[{"name":"SP-240654","title":"New Study on security aspects of CAPIF Phase 3","source":"SA WG3","contact":"Mirko Cano Soveri","contact-id":41957,"tdoctype":"SID new","for":"Approval","abstract":"Justification: SA WG6 agreed a new study for enhancement of CAPIF Phase-3. In release-18, CAPIF security enhancements were addressed based on SNAAPP requirements. The following security aspects are yet to be addressed. - Authentication and Authorization between Resource Owner and Authorization Functionality (CCF). For example, authentication and authorization of resource owners, management of service API access granted to the applications (e.g., removal of authorization for some applications to access certain service APIs). - The security aspects for CAPIF-8 reference point are yet to be specified in TS 33.122. - Authorization of API invoker(s) which are deployed on the UE accessing resources of other resource owners (users). - Authorization of granularity of access control based in service operations e.g., restriction of operations for an invoker to perform only fetch operation supported by the service API or based on resources e.g., API invoker can access the same resource provided by multiple service APIs. - Update of security-related onboarding information without offboarding, since the only way so far is to initiate an offboarding process and then do a new onboarding for renewal of these security parameters. Further, industry bodies like Linux Foundation and GSMA are specifying and adopting industry service APIs (e.g., CAMARA, GSMA Open Gateway). Considering the work done in these organizations, any enhancement done in SA WG6 will require further study in SA WG3 to align with security aspects or requirements.","secretary_remarks":"Revised to SP-240978","agenda_item_sort_order":36,"ainumber":"6.1.3","ainame":"SA WG3 and SA WG3-LI New Release 19 Study Item Descriptions","tdoc_agenda_sort_order":10800,"status":"revised","reservation_date":"2024-06-04 13:11:24","uploaded":"2024-06-07 08:47:06","revisionof":"","revisedto":"SP-240978","release":"","crspec":"","crspecversion":"","workitem":"","crnumber":"","crrevision":"","crcategory":"","tsg_crp":"","lsreplyto":"","lsto":"","Cc":"","lsoriginalls":"","lsreply":"","link":"https:\/\/www.3gpp.org\/ftp\/TSG_SA\/TSG_SA\/TSGS_104_Shanghai_2024-06\/Docs\/SP-240654.zip","group":"SP","meeting":"SP-104","year":2024,"uicc_affected":"","me_affected":"","ran_affected":"","cn_affected":"","clauses_affected":"","crsinpack":null,"crsinpacknumber":0},
{"name":"SP-240879","title":"UICC support for Ambient IoT Service","source":"OPPO","contact":"Tricci So","contact-id":90593,"tdoctype":"discussion","for":"Endorsement","abstract":"OPPO seeks SA plenary guidance to SA3 to proceed the work on AIoT security study","secretary_remarks":"Noted","agenda_item_sort_order":36,"ainumber":"6.1.3","ainame":"SA WG3 and SA WG3-LI New Release 19 Study Item Descriptions","tdoc_agenda_sort_order":10760,"status":"noted","reservation_date":"2024-06-11 08:29:40","uploaded":"2024-06-11 09:08:16","revisionof":"","revisedto":"","release":"Rel-19","crspec":"33.713","crspecversion":"","workitem":"","crnumber":"","crrevision":"","crcategory":"","tsg_crp":"","lsreplyto":"","lsto":"","Cc":"","lsoriginalls":"","lsreply":"","link":"https:\/\/www.3gpp.org\/ftp\/TSG_SA\/TSG_SA\/TSGS_104_Shanghai_2024-06\/Docs\/SP-240879.zip","group":"SP","meeting":"SP-104","year":2024,"uicc_affected":"","me_affected":"","ran_affected":"","cn_affected":"","clauses_affected":"","crsinpack":null,"crsinpacknumber":0},
{"name":"SP-240956","title":"LS on UICC Support for Ambient IoT Service","source":"OPPO","contact":"Maurice Pope","contact-id":648,"tdoctype":"LS out","for":"Approval","abstract":"To: SA WG3. CC: SA\u00a0WG1, GSMA","secretary_remarks":"Created at meeting. Revised to SP-240977","agenda_item_sort_order":36,"ainumber":"6.1.3","ainame":"SA WG3 and SA WG3-LI New Release 19 Study Item Descriptions","tdoc_agenda_sort_order":11068,"status":"revised","reservation_date":"2024-06-21 09:37:57","uploaded":"2024-06-21 09:41:17","revisionof":"","revisedto":"SP-240977","release":"","crspec":"","crspecversion":"","workitem":"","crnumber":"","crrevision":"","crcategory":"","tsg_crp":"","lsreplyto":"","lsto":"SA\u00a0WG3","Cc":"SA\u00a0WG1, GSMA","lsoriginalls":"","lsreply":"","link":"https:\/\/www.3gpp.org\/ftp\/TSG_SA\/TSG_SA\/TSGS_104_Shanghai_2024-06\/Docs\/SP-240956.zip","group":"SP","meeting":"SP-104","year":2024,"uicc_affected":"","me_affected":"","ran_affected":"","cn_affected":"","clauses_affected":"","crsinpack":null,"crsinpacknumber":0},
{"name":"SP-240977","title":"LS on UICC Support for Ambient IoT ServiceLS on UICC support for Ambient IoT Service","source":"OPPO","contact":"Maurice Pope","contact-id":648,"tdoctype":"LS out","for":"Approval","abstract":"To: SA WG3. CC: SA\u00a0WG1, GSMA","secretary_remarks":"Revision of SP-240956","agenda_item_sort_order":36,"ainumber":"6.1.3","ainame":"SA WG3 and SA WG3-LI New Release 19 Study Item Descriptions","tdoc_agenda_sort_order":11108,"status":"revised","reservation_date":"2024-06-21 09:38:00","uploaded":"2024-06-21 09:41:17","revisionof":"SP-240956","revisedto":"SP-241016","release":"","crspec":"","crspecversion":"","workitem":"","crnumber":"","crrevision":"","crcategory":"","tsg_crp":"","lsreplyto":"","lsto":"SA\u00a0WG1, SA\u00a0WG3","Cc":"SA\u00a0WG2","lsoriginalls":"","lsreply":"","link":"https:\/\/www.3gpp.org\/ftp\/TSG_SA\/TSG_SA\/TSGS_104_Shanghai_2024-06\/Docs\/SP-240977.zip","group":"SP","meeting":"SP-104","year":2024,"uicc_affected":"","me_affected":"","ran_affected":"","cn_affected":"","clauses_affected":"","crsinpack":null,"crsinpacknumber":0},
{"name":"SP-240978","title":"New Study on security aspects of CAPIF Phase 3","source":"SA WG3","contact":"Maurice Pope","contact-id":648,"tdoctype":"SID new","for":"Approval","abstract":"Justification: SA WG6 agreed a new study for enhancement of CAPIF Phase-3. In release-18, CAPIF security enhancements were addressed based on SNAAPP requirements. The following security aspects are yet to be addressed. - Authentication and Authorization between Resource Owner and Authorization Functionality (CCF). For example, authentication and authorization of resource owners, management of service API access granted to the applications (e.g., removal of authorization for some applications to access certain service APIs). - The security aspects for CAPIF-8 reference point are yet to be specified in TS 33.122. - Authorization of API invoker(s) which are deployed on the UE accessing resources of other resource owners (users). - Authorization of granularity of access control based in service operations e.g., restriction of operations for an invoker to perform only fetch operation supported by the service API or based on resources e.g., API invoker can access the same resource provided by multiple service APIs. - Update of security-related onboarding information without offboarding, since the only way so far is to initiate an offboarding process and then do a new onboarding for renewal of these security parameters. Further, industry bodies like Linux Foundation and GSMA are specifying and adopting industry service APIs (e.g., CAMARA, GSMA Open Gateway). Considering the work done in these organizations, any enhancement done in SA WG6 will require further study in SA WG3 to align with security aspects or requirements.","secretary_remarks":"Revision of SP-240654. Approved","agenda_item_sort_order":36,"ainumber":"6.1.3","ainame":"SA WG3 and SA WG3-LI New Release 19 Study Item Descriptions","tdoc_agenda_sort_order":11110,"status":"approved","reservation_date":"2024-06-21 09:38:00","uploaded":"2024-06-21 09:41:17","revisionof":"SP-240654","revisedto":"","release":"","crspec":"","crspecversion":"","workitem":"","crnumber":"","crrevision":"","crcategory":"","tsg_crp":"","lsreplyto":"","lsto":"","Cc":"","lsoriginalls":"","lsreply":"","link":"https:\/\/www.3gpp.org\/ftp\/TSG_SA\/TSG_SA\/TSGS_104_Shanghai_2024-06\/Docs\/SP-240978.zip","group":"SP","meeting":"SP-104","year":2024,"uicc_affected":"","me_affected":"","ran_affected":"","cn_affected":"","clauses_affected":"","crsinpack":null,"crsinpacknumber":0},
{"name":"SP-241016","title":"LS on UICC support for Ambient IoT Service","source":"TSG SA","contact":"Maurice Pope","contact-id":648,"tdoctype":"LS out","for":"Approval","abstract":"To: SA\u00a0WG1, SA\u00a0WG3. CC: SA WG2","secretary_remarks":"Revision of SP-240977. Approved","agenda_item_sort_order":36,"ainumber":"6.1.3","ainame":"SA WG3 and SA WG3-LI New Release 19 Study Item Descriptions","tdoc_agenda_sort_order":11186,"status":"approved","reservation_date":"2024-06-21 09:38:03","uploaded":"2024-06-21 09:41:18","revisionof":"SP-240977","revisedto":"","release":"","crspec":"","crspecversion":"","workitem":"","crnumber":"","crrevision":"","crcategory":"","tsg_crp":"","lsreplyto":"","lsto":"SA\u00a0WG1, SA\u00a0WG3","Cc":"SA\u00a0WG2","lsoriginalls":"","lsreply":"","link":"https:\/\/www.3gpp.org\/ftp\/TSG_SA\/TSG_SA\/TSGS_104_Shanghai_2024-06\/Docs\/SP-241016.zip","group":"SP","meeting":"SP-104","year":2024,"uicc_affected":"","me_affected":"","ran_affected":"","cn_affected":"","clauses_affected":"","crsinpack":null,"crsinpacknumber":0}]