6 Security
22.2503GPPIP Multimedia Subsystem (IMS) Group ManagementRelease 17Stage 1TS
The use and access to group content and notification(s) of changes shall be supported in a secure manner. It shall be possible to authenticate and authorise users and applications requesting access to the group content (IMS security and authentication mechanisms may be used). It shall only be possible for the group content and notification(s) of changes to be supplied to the authenticated and authorized users and applications.
The group management shall support measures to detect and prevent attempts to abuse the group content and notification(s) of changes. The integrity of the group content and notification(s) of changes during transfer shall be assured to extent of the network capabilities.
NOTE: In case of non-IMS users using and accessing group content and notification(s) of changes, alternative security mechanisms may be used. Such mechanisms are to be defined by IMS service provider and they are not subject to standardisation. Those mechanisms should ensure the authentication and authorisation of users and applications that access the group content. The mechanisms shall provide integrity and confidentiality during the transport of the group content and notification(s) of changes.
It shall be possible to protect the request of group content and the notification of changes in the group content from attacks (e.g., eavesdropping, tampering, and replay attacks).