Unlock instant, AI-driven research and patent intelligence for your innovation.

Method and apparatus for inter-verifying network between multi-medium sub-systems

A technology of multimedia subsystems and network entities, applied in the field of mobile network security, can solve the problems of attacking other users, the border router cannot identify, and the P-CSCF cannot generate charging information, etc., and achieves the effect of preventing fraud and good compatibility.

Inactive Publication Date: 2007-09-05
HUAWEI TECH CO LTD +1
View PDF0 Cites 15 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0021] 1) P-CSCF cannot generate charging information
[0022] 2) Attack other users
Since the P-CSCF does not belong to the internal network in this case, if the UE uses the IP of the P-CSCF to spoof, the border router cannot identify
[0038] 2) Border routers can only act on external IP spoofing, but are helpless on internal network spoofing

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and apparatus for inter-verifying network between multi-medium sub-systems
  • Method and apparatus for inter-verifying network between multi-medium sub-systems
  • Method and apparatus for inter-verifying network between multi-medium sub-systems

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0097] When the UE is in the home zone, that is, in the non-roaming state, the UE sends a SIP message INVITE to the home zone P-CSCF, including the initial SDP. An initial SDP may contain one or more media. In the next step, the P-CSCF in the home zone selects the position of the next-hop CSCF. In the non-roaming state, the next hop is the home zone S-CSCF. Before this, the authentication process of the home zone S-CSCF and the home zone P-CSCF is triggered, which is similar to the AKA authentication. See Figure 3, the authentication process is as follows:

[0098] Step 101: The home area S-CSCF sends an authentication vector request to the home area HSS, and the content of the request includes the SIP URI of the P-CSCF to be authenticated.

[0099] Step 102: The home zone HSS queries the P-CSCF's entity identity information according to the universal resource identifier (SIP URI) of the home zone P-CSCF requesting registration, and uses the P-CSCF's private key as a pre-sh...

Embodiment 2

[0112] When the UE is in the roaming state, when the P-CSCF in the roaming area directly requests services from the S-CSCF in the home area, the authentication process is triggered. Referring to Figure 6a, the authentication process is as follows:

[0113] Step 201: The S-CSCF in the home area can query the address of the HSS in the roaming area according to the SIP URI information in the message sent by the P-CSCF. The S-CSCF in the home area asks the HSS in the roaming area for the entity identity of the P-CSCF. The process and steps 102 is similar.

[0114] Step 202: The S-CSCF in the roaming area transfers the entity identity of the P-CSCF (including the identity, private key K, and home network) to the S-CSCF in the home area. The transmission of information is encrypted with the S-CSCF public key of the home area and digitally signed to ensure the privacy, integrity and authenticity of the transmitted information.

[0115] Step 203: The home zone S-CSCF calculates an a...

Embodiment 3

[0118] In the above-mentioned embodiment, the authentication vector is calculated in the S-CSCF, the present invention provides another embodiment, the authentication vector can also be calculated in the HSS, the steps described in Fig. 6b are as follows:

[0119] When the UE is in the roaming state, when the P-CSCF in the roaming area directly requests services from the S-CSCF in the home area, the authentication process is triggered.

[0120] Step 301: The S-CSCF in the home area can query the address of the HSS in the roaming area according to the SIP URI information in the message sent by the P-CSCF, and the S-CSCF in the home area sends an authentication vector request to the HSS in the roaming area; the content of the request includes SIPURI of the P-CSCF performing the authentication.

[0121] Step 302: The HSS in the roaming area queries the entity identity information of the P-CSCF according to the universal resource identifier (SIPURI) of the P-CSCF in the home area,...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The method comprises: saving the ID of authentication response entity in the authentication response entity, and saving the entity ID and the corresponding relation between the entity ID and the authentication response entity ID in the home subscriber server (HSS); completing the authentication through calculation. The invention also provides a mutual authentication apparatus comprising an authentication response entity, an authentication initiating entity and a home subscriber server as well as an authentication vector acquiring unit, an authentication challenging and sending unit, an authentication calculation unit and the authentication estimating unit.

Description

technical field [0001] The invention relates to the field of mobile network security, in particular to a method and device for mutual authentication of S-CSCF and P-CSCF in an IP multimedia subsystem (IMS). Background technique [0002] The IP Multimedia Subsystem (IMS: IP Multimedia Subsystem) is the core network of IP multimedia and telephony defined by the Third Generation Partnership Project (3GPP) and the Third Generation Partnership Project 2 (3GPP2), and it is independent of access. Its basic structure is described by 3GPP, the European Telecommunications Standards Institute (ETSI) and the Parlay Forum. The network elements defined in the IMS framework include Serving Call Session Control Function (S-CSCF: Serving Call Session Control Function), Proxy Call Session Control Function (P-CSCF: Proxy CallSession Control Function), Inquiring Call Session Function (I-CSCF: Interrogating Call Session Control Function), Media Gateway Control Function (MGCF: Media Gateway Cont...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L9/32H04Q7/38H04W12/0431H04W12/06
CPCH04L9/3271H04L63/08H04W12/06H04W12/069
Inventor 辛阳苗福友杨义先赵凯刘冰李鹏超
Owner HUAWEI TECH CO LTD