9 Security

29.5493GPPApplication Programming Interface (API) specificationRelease 18Service Enabler Architecture Layer for Verticals (SEAL)Stage 3TS

9.1 General

The security aspects of SEAL reference points are specified in 3GPP TS 33.434 [26].

9.2 SEAL-S security

As specified in clause 5.1.1.8 of 3GPP TS 33.434 [26], the protection of SEAL-S reference point shall be supported according to NDS/IP as specified in 3GPP TS 33.210 [25].

When CAPIF is not used, then TLS and OAuth 2.0 shall be supported as described in clause 5.1.1.8 of 3GPP TS 33.434 [26]. When TLS is used, mutual authentication based on client and server certificates shall be performed between the SEAL server and VAL server using TLS. After the authentication, the SEAL server determines whether the VAL server is authorized to send requests to the SEAL server. The SEAL server shall authorize the requests from VAL server using OAuth-based authorization mechanism.

When CAPIF is used, the security mechanisms described in clause 8.2 shall be applied.

Annex A (normative):
OpenAPI specification