Published
The present study investigates the security aspects of the service requirements specified by SA1 in TS 22.101 [11]
clause 26, on the integration of SSO frameworks with 3GPP networks for various operator authentication configurations
(e.g. configurations using GBA or not using GBA).
In particular, this study evaluates existing interworking solutions between SSO frameworks and 3GPP authentication
mechanisms against the SA1 service requirements. The study is not limited to evaluation of existing interworking
solutions and new interworking solutions may be developed as appropriate.
The study covers the security requirements to enable the operator to become the preferred SSO Identity Provider by
allowing the usage of credentials on the UE for SSO services, as well as ways for the 3GPP operator to leverage its trust
framework and its reliable and robust secure credential handling infra-structure to provide SSO service based on
operator-controlled credentials.
PUBLISHED
DS TR 133 995 V15.0.0:2018
60.60
Standard published
Aug 9, 2018