TR 33.918
Generic Authentication Architecture (GAA);
Early implementation of Hypertext Transfer Protocol over Transport Layer Security (HTTPS) connection
between a Universal Integrated Circuit Card (UICC)
and a Network Application Function (NAF)
V7.0.0 (Wzip)
2005/12 13 p.
- Rapporteur:
- Mr. Seif, Jacques
full Table of Contents for TR 33.918 Word version: 7.0.0
0 Introduction p. 5
TS 33.222 describes how the access over HTTP can be secured using TLS in the Generic Authentication Architecture. An application residing on a UICC may advantageously use such a mechanism to secure its communication with a Network Application Function (NAF). Due to time constraint, this scenario was not fully covered in release 6.
The "HTTPS connection between a UICC and a NAF" functionality is a candidate for early implementation since all required mechanisms are available in release 7 specifications.
1 Scope p. 6
The present document gives guidance on how to perform an early implementation of HTTPS connections between a UICC-based application and a Network Application Function in the Generic Authentication Architecture (GAA).
2 References p. 6
3 Definitions, symbols and abbreviations p. 6
3.1 Definitions p. 6
3.2 Abbreviations p. 6
4 Requirements p. 7
5 Security architecture p. 7
6 Authentication schemes p. 7
6.1 Reference model p. 7
6.2 GBA functions split in the UE p. 7
6.3 General requirements and principles p. 7
6.4 Shared key-based UICC authentication with certificate-based NAF authentication p. 8
6.5 Shared key-based mutual authentication between UICC and NAF p. 8
6.6 Certificate based mutual authentication between UICC and Application Server p. 9
A Bearer Independent Protocol overview p. 10
A.1 Architecture p. 10
A.2 BIP usage p. 10
$ Change history p. 12
