Authentication and Authorization Requirements for Next Generation Network (NGN)
|Publication Date:||1 November 2008|
This standard provides authentication and authorization requirements for Next Generation Network (NGN) based on ATIS-1000018, ATIS NGN Architecture [ATIS- 1000018] and Recommendation Y.2012, Functional Requirements and Architecture of the NGN Release 1 [Y.2012]. This includes requirements for authentication and authorization across the User-to-Network Interface (UNI), the Network-to-Network Interface (NNI) and the Application-to-Netwo
1. Authentication and Authorization of User for Network Access (e.g., authentication and authorization of an end user device, a home network gateway, or an enterprise gateway to obtain access or attachment to the network)
2. Service Provider Authentication and Authorization of User for Access to Service/application (e.g., authentication and authorization of an user, a device or a combined user/device where the authentication and authorization apply to NGN service/application access)
3. User Authentication and Authorization of Network (e.g., user authenticating the identity of the connected NGN network or of the service provider)
4. User Peer-to-Peer Authentication and Authorization (e.g., authentication and authorization of the called user (or terminating entity), authentication and authorization of the originating entity, or data origin authentication as network functions)
5. Mutual Network Authentication and Authorization (e.g., authentication and authorization across NNI interface at the transport level, or service/application level)
6. Authentication and Authorization of Service/Application Provider
7. Use of 3rd Party Authentication and Authorization Service.
8. Authentication of Objects (e.g., application process, message content and data content identifiers).
The items above include authentication of flows of the signalling, bearer and management traffic as applicable.
In addition, this standard also provides reference models for NGN authentication and authorization.
1. NGN Authentication and Authorization is viewed as part of the broader topic of NGN Identity Management (IdM). Specifically, the authentication and authorization functions and capabilities described in this Recommendation should be used to support identity assurance capabilities for NGN IdM.
2. In this standard, the use of the term "user" is not intended to be restricted to a person. A user could be a person, groups, companies, or juridical entities.
3. Authentication of an entity is not intended to indicate positive validation of a person.