scope:

This 3GPP Technical Report aims to give an overview of the different mechanisms that mobile applications can rely upon for authentication between server and client (i.e. the UE). Additionally it provides guidelines related to the use of GAA and to the choice of authentication mechanism in a given situation and for a given application.

To this end the TR puts the different 3GPP GAA related specifications, into perspective. It clarifies the logic for having the technical specifications and technical reports, sketches their content and explains the inter-relation between these 3GPP TSs and TRs and their relation with this TR.

The heart of GAA consists out of the Generic Bootstrapping Architecture (GBA): The GBA core specifications consist out of TS 33.220, TS 24.109 and TS 29.109. Figure 2 depicts protocols used over the GBA core interfaces and the relationships between different GBA core specifications.

GBA in turn is then used by many other TSs and TRs to enable specific usages e.g. HTTPS, subscriber certificates.