Page 383 - 5G Basics - Core Network Aspects
P. 383
Core network aspects 1
5) MAS-F obtains MUE and streaming flow related information from MUP-FE and MSUP-FE.
6) MAS-F makes the decision which connection can be used to transport the streaming flow to be
transferred, according to the information already obtained.
7) MAS-F sends a streaming transfer request, which contains the updated information of the
connections, to the destination SCF, i.e., SCF(2).
8) SCF(2) forwards this request message to MPC-FE.
9) MPC-FE constructs new QoS rules for the destination connection based on the operator's policies
and originating connection information, then returns a streaming transfer response to SCF(2).
10) SCF(2) forwards this response message to MAS-F.
11) MAS-F returns a transport resource modification response message to MPC-FE.
12) MPC-FE forwards this response message to MC-FE.
13) MC-FE makes QoS rules according the response message, and installs the rules on MMF.
14) MMF forwards the QoS rules to AC-FE(2).
15) AC-FE(2) updates the QoS policy rules of the connection. After, it returns an ACK message to MMF.
Hence, the streaming flow on AC-FE(1) has been transferred to AC-FE(2).
10 Security considerations
10.1 Subscriber security
Subscriber security of MC-Streaming contains all the relevant problems in a legacy network environment,
including privacy protection and access control. In a legacy network environment, a subscriber's privacy
mainly deals with a specific service, for example, channel number before and after the channel change, time
of change, time of play and so on. For privacy protection, a great effort has been made to prevent subscribers'
personal information from being abused.
In the multi-connection environment, in addition to the above information, a subscriber's privacy includes
authentication information for multiple access networks, network selection related information and other
important privacy information. Once the information is leaked or tampered with, the security risk increases
with multiple accesses instantiations.
For MC-Streaming, subscriber security mainly focuses on a subscriber's privacy protection and access control
of the service.
10.1.1 Privacy protection
When providing MC-Streaming service, privacy protection is necessary and should seriously be considered,
in order to prevent information from being leaked or abused. Subscribers' privacy information includes:
service usage, network selection information, authentication information, etc.
For MC-Streaming, subscribers' private information may be leaked out in at least three forms, i.e., from the
service provider(s), network operator and terminal device. According to the different disclosure forms,
different protection mechanisms should be deployed.
From the service providers' perspective, many sensitive data are stored at their side. Illegal intrusion and
unauthorized access may steal the data, bringing threats to the subscribers. Hence, subscribers' personal
data is recommended to be classified and managed accordingly. Important data should be controlled
securely, e.g., it can be stored after encryption. Access to personal data should also be controlled.
From the network's perspective, personal data can be leaked during transmission. So, encryption algorithms
and mechanisms such as DES, RSA, SSL, and others are recommended to be deployed. Communication
channels are recommended to be encrypted before data transmission.
From the terminal device's perspective, certain personal data are stored in the terminal device itself, which
can be read out if the device is lost. Therefore, it is recommended to deploy a mechanism to completely
373
