Authentication method for Internet protocol multimedia service sub-system

A multimedia service and Internet protocol technology, applied in the field of Internet protocol multimedia service subsystem, can solve problems such as poor maintainability, and achieve the effects of small impact, prevention of NBA camouflage attacks, and avoidance of security loopholes

Inactive Publication Date: 2007-11-14
HUAWEI TECH CO LTD
View PDF0 Cites 1 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The trusted P-CSCF information is configured on the S-CSCF, not on the UPSF / HSS. Since all S-CSCFs need to be configured in this way, once the P-CSCF information changes, it needs to be configured on all S-CSCFs. update on the S-CSCF, so the maintainability of the existing technology 2 is poor

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Authentication method for Internet protocol multimedia service sub-system
  • Authentication method for Internet protocol multimedia service sub-system
  • Authentication method for Internet protocol multimedia service sub-system

Examples

Experimental program
Comparison scheme
Effect test

no. 1 example

[0060] Referring to Fig. 2, the first embodiment of the present invention comprises the following steps:

[0061] Step 1101, NASS access layer attach authentication, record the corresponding relationship between the UE's IP address and location information on the CLF.

[0062] Step 1102, the UE sends a REGISTER message to the P-CSCF.

[0063] In step 1103, the P-CSCF judges whether it needs to establish a security association with the UE by checking whether the REGISTER message contains security negotiation parameters, such as Security-Client. There is no such parameter in the NBA authentication mode, so there is no need to establish a security association.

[0064] Step 1104, the P-CSCF queries the location information of the UE in the CLF according to the source IP address of the registration message.

[0065] Step 1105, since the location information corresponding to the source IP address is stored in the CLF in advance, so in this step, the CLF returns the corresponding ...

no. 4 example

[0119] Referring to Fig. 5, the fourth embodiment of the present invention comprises the following steps:

[0120] Step 1401, NASS access layer attach authentication, record the corresponding relationship between IP address and location information of UE on CLF.

[0121] Step 1402, the UE sends a REGISTER message to the P-CSCF.

[0122] In step 1403, the P-CSCF judges whether it needs to establish a security association with the UE by checking whether the REGISTER message contains security negotiation parameters, such as Security-Client. There is no such parameter in the NBA authentication mode, so there is no need to establish a security association.

[0123] Step 1404, the P-CSCF queries the location information of the UE in the CLF according to the source IP address of the registration message.

[0124] Step 1405, since the location information corresponding to the source IP address is stored in the CLF in advance, so in this step, the CLF returns the corresponding locati...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The method configures information of the credible P-CSCF on UPSF / HSS. Further, the invention includes following steps: (1) after receiving registration message from UE, P-CSCF through registration message sends information of the P-CSCF to S-CSCF; (2) inspecting out authorization data of UE, and after determining out authorization mode of using binding between IMS service layer and access layer, the checkout facility determines whether the P-CSCF is credible; when the P-CSCF is credible, S-CSCF carries out authorization for the registration message sent from the P-CSCF. The invention prevents NBA masquerading attack from illegal user effectively. Features are: small influence on current technique, and good backward compatibility. Information of the said credible P-CSCF is configured on minor UPSF / HSS so as to possess good maintainability.

Description

technical field [0001] The invention relates to the technical field of the Internet Protocol (IP) Multimedia Service Subsystem (IMS), in particular to an authentication method of the IP Multimedia Subsystem. Background technique [0002] In the advanced network telecommunications and Internet converged service protocol / next generation network (TISPAN / NGN) network, if the access network and the service network do not belong to the same operator, the authentication of the access network to the user and the service network to the user Authentication is independent of each other. In this case, if a user wants to enjoy a certain service, two authentications are usually required, one is the authentication of the access layer, and the user can access the TISPAN / NGN network after passing the authentication of the access layer; The other is the authentication of the service layer. After passing the authentication of the service layer, the user can enjoy the services provided by the ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06
Inventor 何承东
Owner HUAWEI TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products