Ä«Å×°í¸®º° ÇÏÀ§¸Þ´º

Ç¥ÁØÈ­°³¿ä

Ç¥ÁØÈ­ Âü¿©¾È³»

º»¹® ½ÃÀÛ

TTAÀÇ Ç¥ÁØÇöȲ

Ȩ > Ç¥ÁØÈ­ °³¿ä > TTAÀÇ Ç¥ÁØÇöȲ

Ç¥ÁعøÈ£ TTAT.3G-33.310(R7-7.1.0) ±¸Ç¥ÁعøÈ£
Á¦°³Á¤ÀÏ 2008-04-09 ÃÑÆäÀÌÁö 0
ÇѱÛÇ¥Áظí IMT-2000 3GPP - ¸Á µµ¸ÞÀÎ º¸¾È; ÀÎÁõ ÇÁ·¹ÀÓ¿öÅ©(R7)
¿µ¹®Ç¥Áظí IMT-2000 3GPP-Network domain security; Authentication framework (NDS/AF)(R7)
Çѱ۳»¿ë¿ä¾à
¿µ¹®³»¿ë¿ä¾à The scope of this Technical Specification is limited to authentication of network elements, which are using NDS/IP or TLS, and located in the inter-operator domain.
In the case of NDS/IP this Specification concentrates on authentication of Security Gateways (SEG), and the corresponding Za-interfaces. Authentication of elements in the intra-operator domain is considered an internal issue for operators. This is quite much in line with [1] which states that only Za is mandatory, and that the security domain operator can decide if the Zb-interface is deployed or not, as the Zb-interface is optional for implementation. However, NDS/AF can easily be adapted to intra-operator use since it is just a simplification of the inter-operator case when all NDS/IP NEs and the PKI infrastructure belong to the same operator. Validity of certificates may be restricted to the operator's domain.
NOTE: In case two SEGs interconnect separate network regions under a single administrative authority (e.g. owned by the same mobile operator) then the Za-interface is not subject to interconnect agreements, but the decision on applying Za-interface is left to operators.
The NDS architecture for IP-based protocols is illustrated in figure 1.

Figure 1: NDS architecture for IP-based protocols [1]
In the case of TLS this Specification concentrates on authentication of TLS entities across inter-operator links. For example, TLS is specified for inter-operator communications between IMS and non-IMS networks [9] and on the Zn' interface in GBA [10]. Authentication of TLS entities across intra-operator links is considered an internal issue for operators. However, NDS/AF can easily be adapted to the intra-operator use case since it is just a simplification of the inter-operator case when all TLS NEs and the PKI infrastructure belong to the same operator. Validity of certificates may be restricted to the operator's domain.
±¹Á¦Ç¥ÁØ
°ü·ÃÆÄÀÏ TTAT.3G-33.310(R7-7.1.0).zip TTAT.3G-33.310(R7-7.1.0).zip            
¸ñ·Ïº¸±â

ÀÌÀü
IMT-2000 3GPP - 3GPP ±â¹Ð°ú º¸Àü ¾Ë°í¸®Áò ±Ô°Ý; ¹®¼­3 : ¼³Ä¡ÀÚ ½ÃÇè µ¥ÀÌÅÍ(R7)
´ÙÀ½
IMT-2000 3GPP - 3G º¸¾È; MILENAGE ¾Ë°í¸®Áò ¼¼Æ®ÀÇ ±Ô°Ý; 3GPP ÀÎÁõ°ú Å° »ý¼º ±â´É f1. f1*, f2. f3, f4, f5, f5*ÀÇ ¿¹½Ã ¾Ë°í¸®Áò ¼¼Æ®; ¹®¼­1; ÀϹݻçÇ×(R7)