�1���� Scope����������
�2���� References���������������
�3���� Definitions�
������� 3.1���� Terms defined elsewhere��������
������� 3.2���� Terms defined in this Recommendation������������
�4���� Abbreviations and acronyms�������������
�5���� Security requirements for mobility in NGN�
���� ���5.1���� Security threats������������
������� 5.2���� Security requirements���������������
�6���� Security capabilities supported by relevant function entities��������������
������� 6.1���� Transport user profile functional entity (TUP-FE)�����������
������� 6.2���� Transport authentication and authorization functional entity
(TAA-FE)
������� 6.3���� Mobile location management functional entity (MLM-FE)���������
������� 6.4���� Handover decision control functional entity (HDC-FE)�
������� 6.5���� Network information distribution functional entity (NID-FE)����
� ������6.6���� Access management functional entity (AM-FE)��������������
������� 6.7���� Layer3 handover execute function (L3HEF)������
������� 6.8���� Access node functional entity (AN-FE)���������������
�7���� Key management and authentication�����������
������� 7.1���� Key management framework
������� 7.2���� Authentication��������������
�8���� Establishment of security context���
������� 8.1���� Security context transfer between serving AM-FE and target
AM-FE���
������� 8.2���� Security context transfer between serving AR-FE and target
AR-FE������
������� 8.3���� Security context transfer between UE and HDC-FE�������
�9���� IP mobility security
������� 9.1���� Host-based mobility security��
������� 9.2���� Network-based mobility security����������
10���� Security between UE and HDC-FE��
������ 10.1���� Host-initiated security association establishment between UE
and HDC-FE������
������ 10.2���� Network-initiated security association establishment between UE
and HDC-FE�������������
������ 10.3���� Security association pre-establishment between UE and HDC-FE
based on PKI��������������
11���� Security between UE and NID-FE���
������ 11.1���� Host-initiated security association establishment between UE
and NID-FE�������
������ 11.2���� Network-initiated security association establishment between UE
and NID-FE��������������
������ 11.3���� Security association establishment between UE and NID-FE based
on PKI��������
12���� Security for transport functions������
������ 12.1���� Security between UE and access node function entity���������������
������ 12.2���� Security between UE and L3HEF (Layer3 Handover Execute
Function)
Appendix I����
������� I.1���� Example of full authentication procedure����������
������� I.2���� Example of fast re-authentication procedure���
������� I.3���� Example of host-based mobility�������������
Bibliography����