoT devices Huawei, HiSilicon, Deutsche Telekom AG pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
postponed No    
S3‑161001 Resolving Editorís notes in Key Issue #2.1 Authentication framwork Huawei, HiSilicon pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
noted No    
S3‑161002 PCR of User Plane Security Protection Huawei, HiSilicon, Deutsche Telekom AG, Vodafone pCR  
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
YesNokia: Key issue description looks more like a solution. Orange: why do we need KMS as a separate function for key derivation? We can reuse what we have. Huawei: itís a logical entity, it can be located anywhere. Ericsson clarified that this describes a session based security solution. LG: there is no negotiation procedure here. Qualcomm: There are different policies and we need to clarify where they are coming from (e.g. policy control). Nokia: there is a risk of confusion when using "policy control" since it could be confused with the PCRF.
revised No S3‑161197  
S3‑161003 Key Issue of Security for Service Provider Connection Huawei, HiSilicon, Deutsche Telekom AG, KPN pCR  
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
YesOrange: where are the requirements for SA3 in 22.861? It was decided to check this offline. Orange: No defintion of service provider in 3GPP -> it becomes third party in the contribution.
revised No S3‑161203  
S3‑161004 Remote Provisioning for IoT devices through a Companion UE Huawei, Hisilicon, China Mobile, Deutsche Telekom AG, KPN pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
postponed No    
S3‑161005 Security Context and Key Management Huawei, HiSilicon, Deutsche Telekom AG pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
YesNokia found the auth and security derivation flow not clear. The term seccurity context is used in different ways. Orange: What is supplicant? Huawei: this is defined in SA2. The Chairman suggested to refer to the solution in SA2 and change the text accordingly. Nokia: some access special module in the UE is requesting authentication. This is for further study,
revised No S3‑161278  
S3‑161006 Detailed Requirements for Security Mechanism Differentiation for Network Slices Huawei, HiSilicon,Deutsche Telekom AG pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
YesOrange disgagreed with the requirement. Only agreed with the sentence with "security policyÖ". Interdigital agreed with the requirement. This issue was related to the LS to SA1. Gemalto suggested an editor's note detailing that this requirement is dependent on the LS. This was agreed.
revised No S3‑161258  
S3‑161007 Threats for Security Context Sharing Huawei, HiSilicon,Deutsche Telekom AG, China Mobile pCR  
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
revised No S3‑161274  
S3‑161008 The Authentication & Authorization Scenarios of UE Accessing into Network Slicing Huawei, HiSilicon, Deutsche Telekom AG pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
YesEricsson: it should have been in key issue authentication. It was noted that this overlapped with several other contributions.
merged No S3‑161262  
S3‑161009 The storage of security context Huawei; HiSilicon pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
revised No S3‑161144  
S3‑161010 Security context for connectionless mode Huawei; HiSilicon pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
YesEricsson: the key details are not clear. This can be any threat.An editor's note was added. MCC: remove the SMARTER term and add reference to 22.891 Connectionless becomes small data.
revised No S3‑161277  
S3‑161011 pCR adding security assumptions in security area 5.4 THALES pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
YesNokia suggested to remove the second paragraph. The first paragraph is a description of the architecture that should go to another part of the specification. This was finally noted.
noted No    
S3‑161012 Discussion paper for SCAS-PGW TNO discussion Discussion
7.2.3TS 33.zzz (SCAS_PGW)
Yes
No
withdrawn Yes    
S3‑161013 Removing Editorís Note in 6.4.2.3 TNO pCR Approval
8.8.3Study on Battery Efficient Security for very low Throughput Machine Type Communication Devices
Yes
No
withdrawn Yes    
S3‑161014 Discussion on the necessity to reinforce the radio air interface for the next generation system THALES discussion Discussion
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
revised No S3‑161019  
S3‑161015 Moved EnSE functionality to Enterprise Server TNO pCR Approval
8.8.3Study on Battery Efficient Security for very low Throughput Machine Type Communication Devices
Yes
YesOrange: there is no definition for enterprise server.
noted No    
S3‑161016 pCR to TS 33.250 - Adding an EN in section 5.3.3.1.2 on P-GW and traffic forwarding TNO pCR Approval
7.2.3TS 33.zzz (SCAS_PGW)
Yes
YesIt was agreed to remove security objectives in 1121 and 1120. All references will be checked when renumbering the clauses, in both 33.117 and 33.926. 5.2.3 was proposed to keep it as an empty clasuse.
merged No S3‑161242  
S3‑161017 pCR adding key issue in security area 5.4 THALES pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
YesNokia: Disclosure of auth parameters belongs to the privacy issues addressed somewhere else. Nokia: Also,some part of this text is already adressed in one of the Vodafone's contributions, security areas 2 and 3. Thales: refer to the signalling data before the auth is established to make it more generic. Nokia: this is not a threat, physical layer signalling, not to be addressed in SA3. Thales: all the attacks are coming this way now, we need to address this in 5G.
noted No    
S3‑161018 pCR to TR 33.899 New key issue - Secondary authentication by 3rd party service Nokia pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
revised No S3‑161204  
S3‑161019 Discussion on the necessity to reinforce the radio air interface for the next generation system THALES discussion Discussion
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
YesNokia: this is a notion that everything we have done from GSM is insecure. Thales: itís not a standalone solution but a brick in the wall of a whole set of new solutions. We need to consider new kinds of solutions as well.
noted No   S3‑161014
S3‑161020 FS_NSA - Update to Key Issue #8.3 Ė Security on UEís access to slices Nokia pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
YesEricsson: not generic enough, this is still under work in SA2. Huawei proposed to agree on the key issue details and add an editor's note to go on. This was agreed. Huawei considered that figures in 1008 were a better representation than the text in 1020. LS supported this.
merged No S3‑161262  
S3‑161021 Key issue about data communication security between network entities Huawei, HiSilicon pCR Approval
8.5Study on security aspects for LTE support of V2X services (FS_V2XLTE)
Yes
Yes
revised No S3‑161166  
S3‑161022 Key issue about V2I broadcast communication security Huawei, HiSilicon pCR Approval
8.5Study on security aspects for LTE support of V2X services (FS_V2XLTE)
Yes
YesOrange: who authorizes the UE in the second requirement? Huawei: The network. It was also commented that requirements should be written in active voice to avoid ambiguities on who is doing the action.
revised No S3‑161167  
S3‑161023 Security of UE to V2X Control Funtion interface Huawei, HiSilicon pCR Approval
8.5Study on security aspects for LTE support of V2X services (FS_V2XLTE)
Yes
Yes
revised No S3‑161176  
S3‑161024 Adding References and Definitions and Abbreviations Huawei, HiSilicon pCR Approval
8.5Study on security aspects for LTE support of V2X services (FS_V2XLTE)
Yes
Yes
revised No S3‑161156  
S3‑161025 Corrections to TR 33.885 Huawei, HiSilicon pCR Approval
8.5Study on security aspects for LTE support of V2X services (FS_V2XLTE)
Yes
Yes
revised No S3‑161157  
S3‑161026 Adding Architecture section Huawei, HiSilicon pCR Approval
8.5Study on security aspects for LTE support of V2X services (FS_V2XLTE)
Yes
YesNokia: we should refer to the TS, not the TR in SA2.
merged No S3‑161155  
S3‑161027 Data communication security between network entities Huawei, HiSilicon pCR Approval
8.5Study on security aspects for LTE support of V2X services (FS_V2XLTE)
Yes
Yes
approved No    
S3‑161028 Key issue about security of UE to V2X Control Funtion interface Huawei, HiSilicon pCR Approval
8.5Study on security aspects for LTE support of V2X services (FS_V2XLTE)
Yes
YesNokia: it may be applicable to the whole V3 interface. It was agreed to remove "configuration" in the requirements so it is applicable to all data. Interdigital proposed to reword "eavesdropping", it was not the correct term. Qualcomm proposed " stored in a confidentiality protected way". This was agreed.
revised No S3‑161175  
S3‑161029 Security for V2X Broadcast Communication: Life Time of Credentials Huawei, HiSilicon, Deutsche Telekom AG pCR Approval
8.5Study on security aspects for LTE support of V2X services (FS_V2XLTE)
Yes
Yes
revised No S3‑161168  
S3‑161030 Security for V2X Broadcast Communication: Replay Protection Huawei, HiSilicon, Deutsche Telekom AG pCR Approval
8.5Study on security aspects for LTE support of V2X services (FS_V2XLTE)
Yes
Yes
approved No    
S3‑161031 Security for V2X Broadcast Communication: Introducing Temporary ID management Function for V2X Data Source Accountability Huawei, HiSilicon, Deutsche Telekom AG pCR Approval
8.5Study on security aspects for LTE support of V2X services (FS_V2XLTE)
Yes
YesNokia: is it in scope to add new identities? Huawei: it's part of the security architecture. Orange: no impact on network level identities, this influences application layer IDs. Added a note and an editor's note concerning Orange and BT's comments.
revised No S3‑161169  
S3‑161032 A Method for IoT Service Layer Security Bootstrapping Huawei, Hisilicon pCR Approval
8.8.3Study on Battery Efficient Security for very low Throughput Machine Type Communication Devices
Yes
Yes
revised No S3‑161141  
S3‑161033 Service Layer Security Bootstrapping Mechanism for IoT Devices Huawei, HiSilicon, Deutsche Telekom AG pCR Approval
8.8.3Study on Battery Efficient Security for very low Throughput Machine Type Communication Devices
Yes
Yes
revised No S3‑161142  
S3‑161034 LS on "Next Generation" Security Requirements S2-164263 LS in  
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
revised No S3‑161131  
S3‑161035 Corrections to 33.179 HUAWEI TECHNOLOGIES Co. Ltd. CR Approval
7.6.10Security of MCPTT (MCPTT)
Yes
Yes
revised No S3‑161229  
S3‑161036 Clarification on floor control signalling protection Huawei, HiSilicon CR Approval
7.6.10Security of MCPTT (MCPTT)
Yes
Yes
revised No S3‑161143  
S3‑161037 LWA editorial corrections Huawei, HiSilicon CR Agreement
7.1SAE/LTE Security
Yes
YesNokia and Qualcomm commented that the first change was out of scope.
revised No S3‑161220  
S3‑161038 LS on Improvement to authentication procedure for supporting Emergency Service on WLAN S2-164273 LS in  
6.13GPP Working Groups
Yes
YesNokia: 33.402 may be impacted.
noted No    
S3‑161039 Clarification in logging access to personal data Huawei; HiSilicon pCR  
7.2.2TS 33.117 (SCAS-SA3)
Yes
Yes
revised No S3‑161221  
S3‑161040 Clarification in Authentication policy Huawei; HiSilicon pCR Approval
7.2.2TS 33.117 (SCAS-SA3)
Yes
Yes
revised No S3‑161239  
S3‑161041 Clarification in Authentication policy Huawei; HiSilicon pCR Approval
7.2.2TS 33.117 (SCAS-SA3)
Yes
Yes
approved No    
S3‑161042 Remove ďshallĒ from the TR Huawei, HiSilicon CR Approval
7.2.4Other
Yes
Yes
revised No S3‑161244  
S3‑161043 pCR to TR 33.899: Enhancing DH session key derivation VODAFONE Group Plc pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
approved No    
S3‑161044 pCR to TR 33.899: UEs with Asymmetric Keys VODAFONE Group Plc pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
YesGemalto: one key is a weakness. If you attack this key everything is down. They didnít agree with the contribution. Huawei and BT supported the contribution. This was taken offline. Claus (G&D): quantum key cryptography is too far away. Vodafone: this is a TR. Gemalto supported this sentence.
revised No S3‑161259  
S3‑161045 I-WLAN feature withdrawal Ericsson discussion  
7.6.12Other work items
Yes
YesVodafone: did SA agree on a WID for this work? Anand (Chairman) replied that this will go under TEI13.
endorsed No    
S3‑161046 LS to SA1 on factory automation requirements ORANGE LS out Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
revised No S3‑161159  
S3‑161047 Additional Security Requirements on credential storage ORANGE pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
revised No S3‑161160  
S3‑161048 Introduction to Diet-ESP Ericsson discussion Endorsement
8.8.3Study on Battery Efficient Security for very low Throughput Machine Type Communication Devices
Yes
YesUS Home Office: strongly recommended not to use this protocol. This is not an official IETF document, and it was rejected due to being insecure. The Chairman clarified that SA3 is endorsing the request part, the rest is for information. Nothing will be added to the TR.
endorsed No    
S3‑161049 2G Security improvements ORANGE CR Agreement
7.6.4GERAN Network Access Security
Yes
Yes
revised No S3‑161161  
S3‑161050 pCR to TS 33.117 Editorial correction to testcase "TC_ IP_MULTICAST_HANDLING" Nokia Networks pCR  
7.2.2TS 33.117 (SCAS-SA3)
Yes
Yes
approved No    
S3‑161051 Enforce mutual authentication ORANGE CR Agreement
7.6.3UTRAN Network Access Security
Yes
Yes
revised No S3‑161162  
S3‑161052 pCR to TS 33.117 - Revision of the testcase "TC_GRATUITOUS_ARP_DISABLING Nokia Networks pCR  
7.2.2TS 33.117 (SCAS-SA3)
Yes
Yes
approved No    
S3‑161053 pCR to TS 33.117 - Enhancing the testcase "TC_BVT_ROBUSTNESS AND FUZZ TESTING" Nokia Networks pCR  
7.2.2TS 33.117 (SCAS-SA3)
Yes
Yes
approved No    
S3‑161054 Potential requirements for credential storage Ericsson pCR  
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
postponed No    
S3‑161055 Clarifying which RFC is relevant for ECDSA Nokia, Gemalto CR  
7.6.2Network Domain Security (NDS)
Yes
YesNokia commented that there is a new RFC, so a decision was to be made whether to refer to the new RFC or to the old one. Ericsson: this RFC contains three variants of the same algorithm. If we go for the old RFC we have to specify further, whether to mandate three hashes. Ericsson: is there anything implemented? US Office commented that they were querying about the current status of the implementation. The Chairman commented that it made sense to delay this CR until we had more information.
postponed No    
S3‑161056 Adding Rel-13 Key Issues to 33.880 CESG pCR Agreement
8.7Study on Mission Critical Security Enhancements (FS_MC_Sec)
Yes
Yes
revised No S3‑161170  
S3‑161057 Discussion on adding Rel-13 key issues to 33.880 CESG discussion Discussion
8.7Study on Mission Critical Security Enhancements (FS_MC_Sec)
Yes
Yes
noted No    
S3‑161058 Scope for Mission Critical security study CESG pCR Approval
8.7Study on Mission Critical Security Enhancements (FS_MC_Sec)
Yes
Yes
approved No    
S3‑161059 Update to study item for Study on Mission Critical Security Enhancements CESG SID revised Agreement
8.7Study on Mission Critical Security Enhancements (FS_MC_Sec)
Yes
Yes
agreed No   S3‑160727
S3‑161060 Mission Critical security study document template CESG draft TR Approval
8.7Study on Mission Critical Security Enhancements (FS_MC_Sec)
Yes
No
withdrawn Yes    
S3‑161061 Clarifications to 33.179 CESG CR Agreement
7.6.10Security of MCPTT (MCPTT)
Yes
Yes
agreed No    
S3‑161062 Correcting GMK revokation in TS 33.179 CESG CR Agreement
7.6.10Security of MCPTT (MCPTT)
Yes
Yes
agreed No    
S3‑161063 pCR to TR 33.863, v1.1.1: Solution #10 (extends sol. 2): "AKA-based session key generation for application protocols" Nokia pCR  
8.8.3Study on Battery Efficient Security for very low Throughput Machine Type Communication Devices
Yes
YesVodafone: update the solution evaluation to say which issues are solved. Edit the conclusions clause. BT: don't duplicate work in the groups, this is ongoing work in OneM2M. Colaboration with them could be useful. Vodafone: this is battery efficiency, very specific. BT: We need to coordinate with those who define the applications (OneM2M). Juniper: this is an end-to-end complete solution.
revised No S3‑161252  
S3‑161064 LWIP - Correction of the UEs IP address Ericsson CR Agreement
7.1SAE/LTE Security
Yes
Yes
agreed No    
S3‑161065 Key Issue #2.1: Authentication framework INTERDIGITAL COMMUNICATIONS pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes1123 proposed a similar issue, so both tdocs were merged.
merged No S3‑161199  
S3‑161066 MC_SEC 33.880 Study Template CESG draft TR Approval
8.7Study on Mission Critical Security Enhancements (FS_MC_Sec)
Yes
Yes
approved No    
S3‑161067 pCR to TR 33.899 v0.3.0 "Architecture - modifying key issue titles" Nokia pCR  
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
approved No    
S3‑161068 Key Issue #8.2 - Security mechanism differentiation for different network slices INTERDIGITAL COMMUNICATIONS pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
YesNoted without presentation.
noted No    
S3‑161069 pCR to TR 33.899 v0.3.0 "Architecture - security features on AN-CN interfaces" Nokia pCR  
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
approved No    
S3‑161070 pCR to TR 33.899 v0.3.0 "Architecture - security features on CN-CN interfaces" Nokia pCR  
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
approved No    
S3‑161071 New privacy key issue on protection of network slice identifier Nokia pCR  
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
YesBT: we have removed the term MDD from other contributions. It was agreed to remove it. Ericsson: This is ongoing work in SA2. We should postpone it. Interdigital: privacy applies to humans. In NextGen we will have non human objects. A CCV camera doesnít have any privacy. Huawei: the UE doesnít have the notion of slice. Nokia: the threat is written from the attacker's point of view, not the UE.
revised No S3‑161287  
S3‑161072 pCR to 33.885 - New Key Issue on Detectability of Malicious behaviour TNO pCR Approval
8.5Study on security aspects for LTE support of V2X services (FS_V2XLTE)
Yes
YesEricsson: safety related aspects are out of scope. There are other SDOs dealing with this. We cannot address faulty mechanisms here. They proposed to add and editor's note questioning the vailidy of this. Interdigital: the networks should detect strange behaviour in the car (e.g. sensing ice in a summer day). BT: selecting disabling determined devices is a possibility but out of scope. Huawei: the requirement is to disabling the sending of the erroneous data but not disabling the whole device. Orange: there are no requirements here, let's put editor's notes addressing these issues. This was agreed.
revised No S3‑161177  
S3‑161073 pCR to add a solution 'back-off timer' for key issue 5.2.3.7 TNO pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
revised No S3‑161200  
S3‑161074 pCR to TR 33.899 v0.3.0 "Authentication framework - key issue" Nokia pCR  
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
approved No    
S3‑161075 pCR to TR 33.899 v0.3.0 "Authentication framework - requirements" Nokia pCR  
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
YesOrange: the second requirement does not correspond to the current SA2 specification. Nokia commented that this was taken probably from a previous version of the SA2 spec.
revised No S3‑161201  
S3‑161076 pCR to TR 33.899 v0.3.0 "Authentication framework - solution A - candidate methods" Nokia pCR  
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
approved No    
S3‑161077 pCR to TR 33.899 v0.3.0 "Authentication framework - solution A - transport considerations" Nokia pCR  
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
YesSamsung: RAN should be included for the transport of authentication. Huawei: AAA in home network or visited network? Nokia: this is still open. It was agreed to add an editor's note on this.
revised No S3‑161205  
S3‑161078 pCR to TR 33.899 v0.3.0 "Authentication framework - solution A - efficiency considerations" Nokia pCR  
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
revised No S3‑161206  
S3‑161079 pCR to TR 33.899 v0.3.0 "Authentication framework - solution A - general information flow" Nokia pCR  
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
YesOrange: third party auth server is not clear to exist in 5G according to the requirements. An editor's note was added to address this issue.
revised No S3‑161207  
S3‑161080 pCR to TR 33.899 v0.3.0 "Authentication framework - solution A - alternatives" Nokia pCR  
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
revised No S3‑161208  
S3‑161081 EAP Encapsulation Protocol Samsung pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
YesHuawei: CP-AU is not the right term. Samsung: it's the key. Discussed together with 1084.
revised No S3‑161210  
S3‑161082 pCR to TR 33.899 v0.3.0 "Authentication framework - solution A - initial evaluation" Nokia pCR  
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
approved No    
S3‑161083 Key issue Security requirements on gNB Ericsson pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
YesNokia: what virtual deployments of gNodeB? Ericsson: this was discussed in RAN. Nokia wanted an editor's note for more explanation on this core deployment,
revised No S3‑161279  
S3‑161084 New solution to security area #2: EAP authentication framework Ericsson pCR  
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
YesQualcomm: CP-AU in home network, similar to AAA server. Nokia: CP-AU, AAA terminology is ambiguous and their definitions are unclear according to SA2's work. A decision needs to be made in SA3 to clarify the terminology. Samsung;s 1081 and Ericsson's 1084 are using different terminology.It was concluded to add editor's notes on 1207,1210,1209 for this.
revised No S3‑161209  
S3‑161085 Key issue Security aspects of dual connectivity Ericsson pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
YesBT: in 33.401 we talk about dual connectivity already, Nokia: is this dual connectivity scenarios or interworking scenarios? Ericsson: this is dual connecitvity. Nokia: where to put this? It's a new security area. MCC: not possible to reference a tdoc (SA plenary doc in this case). BT: Restrict to the scenarios that the plenary/operators endorsed in that document. It was agreed to reword the text that referred to the tdoc and remove the referencce.
revised No S3‑161280  
S3‑161086 pCR to TR 33.899 v0.3.0 "Replacing solution 2.2 with reference to solution 3.1" Nokia pCR  
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
revised No S3‑161267  
S3‑161087 pCR to TR 33.899 v0.3.0 "Evaluation of Solution #3.1: Including a key exchange..." Nokia pCR  
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
revised No S3‑161269  
S3‑161088 Remaining open issues in EASE: problem descriptions and solution proposals Ericsson discussion Decision
7.3Enhanced Access Security for Extended Coverage GSM in relation to Cellular IoT (EASE_EC_GSM)
Yes
Yes
noted No    
S3‑161089 Verification of authenticity of the cell Samsung R&D Institute UK pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
revised No S3‑161257  
S3‑161090 pCR to TR 33.899 v0.3.0 "Network Authorization" Nokia pCR  
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
approved No    
S3‑161091 Interconnection Security Key Issue Nokia pCR  
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
postponed No    
S3‑161092 Corrections to EASE Ericsson CR Approval
7.3Enhanced Access Security for Extended Coverage GSM in relation to Cellular IoT (EASE_EC_GSM)
Yes
Yes
revised No S3‑161180  
S3‑161093 Interconnection Security - Circles of Trust Nokia pCR  
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
postponed No    
S3‑161094 Correcting a requirement for Vehicle UE Privacy (V2X) Qualcomm Incorporated pCR Approval
8.5Study on security aspects for LTE support of V2X services (FS_V2XLTE)
Yes
YesOrange: this depends on the response from SA1.
approved No    
S3‑161095 Hiding the subscriber IMSI from the serving network for V2X Qualcomm Incorporated pCR Approval
8.5Study on security aspects for LTE support of V2X services (FS_V2XLTE)
Yes
YesOrange: how does the MME discover the home network and how is the request of authorization is routed? Qualcomm: CT1 will probably decide eventually. Orange: we donít know the deployment options, so not true that there is one HSS in there. Todor didnít understand how the privacy issue is handled here. The MCC needs to be provided. Orange: Home PLMN instead of Home V2X network. Orange: Auth vector request is routed for the second option is more an stage 2 option than stage 3. BT: agree with Todor, and also this is not aligned with 5G proposals. Interdigital: encryption of the IMSI is random. Qualcomm agreed. It was agreed to have an editor's note. CESG: denial of service attack to the HSS needs to be considered. Nokia: step 2 in 6.x.2.1 means additional complexity and there are other ways to get around that. CESG: LI aspects to be considered as well. A group of editor's notes will include these and more concerns from the companies.
revised No S3‑161163  
S3‑161096 Reattach procedure for Vehicle UE Identity Privacy Qualcomm Incorporated pCR Approval
8.5Study on security aspects for LTE support of V2X services (FS_V2XLTE)
Yes
YesNokia: large load on the eNodeB. It was agreed on having an editor's note on this.
revised No S3‑161164  
S3‑161097 Vehicle UE privacy based on data traversing the network Qualcomm Incorporated pCR Approval
8.5Study on security aspects for LTE support of V2X services (FS_V2XLTE)
Yes
YesEricsson: There is a NAT so you canít see the IP of the UE. Qualcomm: if the NAT address doesnít change it's ok. Ericsson: the IP address needs to be changed everytime the UE attaches, then. Qualcomm: this is one of the proposals. Huawei: the application layer doesn't know what the lower layer is doing. Nokia: we need to study the performance impact on the HSS.
revised No S3‑161165  
S3‑161098 Baseline architecture for V2X Qualcomm Incorporated pCR Approval
8.5Study on security aspects for LTE support of V2X services (FS_V2XLTE)
Yes
Yes
merged No S3‑161155  
S3‑161099 Legitimacy of V2X messages on key issue for data source accountability Qualcomm Incorporated pCR Approval
8.5Study on security aspects for LTE support of V2X services (FS_V2XLTE)
Yes
Yes
revised No S3‑161173  
S3‑161100 pCR on allowing non-radio interface keys to be refreshed in the existing key issue on Refreshing radio interface keys Qualcomm Incorporated pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
revised No S3‑161273  
S3‑161101 pCR solution to Key # 1.2 on the need a security anchor Qualcomm Incorporated pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
YesVodafone: The solution is as vulnerable as the equivalent solution in LTE (with Kasme). Qualcomm: we cannot assume all credentials will be in HSS.. Ericsson supported Orange: this should be read in the context of SA2, how they specify the AAA entity. Qualcomm: maybe an editor's note about a decision that needs to be taken on the split storage of credentials. Nokia: in 33.402 we split AAA and HSS already. Orange: AAA is only used in non 3GPP access, do we need it now for all use cases? Itís an open issue. Huawei: CP-AU can be in both home or visited network. Nokia: it is for further study whether CP-AU can change when the UE moves. Huawei: we need to decided whether in NextGen we will have an HSS or not.
revised No S3‑161191  
S3‑161102 Adding requirements to the Key Issue # 5.1 and a new key issue on storage of device credentials Qualcomm Incorporated pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
postponed No    
S3‑161103 pCR on a proposed solution for IMSI privacy Qualcomm Incorporated pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
YesInterdigital: you can track the mobile by routing the labels. Same editor's note as the previous contribution. Orange: what happens when message 3 is lost? Qualcomm: an editor's note will be added to explain this.
revised No S3‑161289  
S3‑161104 pCR on New key issue on on-demand AS integrity protection in NextGen systems Qualcomm Incorporated pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
YesOrange: User or control plane? Qualcomm: user plane traffic. Nokia: a similar problem happens in LTE, not only in 5G. I would like to add a note about this. Orange: the requirement is for the user plane, please specify that.
revised No S3‑161281  
S3‑161105 Solution for Key issue #2.4: Device identifier authentication Qualcomm Incorporated pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
YesVodafone: every operator's AAA needs to have all certificate devices. It might be an issue for new parties coming to the market. Roaming is also an issue. An editor's note was added. BT: nuimber of subscriptions and number of devices are different. Scaling is an issue. Interdigital: what is the secure storage/secure part of the device? Qualcomm: it is defined in another contribution. Orange: the operator depends on the manufacturer CA or third party CA here, this is against the requirements.
revised No S3‑161211  
S3‑161106 Finalising Key issue #3.5: Unnecessary dependence of keys between security layers Qualcomm Incorporated pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
YesNokia: requirement not clear. NTT-Docomo: the requirement is good but it needs re-wording. Orange: what does "unnecessary" mean?
revised No S3‑161275  
S3‑161107 pCR to TR 33.899 v0.3.0 "Security visibility and configurability" Nokia pCR  
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
postponed No    
S3‑161108 Secure delivery of IOV-values to the MS in enhanced GPRS Ericsson CR Approval
7.3Enhanced Access Security for Extended Coverage GSM in relation to Cellular IoT (EASE_EC_GSM)
Yes
Yes
merged No S3‑161179  
S3‑161109 Availability of the control plane in Next Gen TNO pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
YesOrange supported this contribution. Interdigital: why only UE? It would be for anything connected to the network. It was agreed to add an editor's note on the lack of definition or terminology about UE. BT: the attacks can come from false networks too.
merged No S3‑161185  
S3‑161110 Installing PMK at the WLAN AP using EAP Blackberry, Qualcomm Incorporated CR Approval
7.1SAE/LTE Security
Yes
YesMCC commented that the NOTE contained the words "is required", which is incorrect since notes should not contain requirements. This was reworded.
revised No S3‑161222  
S3‑161111 WID on Security Assurance Specification for eNB Huawei, HiSilicon WID new Agreement
7.2.4Other
Yes
YesBT noted that it was agreed not to do this process with several entities in parallel. Do we want to change our minds? NTT-Docomo was fine with this as long as the eNodeB was removed from the scope. Nokia agreed to cut out eNodeB. This will be a bigger step than the core network nodes, a quite different job. We should finish with the core network nodes first. Huawei: this will take a longer time so better to start soon. China Mobile agreed with having the eNodeB before the rest of core network nodes. It was agreed to go straight to the TS for the eNodeB instead of using a TR.
revised No S3‑161245  
S3‑161112 Protecting against the modification of Attach/TAU Request attacks Qualcomm Incorporated CR Approval
7.1SAE/LTE Security
Yes
Yes
revised No S3‑161217 S3‑160562
S3‑161113 pCR to 33.899 - Resolution of EN in 5.3.3.2.3 TNO pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
YesQualcomm suggested removing e2e as editorial change. This was agreed.
revised No S3‑161272  
S3‑161114 pCR revise the details of key issue# 8.1 China Mobile Com. Corporation, China Unicom pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
revised No S3‑161213  
S3‑161115 pCR : merge the requirements of key issue #8.1 China Mobile Com. Corporation, China Unicom, Huawei, Hisilicon pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
YesVodafone: the 3GPP system includes more than a platform.
noted No    
S3‑161116 Removing Editorís Note in 5.2.6.2.3 TNO pCR Approval
7.2.2TS 33.117 (SCAS-SA3)
Yes
YesNokia: 33.116 has a requirement on GTP-C, and here we generalize to GTP both user and control plane. Changes in 33.117 should be compatible with what we intended with the MME in 33.116. Do we have to go through every specific entity TS every time we make a change in the general catalog? Docomo: would apply this to eNOdeB which is the other end of GTP-U? The answer was yes. Every time we make a change in the generic requirement we have to see what happens in every enitity. Nokia: we canít have a new requirement every time we make a change. It was decided to include new requirements in the entities when a change was made in the general catalog. The document was revised for this objective.
revised No S3‑161240  
S3‑161117 pCR adding the definition of security anchor in the section 3.1 China Mobile Com. Corporation, Huawei, Hisilicon pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
revised No S3‑161150  
S3‑161118 proposed/draft reply LS on eDRX security NTT DOCOMO LS out Approval
5Items for early consideration
Yes
Yes
revised No S3‑161153  
S3‑161119 handling editor's notes in 33.916 NTT DOCOMO pCR Approval
8.2TR on Security Assurance scheme for 3GPP network products (33.916) (SCAS-SA3TR)
Yes
Yes
approved No    
S3‑161120 handling editor's notes in 33.116 NTT DOCOMO pCR Approval
7.2.1TS 33.116 (SCAS-SA3)
Yes
YesMCC commented that there cannot be VOIDs in clauses since this is a draft. Renumbering of clauses would be required.Docomo commented that they would find a way to avoid this to keep the numerous references between clauses.
revised No S3‑161231  
S3‑161121 handling editor's notes in 33.117 NTT DOCOMO pCR Approval
7.2.2TS 33.117 (SCAS-SA3)
Yes
Yes
approved No    
S3‑161122 pCR to 33.117 to 5.2.3.4.3.3 introducing password blacklists NTT DOCOMO INC. pCR  
7.2.2TS 33.117 (SCAS-SA3)
Yes
YesNokia commented that this was hard for the manufacturers to comply with.
revised No S3‑161238  
S3‑161123 pCR adding the potential security requirements into the section 5.2.3.7 China Mobile Com. Corporation, Huawei, Hisilicon pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
YesBT wanted to keep the back off mechanism.TNO supported this since they also propose it in 1073. Ericsson commented that the second requirement on back off should go away.
merged No S3‑161199  
S3‑161124 PDN GW Security Issues TNO discussion Discussion
7.2.3TS 33.zzz (SCAS_PGW)
Yes
Yes
noted No    
S3‑161125 pCR choice of authentication methods China Mobile Com. Corporation, Huawei, Hisilicon pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
YesVodafone: the threat is a bit OK. China Mobile: one IMSI can have several credentials. It's one possibility. Huawei supported this. Ericsson: the IMSI is one key identifier, I donít get it. There should be two identifiers. Vodafone: who chooses the auth methods? Nokia: this is not a valid requirement. China Mobile: we avoid any negotiation, the choice of auth methods needs to be performed. We need to decide which auth methods are to be chosen. Qualcomm supported the idea of having several auth methods. The second requirement is not a requirement but a solution. Ericsson: it becomes a network selection problem then.
postponed No    
S3‑161126 Resolution of the editorís notes under the introductory text for security area #8 on network slicing Ericsson pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
YesMerged with 987.
merged No S3‑161212  
S3‑161127 pCR complete the section 5.2.3.6 China Mobile Com. Corporation pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
YesVodafone: this is not adding anything. Nokia agreed.
noted No    
S3‑161128 Clarification and resolution of the editorís notes in key issue of UE service authorization under the security area for network slicing Ericsson LM pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
revised No S3‑161261  
S3‑161129 Discussion on the trust model in Next Generation systems in relation to the network slicing security area Ericsson pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
YesEricsson: we are not mandating any particular solutions, this is just informative.
revised No S3‑161214  
S3‑161130 pCR scope of TS 33.250 China Mobile Com. Corporation, ZTE, Telecom Italia, Huawei, Hisilicon pCR Approval
7.2.3TS 33.zzz (SCAS_PGW)
Yes
Yes
approved No    
S3‑161131 LS on "Next Generation" Security Requirements S2-164280 LS in  
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
replied to No   S3‑161034
S3‑161132 Solution for authorization and accountability in V2X systems Ericsson pCR  
8.5Study on security aspects for LTE support of V2X services (FS_V2XLTE)
Yes
Yes
revised No S3‑161174  
S3‑161133 Protecting against the modification of Attach/TAU Request attacks TELECOM ITALIA S.p.A., ORANGE CR Agreement
7.1SAE/LTE Security
Yes
Yes
not pursued No    
S3‑161134 pCR adding the test case of protecting data and information in transfer into the section 5.2.3.2.4 of TS 33.116 China Mobile Com. Corporation, ZTE, Telecom Italia pCR Approval
7.2.1TS 33.116 (SCAS-SA3)
Yes
YesDocomo: there is something similar in 942 for 33.117. Remove requirement description. This was agreed. Also adding a reference to the same text in 33.117. Nokia commented that 5.2.3.2.4 seemed quite strange to be in 33.116. This had to be checked. It was agreed to send TR 33.116 for approval.
revised No S3‑161233  
S3‑161135 pCR to TR 33.899: Security Implications of Low Latency VODAFONE Group Plc pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
revised No S3‑161194  
S3‑161136 Solution for communication security with V2X network entities Ericsson LM pCR  
8.5Study on security aspects for LTE support of V2X services (FS_V2XLTE)
Yes
Yes
approved No    
S3‑161137 High level description of V2XLTE architecture Ericsson LM pCR  
8.5Study on security aspects for LTE support of V2X services (FS_V2XLTE)
Yes
Yes
merged No S3‑161155  
S3‑161138 New GPRS algorithms Ė status update ETSI SAGE LS in  
7.5New GPRS algorithms for EASE (EASE_ALGOs_SA3)
Yes
YesVodafone commented that the algorithm specifications hadnít in fact been sent to the French government, still stuck in ETSI's legal department. Two options are given to procceed further. Tdoc 928 discusses the options.
noted No    
S3‑161139 Solution for Key Issue #7.3.3 on spatial replay Ericsson discussion Endorsement
8.1Study on Security for Proximity-based Services (FS_ProSe_Sec)
Yes
YesNokia: the attack is still possible even with this solution, it is contained. Ericsson: it will be only possible within a cell. It was proposed to have a living document to work on during several meetings. This was agreed. Qualcomm commented that this could end up in a CR if succcessful. Ntt-Docomo: this happens only in ProSe? Ericsson: the scope is not limited to Prose. It exists since 2006 and it's called "wormhole attack". The proposal in 1139 was endorsed by the group.
revised No S3‑161248  
S3‑161140 Key hierarchy schems for network slicing ZTE Corporation pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
YesIt was commented that this is related to SA2's issues that are still under discussion and not developed enough.
noted No   S3‑160965
S3‑161141 A Method for IoT Service Layer Security Bootstrapping Huawei, Hisilicon pCR Approval
8.8.3Study on Battery Efficient Security for very low Throughput Machine Type Communication Devices
Yes
YesVodafone: update the conclusions clause. Orange: this solution will not work with 2G. A note was added. Nokia: GUTI doesnít have one to one correspondence with Kasme. Gemalto: Why is this better than GBA? Orange: it is being considered by GSMA IoT group. Ericsson: more efficient because of the use of HTTP. Ericsson agreed.
revised No S3‑161253 S3‑161032
S3‑161142 Service Layer Security Bootstrapping Mechanism for IoT Devices Huawei, HiSilicon, Deutsche Telekom AG pCR Approval
8.8.3Study on Battery Efficient Security for very low Throughput Machine Type Communication Devices
Yes
YesVodafone: it needs to be clear why it is battery efficient.
revised No S3‑161254 S3‑161033
S3‑161143 Clarification on floor control signalling protection Huawei, HiSilicon CR Approval
7.6.10Security of MCPTT (MCPTT)
Yes
Yes
revised No S3‑161228 S3‑161036
S3‑161144 The storage of security context Huawei; HiSilicon; China Mobile pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
YesMCC: the NOTE should be an editor's note. Ericsson: remove the "must" and add "shall".
revised No S3‑161276 S3‑161009
S3‑161145 Handling editor's notes in 33.916 related to figures NTT DOCOMO INC. pCR Approval
8.2TR on Security Assurance scheme for 3GPP network products (33.916) (SCAS-SA3TR)
Yes
Yes
approved No    
S3‑161146 New WID on Support of EAP Re-Authentication Protocol for WLAN Interworking ORANGE WID new Agreement
5Items for early consideration
Yes
YesOrange noted that CT4 is discussing this week a related WID. A stage 2 feature WID in SA3 would allow them to track the changes and open a Building Block work item. Gemalto: Put Don't Know on the UICC Apps table. Nokia: Not good to have the habit of having to agree on late docs that are WIDs. This shouldn't be taken as a precedent. Nokia didnít agree with the Objective. We shouldnít make a work item on the SWA interface. BT clarified that 23.402 is on non-3GPP access.
revised No S3‑161152  
S3‑161147 Nokia comments on S3-161118 Reply on eDRX security Nokia discussion  
5Items for early consideration
Yes
YesNTT-Docomo: sync between MME and eNodeB when there is a reset. Even with IMSI paging I donít see how it is recovered. IMSI itself shouldnít be the base for this. We shouldnít have another round with RAN2, better to reply now. This was discussed offline.
noted No    
S3‑161148 Comment contribution to S3-161055 "Clarifying which RFC is relevant for ECDSA" Ericsson CR  
7.6.2Network Domain Security (NDS)
No
No
withdrawn Yes    
S3‑161149 Comments on S3-161055 "Clarifying which RFC is relevant for ECDSA" Ericsson CR  
7.6.2Network Domain Security (NDS)
Yes
Yes
not pursued No    
S3‑161150 pCR adding the definition of security anchor in the section 3.1 China Mobile Com. Corporation, Huawei, Hisilicon pCR  
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
revised No S3‑161190 S3‑161117
S3‑161151 LS Reply to S3-160907 (C1-163039) Motorola Solutions Danmark A/S LS out Approval
7.6.10Security of MCPTT (MCPTT)
Yes
Yes
revised No S3‑161226 S3‑160973
S3‑161152 New WID on Support of EAP Re-Authentication Protocol for WLAN Interworking ORANGE WID new Agreement
5Items for early consideration
Yes
Yes
agreed No   S3‑161146
S3‑161153 Reply LS on eDRX security NTT DOCOMO LS out Approval
5Items for early consideration
Yes
Yes
approved No   S3‑161118
S3‑161154 Reply to: Liaison Statement on 5G Capabilities and Requirements Ericsson LS out approval
6.4GSMA
Yes
Yes
approved No    
S3‑161155 Adding Architecture section Huawei, HiSilicon, Ericsson, Qualcomm pCR Approval
8.5Study on security aspects for LTE support of V2X services (FS_V2XLTE)
Yes
YesMerge of 1026,1098,1137.
approved No   S3‑161026
S3‑161156 Adding References and Definitions and Abbreviations Huawei, HiSilicon pCR Approval
8.5Study on security aspects for LTE support of V2X services (FS_V2XLTE)
Yes
Yes
approved No   S3‑161024
S3‑161157 Corrections to TR 33.885 Huawei, HiSilicon pCR Approval
8.5Study on security aspects for LTE support of V2X services (FS_V2XLTE)
Yes
Yes
approved No   S3‑161025
S3‑161158 Update of V2X attach id obfuscation LG Electronics France pCR Approval
8.5Study on security aspects for LTE support of V2X services (FS_V2XLTE)
Yes
Yes
approved No   S3‑160996
S3‑161159 LS to SA1 on factory automation requirements ORANGE LS out Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
YesInterdigital didnít agree with the use of the UE here. UE is AKA and IMSI. If we expand from UE to add the definition of device. You program the answer, which is IMSI + AKA. Orange: you authenticate the customer, not the device. Orange: we should talk about UE in 5G, not UE in 4G. Interdigital: if we donít say device the answer will be programmed. Nokia: generalize UE for 5G. Nokia: better not to discuss issues related to SA1's TR since they will start a TS soon and it will not be relevant anymore. Oberthur: no requirement outside the factory. Ericsson: we should take a look at clause 6 in TR 22.862. Ericsson: the LS is asking for changes in SA1 TRs that are closed already. Qualcomm: there are more than one authentication methods, they didnít understand what the problema was with not having clear "alternative authentication methods". Claus (G&D): there is still confusion on these identifiers. It doesnít hurt to send this to SA1. China Mobile supported sending this LS. Orange: seven companies supporting this LS, two donít support it. Ericsson commented that there is a difference in the wording, not on sending the LS. Qualcomm had the same opinion. This had to be taken offline.
approved No   S3‑161046
S3‑161160 Additional Security Requirements on credential storage ORANGE, Telecom Italia, Gemalto, Deutsche Telekom, Oberthur, Giesecke&Devrient pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
postponed No   S3‑161047
S3‑161161 2G Security improvements ORANGE, Telecom Italia, Gemalto, Oberthur, Giesecke&Devrient, Vodafone, Deutsche Telekom CR Agreement
7.6.4GERAN Network Access Security
Yes
YesCESG: why do you expect the base station giving you the right PLMN id? This doesnít solve the problem. MMC,MNC is translated into a user friendly code but this is not always displayed on the screen. CESG: the fake base station could give me whatever information they want on the network id. It was agreed to have an editor's note to come back to this issue. It was also agreed to send an LS to RAN6 to ask them about these procedures.
agreed No   S3‑161049
S3‑161162 Enforce mutual authentication ORANGE, Telecom Italia, Deutsche Telekom, Vodafone, Gemalto, Oberthur, Giesecke&Devrient, TeliaSonera, Vodafone CR Agreement
7.6.3UTRAN Network Access Security
Yes
YesNokia gave an example of quintuplet attack that should be addressed here. Prevent PLMN id being spoofed. Vodafone: MMC,MNC is translated into what we see on the screen of the UE. CESG: this is not the case on the screen of my phone. He doesnít see the country where he is. Docomo: should we do something even if Nokia's example of attack is possible? Vodafone: put in the SIM ,MNC and MMC codes that prevent such thing. Docomo: is it worth it in terms of additional overhead? Orange: it would implementation specific to solve this issue. It was agreed to add a NOTE with a recommendation. Qualcomm: send it to CT1 for comments. Vodafone: also to CT6.
agreed No   S3‑161051
S3‑161163 Hiding the subscriber IMSI from the serving network for V2X Qualcomm Incorporated pCR Approval
8.5Study on security aspects for LTE support of V2X services (FS_V2XLTE)
Yes
Yes
approved No   S3‑161095
S3‑161164 Reattach procedure for Vehicle UE Identity Privacy Qualcomm Incorporated pCR Approval
8.5Study on security aspects for LTE support of V2X services (FS_V2XLTE)
Yes
Yes
approved No   S3‑161096
S3‑161165 Vehicle UE privacy based on data traversing the network Qualcomm Incorporated pCR Approval
8.5Study on security aspects for LTE support of V2X services (FS_V2XLTE)
Yes
Yes
approved No   S3‑161097
S3‑161166 Key issue about data communication security between network entities Huawei, HiSilicon pCR Approval
8.5Study on security aspects for LTE support of V2X services (FS_V2XLTE)
Yes
Yes
approved No   S3‑161021
S3‑161167 Key issue about V2I broadcast communication security Huawei, HiSilicon pCR Approval
8.5Study on security aspects for LTE support of V2X services (FS_V2XLTE)
Yes
Yes
approved No   S3‑161022
S3‑161168 Security for V2X Broadcast Communication: Life Time of Credentials Huawei, HiSilicon, Deutsche Telekom AG pCR Approval
8.5Study on security aspects for LTE support of V2X services (FS_V2XLTE)
Yes
Yes
approved No   S3‑161029
S3‑161169 Security for V2X Broadcast Communication: Introducing Temporary ID management Function for V2X Data Source Accountability Huawei, HiSilicon, Deutsche Telekom AG pCR Approval
8.5Study on security aspects for LTE support of V2X services (FS_V2XLTE)
Yes
Yes
approved No   S3‑161031
S3‑161170 Adding Rel-13 Key Issues to 33.880 CESG pCR Approval
8.7Study on Mission Critical Security Enhancements (FS_MC_Sec)
Yes
Yes
approved No   S3‑161056
S3‑161171 Discussion of GMK revocation issue CESG discussion discussion
7.6.10Security of MCPTT (MCPTT)
Yes
Yes
noted No    
S3‑161172 V2X requirement on updating of crypto Nokia pCR -
8.5Study on security aspects for LTE support of V2X services (FS_V2XLTE)
Yes
Yes
approved No   S3‑160980
S3‑161173 Legitimacy of V2X messages on key issue for data source accountability Qualcomm Incorporated pCR Approval
8.5Study on security aspects for LTE support of V2X services (FS_V2XLTE)
Yes
Yes
approved No   S3‑161099
S3‑161174 Solution for authorization and accountability in V2X systems Ericsson pCR -
8.5Study on security aspects for LTE support of V2X services (FS_V2XLTE)
Yes
Yes
approved No   S3‑161132
S3‑161175 Key issue about security of UE to V2X Control Funtion interface Huawei, HiSilicon pCR Approval
8.5Study on security aspects for LTE support of V2X services (FS_V2XLTE)
Yes
Yes
approved No   S3‑161028
S3‑161176 Security of UE to V2X Control Funtion interface Huawei, HiSilicon pCR Approval
8.5Study on security aspects for LTE support of V2X services (FS_V2XLTE)
Yes
Yes
approved No   S3‑161023
S3‑161177 pCR to 33.885 - New Key Issue on Detectability of Malicious behaviour TNO pCR Approval
8.5Study on security aspects for LTE support of V2X services (FS_V2XLTE)
Yes
Yes
approved No   S3‑161072
S3‑161178 New draft TR 33.885 Huawei draft TR Approval
8.5Study on security aspects for LTE support of V2X services (FS_V2XLTE)
No
Yes
left for email approval No    
S3‑161179 Secure delivery of IOV-values to the MS in enhanced GPRS Ericsson CR Approval
7.3Enhanced Access Security for Extended Coverage GSM in relation to Cellular IoT (EASE_EC_GSM)
Yes
Yes
agreed No   S3‑161108
S3‑161180 Corrections to EASE Ericsson CR Approval
7.3Enhanced Access Security for Extended Coverage GSM in relation to Cellular IoT (EASE_EC_GSM)
Yes
Yes
agreed No   S3‑161092
S3‑161181 Exception sheet EASE-ALGO_SA3 Vodafone WI exception request Agreement
7.5New GPRS algorithms for EASE (EASE_ALGOs_SA3)
No
Yes
agreed No    
S3‑161182 Reply to: LS on "Next Generation" Security Requirements Vodafone LS out approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
approved No    
S3‑161183 Definitions for FS_NSA Nokia pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
approved No    
S3‑161184 pCR to 33.899 - update of the Introduction section VODAFONE Group Plc pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
approved No   S3‑160924
S3‑161185 pCR to TR 33.899 - update of section 4.2 High level security requirements VODAFONE Group Plc pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
approved No   S3‑160925
S3‑161186 NSA Adding new security area on broadcast multicast Nokia pCR -
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
approved No   S3‑160977
S3‑161187 Clause 4.1 details Ericsson pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
approved No    
S3‑161188 NSA new security area on interworking and migration Nokia pCR -
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
approved No   S3‑160978
S3‑161189 Security aspects of Connectionless RAN-CN interface Nokia pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
approved No   S3‑160991
S3‑161190 pCR adding the definition of security anchor in the section 3.1 China Mobile Com. Corporation, Huawei, Hisilicon pCR -
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
approved No   S3‑161150
S3‑161191 pCR solution to Key # 1.2 on the need a security anchor Qualcomm Incorporated pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
approved No   S3‑161101
S3‑161192 pCR to TR 33.899: Proposal of key hierarchy for 5G security NEC pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
approved No   S3‑160952
S3‑161193 Security for serving functions not in physical protected place ZTE Corporation pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
No
Yes
approved No   S3‑160966
S3‑161194 pCR to TR 33.899: Security Implications of Low Latency VODAFONE Group Plc pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
approved No   S3‑161135
S3‑161195 Signing of Access Tokens Motorola Solutions Danmark A/S CR Agreement
7.6.10Security of MCPTT (MCPTT)
Yes
Yes
agreed No   S3‑160967
S3‑161196 New work item for Security Architecture for Mission Critical Services Motorola Solutions Danmark A/S WID new Agreement
7.6.10Security of MCPTT (MCPTT)
Yes
Yes
agreed No   S3‑160971
S3‑161197 PCR of User Plane Security Protection Huawei, HiSilicon, Deutsche Telekom AG, Vodafone pCR -
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
approved No   S3‑161002
S3‑161198 pCR to TR 33.899: Authentication section introduction VODAFONE Group Plc pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
approved No   S3‑160946
S3‑161199 pCR adding the potential security requirements into the section 5.2.3.7 China Mobile Com. Corporation, Huawei, Hisilicon pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
approved No   S3‑161123
S3‑161200 pCR to add a solution 'back-off timer' for key issue 5.2.3.7 TNO pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
approved No   S3‑161073
S3‑161201 pCR to TR 33.899 v0.3.0 "Authentication framework - requirements" Nokia pCR -
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
approved No   S3‑161075
S3‑161202 Key issue #2.4: Device identifier authentication INTERDIGITAL COMMUNICATIONS pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
approved No   S3‑160939
S3‑161203 Key Issue of Security for Service Provider Connection Huawei, HiSilicon, Deutsche Telekom AG, KPN pCR -
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
approved No   S3‑161003
S3‑161204 pCR to TR 33.899 New key issue - Secondary authentication by 3rd party service Nokia pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
approved No   S3‑161018
S3‑161205 pCR to TR 33.899 v0.3.0 "Authentication framework - solution A - transport considerations" Nokia pCR -
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
approved No   S3‑161077
S3‑161206 pCR to TR 33.899 v0.3.0 "Authentication framework - solution A - efficiency considerations" Nokia pCR -
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
approved No   S3‑161078
S3‑161207 pCR to TR 33.899 v0.3.0 "Authentication framework - solution A - general information flow" Nokia pCR -
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
approved No   S3‑161079
S3‑161208 pCR to TR 33.899 v0.3.0 "Authentication framework - solution A - alternatives" Nokia pCR -
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
approved No   S3‑161080
S3‑161209 New solution to security area #2: EAP authentication framework Ericsson pCR -
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
approved No   S3‑161084
S3‑161210 EAP Encapsulation Protocol Samsung pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
approved No   S3‑161081
S3‑161211 Solution for Key issue #2.4: Device identifier authentication Qualcomm Incorporated pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
approved No   S3‑161105
S3‑161212 Network Slice: EN in 5.8 intro and assumptions Nokia,Ericsson pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
approved No   S3‑160987
S3‑161213 pCR revise the details of key issue# 8.1 China Mobile Com. Corporation, China Unicom pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
YesIt incorporates an editor's note of 1126.
approved No   S3‑161114
S3‑161214 Discussion on the trust model in Next Generation systems in relation to the network slicing security area Ericsson pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
approved No   S3‑161129
S3‑161215 Network Slice: EN in 5.8.3.2 Slice differentiation Nokia pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
approved No   S3‑160989
S3‑161216 Reply to: LS on Protecting UE network capabilities from Ďbidding down attack Qualcomm LS out approval
7.1SAE/LTE Security
No
Yes
approved No    
S3‑161217 Protecting against the modification of Attach/TAU Request attacks Qualcomm Incorporated,Huawei CR Approval
7.1SAE/LTE Security
Yes
YesDiscussed together with 1133. Ericsson and Nokia supported this option.
agreed No   S3‑161112
S3‑161218 Key Issue for inter-domain identity management operation Motorola Solutions Danmark A/S pCR Approval
8.7Study on Mission Critical Security Enhancements (FS_MC_Sec)
Yes
YesAirbus: add a requirement on revocation access token from old network to the visited network. Motorola: I agree with we can solve it with the existing mechanisms. It was agreed to add an editor's note.
approved No   S3‑160969
S3‑161219 Identity management for inter-domain operation Motorola Solutions Danmark A/S pCR Approval
8.7Study on Mission Critical Security Enhancements (FS_MC_Sec)
Yes
Yes
approved No   S3‑160970
S3‑161220 LWA editorial corrections Huawei, HiSilicon CR Agreement
7.1SAE/LTE Security
Yes
Yes
agreed No   S3‑161037
S3‑161221 Clarification in logging access to personal data Huawei; HiSilicon pCR -
7.2.2TS 33.117 (SCAS-SA3)
Yes
Yes
approved No   S3‑161039
S3‑161222 Installing PMK at the WLAN AP using EAP Blackberry, Qualcomm Incorporated CR Approval
7.1SAE/LTE Security
Yes
Yes
agreed No   S3‑161110
S3‑161223 Reply to: LS on PDCP ciphering for high data rates in eLWA Qualcomm LS out approval
7.1SAE/LTE Security
Yes
Yes
approved No    
S3‑161224 LS on enhancing legacy GSM security Qualcomm LS out Approval
7.6.3UTRAN Network Access Security
No
Yes
approved No    
S3‑161225 Reply to: LS response on LS on confidentiality protection of an identity in a value of an XML attribute of an XML element of an XML document included in a SIP message. CESG LS out approval
7.6.10Security of MCPTT (MCPTT)
Yes
Yes
approved No    
S3‑161226 LS Reply to S3-160907 (C1-163039) Motorola Solutions Danmark A/S LS out Approval
7.6.10Security of MCPTT (MCPTT)
Yes
Yes
approved No   S3‑161151
S3‑161227 Fix Identity Management interface Motorola Solutions Danmark A/S CR Agreement
7.6.10Security of MCPTT (MCPTT)
Yes
Yes
agreed No   S3‑160968
S3‑161228 Clarification on floor control signalling protection Huawei, HiSilicon CR Approval
7.6.10Security of MCPTT (MCPTT)
Yes
Yes
agreed No   S3‑161143
S3‑161229 Corrections to 33.179 HUAWEI TECHNOLOGIES Co. Ltd. CR Approval
7.6.10Security of MCPTT (MCPTT)
Yes
Yes
agreed No   S3‑161035
S3‑161230 Clarification on the requirement of recording and discrete listening CESG LS out Approval
7.6.10Security of MCPTT (MCPTT)
Yes
Yes
approved No    
S3‑161231 handling editor's notes in 33.116 NTT DOCOMO pCR Approval
7.2.1TS 33.116 (SCAS-SA3)
Yes
Yes
approved No   S3‑161120
S3‑161232 New draft TS 33.116 NTT-Docomo draft TS Approval
7.2.1TS 33.116 (SCAS-SA3)
No
Yes
left for email approval No    
S3‑161233 pCR adding the test case of protecting data and information in transfer into the section 5.2.3.2.4 of TS 33.116 China Mobile Com. Corporation, ZTE, Telecom Italia pCR Approval
7.2.1TS 33.116 (SCAS-SA3)
Yes
Yes
approved No   S3‑161134
S3‑161234 Cover sheet TS 33.116 NTT-Docomo TS or TR cover discussion
7.2.1TS 33.116 (SCAS-SA3)
No
Yes
left for email approval No    
S3‑161235 new draft TS 33.117 NTT-Docomo draft TS Approval
7.2.2TS 33.117 (SCAS-SA3)
No
Yes
left for email approval No    
S3‑161236 pCR to TS 33.117 on TC_CONFIDENTIAL_SYSTEM_INTERNAL_DATA Deutsche Telekom AG,NTT-Docomo pCR Approval
7.2.2TS 33.117 (SCAS-SA3)
Yes
Yes
approved No   S3‑160943
S3‑161237 pCR to TS 33.117 adding test case for "Protecting data and information in transfer" Deutsche Telekom AG pCR Approval
7.2.2TS 33.117 (SCAS-SA3)
Yes
Yes
approved No   S3‑160942
S3‑161238 pCR to 33.117 to 5.2.3.4.3.3 introducing password blacklists NTT DOCOMO INC. pCR -
7.2.2TS 33.117 (SCAS-SA3)
Yes
Yes
approved No   S3‑161122
S3‑161239 Clarification in Authentication policy Huawei; HiSilicon pCR Approval
7.2.2TS 33.117 (SCAS-SA3)
Yes
Yes
approved No   S3‑161040
S3‑161240 Removing Editorís Note in 5.2.6.2.3 TNO pCR Approval
7.2.2TS 33.117 (SCAS-SA3)
Yes
Yes
approved No   S3‑161116
S3‑161241 Cover sheet TS 33.117 NTT-Docomo TS or TR cover Approval
7.2.2TS 33.117 (SCAS-SA3)
No
Yes
left for email approval No    
S3‑161242 pCR adding the skeleton of TS 33.250 China Mobile Com. Corporation, ZTE, Telecom Italia draft TS Approval
7.2.3TS 33.zzz (SCAS_PGW)
Yes
Yes
approved No   S3‑160954
S3‑161243 TS 33.250 China Mobile draft TS Approval
7.2.3TS 33.zzz (SCAS_PGW)
Yes
Yes
approved No    
S3‑161244 Remove ďshallĒ from the TR Huawei, HiSilicon CR Approval
7.2.4Other
Yes
Yes
agreed No   S3‑161042
S3‑161245 WID on Security Assurance Specification for eNB Huawei, HiSilicon WID new Agreement
7.2.4Other
Yes
Yes
agreed No   S3‑161111
S3‑161246 new draft TR 33.916 NTT-Docomo draft TR Approval
8.2TR on Security Assurance scheme for 3GPP network products (33.916) (SCAS-SA3TR)
No
Yes
left for email approval No    
S3‑161247 Cover sheet TR 33.916 NTT-Docomo TS or TR cover Approval
8.2TR on Security Assurance scheme for 3GPP network products (33.916) (SCAS-SA3TR)
No
Yes
left for email approval No    
S3‑161248 Solution for Key Issue #7.3.3 on spatial replay Ericsson discussion Endorsement
8.1Study on Security for Proximity-based Services (FS_ProSe_Sec)
Yes
YesThis is the skeleton for a living document.
noted No   S3‑161139
S3‑161249 new draft TR 33.880 CESG draft TR Approval
8.7Study on Mission Critical Security Enhancements (FS_MC_Sec)
Yes
Yes
approved No    
S3‑161250 Removing Editorís Note in 6.1.2.2 TNO pCR Approval
8.8.3Study on Battery Efficient Security for very low Throughput Machine Type Communication Devices
Yes
Yes
approved No   S3‑160930
S3‑161251 new draft TR 33.863 Vodafone draft TR discussion
8.8.3Study on Battery Efficient Security for very low Throughput Machine Type Communication Devices
No
Yes
approved No    
S3‑161252 pCR to TR 33.863, v1.1.1: Solution #10 (extends sol. 2): "AKA-based session key generation for application protocols" Nokia pCR -
8.8.3Study on Battery Efficient Security for very low Throughput Machine Type Communication Devices
Yes
Yes
approved No   S3‑161063
S3‑161253 A Method for IoT Service Layer Security Bootstrapping Huawei, Hisilicon pCR Approval
8.8.3Study on Battery Efficient Security for very low Throughput Machine Type Communication Devices
No
Yes
approved No   S3‑161141
S3‑161254 Service Layer Security Bootstrapping Mechanism for IoT Devices Huawei, HiSilicon, Deutsche Telekom AG pCR Approval
8.8.3Study on Battery Efficient Security for very low Throughput Machine Type Communication Devices
No
Yes
approved No   S3‑161142
S3‑161255 pCR to 33.863 - addition of recomendation section VODAFONE Group Plc pCR Approval
8.8.3Study on Battery Efficient Security for very low Throughput Machine Type Communication Devices
Yes
Yes
approved No   S3‑160920
S3‑161256 WID for normaitive work of BEST VODAFONE Group Plc WID new Agreement
8.8.3Study on Battery Efficient Security for very low Throughput Machine Type Communication Devices
Yes
Yes
agreed No   S3‑160921
S3‑161257 Verification of authenticity of the cell Samsung pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
approved No   S3‑161089
S3‑161258 Detailed Requirements for Security Mechanism Differentiation for Network Slices Huawei, HiSilicon,Deutsche Telekom AG pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
approved No   S3‑161006
S3‑161259 pCR to TR 33.899: UEs with Asymmetric Keys VODAFONE Group Plc pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
approved No   S3‑161044
S3‑161260 pCR to TR 33.899: Authentication of the user VODAFONE Group Plc pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
approved No   S3‑160975
S3‑161261 Clarification and resolution of the editorís notes in key issue of UE service authorization under the security area for network slicing Ericsson LM pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
No
Yes
approved No   S3‑161128
S3‑161262 The Authentication & Authorization Scenarios of UE Accessing into Network Slicing Huawei, HiSilicon, Deutsche Telekom AG,Nokia pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
approved No   S3‑161008
S3‑161263 Editor's notes on definitions Nokia pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
approved No    
S3‑161264 Network slice: EN in 5.8.3.7 interslice communication Nokia pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
approved No   S3‑160990
S3‑161265 pCR to TR 33.899: Proposal of solution for key issue of network slicing security NEC pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
approved No   S3‑160953
S3‑161266 Solution for Network Slicing Security LG Electronics France pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
approved No   S3‑160997
S3‑161267 pCR to TR 33.899 v0.3.0 "Replacing solution 2.2 with reference to solution 3.1" Nokia pCR -
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
approved No   S3‑161086
S3‑161268 pCR to TR 33.899: Radio interface key exchange protocol VODAFONE Group Plc pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
approved No   S3‑160947
S3‑161269 pCR to TR 33.899 v0.3.0 "Evaluation of Solution #3.1: Including a key exchange..." Nokia pCR -
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
approved No   S3‑161087
S3‑161270 pCR to TR 33.899: interception of radio interface keys sent between operator entities VODAFONE Group Plc pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
approved No   S3‑160948
S3‑161271 pCR to TR 33.899: UE action if network does not update session keys VODAFONE Group Plc pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
approved No   S3‑160949
S3‑161272 pCR to 33.899 - Resolution of EN in 5.3.3.2.3 TNO pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
approved No   S3‑161113
S3‑161273 pCR on allowing non-radio interface keys to be refreshed in the existing key issue on Refreshing radio interface keys Qualcomm Incorporated pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
approved No   S3‑161100
S3‑161274 Threats for Security Context Sharing Huawei, HiSilicon,Deutsche Telekom AG, China Mobile pCR -
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
approved No   S3‑161007
S3‑161275 Finalising Key issue #3.5: Unnecessary dependence of keys between security layers Qualcomm Incorporated pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
approved No   S3‑161106
S3‑161276 The storage of security context Huawei; HiSilicon; China Mobile pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
approved No   S3‑161144
S3‑161277 Security context for connectionless mode Huawei; HiSilicon pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
approved No   S3‑161010
S3‑161278 Security Context and Key Management Huawei, HiSilicon, Deutsche Telekom AG pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
approved No   S3‑161005
S3‑161279 Key issue Security requirements on gNB Ericsson pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
approved No   S3‑161083
S3‑161280 Key issue Security aspects of dual connectivity Ericsson pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
approved No   S3‑161085
S3‑161281 pCR on New key issue on on-demand AS integrity protection in NextGen systems Qualcomm Incorporated pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
approved No   S3‑161104
S3‑161282 pCR to TR 33.899: Network public keys VODAFONE Group Plc pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
approved No   S3‑160992
S3‑161283 Work Plan input from Rapporteurs MCC other -
9Review and Update of Work Plan
Yes
Yes
noted No   S3‑160905
S3‑161284 pCR to 33.863 - Addition of annex detailing suggested normaitive changes VODAFONE Group Plc pCR Approval
8.8.3Study on Battery Efficient Security for very low Throughput Machine Type Communication Devices
Yes
Yes
approved No   S3‑160923
S3‑161285 New privacy key issue on concealing permanent or long-term subscriber identifier Ericsson, Nokia, Telecom Italia pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
approved No   S3‑160958
S3‑161286 Cover sheet 33.863 Vodafone TS or TR cover Approval
8.8.3Study on Battery Efficient Security for very low Throughput Machine Type Communication Devices
Yes
Yes
left for email approval No    
S3‑161287 New privacy key issue on protection of network slice identifier Nokia pCR -
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
Yes
approved No   S3‑161071
S3‑161288 Enhancing the concealment of permanent or long-term subscriber identifier Ericsson,Telecom Italia pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
Yes
YesAdding an editor's note as suggested by interdigital.
approved No   S3‑160995
S3‑161289 pCR on a proposed solution for IMSI privacy Qualcomm Incorporated pCR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
No
Yes
approved No   S3‑161103
S3‑161290 New draft R 33.899 Ericsson draft TR Approval
8.6Study on Architecture and Security for Next Generation System (FS_NSA)
No
Yes
left for email approval No    
S3‑161291 SA3 meeting calendar MCC other -
10Future Meeting Dates and Venues
Yes
No
available No   S3‑160904