7 Security

22.1413GPPPresence serviceStage 1TS

The use and access to the presence service shall be supported in a secure manner. It shall only be possible for the presence information to be supplied and/or updated by the presentity or the home environment as identified in clause 5 "High Level Requirements".

It shall be possible to authenticate a principal before allowing registration to the presence service.

It shall be possible to authenticate at any time a watcher and/or a presentity requesting access to the presence service. Existing security mechanisms as well as mechanisms specific to presence service may be used.

It shall be possible to protect the following items from attacks (e.g., eavesdropping, tampering, and replay attacks):

– Presence information and notifications

– Requests for presence information, e.g., requests for subscription and requests for presence information retrieval.