Tech-invite 3GPPspace IETFspace

21 22 23 24 25 26 27 28 29 31 32 33 34 35 36 37 38 4‑5x

Content for TS 29.109 Word version: 17.0.0

1… 4…

4 GBA Bootstrapping Zh interface and Zh' interface p. 13

4.1 Generic bootstrapping network architecture p. 13

4.2 Protocol Zh between BSF and HSS p. 13

4.3 Protocol Zh' between BSF and HLR |R7| p. 18

4.3.1 Public to Private Identity Resolution over Zh between BSF and HLR |R8| p. 19

5 GAA Application Zn and Zpn interfaces p. 21

5.1 Applications' network architecture p. 21

5.2 Protocol Zn between NAF and BSF based on Diameter p. 22

5.3 Protocol Zn between NAF and BSF based on Web Services |R7| p. 25

5.4 Protocol Zpn between NAF and BSF based on Diameter |R8| p. 28

5.5 Protocol Zpn between NAF and BSF based on Web Services |R8| p. 32

6 Diameter application for Zh, Zn and Zpn interfaces p. 35

6.0 Introduction |R7| p. 35

6.1 Command-Code values p. 35

6.2 Result-Code AVP values p. 35

6.2.1 Success p. 35

6.2.2 Permanent failures p. 35

6.2.2.1 DIAMETER_ERROR_IDENTITY_UNKNOWN (5401) p. 35

6.2.2.2 DIAMETER_ERROR_NOT_AUTHORIZED (5402) p. 36

6.2.2.3 DIAMETER_ERROR_TRANSACTION_IDENTIFIER_INVALID (5403) p. 36

6.2.2.4 Void

6.2.2.5 Void

6.2.2.6 Void

6.2.2.7 Void

6.3 AVPs p. 37

6.3.1 Common AVPs p. 38

6.3.1.1 GBA-UserSecSettings AVP p. 38

6.3.1.2 Transaction-Identifier AVP p. 38

6.3.1.3 NAF-Id p. 38

6.3.1.4 GAA-Service-Identifier AVP p. 38

6.3.1.5 Key-ExpiryTime AVP p. 38

6.3.1.6 ME-Key-Material AVP p. 38

6.3.1.7 UICC-Key-Material AVP p. 38

6.3.1.8 GBA_U-Awareness-Indicator p. 38

6.3.1.9 BootstrapInfoCreationTime AVP p. 39

6.3.1.10 GUSS-Timestamp AVP p. 39

6.3.1.11 GBA-Type |R7| p. 39

6.3.1.12 UE-Id |R8| p. 39

6.3.1.13 UE-Id-Type |R8| p. 39

6.3.1.14 UICC-App-Label |R8| p. 39

6.3.1.15 UICC-ME |R8| p. 39

6.3.1.16 Requested-Key-Lifetime |R8| p. 40

6.3.1.17 Private-Identity-Request |R8| p. 40

6.3.1.18 GBA-Push-Info |R8| p. 40

6.3.1.19 NAF-SA-Identifier |R8| p. 40

6.3.1.20 Security-Feature-Request |R9| p. 40

6.3.1.21 Security-Feature-Response |R9| p. 40

6.4 User identity to HSS resolution p. 40

7 Use of namespaces p. 42

7.1 AVP codes p. 42

7.2 Experimental-Result-Code AVP values p. 42

7.3 Command Code values p. 42

A (Normative) GBA-UserSecSettings XML definition p. 43

B (Normative) GAA Service Type Codes p. 48

C (Normative) GAA Authorization flag codes p. 48

D (Normative) Web Services Definition for Zn interface |R7| p. 49

E Liberty authentication context definitions for GBA |R7| p. 50

E.1 Introduction p. 50

E.2 GBA Authentication context statement data model p. 50

E.3 GBA authentication context statement schema p. 51

E.4 GBA authentication context classes p. 52

E.4.1 GBAOneFactorUnregistered p. 52

E.4.1.1 Associated 3GPP URI p. 52

E.4.1.2 Class schema p. 53

E.4.2 GBATwoFactorUnregistered p. 53

E.4.2.1 Associated 3GPP URI p. 53

E.4.2.2 Class schema p. 53

E.4.3 GBAOneFactorContract p. 54

E.4.3.1 Associated 3GPP URI p. 54

E.4.3.2 Class schema p. 54

E.4.4 GBATwoFactorContract p. 55

E.4.4.1 Associated 3GPP URI p. 55

E.4.4.2 Class schema p. 55

F SAML authentication context definitions for GBA |R7| p. 56

F.1 Introduction p. 56

F.2 GBA authentication context declaration data model p. 56

F.3 GBA authentication context declaration types p. 57

F.4 GBA authentication context declaration classes p. 58

F.4.1 GBAOneFactorUnregistered p. 58

F.4.1.1 Associated 3GPP URI p. 58

F.4.1.2 Class schema p. 58

F.4.2 GBATwoFactorUnregistered p. 61

F.4.2.1 Associated 3GPP URI p. 61

F.4.2.2 Class schema p. 61

F.4.3 GBAOneFactorContract p. 63

F.4.3.1 Associated 3GPP URI p. 63

F.4.3.2 Class schema p. 63

F.4.4 GBATwoFactorContract p. 65

F.4.4.1 Associated 3GPP URI p. 65

F.4.4.2 Class schema p. 65

G (Normative) Web Services Definition for Zpn interface |R8| p. 68

$ Change history p. 69