32.3753GPPFile integrity solutionSecurity services for Integration Reference Point (IRP)Telecommunication managementTS

The present document is part of a TS-family covering the 3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; Telecommunication management; as identified below:

32.371: "Security Management concept and requirements".

32.372: "Security Services for Integration Reference Points (IRP): Information Service (IS)".

32.373: "Security Services for Integration Reference Points (IRP): Common Object Request Broker Architecture (CORBA) solution".

32.375 "Security Services for Integration Reference Points (IRP): File integrity solution".

In 3GPP SA5 context, IRPs are introduced to address process interfaces at the Itf-N interface. The Itf-N interface is built up by a number of IRPs and a related Name Convention, which realize the functional capabilities over this interface. The basic structure of the IRPs is defined in 3GPP TS 32.101 [1] and 3GPP TS 32.102 [2].
An IRP consists of IRPManager and IRPAgent. Usually there are three types of transaction between IRPManager and IRPAgent, which are: operation invocation, notification, and file transfer.

However, there are different types of intentional threats against the transaction between IRPManagers and IRPAgents. All the threats are potential risks of damage or degradation of telecommunication services, which operators should take measures to reduce or eliminate to secure the telecommunication service, network, and data.

The present document is applicable to the Interface IRP specifications. That is to say, it is only concerned with the security aspects of operations/notifications/file deployed across the Itf-N.

The present document introduces XML Signature mechanism to address File Integrity security requirement defined in 3GPP TS 32.371 [4].