5 Entities

24.4823GPPMission Critical Services (MCS) identity managementProtocol specificationRelease 17TS

5.1 Identity management client

The identity management client acts as the application user agent for MC ID transactions. It interacts with the identity management server. The identity management client:

– shall support identity management registration to the identity management server;

– shall support the MC services user authentication framework as specified in 3GPP TS 33.180 [17];

– shall support a username and password method of authentication as specified in 3GPP TS 33.180 [17]; and

– may support additional methods of authentication.

5.2 Identity management server

The identity management server is a functional entity that is capable of authenticating the MC ID. It contains the knowledge and means to do authentication by verifying the credentials supplied by the user. The identity management server:

– shall support identity management registration of the identity management client;

– shall support the MC services user authentication framework as specified in 3GPP TS 33.180 [17];

– shall support a username and password method of authentication as specified in 3GPP TS 33.180 [17]; and

– may support additional methods of authentication.

5.3 MC service client

The MC service client shall interact with the IdM client as specified in subclause 6.2:

– to trigger initiation of the user authentication procedure; and

– to receive the credentials obtained from the IdM server.

5.4 HTTP proxy

The HTTP proxy acts as the proxy for all hypertext transactions between the HTTP client and the HTTP server. The HTTP proxy terminates the TLS session with the HTTP client of the MC UE in order to allow the HTTP client to establish a single TLS session for hypertext transactions with multiple HTTP servers as specified in 3GPP TS 23.280 [16].

NOTE: The HTTP proxy is in the same trust domain as the HTTP servers that are located within a MC service provider’s network.