7 Security

22.1403GPPMultimedia Messaging Service (MMS)Stage 1TS

The user shall be able to use and access MM in a secure manner. It shall be possible for the contents of MMs to be read only by the intended recipient(s). A recipient shall be informed of the reliability of the identity of the sender in case the sender has authorised his identity to be transmitted.

The integrity of MMs during transit shall be assured to extent of the network capabilities.

The MMS shall be intrinsically resistant to attempts of malicious or fraudulent use.

An MMS service provider shall be able to authenticate a VASP connected to it and shall be able to be authenticated by a VASP connected to it. The MMS service provider shall be able to authorise the VASP to use various MM services. The MMS shall support encryption of the transport layer between an MMS service provider and a VASP.

Note: Key management is outside the scope of this release of this standard.

The "Security Threats and Requirements" specified in 21.133 [3] shall not be compromised.