N.1 General

33.2203GPPGeneric Authentication Architecture (GAA)Generic Bootstrapping Architecture (GBA)TS

Tools: ARFCN - Frequency Conversion for 5G NR/LTE/UMTS/GSM

N.1.1 Overview

This Annex N describes support for SBA for GBA.

N.1.2 Architectural Support

Figure N.1.2-1 shows the non-roaming architecture to support SBA interactions in GBA. An SBI capable BSF, HSS and NAF shall implement the SBA interfaces specified in this Annex. An SBI capable NF can invoke SBA services provided by SBI capable NFs and may expose services itself. For this Annex an SBI capable BSF uses and provides SBA services, an SBI capable HSS provides SBA services, a UDM provides SBA service, while an SBI capable NAF only uses SBA services. The BSF, HSS, UDM and NAF reside in the home network.

If there is no HSS or if the HSS does not support the N65 and Zh reference points within the GBA architecture, then the BSF shall be configured to use the N68 reference point with the UDM. If the N65 or Zh reference point is available in the HSS, then it shall be used between the BSF and the HSS.

NOTE: GBA User Security Settings (GUSS) information is not sent over N68 reference point with UDM. If support of GUSS is desired in combination with the use of N68 reference point with UDM, then this can be achieved, for instance by storing the GUSS information in a BSF database (external and/or external to the node itself), or in any other network database which is deemed as appropriate for a specific deployment.

UDM

Nudm

HSS

Nhss

BSF

NAF

Nbsp

Figure N.1.2-1: System Architecture to support SBA in GBA

Figure N.1.2-2 shows the architecture using the reference point representation. It should be observed that this annex addresses only the specification of the N65 (between the BSF and HSS) , N68 (between the BSF and UDM) and N66 (between the NAF and BSF) reference point interfaces as SBA interfaces. The specification of Ua and Ub is not impacted by the introduction of the SBA interfaces between the NAF, BSF, UDM and HSS. Therefore, the UE interacts with the BSF and NAF as defined in the main body of this specification.

BSF

NAF

HSS

N65

UDM

N68

N66

Figure N.1.2-2: System Architecture to support SBA in reference point representation

With respect to roaming, the roaming requirements in clause 4.4.3 and the Zn-Proxy architecture in clause 4.1 are applicable for the case of SBA GBA.

In addition, the following requirements shall be followed in roaming scenarios:

– The SBI capable NAF shall support the legacy Zn interface towards the Zn-Proxy.

– An SBI capable BSF shall support the legacy Zn’ interface.

N.1.3 Reference point to support SBA in GBA

The following reference points are realized by service-based interfaces in GBA:

N65: Reference point between an SBI capable BSF and an SBI capable HSS.

N66: Reference point between an SBI capable BSF and an SBI capable NAF.

N68: Reference point between an SBI capable BSF and UDM

N.1.4 Service based interface to support SBA in GBA

The following service-based interfaces are defined:

Nhss: Service-based interface exhibited by an SBI capable HSS.

Nbsp: Service-based interface exhibited by an SBI capable BSF.

Nudm: Service-based interface exhibited by UDM.

These SBI services provide equivalent functionality to the Diameter Zh and Zn reference points.

To support co-existence of GBA nodes supporting SBA services and GBA nodes not supporting SBA services SBI capable GBA nodes may support both SBI and non-SBI interfaces.