tech-invite   World Map
3GPP     Specs     Glossaries     Architecture     IMS     UICC       IETF     RFCs     Groups     SIP     ABNFs       Search     Home
Top        in Index        Prev        Next

TS 33.222 (SA3)
Generic Authentication Architecture (GAA) –
Access to network application functions using HTTPS

|   ToC   |   3GPP‑Page   |   ETSI‑search   |   Help   |

(P) V14.0.0    2017/03    37 p.
(P) V13.0.0    2016/01    37 p.
(P) V12.3.0    2013/12    38 p.
(P) V11.3.0    2013/12    25 p.
(P) V10.0.1    2011/12    24 p.
(P) V9.1.0    2010/06    24 p.
(P) V8.0.0    2008/06    24 p.
(P) V7.3.0    2007/12    24 p.
(P) V6.6.0    2006/03    22 p.


Rapporteur:  Mr. Lehtovirta, Vesa
See also:  GAA/GBA-related TS/TR    


A number of services might be accessed over HTTP. For the Presence Service, it shall be possible to manage the data on the Presence Server over the Ut reference point, which is based on HTTP. Other services like conferencing, messaging, push, etc. might be accessed using HTTP.

Access to services over HTTP can be done in a secure manner. ThiS TS describes how the access over HTTP can be secured using TLS in the Generic Authentication Architecture.

ThiS TS specifies secure access methods to Network Application Functions (NAF) using HTTP over TLS in the Generic Authentication Architecture (GAA), and provides Stage 2 security requirements, principles and procedures for the access. ThiS TS describes both direct access to an Application Server (AS) and access to an Application Server through an Authentication Proxy (AP).

Note:
Any application specific details for access to Applications Servers are not in scope of this specification and are covered in separate documents. An example of such a document is TS 33.141, which specifies the security for presence services.


 

Here        Top

 

 

1   Scope [R6]   PDF-p. 6
2   References [R6]
3   Definitions, symbols and abbreviations [R6]   PDF-p. 7
4   Overview of the Security Architecture [R6]
5   Authentication schemes [R6]   PDF-p. 9
6   Use of Authentication Proxy [R6]   PDF-p. 17
A   Technical Solutions for Access to Application Servers via Authentication Proxy and HTTPS [R6]   PDF-p. 22
B   Guidance on Certificate-based mutual authentication between UE and application server [R6]   PDF-p. 23
C   Considerations for GBA security using a web browser and Javascript [R12]   PDF-p. 24      Up
D  (Normative)   Security measures for usage of GBA with a web browser [R12]   PDF-p. 27
E   Change history   PDF-p. 34

Up        Top