API Gateway

SCEF provides a means to securely expose the services and capabilities provided by 3GPP network interfaces. The API gateway provides access to network capabilities through homogenous application programming interfaces (that is, network RESTful APIs). The SCEF API gateway provides the secured gateway functionality implementing the northbound RESTful T8 interface toward SCS/AS. DSR has implemented the following functionalities at the API Gateway:

• Northbound T8 RESTful interface
• Authentication and authorization functionality for API requests from SCS/AS:
  • Identification of the API consumer (for example, SCS/AS)
  • Profile management of SCS/AS and management of service level agreements per SCS/AS
  • Support ACL (access control list) management for individual SCS/AS
• API firewall functionality to protect from security attacks through T8 interface:
  • Protection against malformed and oversized messages received from SCS/AS
  • Whitelist of IP addresses of SCS/AS