Title Universal Mobile Telecommunications System (UMTS);LTE;Network Domain Security (NDS);Authentication Framework (AF)
Acronym ETSI TS 133 310
Document Type Standard
Published Year 2016
Link https://www.etsi.org/deliver/etsi_ts/133300_133399/133310/13.01.00_60/ts_133310v130100p.pdf

The scope of this Technical Specification is limited to authentication of network elements, which are using NDS/IP or TLS, and to Certificate Enrolment for Base Stations as described in the present document. In the case of NDS/IP this specification includes both the authentication of Security Gateways (SEG) at the corresponding Za-interfaces and the authentication between NEs and between NEs and SEGs at the Zb-interface. Authentication of end entities (i.e. NEs and SEGs) in the intra-operator domain is considered an internal issue for operators. This is quite much in line with [1] which states that only Za is mandatory and that the security domain operator can decide if the Zb-interface is deployed or not, as the Zb-interface is optional for implementation. Validity of certificates may be restricted to the operator’s domain in case of Zb interface or in case of Za-interface between two security domains of the same operator.