Tech-invite  3GPPspecsRELsGlossariesSIP
Info21222324252627282931323334353637384‑5x
Top   in Index   Prev   Next

TS 33.122SA3
Security aspects of
Common API Framework (CAPIF)
for 3GPP Northbound APIs

3GPP‑Page   ETSI‑search   full‑ToC
use "3GPP‑Page" to get the Word version
use "ETSI‑search" to get the PDF version
for a better overview, the Table of Contents (ToC) is reproduced
V16.2.0 (Wzip)  2019/12  30 p.
V15.3.0 (PDF)  2019/03  29 p.
WI Acronym:  CAPIF-Sec
Rapporteur:  Mr. Rajadurai, Rajavelsamy
The present document specifies the security architecture i.e., the security features and the security mechanisms for the common API framework (CAPIF) as per the architecture and procedures defined in TS 23.222.

full Table of Contents for  TS 33.122  Word version:   16.2.0

Here   Top
1  ScopeWord-p. 6
2  References
3  Definitions, symbols and abbreviations
3.1  Definitions
3.2  Symbols
3.3  AbbreviationsWord-p. 7
4  Security requirements
4.1  General
4.2  Common security requirements
4.3  Security requirements on the CAPIF-1/1e reference points
4.4  Security requirements on the CAPIF-2/2e reference pointsWord-p. 8
4.5  Security requirements on the CAPIF-3/4/5 reference points
4.6  Security requirements on the CAPIF-3e/4e/5e reference points [R16]Word-p. 9
4.7  Security requirements on the CAPIF-7/7e reference points [R16]
5  Functional security model
6  Security proceduresWord-p. 10
6.1  Security procedures for API invoker onboarding
6.2  Security procedures for CAPIF-1 reference pointWord-p. 12
6.3  Security procedures for CAPIF-1e reference point
6.3.1  Authentication and authorization
6.3.1.1  GeneralUp
6.3.1.2  Security method negotiation
6.3.1.3  API discoveryWord-p. 13
6.3.1.4  Topology hiding
6.4  Security procedures for CAPIF-2 reference point
6.5  Security procedures for CAPIF-2e reference pointWord-p. 14
6.5.1  General
6.5.2  Authentication and authorization
6.5.2.1  Method 1 - Using TLS-PSK
6.5.2.2  Method 2 - Using PKIWord-p. 15
6.5.2.3  Method 3 - TLS with OAuth tokenWord-p. 16
6.6  Security procedures for CAPIF-3/4/5 reference pointsWord-p. 18
6.7  Security procedures for updating security method
6.8  Security procedure for API invoker offboarding
6.9  Security procedures for CAPIF-7/7e reference points [R16]Word-p. 20
6.10  Security procedures for CAPIF-3e/4e/5e reference points [R16]
A (Normative)  Key derivation functionsWord-p. 21
A.1  AEFPSK derivation function
B  Security flowsWord-p. 22
B.1  Onboarding
B.2  Authentication and authorizationWord-p. 23
C (Normative)  Access token profile for 'Method 3 - TLS with OAuth token'Word-p. 26
C.1  General
C.2  Access token profile
C.2.1  General
C.2.2  Token claims
C.3  Obtaining tokensWord-p. 27
C.3.1  General
C.3.2  Access token request
C.3.3  Access token responseWord-p. 28
C.4  Refreshing an access tokenUp
C.5  Using the token to access API exposing functions
C.6  Token revocation
C.7  Token validationWord-p. 29
C.7.1  Access token validation
D  Change historyWord-p. 30

Up   Top