1 General

3GPP43.020Release 16Security related network functionsTS

The different security related services and functions that are listed in 3GPP TS 42.009 are grouped as follows:

– Subscriber identity confidentiality;

– Subscriber identity authentication;

– Signalling information element and connectionless user data confidentiality and data confidentiality for physical connections (ciphering).

It shall be possible to introduce new authentication and ciphering algorithms during the systems lifetime. The fixed network may support more than one authentication and ciphering algorithm.

The security procedures include mechanisms to enable recovery in event of signalling failures. These recovery procedures are designed to minimize the risk of a breach in the security of the system.

General on figures in this specification:

– In the figures below, signalling exchanges are referred to by functional names. The exact messages and message types are specified in 3GPP TS 24.008 and 3GPP TS 29.002.

– No assumptions are made for function splitting between MSC (Mobile Switching Centre), VLR (Visitor Location Register) and BSS (Base Station System). Signalling is described directly between MS and the local network (i.e. BSS, MSC and VLR denoted in the figures by BSS/MSC/VLR). The splitting in annex A is given only for illustrative purposes.

– Addressing fields are not given; all information relates to the signalling layer. The TMSI allows addressing schemes without IMSI, but the actual implementation is specified in the GSMĀ 04-series.

– The term HPLMN in the figures below is used as a general term which should be understood as HLR (Home Location Register) or AuC (Authentication Centre).

– What is put in a box is not part of the described procedure but it is relevant to the understanding of the figure.