Scribd Logo
Upload

Welcome to Scribd!

  • 8 Ims - Registration - Sequence - P - CSCF PDF

    Uploaded by

    Jose Del Risco Xiques
    15 views2 pages

    Original Title

    8 ims_registration_sequence_p_cscf.pdf

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    15 views2 pages

    8 Ims - Registration - Sequence - P - CSCF PDF

    Uploaded by

    Jose Del Risco Xiques

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 2

    P-CSCF Interfaces (IMS Registration for an Unauthenticated User)

    Visited Network Internet Home Network


    EventStudio System Designer 4.0
    User Visited CN Visited IMS DNS Server Home IMS Home CN
    Equipment
    24-Nov-07 18:36 (Page 1)
    Subscriber SGSN GGSN P-CSCF DNS Server I-CSCF S-CSCF HSS
    GPRS Attach
    PDP Context Activation
    Unauthenticated IMS Registration Attempt
    REGISTER The subscriber sends a Register
    REGISTER sip:hims.net SIP/2.0,
    message to inform the network that
    Via: SIP/2.0/UDP UE-IP;branch=0abab, the specified user public identify
    Route: sip:[P-CSCF-IP],
    Max-Forwards: 20,
    (myname@mynetwork.com) is
    From: <sip:name@hims.net>;tag=abbb, available at the IP address indicated
    To: <sip:name@hims.net>,
    Contact: <sip:[UE-IP]>;expires=90000,
    in the Contact Header. The User
    Call-ID: ababab, Equipment (UE) also adds a via
    CSeq: 25 REGISTER,
    Security-Client: port-s, port-c,
    header to record that the message
    Authorization: Digest username = had traversed the UE. The
    name.private@hims.net,
    Content-Length: 0
    REGISTER message also includes
    the server and client ports. Note that
    the message itself is sent on the
    standard SIP port 5060.
    The SIP REGISTER message also
    includes the private identity of the
    user. This identity will be used by
    the S-CSCF and HSS to identify the
    user.
    DNS Query The P-CSCF receives the REGISTER
    domain = hims.net
    message and uses the DNS to
    translate from the domain hims.net
    to the IP address of the home
    network.
    DNS Response
    ip = ICSCF-IP

    REGISTER P-CSCF adds a Via header and


    REGISTER sip:hims.net SIP/2.0,
    removes the Route header. The
    Via: SIP/2.0/UDP REGISTER message will be routed
    pcscf1.vims.net;branch=0aab1,
    Via: SIP/2.0/UDP
    to the IP address obtained from the
    UE-IP;branch=0abab, DNS response. Note that the
    Max-Forwards: 19,
    From:
    integrity protection flag is set to
    <sip:name@hims.net>;tag=abbb, false to signify that the user has not
    To: <sip:name@hims.net>,
    Contact:
    been authenticated.
    <sip:[UE-IP]>;expires=90000,
    Call-ID: ababab,
    CSeq: 25 REGISTER,
    Content-Length: 0,
    Authorization: Digest username =
    name.private@hims.net integrity
    protection: no

    401 Unauthorized Pass the message to the P-CSCF.


    WWW-Authenticate:
    CK and IK are carried in the
    nonce=RAND-AUTN, ck, ik, WWW-Authenticate header.
    Via: pcscf1, ue-ip

    Save CK and IK The P-CSCF saves the ciphering and


    integrity keys. These keys will be
    needed for establishing the IPSec
    security association.
    allocate The P-CSCF allocates the subscriber
    P-CSCF side client and side client and server ports. These
    server ports ports will be included in the 401
    Unauthorized message sent to the
    Subscriber.
    401 Unauthorized Pass the RAND and AUTN values to
    WWW-Authenticate: nonce=RAND-AUTN,
    the subscriber. The CK and IK are
    Security-Server: port-s, port-c removed from the
    WWW-Authenticate header. The
    P-CSCF side client and server ports
    are also included in the message.
    The message itself is sent on the
    standard SIP port 5060.
    IPSec Security Association Establishment
    IPSec SA for UE Initiated Requests Establish IPSec security
    UE-Client -> P-CSCF-Server
    associations for all the client and
    P-CSCF Interfaces (IMS Registration for an Unauthenticated User)
    Visited Network Internet Home Network
    EventStudio System Designer 4.0
    User Visited CN Visited IMS DNS Server Home IMS Home CN
    Equipment
    24-Nov-07 18:36 (Page 2)
    Subscriber SGSN GGSN P-CSCF DNS Server I-CSCF S-CSCF HSS
    server ports.
    IPSec SA for Responses to UE
    UE-Server <- P-CSCF-Client

    IPSec SA for P-CSCF Initiated Requests


    UE-Server <- P-CSCF-Client

    IPSec SA for Responses to P-CSCF


    UE-Client -> P-CSCF-Server

    Authenticated IMS Registration


    REGISTER The Subscriber has now established
    Via: UE-IP;UE-Server-Port,
    the IPSec security associations with
    Route: pcscf1, pcscf-server-port, the P-CSCF. At this point, the SIP
    Contact: UE-IP ue-server-port,
    Authorization: Digest username =
    REGISTER message is sent again.
    name.private@hims.net response=RES This time the message is protected
    by IPSec and the message is
    addressed to the P-CSCF server port
    passed in the 401 Unauthorized
    message. The message contains the
    RES in the Authorization header.
    REGISTER Pass the REGISTER message to the
    Via: pcscf1 UE-IP;UE-Server-Port,
    I-CSCF. This time the Authorization
    Contact: UE-IP ue-server-port, header indicates that integrity
    Authorization: Digest username =
    name.private@hims.net
    protection is enabled.
    response=RES integrity
    protection: yes,
    RES

    200 OK The success is relayed back to the


    Via: pcscf1, UE-IP;UE-Server-Port
    P-CSCF.

    200 OK The IMS registration of the user is


    Via: UE-IP;UE-Server-Port
    now complete.

    You might also like