, "signature": "base64-signature"
Offers recommendations for interconnect signaling security, which have been updated to align with the SIP guidelines in FS.38.
Before GSMA FS.38, SIM profiles were largely proprietary. A profile built by one vendor might only work on chips from that same vendor. FS.38 changed this by defining a generic, neutral format for how a SIM profile is described, packaged, and loaded onto an eUICC (embedded Universal Integrated Circuit Card).
: Works alongside documents like FS.22 to create a robust security framework for operators. 📚 Resources for Telecom Professionals
At the device layer, FS.38 mandates fundamental controls such as secure boot, encrypted storage for credentials, and the principle of least functionality (disabling unnecessary ports and services). The guideline specifically emphasizes the protection of the or eSIM (eUICC) , treating the Subscriber Identity Module (SIM) as the root of trust for network authentication.
GSMA is a Permanent Reference Document (PRD) titled "SIP Network Security" . It provides a comprehensive framework for securing Session Initiation Protocol (SIP) across fixed, mobile, and converged networks. Key Objectives and Scope
