BDC

Bootstrap Data Channel

Security →
Introduced in Rel-18

BDC is the secure, authenticated, and encrypted channel used during a device's initial bootstrap to exchange sensitive configuration data before it can access regular network services.

Category
Security
Introduced
Rel-18
Where
Services › Codecs
Specifications
3 specs
BDC Description Purpose Detected Changes Specifications

Description

The Bootstrap Data Channel (BDC) is a fundamental security mechanism in 3GPP networks that establishes a protected communication path specifically for the exchange of initial configuration and authentication data during device bootstrap procedures. This channel operates before the device has established regular user plane connectivity, creating a secure environment where sensitive provisioning information can be transmitted without exposure to potential eavesdropping or tampering. The BDC leverages existing security protocols and key management procedures to create this isolated communication path, ensuring that critical bootstrap data remains confidential and integrity-protected throughout the provisioning process.

Architecturally, the BDC operates between the device (User Equipment) and network bootstrap functions, typically involving the Bootstrapping Server Function (BSF) and related network elements. The channel establishment follows a specific sequence where the device first authenticates to the network using available credentials, then negotiates security parameters for the BDC session. This process involves mutual authentication between the device and network bootstrap functions, followed by the derivation of session keys specifically for BDC protection. The channel supports both control plane and user plane data exchange, depending on the specific bootstrap scenario and network configuration.

Key components of the BDC implementation include the BDC Session Management function, which handles channel establishment, maintenance, and teardown; the BDC Security Context, which stores cryptographic materials and security parameters for the session; and the BDC Transport Layer, which provides the actual data transmission capabilities. The channel supports various transport protocols including HTTP/2 with TLS protection, ensuring compatibility with modern web-based provisioning systems. The BDC also integrates with existing 3GPP security frameworks including Authentication and Key Agreement (AKA) procedures and key hierarchy management.

The BDC plays a critical role in secure device onboarding by providing a protected environment for exchanging sensitive information such as initial device certificates, network access credentials, service provider configurations, and security policy data. This channel ensures that even before a device has full network access, it can securely obtain the necessary credentials and configurations to establish proper authentication and authorization for subsequent network operations. The BDC's design includes mechanisms for session timeout management, re-authentication procedures, and graceful degradation in case of security parameter mismatches or network failures.

Purpose & Motivation

The Bootstrap Data Channel was created to address significant security vulnerabilities in initial device provisioning procedures where sensitive configuration data was transmitted over unprotected or minimally protected channels. In previous 3GPP releases, bootstrap procedures often relied on basic security mechanisms that were insufficient for modern threat environments, particularly with the proliferation of IoT devices and diverse deployment scenarios in 5G networks. The BDC provides a standardized, robust security framework specifically designed for the critical bootstrap phase when devices are most vulnerable to attacks.

Historically, device bootstrap procedures suffered from several limitations including the transmission of sensitive credentials over unencrypted channels, lack of mutual authentication during initial provisioning, and inadequate protection against man-in-the-middle attacks. These vulnerabilities became increasingly problematic as networks evolved to support massive IoT deployments, network slicing, and diverse service requirements. The BDC addresses these issues by establishing a dedicated, cryptographically protected channel before any sensitive data exchange occurs, ensuring that bootstrap procedures maintain the same security standards as regular network operations.

The creation of BDC was motivated by the need for a unified, standardized approach to secure bootstrap procedures across different device types and network deployments. Previous solutions were often vendor-specific or implemented as proprietary extensions, leading to interoperability challenges and inconsistent security postures. By standardizing the BDC in 3GPP specifications, the industry gains a consistent framework for secure device onboarding that supports various authentication methods, accommodates different device capabilities, and integrates seamlessly with existing 3GPP security architectures.

Detected Changes Across Releases

from 3GPP Change Requests

Specific changes extracted from the „Change history“ tables of 3GPP specifications (19 CRs across 2 releases). Complements the general historical overview above with the evidence-based evolution of this function.

Rel-18 3 changes

In Release 18, the BDC (Bootstrap Data Channel) function was enhanced to support a procedure where the originating IMS Application Server acts upon receiving a BDC establishment request. It also introduced the capability for a UE to explicitly request the setup of a remote BDC, enabling more dynamic session control. Furthermore, the architecture was refined by removing the Media Resource Function (MRF) from the IMS data channel framework.

  • Procedure of originating IMS AS on receiving the BDC establishment request TS 24.186CR0018
  • The remote BDC setup requested by the UE TS 24.186CR0025
  • Remove MRF from IMS data channel architecture TS 26.264CR0002
Rel-19 16 changes

In Release 19, the BDC (Bootstrap Data Channel) function was enhanced to introduce a new "Standalone IMS Data Channel Session" procedure, allowing an application data channel to be established together with the bootstrap data channel from session initiation. The release also specified new procedures for network-initiated data channel setup and termination, along with detailed handling for application data channel multiplexing and interworking via a Data Channel Application Server (DC AS).

  • UE handling of IMS data channel in PS Data off feature TS 24.186CR0050
  • AS handling of IMS data channel in PS Data off feature TS 24.186CR0051
  • Procedure of Standalone data channel TS 24.186CR0052
  • Setup local BDC on terminating side in case INVITE does not contain DC description TS 24.186CR0002
  • Procedure of network initiated P2P application data channel establishment TS 24.186CR0062
  • Procedure of application data channel interworking via DC AS for originating UE TS 24.186CR0065

+ 10 more changes

Explore further

Broader topics and technologies where BDC plays a role.

Topics
Authentication (5G-AKA, EAP)Encryption & IntegrityMEC (Edge Computing)Lawful InterceptSMS & MessagingNetwork Slicing
Technologies
5G

Defining Specifications

3GPP specifications that define or reference BDC, with the latest known release. Sourced from the 3GPP document catalog — see methodology.

SpecificationTitleRelease
TS 24.186 vj60 IMS Data Channel applications Rel-19
TS 26.264 vj20 IMS-based AR Real-Time Communication Rel-19
TS 33.790 vj10 Security for Next-Gen Real-Time Communication Phase 2 Rel-19