Rec. ITU-T Y.3056 (02/2021) Framework for bootstrapping of devices and applications for open access to trusted services in distributed ecosystems
Summary
History
FOREWORD
Table of Contents
1 Scope
2 References
3 Definitions
     3.1 Terms defined elsewhere
     3.2 Terms defined in this Recommendation
4 Abbreviations and acronyms
5 Conventions
6 Introduction
     6.1 Concept of trusted services
     6.2 Operator trust and bootstrapping of devices
     6.3 Role of network operators in enabling trusted services
7 Requirements
     7.1 Pre-conditions
     7.2 Requirements for the security token
     7.3 Requirements for the user entity
     7.4 Requirements for the trusted device entity
     7.5 Requirements for the network operator entity
     7.6 Requirements for the trusted application entity
     7.7 Requirements for the ASP entity
8 Reference model
     8.1 Elements of the trusted device entity
          8.1.1 Client element
          8.1.2 Connection element
     8.2 Elements of the network operator entity
          8.2.1 Authentication element
          8.2.2 Authorization element
     8.3 Application element
     8.4 Security parameters
     8.5 Reference points
9 Functional architecture
     9.1 Functions of authentication element
          9.1.1 Bootstrapping function
     9.2 Functions of authorization element
          9.2.1 Key management function
          9.2.2 Mapping and registration function
     9.3 Bootstrapping function of the client element
     9.4 Token management function
          9.4.1 Token management function of the authentication element
          9.4.2 Token management function of the connection element of the trusted device
          9.4.3 Token management function of the trusted application
     9.5 Session control function
     9.6 Specifications of reference points
          9.6.1 Reference point RPA
          9.6.2 Reference point RPB
          9.6.3 Reference point RPC
          9.6.4 Reference point RPD
10 Information flows
     10.1 Network operator bootstrapping capability exposure
     10.2 ASP on-boarding flow
     10.3 Trust extension flow for user and device
     10.4 Bootstrap_token generation flow
     10.5 Trusted device and application session flow
     10.6 Flow for change of network operator
          10.6.1 Change of network operator flow (symmetric keys)
          10.6.2 Change of network operator flow (asymmetric keys)
11 Security considerations
Bibliography