Tech-invite3GPPspaceIETFspace
21222324252627282931323334353637384‑5x

Content for  TS 24.547  Word version:  17.2.0

Top   Top   None   None   Next
1…   5…
1 Scope2 References3 Definitions of terms and abbreviations3.1 Terms3.2 Abbreviations4 General description
...

 

1  Scopep. 6

The present document specifies the protocol aspects for the identity management capability of SEAL to support vertical applications (e.g. V2X) over the 3GPP system.
The present document is applicable to the User Equipment (UE) supporting the identity management client functionality as described in TS 23.434, to the application server supporting the identity management server functionality as described in TS 23.434 and to the application server supporting the vertical application server (VAL server) functionality as defined in specific vertical application service (VAL service) specifications.
Up

2  Referencesp. 6

The following documents contain provisions which, through reference in this text, constitute provisions of the present document.
  • References are either specific (identified by date of publication, edition number, version number, etc.) or non-specific.
  • For a specific reference, subsequent revisions do not apply.
  • For a non-specific reference, the latest version applies. In the case of a reference to a 3GPP document (including a GSM document), a non-specific reference implicitly refers to the latest version of that document in the same Release as the present document.
[1]
TR 21.905: "Vocabulary for 3GPP Specifications".
[2]
TS 23.434: "Service Enabler Architecture Layer for Verticals (SEAL); Functional architecture and information flows;".
[3]
RFC 4825:  "The Extensible Markup Language (XML) Configuration Access Protocol (XCAP)".
[4]
OMA OMA-TS-XDM_Group-V1_1_1-20170124-A: "Group XDM Specification".
[5]  Void.
[6]
W3C.REC-html401-19991224: "HTML 4.01 Specification".
[7]
TS 33.434: "Service Enabler Architecture Layer (SEAL); Security aspects for Verticals".
[8]
RFC 8693:  "OAuth 2.0 Token Exchange".
[9]
RFC 6749:  "The OAuth 2.0 Authorization Framework".
[10]
RFC 7159:  "The JavaScript Object Notation (JSON) Data Interchange Format".
[11]
"OpenID Connect Core 1.0": incorporating errata set 1.
[12]
RFC 2818:  "HTTP Over TLS".
[13]
RFC 6750:  "The OAuth 2.0 Authorization Framework: Bearer Token Usage".
[14]
TS 24.109: "Bootstrapping interface (Ub) and network application function interface (Ua); Protocol details".
[15]
RFC 7230  (June 2014): "Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing".
[16]
RFC 7231:  "Hypertext Transfer Protocol (HTTP/1.1): Semantics and Content".
[17]
RFC 7252:  "The Constrained Application Protocol (CoAP)".
[18]
RFC 8323:  "CoAP (Constrained Application Protocol) over TCP, TLS, and WebSockets".
[19]
draft-ietf-ace-oauth-authz-45  "Authentication and Authorization for Constrained Environments (ACE) using the OAuth 2.0 Framework (ACE-OAuth)".
[20]
draft-ietf-ace-dtls-authorize-18  "Datagram Transport Layer Security (DTLS) Profile for Authentication and Authorization for Constrained Environments (ACE)".
[21]
draft-ietf-ace-oscore-profile-19  "OSCORE Profile of the Authentication and Authorization for Constrained Environments Framework"
Up

3  Definitions of terms and abbreviationsp. 7

3.1  Termsp. 7

For the purposes of the present document, the terms given in TR 21.905 and the following apply. A term defined in the present document takes precedence over the definition of the same term, if any, in TR 21.905.
Authorisation endpoint:
A SEAL identity management server protocol endpoint used by the SEAL identity management client to obtain an authorisation grant, as specified in IETF RFC 6749.
SEAL identity management client:
An entity that provides the client side functionalities corresponding to the identity management SEAL service.
SEAL identity management server:
An entity that provides the server side functionalities corresponding to the identity management SEAL service.
Token endpoint:
A SEAL identity management server protocol endpoint used by the SEAL identity management client to exchange an authorisation grant for an access token, as specified in IETF RFC 6749 [9] for HTTP and Internet draft ACE-OAUTH [19] for CoAP.
For the purposes of the present document, the following terms and definitions given in TS 23.434 apply:
SEAL client
SEAL server
SEAL service
VAL server
VAL service
VAL user
Vertical
Vertical application
Up

3.2  Abbreviationsp. 7

For the purposes of the present document, the abbreviations given in TR 21.905 and the following apply. An abbreviation defined in the present document takes precedence over the definition of the same abbreviation, if any, in TR 21.905.
ACE
Authentication and Authorization for Constrained Environments
SEAL
Service Enabler Architecture Layer for verticals
SIM-C
SEAL Identity Management Client
SIM-S
SEAL Identity Management Server
VAL
Vertical Application Layer
Up

4  General descriptionp. 7

Identity management is a SEAL service that provides the identity management related capabilities to one or more vertical applications. The present document enables a SEAL identity management client and a VAL server to communicate with a SEAL identity management server. The SEAL identity management server authenticates the VAL user's identity by verifying the credentials provided by the VAL user. When the VAL user is authenticated it is provided with an access token which is used for accessing different SEAL services.
Up

Up   Top   ToC