Bootstrapping Server Function

BSF Positioning

A Bootstrapping Server Function (BSF) is an intermediary element in Cellular networks which provides application-independent functions for mutual authentication of user equipment and servers unknown to each other and for 'bootstrapping' the exchange of secret session keys afterwards. This allows the use of additional services like Mobile TV and PKI, which need authentication and secured communication.

GBA/GAA Setup

The setup and function to deploy a generic security relation as described is called Generic Bootstrapping Architecture (GBA) or Generic Authentication Architecture (GAA). In short, it consists of the following elements.

  • user equipment (UE), e. g. a mobile cellular telephone; needs access to a specific service
  • application server (NAF: Network Application Function), e. g. for mobile TV; provides the service
  • BSF (Bootstrapping Server Function); arranges security relation between UE and NAF
  • mobile network operator's Home Subscriber Server (HSS); hosts user profiles.

In this case, the term 'bootstrapping' is related to building a security relation with a previously unknown device first and to allow installing security elements (keys) in the device and the BSF afterwards.

Workflow

The BSF is introduced by the application server (NAF), after an unknown UE device is trying to get service access: the NAF refers the UE to the BSF. UE and BSF mutually authenticate via 3GPP protocol AKA (Authentication and Key Agreement); additionally, the BSF sends related queries to the Home Subscriber Server (HSS). Afterwards, UE and BSF agree on a session key to be used for encrypted data exchange with the application server (NAF). When the UE again connects to the NAF, the NAF is able to obtain the session key as well as user-specific data from the BSF and can start data exchange with the end device (UE), using the related session keys for encryption.

Standards

BSF is standardised in recent versions of 3GPP Standards: GAA (Generic Authentication Architecture) and GBA (Generic Bootstrapping Architecture), and 3GPP TS 33.919, 33.220 24.109, 29.109

Content Disclaimer

Informasi ini disarikan dari Wikipedia dan disajikan kembali untuk tujuan edukasi. Konten tersedia di bawah lisensi CC BY-SA 3.0. Kami tidak bertanggung jawab atas ketidakakuratan data yang bersumber dari kontribusi publik tersebut.

  1. The information displayed on this website is sourced in part or in whole from Wikipedia and has been adapted for the purpose of restating it. We strive to provide accurate and relevant information, however:
  2. There is no guarantee of absolute accuracy. Wikipedia is an open, collaborative project that can be edited by anyone, so information is subject to change.
  3. It is not intended to constitute professional advice. The content displayed is for informational and educational purposes only. For important decisions (e.g., medical, legal, or financial), please consult a professional.
  4. Content copyright. Wikipedia is licensed under the Creative Commons Attribution-ShareAlike License (CC BY-SA). This means that content may be reused with appropriate attribution and shared under a similar license.
  5. Responsible use. Any risk arising from the use of information from this website is entirely the responsibility of the user.