Pages

Tuesday, 17 January 2023

Authentication and Key Management for Applications (AKMA) based on 3GPP credentials in the 5G System (5GS)

3GPP Release 17 introduced a new feature called AKMA (Authentication and Key Management for Applications), the goal of which is to enable the authentication and generation of application keys based on 3GPP credentials for all UE types in the 5G System, especially IoT devices, ensuring to bootstrap the security between the UE and the applications in the 5G system.

3GPP TR 21.917 has an excellent summary as follows:

Authentication and key management for applications based on 3GPP credential in 5G (AKMA) is a cellular-network-based delegated authentication system specified for the 5G system, helping establish a secure tunnel between the end user and the application server. Using AKMA, a user can log in to an application service only based on the 3GPP credential which is the permanent key stored in the user’s tamper-resistant smart card UICC. The application service provider can also delegate the task of user authentication to the mobile network operator by using AKMA. 

The AKMA architecture and procedures are specified by SA3 in TS 33.535, with the related study showing how its general principles are derived documented in TR 33.835. The AKMA feature introduces a new Network Function into the 5G system, which is the AKMA Anchor Function (AAnF). Its detailed services and API definitions are specified by CT3 in TS 29.535. Earlier generations of cellular networks include two similar standards specified by SA3, which are generic bootstrapping architecture (GBA) and battery-efficient security for very low throughput machine type communication devices (BEST). Since the AKMA feature is deemed as a successor of these systems, the work is launched by SA3 without the involvement of stage 1.

In the latest issue of 3GPP Highlights Magazine, Suresh Nair, 3GPP Working Group SA3 Chair, Saurabh Khare & Jing Ping (Nokia) has explained the AKMA procedure. The article is also available on 3GPP website here. The article lists the following as AKMA advantages:

  • Since the AKMA framework uses authentication and authorization of the UE leveraging the PLMN credentials stored on the USIM, this becomes as strong as the network primary authentication and subsequent keys derived further to UE and Application Function (AF) interface.
  • The Application Functions can leverage the authentication service provided by the AKMA Anchor Function (AAnF) without additional CAPEX and OPEX.
  • The architecture provides a direct interface between the UE and the AF where a customized application-specific interface can be built, including the key management, key lifetime extension, etc.

The Journal of ICT Standardization has a paper on Authentication Mechanisms in the 5G System. It details AKMA and much more. It's a great place to start for anyone new looking to understand different 5G Authentication Mechanisms. 

Related Posts

Wednesday, 4 January 2023

How Many People are Still Unconnected in 2023 and Why?

I hear in many presentations that half the world is still unconnected so we need a solution XYZ. In this post I will explore how many people are really unconnected and why.

GSMA produces an annual report called "The State of Mobile Internet Connectivity Report". The latest issue from Nov 2022 explains the number of people that are still unconnected because of coverage gap or the usage gap. Quoting from the report:

(click to expand the image)

By the end of 2021, 4.3 billion people were using mobile internet, representing 55% of the world’s population, up from 31% in 2014 (see Figure 1). This translates into almost 300 million people coming online in the past year. Most of the people who started using mobile internet in 2021 came from LMICs (low and middle-income countries), where 94% of the unconnected population live.

By the end of 2021, the share of the world’s population living in areas without mobile broadband coverage stood at 5%, meaning that 400 million people are still not covered by a mobile broadband network. Since 2018, this coverage gap has reduced by only 1 pp a year (see Figure 1), highlighting how the remaining uncovered communities – which are predominantly rural, poor and sparsely populated – are the most challenging to reach in a financially sustainable manner. For example, in least developed countries (LDCs) almost 30% of people living in rural areas are still not covered by a mobile broadband network.

A much larger proportion of the unconnected live in areas already covered by mobile broadband networks. By the end of 2021, 40% of the world’s population (3.2 billion people) were living within the footprint of a mobile broadband network but not using mobile internet. While this usage gap remained relatively unchanged between 2014 and 2019, it declined by 300 million people (or 5 pp) over the past two years. However, the usage gap remains substantial and is now almost eight times the size of the coverage gap. It is worth noting that these numbers are for the total population, some of whom would never be expected to use the internet (e.g. young infants). Indeed, taking adults (18 years old and above) only, the usage gap stands at 25%, a much smaller though still significant gap.

The report further expands the reasons for usage gap as shown below:

(click to enlarge)

As can be seen, the reasons have been grouped in 5 major categories as follows:

  • Literacy and digital skills
    • I do not know how to access the internet on a mobile phone
    • I have difficulties with reading and writing
    • I find it difficult to use a mobile in general (calling, texting or mobile internet)
    • I do not have time to learn how to use the internet on a mobile phone
    • There is nobody to teach or help me to use mobile internet
  • Relevance
    • There is not enough in my own language on the internet
    • I do not find the internet relevant enough for me (not useful or not interesting)
  • Affordability
    • The cost of buying a mobile phone that can access the internet is too high for me
    • The cost of buying data to use the internet on my mobile is too high for me
  • Safety and security
    • I am concerned that I would receive unwanted contact from people online (e.g. scam emails or unwanted messages)
    • I am concerned that it might expose myself or my family to harmful content
    • I am concerned that my identity or other private information will be stolen or misused
  • Access
    • There is limited or no coverage to access the internet in my area
    • Using the internet on my mobile phone is too slow (e.g. connection speeds)
    • My family does not approve of me using the internet on a mobile phone
    • It is hard to find a mobile phone agent or representative to buy mobile internet data from
    • Using the internet on my mobile phone uses too much battery
    • I cannot borrow or pay to use internet on another person’s phone
    • It is hard to find somewhere to buy a mobile phone which is able to connect to the internet

There are many reports of blackmail and extortion cases in India that are linked to mobile phones and internet. You can read about them here and here. These also discourage a lot of people to embrace smartphones, especially women.  

Although women account for close to half the world's population, according to a UN report on gender digital divide, 259 million fewer women have access to the Internet than men in 2022. 

I hope that the next time presenters are talking about the number of unconnected people, they put things in context and mention the connectivity and the usage gap. 

Finally, here is a webinar recording from M4D discussing the latest trends in global connectivity from The State of Mobile Internet Connectivity Report 2022:

Related Posts