Non-3GPP Access Security in 5G
Non-3GPP Access technologies such as WLAN technologies can be connected to the 3GPP core network like EPC (Evolved Packet Core) in various ways based on the operator’s business models and architectural preferences. The desire to provide this access to the 5G core network, currently defined in 3GPP, requires the design of new protocols and procedures in order to fulfill all requirements. This paper describes the current status of the specification in Release 15 of the untrusted non-3GPP access where the mobile operator does not trust the access point and tunnels all traffic to a trusted gateway in the mobile network. Further, the paper provides an outlook of the new Release 16 feature for trusted non-3GPP access, i.e. the mobile operator trusts the access point, as well as the feature for 5G core network access from WLAN devices with 3GPP credentials that do not support the Non Access Stratum protocol.
3GPP TS 23.234 “3GPP system to Wireless Local Area Network
(WLAN) interworking; System description”, Mar. 2017.
3GPP TS 23.401 “General Packet Radio Service (GPRS) enhancements
for Evolved Universal Terrestrial Radio Access Network (E-UTRAN)
access”, Sep. 2019.
3GPP TS 23.402 “Architecture enhancements for non-3GPP accesses”,
IETF RFC 5448 “Improved Extensible Authentication Protocol Method
for 3rd Generation Authentication and Key Agreement (EAP-AKA’)”,
3GPP TS 23.501 “System Architecture for the 5G System; Stage 2,
(Release 15)”, June 2019.
3GPP TS 23.502 “Procedures for the 5G System; Stage 2, (Release 15)”,
3GPP TS 33.501 “Security architecture and procedures for 5G System”,
3GPP TS 24.501 “Non-Access-Stratum (NAS) protocol for 5G System
(5GS); Stage 3”, June 2019.
IETF RFC 7296 “Internet Key Exchange Protocol Version 2 (IKEv2)”,
3GPP TR 33.807 “Study on the security of the wireless and wireline
convergence for the 5G system architecture”, Sep. 2019.
3GPP TS 33.402 “3GPP System Architecture Evolution (SAE); Security
aspects of non-3GPP accesses.”