Lecture notes (summarizing a more extensive lecture) about IMS Signaling. The notes evolved; this is the latest version. This lecture has been presented in 2010 in Bratislava, Slovakia.
Third revision of IMS signaling course. The lecture was part of the communication protocols class 2014 delivered to students from FIIT STU Bratislava, Slovakia and University Zilina, Slovakia.
The document provides an agenda and overview of Ulticom's Signalware SIGTRAN software as it relates to Vodafone Italy's NP project. It discusses SIGTRAN and its components SCTP and M3UA, and how Signalware implements these protocols. It describes Signalware's architecture, and how M3UA is used between the application server and signaling gateway. It also covers installation, configuration, operation and monitoring of Signalware M3UA.
The document describes several registration and de-registration flows for IP Multimedia Subsystem (IMS). The key steps are:
1. For registration, the UE requests P-CSCF information from DHCP and DNS servers, then sends a register request to the P-CSCF which assigns a S-CSCF and retrieves the user profile from HSS.
2. Periodic re-registration follows the same process to refresh the registration.
3. For de-registration, the UE or network send a register request with expiration time of zero, removing the registration.
Sigtran and SS7 over IP technologies allow the transport of SS7 signaling over an IP network. Sigtran defines protocols like SCTP and M3UA that encapsulate SS7 and ensure reliable delivery over IP. A phased deployment strategy migrates SS7 links onto IP in stages to test performance before full conversion. Testing focuses on priority, failure handling, latency, and interoperability to ensure equivalent functionality over IP.
The document provides an overview of GSM protocols:
- It describes the 7 layers of the OSI model and how they relate to network support layers (physical and data link layers) and user support layers (session, presentation, and application layers).
- It explains key GSM protocol layers including the physical layer, data link layer, and signaling layers used for call setup and termination between mobile devices and the core network.
- It also discusses common protocols used in telephone networks like ISDN, SS7, and how protocols like SCCP, TCAP, MAP, and INAP are used to support services like roaming and calling card transactions.
Session Initiation Protocol (SIP) is an application layer signaling protocol used to establish, modify, and terminate multimedia sessions over the Internet. SIP allows users to initiate and manage telephone calls, video conferences, messaging, and other multimedia sessions. It can be used with other protocols like SDP, RTP, and RTCP to build a complete multimedia architecture. SIP establishes sessions through proxy servers, redirect servers, and registrars, and uses response codes to indicate session status. A basic SIP call flow involves an INVITE request, provisional responses, a final 200 OK response, media transmission via RTP, and termination with a BYE request.
This document discusses various types of call forwarding in 3 sentences:
It describes unconditional and conditional call forwarding scenarios as well as no reply, busy, and not reachable scenarios. The state transition models show the signaling flows between network elements like the GMSC, HLR, MSC, and VLR when a call is forwarded due to various conditions like absent subscriber, no reply, radio congestion, or detachment. Registration, erasure, activation, and deactivation functions are also covered with regard to managing call forwarding numbers and services.
Third revision of IMS signaling course. The lecture was part of the communication protocols class 2014 delivered to students from FIIT STU Bratislava, Slovakia and University Zilina, Slovakia.
The document provides an agenda and overview of Ulticom's Signalware SIGTRAN software as it relates to Vodafone Italy's NP project. It discusses SIGTRAN and its components SCTP and M3UA, and how Signalware implements these protocols. It describes Signalware's architecture, and how M3UA is used between the application server and signaling gateway. It also covers installation, configuration, operation and monitoring of Signalware M3UA.
The document describes several registration and de-registration flows for IP Multimedia Subsystem (IMS). The key steps are:
1. For registration, the UE requests P-CSCF information from DHCP and DNS servers, then sends a register request to the P-CSCF which assigns a S-CSCF and retrieves the user profile from HSS.
2. Periodic re-registration follows the same process to refresh the registration.
3. For de-registration, the UE or network send a register request with expiration time of zero, removing the registration.
Sigtran and SS7 over IP technologies allow the transport of SS7 signaling over an IP network. Sigtran defines protocols like SCTP and M3UA that encapsulate SS7 and ensure reliable delivery over IP. A phased deployment strategy migrates SS7 links onto IP in stages to test performance before full conversion. Testing focuses on priority, failure handling, latency, and interoperability to ensure equivalent functionality over IP.
The document provides an overview of GSM protocols:
- It describes the 7 layers of the OSI model and how they relate to network support layers (physical and data link layers) and user support layers (session, presentation, and application layers).
- It explains key GSM protocol layers including the physical layer, data link layer, and signaling layers used for call setup and termination between mobile devices and the core network.
- It also discusses common protocols used in telephone networks like ISDN, SS7, and how protocols like SCCP, TCAP, MAP, and INAP are used to support services like roaming and calling card transactions.
Session Initiation Protocol (SIP) is an application layer signaling protocol used to establish, modify, and terminate multimedia sessions over the Internet. SIP allows users to initiate and manage telephone calls, video conferences, messaging, and other multimedia sessions. It can be used with other protocols like SDP, RTP, and RTCP to build a complete multimedia architecture. SIP establishes sessions through proxy servers, redirect servers, and registrars, and uses response codes to indicate session status. A basic SIP call flow involves an INVITE request, provisional responses, a final 200 OK response, media transmission via RTP, and termination with a BYE request.
This document discusses various types of call forwarding in 3 sentences:
It describes unconditional and conditional call forwarding scenarios as well as no reply, busy, and not reachable scenarios. The state transition models show the signaling flows between network elements like the GMSC, HLR, MSC, and VLR when a call is forwarded due to various conditions like absent subscriber, no reply, radio congestion, or detachment. Registration, erasure, activation, and deactivation functions are also covered with regard to managing call forwarding numbers and services.
Introduction of PS Core Network Elements and little bit of EPC/LTE Network. This is introductory slides pack for a 10 class/slides set for detail introduction of 2G/3G and LTE PS Core Network.
This document provides an overview of the IP Multimedia Subsystem (IMS) standards and architecture. It discusses the evolution from 2G to 3G/4G mobile networks and the integration of IMS. The key components of IMS are described including the Call Session Control Function (CSCF), Home Subscriber Server (HSS), Application Servers (AS), Media Resource Functions (MRF), and Breakout Gateway Control Function (BGCF). Registration and call flow examples are provided to illustrate IMS signaling. Approaches to migrating existing networks to IMS are also summarized.
GRX is the global private network where telecom network operators exchange GPRS roaming traffic of their users. It’s also used for all M2M networks where roaming is used, and that is the case from some company’s truck fleet management system down to intelligence GPS location spybug tracking system.
GPRS has been there from 2.5G GSM networks to the upcoming LTE Advanced networks, and is now quite widespread technology, along with its attacks. GRX has had a structuring role in the global telecom world at a time where IP dominance was beginning to be acknowledged. Now it has expanded to a lightweight structure using both IP technologies and ITU-originated protocols.
In this presentation, we’ll see how this infrastructure is protected and how it can be attacked. We’ll discover the issues with specific telco equipment inside GRX, namely GGSN and SGSN but also now PDN Gateways in LTE and LTE Advanced “Evolved Packet Core”. We will see the implications of this with GTP protocol, DNS infrastructure, AAA servers and core network technologies such as MPLS, IPsec VPNs and their associated routing protocols. These network elements were rarely evaluated for security, and during our engagements with vulnerability analysis, we’ve seen several vulnerabilities that we will be showing in this speech.
We will demo some of the attacks on a simulated “PS Domain” network, that it the IP part of the Telecom Core Network that transports customers’ traffic, and investigate its relationships with legacy SS7, SIGTRAN IP backbones, M2M private corporate VPNs and telecom billing systems. We will also seem how automation enable us to succeed at attacks which are hard to perform and will show how a “sentinel” attack was able to compromise a telecom Core Network during one penetration test.
The document summarizes the core elements of an IP Multimedia Subsystem (IMS) network. The key elements are:
- The Proxy-CSCF (P-CSCF) is the first contact point for the user and handles security, authorization, and forwarding requests.
- The Interrogating-CSCF (I-CSCF) routes requests between networks and assigns users a Serving-CSCF (S-CSCF).
- The S-CSCF manages sessions for registered users and interacts with application servers to provide services.
- The Home Subscriber Server (HSS) is the master database that stores user profiles, locations, and security information.
- Application Servers
VoLTE Flows and legacy CS network. Basic call routing to and from CS network using BGCF, MGCF, MGW. ENUM role in routing. IMS Cetralized Services (IMC) and SRVCC scenarios.
The Session Initiation Protocol (SIP) is an application-layer signaling protocol used for establishing multimedia sessions over Internet Protocol (IP) networks, such as voice or video calls. SIP can be used to initiate a call, invite participants and manage a call. It defines several methods for call setup, maintenance and termination. Common SIP methods include INVITE for call initiation, ACK to acknowledge call setup, BYE to terminate a call, and REGISTER for registering location. SIP uses SDP for negotiating media capabilities and RTP for transporting media streams.
An alternative ENUM model called "Private ENUM" is widely used. Private ENUM uses DNS but not the public DNS database. Instead, it uses a private domain suffix and private DNS servers only accessible to specific clients. Private ENUM entries are directly provisioned by the local carrier rather than being registered through the carrier of record.
The ENUM process begins by taking an E.164 number and converting it to a domain name using a specific algorithm. This domain name is then used to query NAPTR records from an ENUM server, which may return a SIP URL. If ENUM translation succeeds, the session is routed using the SIP URI. If it fails, the S-CSCF may forward to
It is a handbook of UMTS/LTE/EPC CSFB call flows.
This document is originally edited by Justin MA and it is free to share to everyone who are interested.
All reference/resource are from internet. If there is any copy-right issue, please kindly inform Justin by majachang@gmail.com.
Thanks for your reading!
ENUM Theory, Implementation, VoIP and Routing SolutionsGary Richenakerenumplatform
ENUM is a protocol that maps telephone numbers to internet addresses, allowing phone calls to be delivered over IP networks. It uses DNS to resolve an E.164 number into a URI that can then be used to route the call. There are different approaches to implementing ENUM, including public ENUM controlled by end users, carrier ENUM controlled by operators, and private ENUM used within federations. While ENUM trials have occurred in several countries, it has not seen wide deployment and does not fully address service interconnection challenges around quality of service and protocols.
Presented by Pierre-Olivier Vauboin & Alexandre De Oliveira at Hackito Ergo Sum 2014
http://2014.hackitoergosum.org/
Mobile telecommunication networks are complex and provide a wide range of services, making them a tempting target for fraudsters and for intelligence agencies. Moreover, the architecture, equipment and protocols used on these networks were never designed with security in mind, availability being the first concern. Today, even though some telecom operators are investing money into securing their network, events confirm that for most of them maturity in term of security is yet to come, as recently shown with the example of massive traffic interception on compromised SCCP and GRX providers like Belgacom’s BICS. Here we present the most typical and legitimate telecom callflows from making a mobile phone call to sending a SMS. Then we describe the protocol layers involved and how to abuse them, which fields can be manipulated in order to attack both the operator infrastructure and its subscribers. Finally, we show a real life example of scan performed from an international SS7 interconnection and practical attacks on subscribers such as spam, spoofed SMS and user location tracking.
The document provides information on basic GSM principles and comparisons between TACS, GSM 900, and DCS 1800 mobile networks. It discusses topics like uplink and downlink frequencies, carrier separation, number of channels, access methods, logical channels, control channels, cell identities, and other key GSM concepts and terms. The document also includes detailed descriptions and explanations of terms like IMSI, TMSI, LAI, CGI, BSIC, SIM, and concepts like cell selection, location updating, and pin management.
Worldwide attacks on SS7/SIGTRAN networkP1Security
Publication performed by Alexandre De Oliveira and Pierre-Olivier Vauboin during Hackito Ergo Sum 2014
Mobile telecommunication networks are complex and provide a wide range of services, making them a tempting target for fraudsters and for intelligence agencies. Moreover, the architecture, equipment and protocols used on these networks were never designed with security in mind, availability being the first concern. Today, even though some telecom operators are investing money into securing their network, events confirm that for most of them maturity in term of security is yet to come, as recently shown with the example of massive traffic interception on compromised SCCP and GRX providers like Belgacom’s BICS. Here we present the most typical and legitimate telecom callflows from making a mobile phone call to sending a SMS. Then we describe the protocol layers involved and how to abuse them, which fields can be manipulated in order to attack both the operator infrastructure and its subscribers. Finally, we show a real life example of scan performed from an international SS7 interconnection and practical attacks on subscribers such as spam, spoofed SMS and user location tracking.
The document discusses 3GPP IMS (Internet Multimedia Core Network Subsystem), which defines standards for replacing GSM signaling with VoIP/SIP. IMS enables seamless integration of cellular voice services with wired VoIP and other IP services. Key components of IMS include the Proxy-CSCF, Serving-CSCF, and Interrogating-CSCF. The document outlines common call flows for registration, mobile-originated calls, and delivery of multimedia session capabilities between endpoints. IMS represents one of the largest planned VoIP/SIP deployments and helps drive adoption of new multimedia services on cellular networks.
IMS is an architectural framework that uses SIP to deliver IP multimedia services to mobile users. It consists of common core elements, enablers, and support systems arranged in three layers. The control layer contains various nodes that handle signaling and session management, including the P-CSCF for access, I-CSCF for routing, and S-CSCF for authentication and services. Together these elements establish and manage multimedia sessions between IMS subscribers and networks.
ims registration call flow procedure volte sipVikas Shokeen
This PDF , VoLTE IMS Registration tutorial covers IMS Registration sip procedure in depth & Provides extract of 3GPP / GSMA Specs , I am covering below call flow in Depth :-
- LTE Attach & Default Internet EPS bearer
- Role of QCI-1 ( Voice ) , QCI-5 (SIP Signaling) , QCI-6 to 9 (Internet)
- Default Vs Dedicated Bearer in LTE
- Default IMS EPS bearer in LTE
- SIP and IMS Registration
- TAS Registration
This documents will help to understand the details procedure of GSM IDLE Mode Behavior. GSM Idle mode behavior starting from PLMN selection, GSM Cell Camp, Cell Selection, Cell Reselection, Location Update, Paging, System Information to Measurements procedures have been captured in this document.
The document describes 4 scenarios for IMS/MMD call flows involving session establishment. Scenario 1 involves the originating UE having resources ready before sending the INVITE message, and the terminating UE having resources ready before sending the first provisional response. The call flow shows the SIP signaling messages exchanged between the UEs and IMS network entities, including an INVITE with an SDP offer from UE-1, and a 180 Ringing response from UE-2 with an SDP answer.
C:\Documents And Settings\Kthibodeau\Desktop\Sales And T Rx Share Brands And ...IMS Health
The document summarizes US market growth data from IMS Health. In November 2009, US market growth recovered to 4.2% year-to-date and prescription growth was at 2.5% year-to-date. The US market is expected to be impacted by continued patent expirations and fewer new product approvals, leading to lower growth rates in 2009-2010 than in previous years. Branded drugs are expected to see lower volume due to patents expiring while generics are expected to increase in volume and have less price deflation.
Revision for 2015 from the IMS services & signaling course. The lecture was part of the communication protocols class delivered to students from FIIT STU Bratislava, Slovakia and University Zilina, Slovakia.
Introduction of PS Core Network Elements and little bit of EPC/LTE Network. This is introductory slides pack for a 10 class/slides set for detail introduction of 2G/3G and LTE PS Core Network.
This document provides an overview of the IP Multimedia Subsystem (IMS) standards and architecture. It discusses the evolution from 2G to 3G/4G mobile networks and the integration of IMS. The key components of IMS are described including the Call Session Control Function (CSCF), Home Subscriber Server (HSS), Application Servers (AS), Media Resource Functions (MRF), and Breakout Gateway Control Function (BGCF). Registration and call flow examples are provided to illustrate IMS signaling. Approaches to migrating existing networks to IMS are also summarized.
GRX is the global private network where telecom network operators exchange GPRS roaming traffic of their users. It’s also used for all M2M networks where roaming is used, and that is the case from some company’s truck fleet management system down to intelligence GPS location spybug tracking system.
GPRS has been there from 2.5G GSM networks to the upcoming LTE Advanced networks, and is now quite widespread technology, along with its attacks. GRX has had a structuring role in the global telecom world at a time where IP dominance was beginning to be acknowledged. Now it has expanded to a lightweight structure using both IP technologies and ITU-originated protocols.
In this presentation, we’ll see how this infrastructure is protected and how it can be attacked. We’ll discover the issues with specific telco equipment inside GRX, namely GGSN and SGSN but also now PDN Gateways in LTE and LTE Advanced “Evolved Packet Core”. We will see the implications of this with GTP protocol, DNS infrastructure, AAA servers and core network technologies such as MPLS, IPsec VPNs and their associated routing protocols. These network elements were rarely evaluated for security, and during our engagements with vulnerability analysis, we’ve seen several vulnerabilities that we will be showing in this speech.
We will demo some of the attacks on a simulated “PS Domain” network, that it the IP part of the Telecom Core Network that transports customers’ traffic, and investigate its relationships with legacy SS7, SIGTRAN IP backbones, M2M private corporate VPNs and telecom billing systems. We will also seem how automation enable us to succeed at attacks which are hard to perform and will show how a “sentinel” attack was able to compromise a telecom Core Network during one penetration test.
The document summarizes the core elements of an IP Multimedia Subsystem (IMS) network. The key elements are:
- The Proxy-CSCF (P-CSCF) is the first contact point for the user and handles security, authorization, and forwarding requests.
- The Interrogating-CSCF (I-CSCF) routes requests between networks and assigns users a Serving-CSCF (S-CSCF).
- The S-CSCF manages sessions for registered users and interacts with application servers to provide services.
- The Home Subscriber Server (HSS) is the master database that stores user profiles, locations, and security information.
- Application Servers
VoLTE Flows and legacy CS network. Basic call routing to and from CS network using BGCF, MGCF, MGW. ENUM role in routing. IMS Cetralized Services (IMC) and SRVCC scenarios.
The Session Initiation Protocol (SIP) is an application-layer signaling protocol used for establishing multimedia sessions over Internet Protocol (IP) networks, such as voice or video calls. SIP can be used to initiate a call, invite participants and manage a call. It defines several methods for call setup, maintenance and termination. Common SIP methods include INVITE for call initiation, ACK to acknowledge call setup, BYE to terminate a call, and REGISTER for registering location. SIP uses SDP for negotiating media capabilities and RTP for transporting media streams.
An alternative ENUM model called "Private ENUM" is widely used. Private ENUM uses DNS but not the public DNS database. Instead, it uses a private domain suffix and private DNS servers only accessible to specific clients. Private ENUM entries are directly provisioned by the local carrier rather than being registered through the carrier of record.
The ENUM process begins by taking an E.164 number and converting it to a domain name using a specific algorithm. This domain name is then used to query NAPTR records from an ENUM server, which may return a SIP URL. If ENUM translation succeeds, the session is routed using the SIP URI. If it fails, the S-CSCF may forward to
It is a handbook of UMTS/LTE/EPC CSFB call flows.
This document is originally edited by Justin MA and it is free to share to everyone who are interested.
All reference/resource are from internet. If there is any copy-right issue, please kindly inform Justin by majachang@gmail.com.
Thanks for your reading!
ENUM Theory, Implementation, VoIP and Routing SolutionsGary Richenakerenumplatform
ENUM is a protocol that maps telephone numbers to internet addresses, allowing phone calls to be delivered over IP networks. It uses DNS to resolve an E.164 number into a URI that can then be used to route the call. There are different approaches to implementing ENUM, including public ENUM controlled by end users, carrier ENUM controlled by operators, and private ENUM used within federations. While ENUM trials have occurred in several countries, it has not seen wide deployment and does not fully address service interconnection challenges around quality of service and protocols.
Presented by Pierre-Olivier Vauboin & Alexandre De Oliveira at Hackito Ergo Sum 2014
http://2014.hackitoergosum.org/
Mobile telecommunication networks are complex and provide a wide range of services, making them a tempting target for fraudsters and for intelligence agencies. Moreover, the architecture, equipment and protocols used on these networks were never designed with security in mind, availability being the first concern. Today, even though some telecom operators are investing money into securing their network, events confirm that for most of them maturity in term of security is yet to come, as recently shown with the example of massive traffic interception on compromised SCCP and GRX providers like Belgacom’s BICS. Here we present the most typical and legitimate telecom callflows from making a mobile phone call to sending a SMS. Then we describe the protocol layers involved and how to abuse them, which fields can be manipulated in order to attack both the operator infrastructure and its subscribers. Finally, we show a real life example of scan performed from an international SS7 interconnection and practical attacks on subscribers such as spam, spoofed SMS and user location tracking.
The document provides information on basic GSM principles and comparisons between TACS, GSM 900, and DCS 1800 mobile networks. It discusses topics like uplink and downlink frequencies, carrier separation, number of channels, access methods, logical channels, control channels, cell identities, and other key GSM concepts and terms. The document also includes detailed descriptions and explanations of terms like IMSI, TMSI, LAI, CGI, BSIC, SIM, and concepts like cell selection, location updating, and pin management.
Worldwide attacks on SS7/SIGTRAN networkP1Security
Publication performed by Alexandre De Oliveira and Pierre-Olivier Vauboin during Hackito Ergo Sum 2014
Mobile telecommunication networks are complex and provide a wide range of services, making them a tempting target for fraudsters and for intelligence agencies. Moreover, the architecture, equipment and protocols used on these networks were never designed with security in mind, availability being the first concern. Today, even though some telecom operators are investing money into securing their network, events confirm that for most of them maturity in term of security is yet to come, as recently shown with the example of massive traffic interception on compromised SCCP and GRX providers like Belgacom’s BICS. Here we present the most typical and legitimate telecom callflows from making a mobile phone call to sending a SMS. Then we describe the protocol layers involved and how to abuse them, which fields can be manipulated in order to attack both the operator infrastructure and its subscribers. Finally, we show a real life example of scan performed from an international SS7 interconnection and practical attacks on subscribers such as spam, spoofed SMS and user location tracking.
The document discusses 3GPP IMS (Internet Multimedia Core Network Subsystem), which defines standards for replacing GSM signaling with VoIP/SIP. IMS enables seamless integration of cellular voice services with wired VoIP and other IP services. Key components of IMS include the Proxy-CSCF, Serving-CSCF, and Interrogating-CSCF. The document outlines common call flows for registration, mobile-originated calls, and delivery of multimedia session capabilities between endpoints. IMS represents one of the largest planned VoIP/SIP deployments and helps drive adoption of new multimedia services on cellular networks.
IMS is an architectural framework that uses SIP to deliver IP multimedia services to mobile users. It consists of common core elements, enablers, and support systems arranged in three layers. The control layer contains various nodes that handle signaling and session management, including the P-CSCF for access, I-CSCF for routing, and S-CSCF for authentication and services. Together these elements establish and manage multimedia sessions between IMS subscribers and networks.
ims registration call flow procedure volte sipVikas Shokeen
This PDF , VoLTE IMS Registration tutorial covers IMS Registration sip procedure in depth & Provides extract of 3GPP / GSMA Specs , I am covering below call flow in Depth :-
- LTE Attach & Default Internet EPS bearer
- Role of QCI-1 ( Voice ) , QCI-5 (SIP Signaling) , QCI-6 to 9 (Internet)
- Default Vs Dedicated Bearer in LTE
- Default IMS EPS bearer in LTE
- SIP and IMS Registration
- TAS Registration
This documents will help to understand the details procedure of GSM IDLE Mode Behavior. GSM Idle mode behavior starting from PLMN selection, GSM Cell Camp, Cell Selection, Cell Reselection, Location Update, Paging, System Information to Measurements procedures have been captured in this document.
The document describes 4 scenarios for IMS/MMD call flows involving session establishment. Scenario 1 involves the originating UE having resources ready before sending the INVITE message, and the terminating UE having resources ready before sending the first provisional response. The call flow shows the SIP signaling messages exchanged between the UEs and IMS network entities, including an INVITE with an SDP offer from UE-1, and a 180 Ringing response from UE-2 with an SDP answer.
C:\Documents And Settings\Kthibodeau\Desktop\Sales And T Rx Share Brands And ...IMS Health
The document summarizes US market growth data from IMS Health. In November 2009, US market growth recovered to 4.2% year-to-date and prescription growth was at 2.5% year-to-date. The US market is expected to be impacted by continued patent expirations and fewer new product approvals, leading to lower growth rates in 2009-2010 than in previous years. Branded drugs are expected to see lower volume due to patents expiring while generics are expected to increase in volume and have less price deflation.
Revision for 2015 from the IMS services & signaling course. The lecture was part of the communication protocols class delivered to students from FIIT STU Bratislava, Slovakia and University Zilina, Slovakia.
This document discusses network address translation (NAT) features and how to design a secure NAT network. It describes different types of NAT including static, dynamic, and masquerading NAT. When implementing NAT, considerations include network size, security needs, location, IP addressing, and data flow rates. Securing the NAT network involves using routing/remote access filters, address pools, special ports, and VPN connections. The optimal design devotes one machine to act as the NAT server, connecting over persistent routes with multiple internet connections to enhance performance and availability.
The IMS framework on Ericsson Labs is to build Java or Android based mobile applications or RESTful based PC client applications with messaging, presence on top of IMS/SIP.
A quick wrap up of presentations at ims world forum issue 1Alan Quayle
The document summarizes key points from presentations at the IMS World Forum conference in 2011. It discusses presentations from various companies like Rogers, Huawei, Verizon, and Ericsson. Key themes discussed include the importance of customer experience, challenges operators face in implementing IMS, and drivers for adopting IMS like VoLTE and video calling. The document also questions whether IMS is being pushed by vendors without fully addressing operators' needs.
This document provides an overview of the Extensible Markup Language (XML) Configuration Access Protocol (XCAP). It defines key terms like XCAP resource, server, and client. It describes how XCAP allows clients to read, write, and modify application configuration data stored in XML format on a server by mapping XML sub-trees and attributes to HTTP URIs. The document also outlines the XCAP hierarchy structure and how URIs are constructed to access specific XML nodes and components within XCAP resources.
The mobile broadband industry’s rapid migration to LTE has opened the door to malicious and non-malicious threats as a result of fundamental vulnerabilities in the all-IP LTE architecture. Consequently, security must be a foundational element of LTE network deployments. As the adoption of IPsec encryption for transporting LTE traffic continues to grow significantly, there is increasing need for a security gateway. This white paper discusses the evolving threat landscape, the economics and performance requirements of security solutions, and the role of the security gateway in LTE networks as subscribers ramp up by the millions every quarter and VoLTE services start to emerge.
DPDK IPSec performance benchmark ~ Georgii TkachukIntel
This document provides an overview of the DpdkIPSecsecuritygateway application, which is an Intel DPDK sample application that demonstrates using the Cryptography Device Library (cryptodev) framework to implement an IPSec security gateway with encryption and authentication. The application shows the flow of outbound and inbound traffic through the gateway and the use of security policies and security associations to classify and process packets. It also discusses performance considerations for running the application and maximizing throughput.
Fundarc Communication is working towards next generation network development. we provide consultancy to solution developers OEM and technology evengelist
Best Practices for Network Security Management Skybox Security
Gidi Cohen, Founder & CEO, Skybox Security
Changing technology and business trends pose new challenges to network security management, including firewall change management processes, management of security configurations in a BYOD-world, regulatory compliance, validation of firewall migrations, and troubleshooting access problems to complex networks. Through case studies, survey data, and real-world practices, this session will grant insight into automating and optimizing network security management.
Learn to streamline and automate firewall analysis to improve productivity
Discover how to automate network device configuration to minimize error
Gain insight into how secure change management can ensure stringent security compliance
Victor Pascual Ávila provides an update on WebRTC standards from April 2014. He discusses that WebRTC defines media standards like audio and video codecs but does not define a signaling protocol, so each deployment implements its own. WebRTC is also incompatible with existing VoIP deployments requiring gateways. While the W3C provides a WebRTC API, competing proposals exist and the API may evolve. Browser support for WebRTC is increasing. Standardization groups are working on WebRTC interoperability issues.
The document discusses the integration of Wi-Fi access networks into the Evolved Packet Core (EPC) mobile network. It describes how Wi-Fi can be used to offload data traffic from licensed 3GPP networks using both trusted and untrusted Wi-Fi connections. For trusted connections, the Wi-Fi access network is directly integrated into the EPC using a Trusted WLAN Access Gateway. For untrusted connections, an IPsec tunnel is established between the user device and the Evolved Packet Data Gateway for authentication. The document also discusses various enhancements to support Wi-Fi calling and multiple concurrent connections over both cellular and Wi-Fi.
Wi-Fi offload in cellular networks allows mobile data to be carried over both 3GPP cellular networks and non-3GPP networks such as Wi-Fi. The Evolved Packet Core architecture defines how a user equipment can connect to and move between these network types. Key technologies that enable seamless Wi-Fi offload include the Access Network Discovery and Selection Function for network selection policies, EAP-SIM/EAP-AKA authentication over trusted Wi-Fi access, and the enhanced Packet Data Gateway for securing untrusted access via IPsec tunnels. Session continuity is managed through either network-based mobility protocols run independently or client-based protocols using the UE.
IPSec is an open standard protocol suite that provides security services like data confidentiality, integrity, and authentication for IP communications. It operates at the network layer and can be used to secure communication between hosts, network devices, and between hosts and devices. The key components of IPSec include Internet Key Exchange (IKE) for setting up Security Associations (SA), the Authentication Header (AH) for data integrity and authentication, and the Encapsulating Security Payload (ESP) for confidentiality, integrity, and authentication.
IKE is the protocol used to set up a security association (SA) in the IPsec protocol suite. IKEv2 is the
second and latest version of the IKE protocol. Adoption for this protocol started as early as 2006.
IKE builds upon the Oakley protocol and ISAKMP. IKE uses X.509 certificates for authentication - either
pre-shared or distributed using DNS (preferably with DNSSEC) and a Diffie–Hellman key exchange - to
set up a shared session secret from which cryptographic keys are derived.
It’s new and it’s VoLTE, but will consumers notice? VoLTE is a game changer for mobile operators. They can use VoLTE as a jumping off point for new services aimed at delivering high-quality voice and video conferencing services, among others, that rival anything that has come before (3G) or after (OTT). Journalists Monica Alleven and Brad Smith talk to industry experts to find out how network operators are preparing for VoLTE.
VoLTE Service Monitoring - VoLTE Voice CallJose Gonzalez
There is currently no accepted standard for the measurement or monitoring of VoLTE Services, even though we believe that this is vital to assure the quality and reliability of such services - and to establish a framework for reliable comparison across implementations.
To this end Ascom has defined a formal definition and implementation strategy to help the Operations team solve a range of challenges, including issues related to EPC, IMS and the Application Server. We will describe this solution in a number of short articles.
This article describes the architecture of our solution and the VoLTE Voice Call test case.
IPsec provides the capability to secure communications across a LAN, across private and public WANs, and across the Internet. Examples of its use include:
Secure branch office connectivity over the Internet
Secure remote access over the Internet
Establishing extranet and intranet connectivity with partners
Enhancing electronic commerce security
This document provides an overview of IPSec, including:
- IPSec aims to secure IP communications by providing authentication, integrity, and confidentiality. It operates in transport and tunnel modes.
- The Internet Key Exchange (IKE) negotiates and establishes security associations to secure communications between two endpoints.
- IPSec policy defines which encryption, hashing, and authentication methods apply to different network traffic using protection suites and proposals.
IP Security (IPSec) provides authentication and confidentiality for IP packets. It uses security associations to define how packets are processed and secured. IPSec supports two main modes - transport mode for host-to-host traffic and tunnel mode for gateway-to-gateway VPNs. It uses the Authentication Header (AH) or Encapsulating Security Payload (ESP) to authenticate packets and optionally provide confidentiality through encryption. However, IPSec faces challenges working through Network Address Translation devices which are common on the Internet.
IMS is an architectural framework that uses SIP to deliver IP multimedia services to mobile users. It consists of common core elements, enablers, and support systems arranged in three layers. The control layer contains various nodes that handle signaling and session management, including the P-CSCF for access, I-CSCF for routing, and S-CSCF for authentication and services.
IMS Core Introduction for CS SpecialistAdrián Lopez
This document provides an introduction to the core IMS/VoLTE network elements and protocols. It describes the evolution from circuit-switched to packet-switched voice services and highlights key differences. The core elements discussed include the P-CSCF, I-CSCF, S-CSCF, AS, MRF, MGW, BGCF, and CCF. Basic call flows for registration and VoLTE-to-VoLTE and VoLTE-to-CS calls are presented to illustrate signaling and interactions between elements.
VoLTE Basic callflows in IMS network v2 - includes Registration, Basic VoLTE Call, SDP, Interconnect, Roaming, highlights important SIP headers for session routing and user identities.
IMS is an IP-based architecture that enables the delivery of multimedia services over both fixed and wireless networks. It provides a common service delivery platform for various access networks and allows for convergence of services. Key benefits of IMS include enabling a user-centric network, reducing costs through network resource sharing, and providing a consistent user experience across multiple devices and access networks through a single user identity and profile.
SIP is an application-layer protocol for establishing multimedia sessions over IP networks. It can be used to initiate voice, video, and instant messaging communications. SIP works by having user agents (clients and servers) exchange SIP request and response messages. These messages contain information about session setup, modification, and termination. Some key SIP components include user agents, proxy servers, registrar servers, and redirect servers. SIP messages use a request-response transaction model and contain start lines, headers, and optional message bodies. Common request methods are INVITE, ACK, BYE, and REGISTER. Typical response codes include 100-199 (informational), 200-299 (success), 300-399 (redirection), 400-499
【EPN Seminar Nov.10.2015】 Services Function Chaining Architecture, Standardiz...シスコシステムズ合同会社
The document provides an overview of services function chaining architecture, standards, and the Opendaylight implementation. It discusses the services function chaining architecture, the network service header data plane, and how Opendaylight implements services function chaining through Yang models, a UI, data plane components, and integration with group based policy.
This document provides an introduction to FreeSWITCH, an open source communications platform. It discusses IP telephony systems and what FreeSWITCH is. The document outlines FreeSWITCH's functions and architecture, including important modules like endpoints, dialplans and applications. It describes FreeSWITCH fundamentals like its threaded model and dynamic modules. Finally, it gives examples of PBX applications and provides a brief history of FreeSWITCH development.
This document provides an overview of the IMS service control model. It discusses why operators are offering more services like IP telephony, presence, and video on demand. It then introduces the IMS as a flexible, standard platform that simplifies developing and deploying new services. The IMS provides a common service infrastructure and increases control and profitability through a unified service environment. Key components of the IMS service control model are also summarized, including service invocation using SIP application servers and initial filter criteria.
The document provides an overview of VoLTE and SRVCC functionality:
(1) It introduces IMS and defines key components like CSCF, HSS, and AS.
(2) It describes the VoLTE registration process between the UE and IMS network elements.
(3) It outlines the single radio voice call continuity (SRVCC) handover process for transferring a VoLTE call to a 3G network when the UE loses LTE coverage. This involves coordination between the MME, MSC, ATCF, and SCC AS.
FutureComm 2010: Scaling Advanced VoIP Telecom ServicesRADVISION Ltd.
This document discusses scaling challenges for advanced VoIP telecom services and SIP delivery solutions. It outlines how traditional TDM architectures used static provisioning that was inefficient and not agile. IP architectures allow for dynamic load balancing of servers in a clustered pool for linear scaling. Load balancing concepts like weighted round robin, transaction-based switching, and persistence by call-ID or user ensure optimal server selection and guarantee transaction handling by the same server. Advanced features like transport conversion, call admission control, header manipulation, and geographic load balancing further improve scalability and disaster recovery. The document recommends adapting architectures to these advanced IP delivery models for benefits like linear scaling, protecting investments, simplifying applications, and reducing time-to-market.
The document provides an overview of IMS (IP Multimedia Subsystem) in next generation networks. It describes what IMS is, key components of the IMS architecture like CSCF (Call Session Control Function), HSS (Home Subscriber Server), AS (Application Server), and how IMS uses protocols like SIP and SDP. It also provides high-level descriptions of IMS operations during registration, origination of sessions to IMS and PSTN subscribers.
In this deck from the 2015 PBS Works User Group, Sarah Storms from Lockheed Martin presents: A New Multi-Level Security Initiative.
"Historically cyber security in HPC has been limited to detecting intrusions rather than designing security from the beginning in a holistic, layered approach to protect the system. SELinux has provided the needed framework to address cyber security issues for a decade, but the lack of an HPC and data analysis eco-system based on SELinux and the perception that the resulting configuration is “hard” to use has prevented SELinux configurations from being widely accepted. This presentation will discuss the eco-system that has been developed and certified, debunk the “hard” perception, and illustrate approaches for both government and commercial applications. The presentation includes discussions on SELinux architecture and features, Altair PBS Professional Queuing System, Scale-out Lustre Storage, Applications Performance on SELinux (Vectorization and Parallelization), Relational Databases, and Security Functions (Auditing and other Security Administration actions)."
Learn more: http://www.pbsworks.com/pbsug/2015/agenda.aspx
Watch the video presentation: https://www.youtube.com/watch?v=kBNKmGCg4ho
Sign up for our insideHPC Newsletter: http://insidehpc.com/newsletter
I have described VoLTE IMS Architecture in simplified way . Are you also finding 3GPP Specs complicated & Complex for VoLTE IMS . It covers Role played by individual Networks Elements as mentioned below :-
# VoLTE SIP Handset : SIP Support , UAC , UAS , User Agent , SIP-UA
# Underlying LTE Network : MME , SGW , PGW , PCRF , HSS , Dedicated Bearer , QCI , Default Bearer
# IMS Core : SIP Servers , P-CSCF , I-CSCF , S-CSCF , TAS , MMTEL , BGw , MRF , ATCF , ATGW , IBCF , MGCF , IM-MGW , TrGW
# Voice Core or PSTN Network for Break-in or Break-out Calls
PLNOG14: Service orchestration in provider network, Tail-f - Przemysław BorekPROIDEA
Przemysław Borek - Cisco Systems
Language: English
Service orchestration in provider network, Tail-f
Register to the next PLNOG edition today: krakow.plnog.pl
This document provides information about an individual who is an expert in Microsoft Lync and Enterprise Voice unified communications platforms. It includes their work experience of over 21 years in consultancy roles for global systems integrators and telecommunications companies. It also provides information on deploying and configuring various features of Microsoft Lync such as group call pickup, call park, pool quorum, replica set quorum, supported hypervisors, WAN accelerators, crypto appliances, scenarios requiring additional solutions, Sonus SBC deployment, and options for integrating SBCs and Lync with legacy PBXs.
Carl Moberg
VP Technology
Tail-f Systems
Plenaries Session
ONS2015: http://bit.ly/ons2015sd
ONS Inspire! Webinars: http://bit.ly/oiw-sd
Watch the talk (video) on ONS Content Archives: http://bit.ly/ons-archives-sd
DEVNET-1175 OpenDaylight Service Function ChainingCisco DevNet
This tutorial will overview the OpenDaylight Service Function Chaining (SFC) architecture, implementation and operation. A description of the SFC components and the Network Service Header (NSH) will be presented. This talk will conclude with a step-by-step demonstration of SFC configuration and operation using the GUI and REST interfaces.
Presence Service Integration Using Interconnected IP Multimedia Core NetworksSebastian Schumann
This paper describes the integration of the presence management service into existing IP Multimedia Subsystem (IMS) laboratory infrastructures. Both laboratories – NGNlab in Bratislava and the laboratory in Leipzig – use the Fraunhofer OpenIMS as core components for their testing IMS environment (i.e. Call Session Control Functions (CSCF), Home Subscriber Server (HSS)). The virtualization of these components will be described in this paper. Furthermore, the layer 3 interconnection and hence the possibility to share different applications between the locations will be discussed.
The presence management service has been deployed in a state where it is ready to be used with current IMS clients, for both presence information sharing via the Session Initiation Protocol (SIP) and user authorization via Extended Markup Language (XML) Configuration Access Protocol (XCAP). Presented at ONIT 2009 in Berlin, Germany.
Challenges Consuming Programmable Telecoms from the Developer’s PerspectiveSebastian Schumann
Challenges Consuming Programmable Telecoms from the Developer’s Perspective
- App development: I just want to make a call
- Consuming APIs: It’s all fine as long as you know what you want and have done it before
- App development vs. Telecom App development
Presented 2019-11-19 at TADSummit in London, UK
Programmable Telecoms is hard - Working on the toughest transformations in Telecoms
- immmr’s achievements
- immmr’s strengths, weaknesses, opportunities and threats as
a Telco funded start-up
- immmr’s journey, what we’ve learned over the past 2 years, what we would do differently
- The TADS story continues...
Presented 2018-11-14 at TADSummit in Lisbon, Portugal
immmr - a hybrid operator model explained
- Concept of a hybrid operator - or how to experience the best of both worlds
- Bridging a gap unconventionally and with the latest technical approaches
- Beyond the basics and how the TAD ecosystem can be of help.
Presented 2016-11-16 at TADSummit in Lisbon, Portugal
This document discusses how immmr is bringing traditional voice capabilities together with modern IP-based voice and video communications to create new communication experiences. Key points include:
- Immmr virtualizes mobile numbers and allows voice/video communication beyond phones through IP networks.
- This enables a hybrid service combining traditional and IP-based calling/video in one service with new business models.
- Immmr is working with Magenta to white-label its platform and conducted a UK trial of its "Orbit" product for additional numbers and communication abilities.
- Challenges remain in fully replacing telco stacks but benefits of an Internet-based approach can be realized while integrating with legacy networks.
Lecture describing evolution from legacy terminal access on IMS towards flexible browser-based communication.
Includes mandatory content such as IMS components & signaling, VoLTE, etc. but deducts reasoning from carrier evolution and transformations seen in practise. A few words about Internet based communication services and WebRTC should support discussion.
Presented 2015-12-09 at Slovak University of Technology
Post-launch experiences from a locally developed internal proof of concept im...Sebastian Schumann
Post-launch experiences from a locally developed internal
proof of concept implementation
- Service description
- Used technologies and integration challenges
- Lessons learned
Presented at the 2nd annual WebRTC Global Summit in London, UK
This service maps a fixed number to a mobile number purely based on calling line identification. It is based on a self-developed API, Nexmo for handling SMS, and Restcomm for handling fixed line calls and their authentication logic.
Operator Insights: Thoughts, Experiences, Real-World Challenges Around WebRTCSebastian Schumann
Operator Insights: Thoughts, Experiences, Real-World Challenges Around WebRTC
- Misconceptions around WebRTC related to operator-thinking
- How is WebRTC perceived within different operator units
- Lessons learned from internal development
Presented at the Upperside WebRTC conference in Paris, France in December 2014
Telecoms & WebRTC: Opposites attract?!
- Are Telecoms and WebRTC opposites?
- The diversity of interpretation of WebRTC in Telecoms.
- Why is WebRTC so attractive for operators?
- How can operators be attractive for WebRTC developers?
Presented at the WebRTC Summit Europe in Berlin, Germany
Expanding Service Providers’ Reach With WebRTC
- “Quickly brush up the old and focus on the new”
- “WebRTC is much more than a technology for operators”
- “Proper enablers are more important than fully standardized services”
- “Just do it – it’s easier than ever to innovate!”
Presented at the 14th Annual Broadband World Forum (BBWF) 2014 in Amsterdam, The Netherlands
What is the current service provider involvement with WebRTC?
- What are the WebRTC options for Telco's: Not just IMS
- How does WebRTC fit with PSTN / IMS / RCS / VoLTE strategies?
- Developing WebRTC + Telco-OTT initiatives
- How will WebRTC be deployed in the mobile world?
Presented at IIR Telecom APIs 2014 in London, UK
Slovak Telekom Case Study - Enabling enhanced services through IMS technology
- Mobile integration status
- Overview of new IP based services
- Evolution of the integration platform
Presented at IMS World Forum 2013 in Barcelona, Spain.
Integration of Rich Communication Services:
- Converged (fixed/mobile) operator requirements
- Integration of rich communications as an enabler for advanced IPTV services
- Use cases and business perspectives of selected scenarios
Presented at Rich Communication 2012 in Berlin, Germany.
Next Generation Services. The operator’s dream - The OTT’s reality?Sebastian Schumann
Presentations stimulating a discussion about Telco services and their future compared to over the top (OTT) services. Presented at ngnlab.eu workshop 2011 in Delft, The Netherlands.
Open-Source Based Prototype for Quality of Service (QoS) Monitoring and Quali...Sebastian Schumann
This paper describes an implementation for monitoring the QoS and expecting the QoE of a voice communication in a Real-time Transport Protocol (RTP) based telecommunication environment. The resulting QoS parameters are evaluated; the QoE is determined with the E-Model and processed for graphical presentation. With the use of some open-source programming libraries, the presented prototype can be a helpful alternative for expensive measurement devices and is ready to be deployed in a widespread telecom environment at low cost. Presented at NGMAST 2011 in Cardiff, UK.
The Potential of Consolidating SIP and XMPP Based Communication for Telecomm...Sebastian Schumann
This paper describes an approach for combining Session Initiation Protocol (SIP) based voice communication with Extensible Messaging and Presence Protocol (XMPP) based presence enhancements. The actual role of SIP and XMPP in the Internet Protocol (IP) based communication was analyzed, especially from the telecommunication carrier (Telco) point of view.
The proposed infrastructure extends a typical SIP infrastructure with XMPP for presence status integration. XMPP will be used as instant messaging and presence (IM/P) service infrastructure, the presence information will be extended with SIP phone status information of telecommunication endpoints. A first prototype has been developed and tested successfully. Presented at ONIT 2010 in Berlin, Germany.
Reimagining Your Library Space: How to Increase the Vibes in Your Library No ...Diana Rendina
Librarians are leading the way in creating future-ready citizens – now we need to update our spaces to match. In this session, attendees will get inspiration for transforming their library spaces. You’ll learn how to survey students and patrons, create a focus group, and use design thinking to brainstorm ideas for your space. We’ll discuss budget friendly ways to change your space as well as how to find funding. No matter where you’re at, you’ll find ideas for reimagining your space in this session.
How to Setup Warehouse & Location in Odoo 17 InventoryCeline George
In this slide, we'll explore how to set up warehouses and locations in Odoo 17 Inventory. This will help us manage our stock effectively, track inventory levels, and streamline warehouse operations.
This document provides an overview of wound healing, its functions, stages, mechanisms, factors affecting it, and complications.
A wound is a break in the integrity of the skin or tissues, which may be associated with disruption of the structure and function.
Healing is the body’s response to injury in an attempt to restore normal structure and functions.
Healing can occur in two ways: Regeneration and Repair
There are 4 phases of wound healing: hemostasis, inflammation, proliferation, and remodeling. This document also describes the mechanism of wound healing. Factors that affect healing include infection, uncontrolled diabetes, poor nutrition, age, anemia, the presence of foreign bodies, etc.
Complications of wound healing like infection, hyperpigmentation of scar, contractures, and keloid formation.
Main Java[All of the Base Concepts}.docxadhitya5119
This is part 1 of my Java Learning Journey. This Contains Custom methods, classes, constructors, packages, multithreading , try- catch block, finally block and more.
How to Build a Module in Odoo 17 Using the Scaffold MethodCeline George
Odoo provides an option for creating a module by using a single line command. By using this command the user can make a whole structure of a module. It is very easy for a beginner to make a module. There is no need to make each file manually. This slide will show how to create a module using the scaffold method.
A review of the growth of the Israel Genealogy Research Association Database Collection for the last 12 months. Our collection is now passed the 3 million mark and still growing. See which archives have contributed the most. See the different types of records we have, and which years have had records added. You can also see what we have for the future.
How to Add Chatter in the odoo 17 ERP ModuleCeline George
In Odoo, the chatter is like a chat tool that helps you work together on records. You can leave notes and track things, making it easier to talk with your team and partners. Inside chatter, all communication history, activity, and changes will be displayed.
Walmart Business+ and Spark Good for Nonprofits.pdfTechSoup
"Learn about all the ways Walmart supports nonprofit organizations.
You will hear from Liz Willett, the Head of Nonprofits, and hear about what Walmart is doing to help nonprofits, including Walmart Business and Spark Good. Walmart Business+ is a new offer for nonprofits that offers discounts and also streamlines nonprofits order and expense tracking, saving time and money.
The webinar may also give some examples on how nonprofits can best leverage Walmart Business+.
The event will cover the following::
Walmart Business + (https://business.walmart.com/plus) is a new shopping experience for nonprofits, schools, and local business customers that connects an exclusive online shopping experience to stores. Benefits include free delivery and shipping, a 'Spend Analytics” feature, special discounts, deals and tax-exempt shopping.
Special TechSoup offer for a free 180 days membership, and up to $150 in discounts on eligible orders.
Spark Good (walmart.com/sparkgood) is a charitable platform that enables nonprofits to receive donations directly from customers and associates.
Answers about how you can do more with Walmart!"
How to Manage Your Lost Opportunities in Odoo 17 CRMCeline George
Odoo 17 CRM allows us to track why we lose sales opportunities with "Lost Reasons." This helps analyze our sales process and identify areas for improvement. Here's how to configure lost reasons in Odoo 17 CRM
This slide is special for master students (MIBS & MIFB) in UUM. Also useful for readers who are interested in the topic of contemporary Islamic banking.
2. Outline
• Recapitulation
• IMS Registration
• IMS Session Establishment
• IMS Application Layer
– Interaction with IMS core
– Interaction with User Equipment (UE)
The slides only summarize the lecture. Take
notes!
3. Recapitulation
• IMS is an open architecture for mobile and fixed
services
• The core and its services are independent from
the access
• Layered architecture
– Transport, session control, applications
– Transparency through standard interfaces
• Session Control Layer
– End point registration
– Session establishment
• Application Layer
– Service Logic
4. Recapitulation ctd.
• Service Control Layer
– SIP: P/I/S-CSCF
– DIAMETER: HSS
• Application Layer
– SIP/DIAMETER interface towards service
control layer
– SIP/XCAP interface (based on HTTP) towards
UE
– Call related application logic
– IMS service (e.g., Presence, PoC)
– Service Creation Environment
5. IMS Core
• CSCF components separate logical
functionality
– P-CSCF eq. SIP Proxy. It acts as access point
for UE towards the IMS core.
– I-CSCF placed on the borders of two IMS
domains. Entry point for served home users
from visited networks.
– S-CSCF eq. SIP Registrar. It also acts as an
anchor point for IMS service control (ISC) and
service invocation (based on iFCs).
• HSS contains all subscriber and service
6. User Identities
• User identities
– Private User Identity (user@realm)
• Authentication and Subscription identification
• Not used for routing
– Public User Identity (sip:user@domain.tld or
tel:+1234567890)
• Contact to be reached by others
• SIP URI or tel URI
• Implicit set of public user identities for grouping
registration
• Services and other network entities can be
addressed using a SIP URI
• User identities are part of the user profile
8. IMS Registration
• Required before a user can access services or
perform calls
• Precondition: UE has IP address and knows IMS
entry point
• All CSCF are used
– P-CSCF (home/visited): Entry point, determines I-
CSCF
– I-CSCF (home): Determines S-CSCF
– S-CSCF (home): Authenticates the subscriber,
registers IMS subscriber, interacts with service layer
• User assigned to one S-CSCF after successful
registration
10. Domain Name Service
• Link IP addresses with domain names
• Support in locating SIP servers
– NAPTR lookup
– SRV lookup
– A/AAAA lookup
• NAPTR resolves the preferred protocol and the DNS
string to locate the service
– ngnlab.eu. 7200 IN NAPTR 10 50 "s“ "SIP+D2T“
_sip._udp.ngnlab.eu.
• SRV look-up for a NAPTR given address indicates the
domain and port the service listens on
– _sip._udp.ngnlab.eu. 7200 IN SRV 0 0 5060 icscf.ngnlab.eu.
• A/AAAA to find the IP address of the domain name
– icscf.ngnlab.eu. 7200 IN A 147.175.103.213
12. Important SIP “additions”
• P-Access-Network-Info includes port
location/cell
• From/To eq. IMPU
• Path inform S-CSCF about routing
destination for terminating requests
• Authorization contains IMPI and other
values
• 200 OK Service-Route to populate S-
CSCF address to P-CSCF for originating
requests
13. Important SIP “additions” – ctd.
• P-Associated-URI informs client about reg.
IMPUs
• P-Preferred-Identity (UE-P), P-Asserted-
Identity (P-) to choose a registered IMPU
for session establishment
• Event: reg after registration to inform UE
about events on S-CSCF (e.g., HSS-
initiated deregistration)
14. IMS SessionEstablishment
• After registration, subscriber is reachable
through
public user identity for communication
• IMS subscriber can access services now or
perform calls
• P-CSCF (home or local)
– Proxy, contacts assigned S-CSCF for the calling
subscriber
• S-CSCF (home)
– Service control and logic
– Contacts application or other party
• I-CSCF
17. Applicationlayerinteraction
• User profile contains also service profile
• Service Profile
– Public Identification (assigned subscribers)
– Initial Filter Criteria (triggering AS interaction)
• Initial Filter Criteria (iFC)
– Trigger points with service point triggers
(conditions when to interact)
– Application server (SIP URI for interaction)
22. Filtering
• Only initial SIP requests
• Initial filter criteria (iFC) retrieved from
HSS
during registration
• Subsequent filter criteria (sFC) provided
by application server (beyond 3GPP R8)
– Allow dynamic definition of trigger points
during application runtime
23. ApplicationRouting
• I/S-CSCF are interaction points with the
service layer
– I-CSCF for public service identities (PSI)
– S-CSCF for services (of served users)
• Applications have interface towards HSS
– User profile information
– Location information, service information
• Complexity of security, authorization,
access interaction etc. all handled by the
core
24. Application Routing ctd.
• Application server (AS) can have different
functions
– Terminating AS (e.g., acting as user agent)
– Originating AS (e.g., wake up service, click to
dial)
– SIP Proxy server (e.g., for SIP header
manipulation)
– Back-to-back user agent (e.g., for deeper
modifications in SIP dialog as supplementary
service enabler)
26. Now, I want answers :-)
• Alice from IMS @atlanta.comwants to
subscribe presence of Bob from IMS
@biloxy.com
• Alice is currently in Chicago, Bob is at
home
– Is it possible?
– Where does Bob have to publish?
– Where does Alice have to subscribe?
– Which components are involved?
– How is the call flow?
27. Summary – what I tried to
achieve
• Deepen understanding of CSCF/HSS roles
– Function of components
– Routing within control layer and towards applications
• Understanding IMS user identities
• Service control, routing, application layer
interaction
• Many things omitted in this presentation
– Network access layer, IMS reference points names
– S-CSCF assignments in detail, SLF/HSS separation
– QoS resource reservation
– PSTN Breakout
– Charging
• Get ready to deploy and integrate applications
and understand the underlying core
29. Example: Presence call flow
• Service profile
– assigned to users that
want to use presence
• IFC
– AS: Presence Server
– TP: CNF (&)
• Method and
– PUBLISH or
– SUBSCRIBE
• Event
– Header: Event
– Content: .*presence.*
P-CSCF
Presence
Server
S-CSCF
SUBSCRIBE
200 OK
200 OK
NOTIFY
SUBSCRIBE
200 OK
200 OK
NOTIFY
SUBSCRIBE
200OK
200OK
NOTIFY
UE
30. eXtensible Configuration Access
Protocol
• XCAP allows clients to read, write and
modify data stored in XML format on
server
– Hard state presence information
– Watcher authorization
– Resource Lists
• XML document sub-trees and element
attributes are mapped into HTTP URIs
direct access via XPath
• Various selections (e.g., one or more
31. • Client/Server architecture like HTTP
• Application Usage for certain application
needs
• HTTP primitives ‘Get’, ‘Put’ and ‘Delete’
are used
• Body contains XML data to be
added/modified
eXtensible Configuration Access
Protocol
32. Message flow
• Interface exposed by
XML Document
Management Server
• XDMS is located on
application layer
• Direct communication
between UE and
XDMS
• Use cases
– Store resource list
– Authorize buddies
XDMS
UE
XCAP