Presentation is loading. Please wait.

Presentation is loading. Please wait.

Proposed High Level Solution for Device Binding 3GPP2 TSG-SX WG4 SX40-20130501-001 Source: Qualcomm Incorporated and Alcatel-Lucent Contact(s): Anand Palanigounder,

Published byMadison Pearson Modified over 8 years ago

Similar presentations

Presentation on theme: "Proposed High Level Solution for Device Binding 3GPP2 TSG-SX WG4 SX40-20130501-001 Source: Qualcomm Incorporated and Alcatel-Lucent Contact(s): Anand Palanigounder,"— Presentation transcript:

1 Proposed High Level Solution for Device Binding 3GPP2 TSG-SX WG4 SX40-20130501-001 Source: Qualcomm Incorporated and Alcatel-Lucent Contact(s): Anand Palanigounder, apg@qti.qualcomm.comapg@qti.qualcomm.com Aram Perez, aramp@qti.qualcomm.comaramp@qti.qualcomm.com Simon Mizikovsky, simon.mizikovsky@alcatel-lucent.comsimon.mizikovsky@alcatel-lucent.com Recommendation: For Discussion Notice Submitters grant a free, irrevocable license to 3GPP2 and its Organizational Partners to incorporate text or other copyrightable material contained in the contribution and any modifications thereof in the creation of 3GPP2 publications; to copyright and sell in Organizational Partner’s name any Organizational Partner’s standards publication even though it may include all or portions of this contribution; and at the Organizational Partner’s sole discretion to permit others to reproduce in whole or in part such contribution or the resulting Organizational Partner’s standards publication. Submitters are also willing to grant licenses under such contributor copyrights to third parties on reasonable, non-discriminatory terms and conditions for purpose of practicing an Organizational Partner’s standard which incorporates this contribution. This document has been prepared by submitters to assist the development of specifications by 3GPP2. It is proposed to the Committee as a basis for discussion and is not to be construed as a binding proposal on submitters. Submitters specifically reserves the right to amend or modify the material contained herein and nothing herein shall be construed as conferring or offering licenses or rights with respect to any intellectual property of submitters other than provided in the copyright statement above.

2 Overview Terms Background Solution Principles Device Binding Functionality Message Flow Still Under Discussion 2

3 New Terms DBF – Device Binding Functionality DBC – Device Binding Credentials FFS – For Future Study MEID_ME – Mobile Equipment Identifier associated with the mobile equipment* ME_SIG – signature calculated using the ME’s private key 3 *Already defined in C.S0005-E but is important for this presentation because “MEID” can also refer to an IE in a message that whose value depends on whether the ME has an UIM that is removable.

4 Background (1) This presentation proposes a high level solution for cdma200 1x networks to the Device Binding requirement in document S.R0146-0: – SEC-04: cdma2000 networks shall support a mechanism to restrict the use of a cdma2000 M2M access subscription to a specific cdma2000 M2M Device or a M2M group of devices. The solution is proposed for cdma2000 1x networks – A solution for (e)HRPD is FFS. The proposed solution presented here is based on a compromise of the two original proposals from Qualcomm Inc. and Alcatel-Lucent. 4

5 Solution Principles (1) The device-unique cryptographic signature MEID_SIG is requested by the RAN from the ME and transported to the Core for validation. – MSC supporting MEID_ME should also support parameters required for validating MEID_ME (MEID_SIG) The cdma2000 Status Request / Response mechanism is utilized to request and transport the signature within the RAN. – MSC will request the MEID_ME and MEID_SIG from all UEs, whether or not supporting this functionality. – Extended StatusRequest/Response Messages will handle new Records requesting and containing the MEID_ME and MEID_SIG 5

6 Solution Principles (2) MEs supporting the Device Binding Functionality (DBF) will respond with an authentication signature. MSC forwards returned MEID_ME and MEID_SIG to the HLR. The network-based Device Binding Functionality (DBF) verifies that MEID_SIG is received as expected, and is valid. 6

7 Network-based DBF The Device Binding Functionality (DBF) is a new feature in the network that – Determines whether a particular subscription (MSID) is restricted to an ME or a group of ME’s (MEID). – Maintains the mapping between MSIDs (subscription) and MEID bindings – Performs validation of the MEID_SIG and sends a response to MSC/VLR indicating whether to allow/deny service to the MS – If the subscription requires DBF, but the ME does not respond with MEID_SIG signature, the network may deny service to the ME. The DBF could be a part of an existing network element or a stand alone non-standard function. – It is assumed that the network based DBF is a part of an HLR. – A stand-alone DBF accessed by the HLR is not a subject to standardization. 7

8 Device-based DBF The Device Binding Functionality (DBF) is a new feature on the device that: – Retains in the secure environment the cryptographic credential (Device Binding Credential – DBC) associated with the device platform. – On request from the network generates device-unique cryptographic signature MEID_SIG, specific for the device. – Provides the MEID_SIG signature to the ME for responding to the network. The DBF can be based on symmetric and asymmetric cryptography. – The scheme supports MEID_SIG generation using symmetric secret key and asymmetric Private key. – Provisioning of either symmetric or asymmetric secrets are FFS. 8

9 Message Flow for cdma2000 1x 9 Items in red are new added information elements

10 Message Flow (2) a)The MS sends 1x Registration request to MSC b)Based on its policies, the MSC sends a Status Request with a new RECORD_TYPE requesting a MEID_SIG in addition to MEID_ME c)The ME generates a MEID_SIG using its Device Binding Credentials (DBC) d)The ME sends an Extended Response Message with its MEID_ME and the MEID_SIG from step c) to the MSC e)The MSC sends a Registration Notification (REGNOT) message to the VLR with the MSID, MEID_ME, MEID_SIG, RAND and AUTHR f)The VLR forwards the REGNOT to the HLR g)The HLR (with DBF) validates the MEID_SIG h)The HLR send a regnot to the VLR with status of MEIDValidated i)The VLR forwards the regnot to the HLR j)The HLR informs the MS that it is registered 10

11 Still Under Discussion When symmetric cryptography is used for MEID_SIG, how is key provisioning handled? – Outside the scope of 3GPP2? When asymmetric cryptography is used for MEID_SIG, – What algorithm should be used? – How does HLR get ME’s public key/certificate? Can a combination of both be used? All the small details 11

Download ppt "Proposed High Level Solution for Device Binding 3GPP2 TSG-SX WG4 SX40-20130501-001 Source: Qualcomm Incorporated and Alcatel-Lucent Contact(s): Anand Palanigounder,"

Similar presentations

Binding of cdma2000 access subscription with specific device(s) 3GPP2 TSG-S WG4 S40-20120416-005 Source: Qualcomm Incorporated Contact(s): Anand Palanigounder,

Binding of cdma2000 access subscription with specific device(s) 3GPP2 TSG-S WG4 S Source: Qualcomm Incorporated Contact(s): Anand Palanigounder,
Use cases for Device Binding 3GPP2 TSG-S WG4 S40-20120725-002 Source: Qualcomm Incorporated Contact(s): Anand Palanigounder,

Use cases for Device Binding 3GPP2 TSG-S WG4 S Source: Qualcomm Incorporated Contact(s): Anand Palanigounder,
Mobile IPv4 FA CoA Support in WLAN Interworking Raymond Hsu Qualcomm Inc. Notice: QUALCOMM Incorporated grants a free, irrevocable license.

Mobile IPv4 FA CoA Support in WLAN Interworking Raymond Hsu Qualcomm Inc. Notice: QUALCOMM Incorporated grants a free, irrevocable license.
Dynamic HA Assignment for MIPv4 in WLAN Interworking Raymond Hsu, Qualcomm Inc., Wing C. Lau, Qualcomm Inc., Notice:

Dynamic HA Assignment for MIPv4 in WLAN Interworking Raymond Hsu, Qualcomm Inc., Wing C. Lau, Qualcomm Inc., Notice:
Www.huawei.com MIP6-HA-Local-Assignment-Capability indication to MS Contributors grant a free, irrevocable license to 3GPP2 and its Organization Partners.

MIP6-HA-Local-Assignment-Capability indication to MS Contributors grant a free, irrevocable license to 3GPP2 and its Organization Partners.
Tunneling Protocol Support for 1x CSFB from E-UTRAN

Tunneling Protocol Support for 1x CSFB from E-UTRAN
IP Connectivity for E911 in HRPD/PDS Networks Page 1 IP Connectivity for Emergency Calls in HRPD/PDS Networks 3GPP2 Meeting, 1/07 IP Connectivity for Emergency.

IP Connectivity for E911 in HRPD/PDS Networks Page 1 IP Connectivity for Emergency Calls in HRPD/PDS Networks 3GPP2 Meeting, 1/07 IP Connectivity for Emergency.
XHRPD Example Scenario for MSS Masa Shirota Qualcomm Inc. July 15, 2014 3GPP2 Dalian Meeting Recommendation: FYI Notice QUALCOMM Incorporated grants a.

XHRPD Example Scenario for MSS Masa Shirota Qualcomm Inc. July 15, GPP2 Dalian Meeting Recommendation: FYI Notice QUALCOMM Incorporated grants a.
1/xx AKA Support In IS-820-B Stage 2 Lijun Zhao QUALCOMM Incorporated Apr 14, 2003 Notice QUALCOMM Incorporated grants a free, irrevocable license to 3GPP2.

1/xx AKA Support In IS-820-B Stage 2 Lijun Zhao QUALCOMM Incorporated Apr 14, 2003 Notice QUALCOMM Incorporated grants a free, irrevocable license to 3GPP2.
Summary of 3GPP TR 33.868 3GPP2 TSG-S WG4 S40-20120725-003 Source: Qualcomm Incorporated Contact(s): Anand Palanigounder,

Summary of 3GPP TR GPP2 TSG-S WG4 S Source: Qualcomm Incorporated Contact(s): Anand Palanigounder,
3GPP2 A30-20110907-008r0 3GPP2 C20-20110926-xxxr0 TSG-A WG3 and TSG-C WG2 Title: HRPD Redirect on EPC Unavailable Source: Mike DolanAlcatel-Lucent Dave.

3GPP2 A r0 3GPP2 C xxxr0 TSG-A WG3 and TSG-C WG2 Title: HRPD Redirect on EPC Unavailable Source: Mike DolanAlcatel-Lucent Dave.
Overview & Definitions for Downloadable Credentials 1 S10-20110926-013 3GPP2 TSG-S WG1 Source: Sprint, US Cellular, Motorola Mobility, Qualcomm Contact(s):

Overview & Definitions for Downloadable Credentials 1 S GPP2 TSG-S WG1 Source: Sprint, US Cellular, Motorola Mobility, Qualcomm Contact(s):
1 IP Service Authorization Support and Mobility Selection for X.S0011-E Source: QUALCOMM Inc.: Masa Shirota, George Cherian, Jun Wang,

1 IP Service Authorization Support and Mobility Selection for X.S0011-E Source: QUALCOMM Inc.: Masa Shirota, George Cherian, Jun Wang,
August 2012 C2 – Company Confidential SOURCE: Alcatel-Lucent: Jialin Zou, Satish Kanugovi, Orlett Pearson satish.k Qualcomm,

August 2012 C2 – Company Confidential SOURCE: Alcatel-Lucent: Jialin Zou, Satish Kanugovi, Orlett Pearson satish.k Qualcomm,
1 UATI-IP address mapping Peerapol Tinnakornsrisuphap David Ott Qualcomm.

1 UATI-IP address mapping Peerapol Tinnakornsrisuphap David Ott Qualcomm.
1 Title: TDF support in cdma2000 1x and HRPD Networks Sources: China Telecom, ZTE, Huawei Contact: CT: Heng Nie ( ), Congjie Mao(

1 Title: TDF support in cdma2000 1x and HRPD Networks Sources: China Telecom, ZTE, Huawei Contact: CT: Heng Nie ( ), Congjie Mao(
1 May 14, 2007 Zhibi Wang, Simon Mizikovsky – Alcatel-Lucent Vidya Narayanan, Anand Palanigounder – QUALCOMM ABSTRACT: Access authentication architecture.

1 May 14, 2007 Zhibi Wang, Simon Mizikovsky – Alcatel-Lucent Vidya Narayanan, Anand Palanigounder – QUALCOMM ABSTRACT: Access authentication architecture.
1 cdma2000® Data Service Transition to NULL Support Jun Wang Ravi Patwardhan June 5, 2003 Recommendation -

1 cdma2000® Data Service Transition to NULL Support Jun Wang Ravi Patwardhan June 5, 2003 Recommendation -
© Alcatel-Lucent 2010 1 | M2M Numbering | April 12, 2010 3GPP2 M2M-20100412-004 TITLE Numbering in 3GPP2 for M2MSOURCE Mike Dolan, Alcatel-Lucent, Mike.

© Alcatel-Lucent | M2M Numbering | April 12, GPP2 M2M TITLE Numbering in 3GPP2 for M2MSOURCE Mike Dolan, Alcatel-Lucent, Mike.
1x Device Binding Framework Overview to TSG-AC 3GPP2 TSG-AC AC00-20130603-027 Source: TSG-SX WG4 Contact(s): Anand Palanigounder,

1x Device Binding Framework Overview to TSG-AC 3GPP2 TSG-AC AC Source: TSG-SX WG4 Contact(s): Anand Palanigounder,

Similar presentations

Ads by Google