Presentation on theme: "Binding of cdma2000 access subscription with specific device(s) 3GPP2 TSG-S WG4 S40-20120416-005 Source: Qualcomm Incorporated Contact(s): Anand Palanigounder,"— Presentation transcript:
Binding of cdma2000 access subscription with specific device(s) 3GPP2 TSG-S WG4 S40-20120416-005 Source: Qualcomm Incorporated Contact(s): Anand Palanigounder, firstname.lastname@example.org@qualcomm.com Recommendation: For Discussion & Decision 1 Notice QUALCOMM Incorporated grants a free, irrevocable license to 3GPP2 and its Organizational Partners to incorporate text or other copyrightable material contained in the contribution and any modifications thereof in the creation of 3GPP2 publications; to copyright and sell in Organizational Partners name any Organizational Partners standards publication even though it may include all or portions of this contribution; and at the Organizational Partners sole discretion to permit others to reproduce in whole or in part such contribution or the resulting Organizational Partners standards publication. QUALCOMM Incorporated is also willing to grant licenses under such contributor copyrights to third parties on reasonable, non- discriminatory terms and conditions for purpose of practicing an Organizational Partners standard which incorporates this contribution. This document has been prepared by QUALCOMM Incorporated to assist the development of specifications by 3GPP2. It is proposed to the Committee as a basis for discussion and is not to be construed as a binding proposal on QUALCOMM Incorporated. QUALCOMM Incorporated specifically reserves the right to amend or modify the material contained herein and nothing herein shall be construed as conferring or offering licenses or rights with respect to any intellectual property of QUALCOMM Incorporated other than provided in the copyright statement above.
Introduction At the December 3GPP2 Joint Meeting on M2M SRD (S.P0146-0), the following requirement was agreed SEC-04: cdma2000 networks shall support a mechanism to restrict the use of a cdma2000 M2M access subscription to a specific cdma2000 device or a group of devices Similar requirement is also in 3GPP (see clause 7.1.1 of TS 22.368 ) and various solutions are under study in SA3 group (please refer to sections 5.6 & 7.5 of S3-120212)S3-120212 In this contribution, we propose that TSG-S WG4 initiate work on evaluating potential security solutions to meet this requirement in cdma2000 systems 2
Solutions in SA3 Methods under study in SA3 can be classified into two broad categories : – UE based mechanisms – Network based mechanisms UE based mechanisms has 3 variants Secure Channel pairing USAT application pairing PIN verification pairing – All based on UICC features with varying levels of security – The enforcement of the binding is proposed to be performed by the UICC Management of the IMEI-IMSI pairing info on the UICC & associated overhead is an issue with UICC based solutions Network based mechanisms has 2 variants – IMSI – IMEI binding in HSS/HLR – IMSI – IMEI binding in HSS/HLR enhanced with device authentication – In both methods, the pairing info is stored in an entity in the network (HLR/HSS) and enforcement is performed in the network 3
Solutions for 3GPP2 Applicability of the solutions in 3GPP should be studied in 3GPP2 – the solutions may not be usable in 3GPP2 due to differences between 3GPP & 1x ; for example, OTA management of pairing info on the UICC/R-UIM Attach/Registration, authentication and device identity request procedures Alternatives to the 3GPP approaches should also be studied in 3GPP2 4
Proposal We propose that TSG-S WG4 initiates work on evaluating potential security solutions in cdma2000 systems to satisfy this requirement 5