Content for TS 29.309 Word version: 18.2.0

1 Scope p. 7

The present document specifies the stage 3 protocol and data model for the Nbsp Service Based Interface. It provides stage 3 protocol definitions and message flows, and specifies the API for each service offered by the GBA BSF.

The 5G System stage 2 architecture and procedures are specified in TS 23.501 and TS 23.502.

The stage 2 architecture and procedures of SBA-enabled GBA is specified in TS 33.220 and TS 33.223.

The Technical Realization of the Service Based Architecture and the Principles and Guidelines for Services Definition are specified in TS 29.500 and TS 29.501.

2 References p. 7

The following documents contain provisions which, through reference in this text, constitute provisions of the present document.

References are either specific (identified by date of publication, edition number, version number, etc.) or non-specific.
For a specific reference, subsequent revisions do not apply.
For a non-specific reference, the latest version applies. In the case of a reference to a 3GPP document (including a GSM document), a non-specific reference implicitly refers to the latest version of that document in the same Release as the present document.

[1]

TR 21.905: "Vocabulary for 3GPP Specifications".

[2]

TS 23.501: "System Architecture for the 5G System; Stage 2".

[3]

TS 23.502: "Procedures for the 5G System; Stage 2".

[4]

TS 29.500: "5G System; Technical Realization of Service Based Architecture; Stage 3".

[5]

TS 29.501: "5G System; Principles and Guidelines for Services Definition; Stage 3".

[6]

OpenAPI: "OpenAPI Specification Version 3.0.0", https://spec.openapis.org/oas/v3.0.0.

[7]

TR 21.900: "Technical Specification Group working methods".

[8]

TS 33.501: "Security architecture and procedures for 5G system".

[9]

RFC 6749: "The OAuth 2.0 Authorization Framework".

[10]

TS 29.510: "5G System; Network Function Repository Services; Stage 3".

[11]

RFC 9113: "HTTP/2".

[12]

RFC 8259: "The JavaScript Object Notation (JSON) Data Interchange Format".

[13]

RFC 9457: "Problem Details for HTTP APIs".

[14]

TS 33.220: "Generic Authentication Architecture (GAA); Generic Bootstrapping Architecture (GBA)".

[15]

TS 33.223: "Generic Authentication Architecture (GAA); Generic Bootstrapping Architecture (GBA) Push function".

[16]

TS 33.224: "Generic Authentication Architecture (GAA); Generic Bootstrapping Architecture (GBA) Push Layer".

[17]

TS 29.109: "Generic Authentication Architecture (GAA); Zh and Zn Interfaces based on the Diameter protocol; Stage 3".

[18]

TS 29.571: "5G System; Common Data Types for Service Based Interfaces; Stage 3".

3 Definitions and abbreviations p. 8

3.1 Definitions p. 8

For the purposes of the present document, the terms and definitions given in TR 21.905 and the following apply. A term defined in the present document takes precedence over the definition of the same term, if any, in TR 21.905.

Bootstrapping Server Function:

BSF is hosted in a network element under the control of an MNO. BSF, HSS, and UEs participate in GBA in which a shared secret is established between the network and a UE by running the bootstrapping procedure. The shared secret can be used between NAFs and UEs, for example, for authentication purposes. In the context of the present specification, the BSF is an SBA-capable BSF.

GBA Function:

A function on the ME executing the bootstrapping procedure with BSF (i.e. supporting the Ub reference point) and providing Ua applications with security association to run bootstrapping usage procedure. GBA function is called by a Ua application when a Ua application wants to use bootstrapped security association.

Network Application Function:

NAF is hosted in a network element. GBA may be used between NAFs and UEs for authentication purposes, and for securing the communication path between the UE and the NAF. In the context of the present specification, the NAF is an SBA-capable NAF.

GBA User Security Settings:

GUSS contains the BSF specific information element and the set of all application-specific USSs.

Ua Application:

An application on the ME intended to run bootstrapping usage procedure with a NAF.

3.2 Abbreviations p. 8

For the purposes of the present document, the abbreviations given in TR 21.905 and the following apply. An abbreviation defined in the present document takes precedence over the definition of the same abbreviation, if any, in TR 21.905.

BSF

Bootstrapping Server Function

GBA

Generic Bootstrapping Architecture

GUSS

GBA User Security Settings

HSS

Home Subscriber System

NAF

Network Application Function

SBA

Service-Based Architecture

USS

User Security Setting

4 Overview p. 8

Nbsp is a Service-based interface exhibited by GBA BSF (Generic Bootstrapping Architecture; Bootstrapping Server Function) which is a Network Function that supports the following functionality:

Allows the NAF and the Push-NAF to fetch the key material agreed during a previous protocol run between the UE and the GBA BSF. It is also used to fetch application-specific user security settings from the GBA BSF, if requested by the NAF.

The reference points N66 and N67 (see Figure 4-1 below) show the interaction between the GBA BSF and the NAF and Push-NAF Network Functions.

Reproduction of 3GPP TS 29.309, Fig. 4-1: Reference Model - Nbsp

Figure 4-1: Reference Model - Nbsp

In the context of the present specification, the GBA BSF is an SBA-capable BSF, and the NAF and Push-NAF are also SBA-capable Network Functions (see TS 33.220 and TS 33.223).