The use and access to group content and notification(s) of changes shall be supported in a secure manner. It shall be possible to authenticate and authorise users and applications requesting access to the group content (IMS security and authentication mechanisms may be used). It shall only be possible for the group content and notification(s) of changes to be supplied to the authenticated and authorized users and applications.
The group management shall support measures to detect and prevent attempts to abuse the group content and notification(s) of changes. The integrity of the group content and notification(s) of changes during transfer shall be assured to extent of the network capabilities.
NOTE: In case of non-IMS users using and accessing group content and notification(s) of changes, alternative security mechanisms may be used. Such mechanisms are to be defined by IMS service provider and they are not subject to standardisation. Those mechanisms should ensure the authentication and authorisation of users and applications that access the group content. The mechanisms shall provide integrity and confidentiality during the transport of the group content and notification(s) of changes.
It shall be possible to protect the request of group content and the notification of changes in the group content from attacks (e.g., eavesdropping, tampering, and replay attacks).
Charging for IMS group management shall be based on existing IMS charging mechanisms as appropriate.
IMS group management shall be able to support various charging models, including:
pay per transaction;
volume based charging;
Charging may be based on the volume of transferred group content.
indirect charging; and
Group management may be indirectly charged when it is incorporated as part of a service.
offline charging and online charging.