Oracle® Communications Security Edge Protection Proxy (SEPP) Cloud Native User's Guide Release 1.0 F16984-01 |
|
![]() Previous |
The security capability negotiation allows the SEPPs to negotiate which security mechanism to use for protecting NF service related signalling over N32. There shall be an agreed security mechanism between a pair of SEPPs before conveying NF service related signalling over N32.
When a SEPP notices that it does not have an agreed security mechanism for N32 protection with a peer SEPP or if the security capabilities of the SEPP have been updated, the SEPP shall perform security capability negotiation with the peer SEPP in order to determine, which security mechanism to use for protecting NF service related signalling over N32.
A mutually authenticated TLS connection as defined in clause 13.1 shall be used for protecting security capability negotiation over N32. The TLS connection shall provide integrity, confidentiality and replay protection.
Figure 2-3 Security Capability Negotiation