WO2015093058A1 - APPARATUS, SYSTEM AND METHOD FOR webRTC - Google Patents
APPARATUS, SYSTEM AND METHOD FOR webRTC Download PDFInfo
- Publication number
- WO2015093058A1 WO2015093058A1 PCT/JP2014/006334 JP2014006334W WO2015093058A1 WO 2015093058 A1 WO2015093058 A1 WO 2015093058A1 JP 2014006334 W JP2014006334 W JP 2014006334W WO 2015093058 A1 WO2015093058 A1 WO 2015093058A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- cscf
- ims
- wwsf
- token
- webrtc
- Prior art date
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0892—Network architectures or network communication protocols for network security for authentication of entities by using authentication-authorization-accounting [AAA] servers or protocols
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L65/00—Network arrangements, protocols or services for supporting real-time applications in data packet communication
- H04L65/10—Architectures or entities
- H04L65/1016—IP multimedia subsystem [IMS]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L65/00—Network arrangements, protocols or services for supporting real-time applications in data packet communication
- H04L65/1066—Session management
- H04L65/1073—Registration or de-registration
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L65/00—Network arrangements, protocols or services for supporting real-time applications in data packet communication
- H04L65/60—Network streaming of media packets
- H04L65/65—Network streaming protocols, e.g. real-time transport protocol [RTP] or real-time control protocol [RTCP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/12—Detection or prevention of fraud
- H04W12/128—Anti-malware arrangements, e.g. protection against SMS fraud or mobile malware
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2463/00—Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
- H04L2463/141—Denial of service attacks against endpoints in a network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0807—Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/12—Detection or prevention of fraud
Definitions
- the present invention relates to an apparatus, a system and a method for webRTC (Web Real Time Communication), and particularly to a technique to secure authentication of a webRTC client to IMS (IP (Internet Protocol) Multimedia Subsystem).
- IMS Internet Protocol
- a new service called webRTC i.e. real time communication services like a voice and video calls, is specified in IETF (Internet Engineering Task Force) and it is taking up momentum. WebRTC interworks with other networks so that is not operating as a standalone silo service. This means for the end customer that you do not want to call only other webRTC users, but also normal phones.
- NPL 1 3GPP TR 23.701, "Study on Web Real Time Communication (WebRTC) access to IMS (Stage 2) (Release 12)", V0.3.0, 2013-11
- NPL 2 3GPP TR 33.abc (S3-131125), "Study on Security for WebRTC IMS Client access to IMS; (Release 12)", V0.1.0, 2013-11
- the browser in the user equipment downloads the webRTC IMS Client (WIC) from the WebRTC Web Server Function (WWSF).
- WIC WebRTC Web Server Function
- the WWSF is responsible for managing the correct and consistent allocation of authorized IMS identities to WICs associated with authenticated web identities. It is proposed in 3GPP that the WWSF may reside in the operators home IMS or in a third party network authorized by the home IMS.
- NPLs 1 and 2 When UE access IMS service, the network should perform authorization to verify whether UE is allowed for accessing such service.
- webRTC identity and IMS identity There are two independent identities (webRTC identity and IMS identity) that are allocated from WWSF. If network fails to verify the identities, it may cause unauthorized WIC accessing IMS service and also DoS (Denial of Service) attack to network.
- DoS Delivery of Service
- This invention proposes in different aspects how the authentication and thus the authorization of the webRTC IMS Client can be achieved in the IMS of the mobile network operator.
- the WIC is using an ID to register with IMS, which may be an IMS public user identity (IMPU), a IMS private identity (IMPI), globally routable user agent URI (GRUU) etc.
- IMS IMS public user identity
- IMPI IMS private identity
- GRUU globally routable user agent URI
- the WIC may be preconfigured by the WWSF with the eP-CSCF address and authentication information, but if not, then this information should be retrieved via the WWSF or from the IMS directly or via other device management procedures e.g. OMA DM (Open Mobile Alliance Device Management).
- OMA DM Open Mobile Alliance Device Management
- a method provides an authentication method in a communication system. This method includes: sending a token from a WWSF to a UE in an IMS registration; sending a REGISTER message with the token from the UE to an eP-CSCF; verifying the token by the eP-CSCF; forwarding the REGISTER message from the eP-CSCF to an S-CSCF; receiving a subscription profile from an HSS to the S-CSCF; and sending a 200 OK message from the S-CSCF to the UE via the eP-CSCF.
- a system is a communication system for authenticating a UE.
- This system includes a WWSF, an eP-CSCF, an S-CSCF, and an HSS.
- the WWSF sends a token to the UE in an IMS registration.
- the UE sends a REGISTER message with the token to the eP-CSCF.
- the eP-CSCF verifies the token.
- the eP-CSCF forwards the REGISTER message to the S-CSCF.
- the S-CSCF receives a subscription profile from the HSS.
- the S-CSCF sends a 200 OK message to the UE via the eP-CSCF.
- a method provides an authentication method of a UE.
- This method includes: receiving a token from a WWSF in an IMS registration; sending a REGISTER message with the token to an eP-CSCF that verifies the token and forwards the REGISTER message to an S-CSCF; and receiving a 200 OK message from the S-CSCF, the S-CSCF receiving a subscription profile from an HSS, via the eP-CSCF.
- an apparatus is a UE connectable to a communication system including a WWSF, an eP-CSCF, an S-CSCF, and an HSS.
- This UE includes: a receiving unit that receives a token from the WWSF in an IMS registration and receives a 200 OK message from the S-CSCF, the S-CSCF receiving a subscription profile from the HSS, via the eP-CSCF; and a sending unit that sends a REGISTER message with the token to the eP-CSCF, the eP-CSCF verifying the token and forwarding the REGISTER message to the S-CSCF.
- Fig. 1 is a block diagram showing an example of static IMS ID allocation in a first exemplary embodiment according to the present invention.
- Fig. 2 is a sequence diagram showing an example of call flow for static IMS ID allocation in the first exemplary embodiment.
- Fig. 3 is a block diagram showing an example of dynamic IMS ID allocation in a second exemplary embodiment according to the present invention.
- Fig. 4 is a sequence diagram showing one example of call flow for dynamic IMS ID allocation in the second exemplary embodiment.
- Fig. 5 is a sequence diagram showing another example of call flow for dynamic IMS ID allocation in the second exemplary embodiment.
- Fig. 6 is a sequence diagram showing an example of unsynchronized deregistration and binding removal in WWSF and eP-CSCF in the second exemplary embodiment.
- Fig. 1 is a block diagram showing an example of static IMS ID allocation in a first exemplary embodiment according to the present invention.
- Fig. 2 is a sequence diagram showing an example of call flow for static IMS ID allocation in the first
- FIG. 7 is a sequence diagram showing an example of synchronized deregistration and binding removal in WWSF and eP-CSCF in the second exemplary embodiment.
- Fig. 8 is a block diagram showing an example of webRTC ID verification in AAA at trusted third party in a third exemplary embodiment according to the present invention.
- Fig. 9 is a sequence diagram showing an example of call flow for webRTC ID verification in AAA at trusted third party in the third exemplary embodiment.
- Fig. 10 is a sequence diagram showing an example of unsynchronized deregistration with AAA at trusted third party in the third exemplary embodiment.
- Fig. 11 is a sequence diagram showing an example of synchronized deregistration with AAA at trusted third party in the third exemplary embodiment.
- Fig. 12 is a block diagram showing typical identity mapping.
- Fig. 13 is a sequence diagram showing WebRTC client authentication with WWSF token, which will be proposed to 3GPP.
- Fig. 14 is a block diagram showing a configuration example of a UE according to the present invention
- This exemplary embodiment proposes a static IMS ID allocation to the WWSF per webRTC identity.
- Fig. 1 shows the principle of the identity binding.
- the WWSF 30 and the HSS (Home Subscriber Server) 60 are able to exchange identity information via the wh interface.
- the information contains for a specific webRTC identity the corresponding IMS ID and, if needed, a password for IMS authentication, but this is not limited to this set of parameters.
- Fig. 2 provides the call flow for an IMS registration with a previous preparation phase in the steps S11 to S15.
- Step S11 The UE 10 is an IMS subscriber and a webRTC subscriber and registers also its webRTC ID with the IMS operator. This may be done in an ordinary IMS registration message of its normally used IMS client during its IMS registration.
- Step S12 The HSS 60 creates a binding between the webRTC ID and the IMS ID. It creates a new WIC IMS ID and if needed, a corresponding password or other authentication related information. The IMS ID of the WIC is different to the one of the normal IMS client.
- Step S13 The HSS 60 derives the WWSF address from the webRTC ID.
- the HSS 60 may have a look-up table for each webRTC provider to find the WWSF 30, or it has a fixed format e.g. "wwsf@webrtcprovider.com".
- the HSS 60 provides the generated WIC IMS ID, password and webRTC ID to the WWSF 30 via the wh interface.
- the HSS 60 may provide other subscription or authentication related information too.
- the WIC 20 may not be able to retrieve a correct eP-CSCF (enhanced Proxy-Call Session Control Function) address; therefore the HSS 60 may include the eP-CSCF address in this message.
- the information depends also whether the WIC 20 is preconfigured e.g. by the WWSF 30 or not.
- Step S14 The WWSF 30 creates a binding between the webRTC ID and the WIC IMS ID and if provided the password and other information.
- Step S15 From within a WebRTC-enabled browser, the user may access a URI (Uniform Resource Identifier) to the WWSF 30 to initiate an HTTPS (Hypertext Transfer Protocol Secure) connection to the WWSF 30.
- the TLS (Transport Layer Security) connection may provide one-way authentication of the server based on the server certificate.
- the browser downloads and initializes the WIC 20 from the WWSF 30, now the preparation phase is completed.
- Step S16 The WIC 20 registers to the WWSF 30 with its webRTC ID.
- the WWSF 30 may authenticate the user using a common web authentication procedure.
- Step S17 The WWSF 30 provides the corresponding IMS ID and, if available, password, eP-CSCF address, authentication information etc. to the WIC 20. The information depends also whether the WIC 20 is preconfigured or not.
- Step S18 The WIC 20 stores the received information and sends a REGISTER message to the eP-CSCF 40, using the WIC IMS ID.
- This message may be preferably a SIP (Session Initiation Protocol) message but could be based on any other protocol like WebSocket, JSON (JavaScript Object Notation) etc..
- Step S19 The S-CSCF (Serving-CSCF) 50 retrieves the authentication data from the HSS 60 and challenges the UE 10 with a 401 unauthorized response.
- This message may be preferably a SIP message but could be based on any other protocol like WebSocket, JSON etc..
- Step S20 The WIC 20 resolves the challenges with the information received from the WWSF 30 (password, other authentication related information) and sends another REGISTER message to the eP-CSCF 40.
- This message may be preferably a SIP message but could be based on any other protocol like WebSocket, JSON etc..
- Step S21 The S-CSCF 50 acknowledges the registration with a 200 OK or any other suitable message towards the WIC 20 and retrieves the subscription profile from the HSS 60.
- This message may be preferably a SIP message but could be based on any other protocol like WebSocket, JSON etc..
- This exemplary embodiment requires that the webRTC user is also an IMS subscriber at the same time.
- the HSS 60 needs to interface with webRTC service provider and exchange the IMS ID + password and eP-CSCF address, since the WIC 20 cannot access the UICC (Universal Integrated Circuit Card) and has no P-CSCF allocation.
- UICC Universal Integrated Circuit Card
- the WWSF is using a pool of IMS IDs received from the HSS of the IMS operator.
- the idea behind is that the webRTC service provider does not assume that the webRTC user has an own IMS subscription so the webRTC provider holds a pool of IMS subscriptions that can be assigned to the webRTC IMS client (WIC) on demand.
- the architecture is shown in Fig. 3.
- the pool of IMS IDs can be provided to the WWSF 30 in form of wildcarded IMPUs, but it could be also a list of IMPUs and is not limited to this.
- Fig. 4 shows the call flow of the procedure.
- Step S31 The WWSF 30 is pre-configured with a pool of IMS IDs, e.g. wildcarded IMPUs or a list of IMPUs that will be shared by the webRTC users on demand.
- the HSS 60 provides the configuration to WWSF 30 and may also provide additional information e.g. eP-CSCF address, authentication information, password etc.
- Step S32 From within a WebRTC-enabled browser, the user may access a URI to the WWSF 30 to initiate an HTTPS connection to the WWSF 30.
- the TLS connection may provide one-way authentication of the server based on the server certificate.
- the browser downloads and initializes the WIC 20 from the WWSF 30, now the preparation phase is completed.
- Step S33 The WIC 20 registers to the WWSF 30 with its webRTC ID.
- WWSF 30 may initiate authentication procedure if needed.
- Step S34 The WWSF 30 selects a currently unused IMS ID or, in case of wildcarded IMPUs, generates an IMPU e.g. based on the webRTC ID.
- the WWSF 30 binds this IMS ID to the webRTC ID and, if available, binds the IMS ID to password, eP-CSCF address, authentication information etc. The information depends also whether the WIC 20 is preconfigured by the WWSF 30 with the eP-CSCF address and authentication information or not.
- Step S35 The WWSF 30 registers the webRTC ID and IMS ID binding at the eP-CSCF 40.
- Step S36 The P-CSCF 40 and WWSF 30 have a trust relationship and may be authenticated to each other.
- the eP-CSCF 40 stores the binding and acknowledges the binding. It may start a validity timer for the binding and provides the timer to the WWSF 30.
- Step S37 The WWSF 30 provides the IMS ID, which binds to the webRTC ID, to the WIC 20.
- Step S38 The WIC 20 stores the received information and sends a REGISTER message to the eP-CSCF 40, using the IMS ID.
- This message may be preferably a SIP message but could be based on any other protocol like WebSocket, JSON etc..
- Step S39 The eP-CSCF 40 verifies the binding of webRTC ID and IMS ID and authorizes the REGISTER.
- the eP-CSCF 40 may include an indicator, flag or other parameter, showing that the binding is verified and/or registration is authorized, in the REGISTER so that it does not need to be challenged by the S-CSCF 50.
- This message may be preferably a SIP message but could be based on any other protocol like WebSocket, JSON etc..
- Step S40 The eP-CSCF 40 forwards the REGISTER with the IMS ID to the S-CSCF 50 (potentially via other IMS nodes like IBCF (Interconnection Border Control Function) or I-CSCF (Interrogating-CSCF)) and may mark it as described in the previous step.
- the S-CSCF 50 requests the subscription profile from the HSS 60. This message may be preferably a SIP message but could be based on any other protocol like WebSocket, JSON etc..
- Step S41 The S-CSCF 50 acknowledges the registration and retrieves the general subscription profile for this webRTC service provider from the HSS 60.
- the 200 OK or any other suitable message is forwarded to the WIC 20.
- This message may be preferably a SIP message but could be based on any other protocol like WebSocket, JSON etc..
- step S51b the steps are nearly the same, only two additional steps are included with step S51b and the verification step S56.
- Step S51a The WWSF 30 is pre-configured with a pool of IMS IDs, e.g. wildcarded IMPUs or a list of IMPUs that will be shared by the webRTC users on demand.
- the HSS 60 provides the configuration to WWSF 30 and may also provide additional information e.g. eP-CSCF address, authentication information, password etc.
- Step S51b The HSS 60 provides the WWSF ID and its allowed IMS IDs to the eP-CSCF 40. It may use PSI (Project Server Interface) routing and may use an appropriate SIP message, e.g. OPTIONS, UPDATE, INVITE, REGISTER, 200 OK, MESSAGE etc.
- PSI Public Server Interface
- Step S52 From within a WebRTC-enabled browser, the user may access a URI to the WWSF 30 to initiate an HTTPS connection to the WWSF 30.
- the TLS connection may provide one-way authentication of the server based on the server certificate.
- the browser downloads and initializes the WIC 20 from the WWSF 30, now the preparation phase is completed.
- Step S53 The WIC 20 registers to the WWSF 30 with its webRTC ID.
- WWSF 30 may initiate authentication procedure if needed.
- Step S54 The WWSF 30 selects a currently unused IMS ID or, in case of wildcarded IMPUs, generates an IMPU e.g. based on the webRTC ID.
- the WWSF 30 binds this IMS ID to the webRTC ID and, if available, binds the IMS ID to password, eP-CSCF address, authentication information etc. The information depends also whether the WIC 20 is preconfigured by the WWSF 30 with the eP-CSCF address and authentication information or not.
- Step S55 The WWSF 30 registers the webRTC ID and IMS ID binding at the eP-CSCF 40.
- Step S56 The P-CSCF 40 and WWSF 30 have a trust relationship and may be authenticated to each other.
- the eP-CSCF 40 verifies whether the WWSF 30 is authorized to use the IMS ID, based on the HSS provisioning in step S51b.
- the eP-CSCF 40 may start a validity timer for the binding of the webRTC ID and the IMS ID.
- Step S57 The eP-CSCF 40 acknowledges the binding of the webRTC ID and the IMS ID to the WWSF 30 and may provide a validity timer for which period the binding is valid.
- Step S58 The WWSF 30 provides the IMS ID, which binds to the webRTC ID, to the WIC 20.
- Step S59 The WIC 20 stores the received information and sends a REGISTER message to the eP-CSCF 40, using the IMS ID.
- This message may be preferably a SIP message but could be based on any other protocol like WebSocket, JSON etc..
- Step S60 The eP-CSCF 40 verifies the binding of webRTC ID and IMS ID and authorizes the REGISTER.
- the eP-CSCF 40 may include an indicator, flag or other parameter, showing that the binding is verified and/or registration is authorized, in the REGISTER so that it does not need to be challenged by the S-CSCF 50.
- This message may be preferably a SIP message but could be based on any other protocol like WebSocket, JSON etc..
- Step S61 The eP-CSCF 40 forwards the REGISTER with the IMS ID to the S-CSCF 50 (potentially via other IMS nodes like IBCF or I-CSCF) and may mark it as described in the previous step.
- the S-CSCF 50 requests the subscription profile from the HSS 60.
- This message may be preferably a SIP message but could be based on any other protocol like WebSocket, JSON etc..
- Step S62 The S-CSCF 50 acknowledges the registration and retrieves the general subscription profile for this webRTC service provider from the HSS 60.
- the 200 OK or any other suitable message is forwarded to the WIC 20.
- This message may be preferably a SIP message but could be based on any other protocol like WebSocket, JSON etc..
- UE 10 i.e. WIC 20 may not want to be IMS registered any more, then the WIC 20 may not refresh the IMS registration which then may time out based on the expire timer so that the S-CSCF 50 removes the registration.
- the WIC 20 may want actively deregister, this has the advantage that terminating calls would fail directly and not due to an undelivered timeout so that the calling party is informed directly. Also free IMS IDs would be available again for assignment to other webRTC IDs.
- Fig. 6 shows how the deregistration could take place unsynchronized.
- Step S71 The WIC 20 sends a deregistration message to the WWSF 30 with its webRTC ID.
- Step S72 the WWSF 30 sets the WIC state to unregistered and removes the binding of the webRTC ID with the IMS ID.
- the WWSF 30 may inform the eP-CSCF 40 about the removal of the binding as shown in Fig. 7.
- Step S73 the WWSF 30 acknowledges the deregistration.
- Step S74 the WIC 20 sends a REGISTER message with the IMS ID and the webRTC ID and with expiry timer equal to zero to the eP-CSCF 40.
- This message may be preferably a SIP message but could be based on any other protocol like WebSocket, JSON etc..
- Step S75 The eP-CSCF 40 verifies the binding of webRTC ID and IMS ID and authorizes the REGISTER.
- the eP-CSCF 40 may include an indicator, flag or other parameter, showing that the binding is verified and/or registration is authorized, in the REGISTER so that it does not need to be challenged by the S-CSCF 50.
- This message may be preferably a SIP message but could be based on any other protocol like WebSocket, JSON etc..
- Step S76 The eP-CSCF 40 forwards the REGISTER with the IMS ID to the S-CSCF 50 (potentially via other IMS nodes like IBCF or I-CSCF) and may mark it as described in the previous step.
- the S-CSCF 50 informs the HSS 60 about the deregistration.
- This message may be preferably a SIP message but could be based on any other protocol like WebSocket, JSON etc..
- Step S77 The S-CSCF 50 acknowledges the deregistration.
- the 200 OK or any other suitable message is forwarded to the WIC 20.
- This message may be preferably a SIP message but could be based on any other protocol like WebSocket, JSON etc..
- Step S78 Once the eP-CSCF 40 receives the acknowledgement that the IMS deregistration was successful, it removes the binding between webRTC ID and IMS ID.
- the WIC 20 can directly send the deregistration message in step S74 to the IMS and the eP-CSCF 40 will take care to inform the WWSF 30 about the deregistration and/or the removal of the binding.
- Fig. 7 shows another variant how the registration could take place synchronized between webRTC provider and IMS provider.
- Step S81 The WIC 20 sends a deregistration message to the WWSF 30 with its webRTC ID.
- Step S82 The WWSF 30 sends a deregistration message with the IMS ID and webRTC ID tuple to the eP-CSCF 40.
- the WWSF 30 may already remove the binding but may do it also at a later stage, e.g. step S88.
- Step S83 The eP-CSCF 40 verifies the binding between webRTC ID and IMS ID and creates a REGISTER message with IMS ID and the webRTC ID and with expiry timer equal to zero towards the S-CSCF 50.
- This message may be preferably a SIP message but could be based on any other protocol like WebSocket, JSON etc..
- Step S84 The eP-CSCF 40 sends a REGISTER message with the IMS ID and the webRTC ID and with expiry timer equal to zero to the S-CSCF 50 (potentially via other IMS nodes like IBCF or I-CSCF).
- the eP-CSCF 40 may include an indicator, flag or other parameter, showing that the binding is verified and/or registration is authorized.
- the S-CSCF 50 informs the HSS 60 about the deregistration. This message may be preferably a SIP message but could be based on any other protocol like WebSocket, JSON etc..
- Step S85 The S-CSCF acknowledges the deregistration.
- the 200 OK or any other suitable message is forwarded to the eP-CSCF 40.
- This message may be preferably a SIP message but could be based on any other protocol like WebSocket, JSON etc..
- Step S86 The eP-CSCF 40 removes the binding of the webRTC ID and the IMS ID.
- Step S87 The eP-CSCF 40 acknowledges the successful deregistration.
- Step S88 The WWSF 30 sets the WIC state to unregistered and removes the binding of the webRTC ID with the IMS ID.
- Step S89 the WWSF 30 acknowledges to the WIC 20 that it is successfully deregistered.
- a third party authentication and authorization server is used, which is trusted by the webRTC service provider as well as the IMS operator.
- the architecture is shown in Fig. 8.
- the AAA (Authentication, Authorization and Accounting) 70 provides a token or other mechanism to the WWSF 30 for a specific webRTC ID.
- the AAA 70 may be located at the webRTC provider, at the mobile operator or in the internet, hosted by a trusted third party. If the WIC 20 uses the token with the correct webRTC ID within a specified time interval, then the HSS 60 will check with the AAA 70 whether the WIC 20 is allowed to register. For this the webRTC user does not need to have an IMS registration nor has the user to be a subscriber of the IMS network or mobile network.
- Fig. 9 shows the call flow of the procedure.
- Step S91 From within a WebRTC-enabled browser, the user may access a URI to the WWSF 30 to initiate an HTTPS connection to the WWSF.
- the TLS connection may provide one-way authentication of the server based on the server certificate.
- the browser downloads and initializes the WIC 20 from the WWSF 30, now the preparation phase is completed.
- Step S92 The WIC 20 registers to the WWSF 30 with its webRTC ID.
- WWSF 30 may initiate authentication procedure if needed.
- Step S93 If the WIC 20 is not preconfigured, the WWSF 30 selects the eP-CSCF 40. It is assumed that the webRTC service provider has a Service Level Agreement with at least one IMS operator, so the WWSF 30 knows the eP-CSCF address(es) and can select one for each specific webRTC ID.
- Step S94 The WWSF 30 requests a token from the AAA 70 for the webRTC ID.
- Step S95 The AAA 70 generates a token for the webRTC ID and stores the binding.
- the token may have a limited validity time.
- Step S96 The AAA 70 grants the token for the webRTC ID and sends it and optionally related information (e.g. validity timer) to the WWSF 30.
- optionally related information e.g. validity timer
- Step S97 The WWSF 30 provides the token and optionally the eP-CSCF address to the WIC 20.
- Step S98 The WIC 20 sends a REGISTER with its webRTC ID and token to the eP-CSCF 40 and S-CSCF 50.
- Step S99 The S-CSCF 50 performs an authentication request for this webRTC ID and token.
- Step S100 The HSS 60 requests the AAA 70 to verify the webRTC ID and token.
- Step S101 The HSS 60 acknowledges the authentication and provides the general subscription profile for this webRTC service provider to the S-CSCF 50.
- Step S102 The S-CSCF 50 acknowledges the REGISTER with a 200 OK or any other suitable message.
- UE 10 i.e. WIC 20 may not want to be IMS registered any more, then the WIC 20 may not refresh the IMS registration which then may time out based on the expire timer so that the S-CSCF 50 removes the registration.
- the WIC 20 may want actively deregister, this has the advantage that terminating calls would fail directly and not due to an undelivered timeout so that the calling party is informed directly. Also free IMS IDs would be available again for assignment to other webRTC IDs.
- Fig. 10 shows how the deregistration could take place unsynchronized.
- Step S111 The WIC 20 sends a deregistration message to the WWSF 30 with its webRTC ID.
- Step S112 The WWSF 30 sends a request message with the webRTC ID to the AAA 70 to remove the token and/or binding.
- Step S113 The AAA 70 marks the binding that it will be removed soon, once the IMS deregistration takes place.
- Step S114 The AAA 70 acknowledges that the removal of the token and/or binding information is prepared and that the WIC 20 can now perform IMS deregistration.
- Step S115 The WWSF 30 sets the WIC state to unregistered and removes the binding of the webRTC ID with other information and acknowledges to the WIC 20 that it is successfully deregistered.
- Step S116 The WIC 20 sends a REGISTER message with the webRTC ID and with expiry timer equal to zero to the S-CSCF 50 (potentially via other IMS nodes like IBCF or I-CSCF).
- the eP-CSCF 40 may include an indicator, flag or other parameter, showing that the binding is verified and/or registration is authorized.
- Step S117 The S-CSCF 50 informs the HSS 60 about the deregistration for the webRTC ID.
- This message may be preferably a SIP message but could be based on any other protocol like WebSocket, JSON etc..
- Step S118 The HSS 60 requests the AAA 70 to authenticate the webRTC ID and to remove the binding.
- the AAA 70 authenticates the webRTC ID and indicates the HSS 60 that it removed the binding.
- Step S119 The HSS 60 acknowledges the deregistration.
- This message may be preferably a SIP message but could be based on any other protocol like WebSocket, JSON etc..
- Step S120 the S-CSCF 50 sends the 200 OK or any other suitable message to the WIC 20.
- This message may be preferably a SIP message but could be based on any other protocol like WebSocket, JSON etc..
- the WIC 20 can directly send the deregistration message in step S116 to the IMS and the AAA 70 will take care to inform the WWSF 30 about the deregistration and/or the removal of the binding and/or token.
- Fig. 11 shows another variant how the registration could take place in a synchronized manner.
- Step S131 The WIC 20 sends a deregistration message to the WWSF 30 with its webRTC ID.
- Step S132 The WWSF 30 sends a request message with the webRTC ID to the AAA 70 to remove the token and/or binding.
- Step S133 The AAA 70 removes the binding and requests IMS deregistration from the HSS 60.
- the AAA 70 may remove the binding also once it got an acknowledgement from the HSS 60 about the successful deregistration.
- Step S134 The HSS 60 sends a REGISTER message with the webRTC ID and with expiry timer equal to zero to the eP-CSCF 40.
- This message may be preferably a SIP message but could be based on any other protocol like WebSocket, JSON etc..
- Step S135 The eP-CSCF 40 acknowledges the deregistration, all nodes in between e.g. S-CSCF 50 remove the subscription profile.
- This message may be preferably a SIP message but could be based on any other protocol like WebSocket, JSON etc..
- the eP-CSCF verifies any UE authentication performed by the WWSF and performs Trusted Node Authentication (TNA), as defined in TS 33.203, in IMS for UEs already authenticated by the WWSF.
- TAA Trusted Node Authentication
- the eP-CSCF verifies that the WWSF is authorized to allocate IMS identities that it assigns to a WIC.
- the eP-CSCF performs IMS registration for WICs using either IMS or Web authentication schemes.
- the eP-CSCF needs to have knowledge about the used identities of the WWSF.
- the WWSF provides the relevant information to the eP-CSCF as indicated in the original solution 3 of TR 23.701 with the W2 reference point. It is further proposed to overcome the limitation of the required IMS registration by allowing the WWSF to assign from a pool of IMS registrations a valid IMPU to the WIC that desires to register to IMS.
- the pool of IMS registrations can be easily realized with wildcarded IMPUs.
- the WWSF On request of the WIC, the WWSF provides an IMPU to the WIC and a token for this IMPU to the eP-CSCF.
- the eP-CSCF can authenticate based on this information the registration request from the WIC.
- the WWSF is using a pool of IMS IDs received from the HSS of the IMS operator.
- the idea behind is that the webRTC service provider does not assume that the webRTC user has an own IMS subscription so the webRTC provider holds a pool of IMS subscriptions that can be assigned to the webRTC IMS client on demand.
- the pool of IMS IDs can be provided to the WWSF in form of wildcarded IMPUs.
- Fig. 13 shows the call flow of the authentication procedure.
- the WWSF is pre-configured with wildcarded IMPUs that will be shared by the webRTC users on demand.
- the user From within a WebRTC-enabled browser, the user accesses a URI to the WWSF to initiate an HTTPS connection to the WWSF.
- the TLS connection provides one-way authentication of the server based on the server certificate.
- the browser downloads and initializes the WIC from the WWSF.
- the WIC requests IMS registration information from the WWSF with its webRTC ID.
- WWSF may initiate authentication procedure if needed.
- the WWSF generates an IMPU out of the wildcarded IMPUs e.g. based on the webRTC ID.
- the WWSF binds this IMPU to the webRTC ID and generates a token.
- the WWSF registers the IMPU and token at the eP-CSCF.
- the P-CSCF and WWSF have a trust relationship and may be authenticated to each other.
- the eP-CSCF stores the binding and acknowledges the binding. It may start a validity timer for the binding and provides the timer to the WWSF.
- the WWSF provides the IMPU and token, which binds to the webRTC ID, to the WIC.
- the WIC stores the received information and sends a REGISTER message to the eP-CSCF, using the IMPU and token.
- the eP-CSCF verifies the binding of IMPU and token and authorizes the REGISTER.
- the eP-CSCF may include an indicator, flag or other parameter, showing that the binding is verified and/or registration is authorized, in the REGISTER so that it does not need to be challenged by the S-CSCF.
- the eP-CSCF forwards the REGISTER to the S-CSCF.
- the S-CSCF requests the subscription profile from the HSS.
- the S-CSCF acknowledges the registration and retrieves the general subscription profile for this webRTC service provider from the HSS.
- the 200 OK message is forwarded to the WIC.
- Fig. 14 shows a configuration example of the UE 10 in this authentication procedure.
- the UE 10 includes at least a receiving unit 11 and a sending unit 12.
- the receiving unit 11 receives the token from the WWSF 30 in the IMS registration, and receives the 200 OK message from the S-CSCF 50.
- the S-CSCF 50 receives the subscription profile from the HSS 60, via the eP-CSCF 40.
- the sending unit 12 sends the REGISTER message with the token to the eP-CSCF 40.
- the eP-CSCF 40 verifies the token and forwards the REGISTER message to the S-CSCF 50.
- the UE 10 may request information for the IMS registration from the WWSF 30 on initiation of the authentication thereof.
- the receiving unit 11 may receive the IMPU together with the token from the WWSF 30.
- the sending unit 12 may sends the REGISTER message with the IMPU and the token to the eP-CSCF 40.
- the eP-CSCF 40 verifies the IMPU together with the token.
- the UE 10 can download the WIC 20 from the WWSF 30, thereby functioning/operating as the WIC 20.
- these units 11 and 12 are mutually connected with each other through a bus or the like.
- These units 11 and 12 can be configured by, for example, a transceiver which conducts communication with the WWSF 30 and the eP-CSCF 40, through an EPC (Evolved Packet Core) shown in each of Figs. 1, 3 and 8, and a controller such as a CPU (Central Processing Unit) which control this transceiver to execute the processes shown in each of Figs. 2, 4 to 7, 9 to 11 and 13, or processes equivalent thereto.
- EPC Evolved Packet Core
- Binding of webRTC ID and IMS ID a.
- the binding can be created at HSS, WWSF, or AAA.
- the binding can be provided to a (network) entity, for example, HSS-> WWSF, WWSF->eP-CSCF.
- the verification of binding can be carried at the entity which created the binding or at the entity which is provided with binding.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Multimedia (AREA)
- Business, Economics & Management (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Business, Economics & Management (AREA)
- Accounting & Taxation (AREA)
- Telephonic Communication Services (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
Description
NPL 2: 3GPP TR 33.abc (S3-131125), "Study on Security for WebRTC IMS Client access to IMS; (Release 12)", V0.1.0, 2013-11
This exemplary embodiment proposes a static IMS ID allocation to the WWSF per webRTC identity. Fig. 1 shows the principle of the identity binding.
In this exemplary embodiment, the WWSF is using a pool of IMS IDs received from the HSS of the IMS operator. The idea behind is that the webRTC service provider does not assume that the webRTC user has an own IMS subscription so the webRTC provider holds a pool of IMS subscriptions that can be assigned to the webRTC IMS client (WIC) on demand. The architecture is shown in Fig. 3.
At some point in time,
In this exemplary embodiment, a third party authentication and authorization server is used, which is trusted by the webRTC service provider as well as the IMS operator. The architecture is shown in Fig. 8.
At some point in time,
Current webRTC TR 33.abc describes two different solutions for the authentication of the webRTC IMS Client in IMS., based on the assumption that the user has a subscription with an individual IMPU and uses an IMS authentication mechanism (e.g., IMS digest) to authenticate with IMS. This assumption limits the usefulness of the webRTC interworking feature extremely, since there is no point in using webRTC communication if the user has an IMS client and can setup IMS sessions without webRTC.
- The eP-CSCF verifies any UE authentication performed by the WWSF and performs Trusted Node Authentication (TNA), as defined in TS 33.203, in IMS for UEs already authenticated by the WWSF.
- For Web authentication scenarios, the eP-CSCF verifies that the WWSF is authorized to allocate IMS identities that it assigns to a WIC.
- The eP-CSCF performs IMS registration for WICs using either IMS or Web authentication schemes.
It is proposed to add the following text into the webRTC TR 33.abc.
The WWSF is using a pool of IMS IDs received from the HSS of the IMS operator. The idea behind is that the webRTC service provider does not assume that the webRTC user has an own IMS subscription so the webRTC provider holds a pool of IMS subscriptions that can be assigned to the webRTC IMS client on demand. The pool of IMS IDs can be provided to the WWSF in form of wildcarded IMPUs.
Binding of webRTC ID and IMS ID
a. The binding can be created at HSS, WWSF, or AAA.
b. The binding can be provided to a (network) entity, for example, HSS-> WWSF, WWSF->eP-CSCF.
c. The verification of binding can be carried at the entity which created the binding or at the entity which is provided with binding.
d. Removal of the binding inclusive the IMS deregistration once it is not needed anymore.
With verification of the above described binding, operator can perform authentication and authorization when UE WIC access IMS service with a web identity (webRTC ID).
Validity time limited authentication and authorization for sending the registration message from the WIC.
eP-CSCF assignment to UE WIC via WWSF.
Using static webRTC ID to IMS ID binding or dynamic binding to a pool of IMS IDs as well as using the webRTC ID instead of an IMS ID.
11 RECEIVING UNIT
12 SENDING UNIT
20 WIC
30 WWSF
40 eP-CSCF
50 I/S-CSCF
60 HSS
70 AAA
Claims (18)
- An authentication method in a communication system, the method comprising:
sending a token from a WWSF (WebRTC (Web Real Time Communication) Web Server Function) to a UE (User Equipment) in an IMS (IP (Internet Protocol) Multimedia Subsystem) registration;
sending a REGISTER message with the token from the UE to an eP-CSCF (enhanced Proxy-CSCF (Call Session Control Function));
verifying the token by the eP-CSCF;
forwarding the REGISTER message from the eP-CSCF to an S-CSCF (Serving-CSCF);
receiving a subscription profile from an HSS (Home Subscriber Server) to the S-CSCF; and
sending a 200 OK message from the S-CSCF to the UE via the eP-CSCF.
- The authentication method according to Claim 1, further comprising:
requesting, by the UE, information for the IMS registration from the WWSF on the initiation of the authentication method.
- The authentication method according to Claim 1 or 2, further comprising:
requesting, by the WWSF, the token from an authorization node.
- The authentication method according to any one of Claims 1 to 3,
wherein the WWSF sends an IMPU (IMS public user identity) together with the token to the UE,
wherein the UE sends the REGISTER message with the IMPU and the token to the eP-CSCF, and
wherein the eP-CSCF verifies the IMPU together with the token.
- The authentication method according to any one of Claims 1 to 4, wherein the UE comprises a WIC (WebRTC IMS Client).
- A communication system for authenticating a UE (User Equipment), the system comprising a WWSF (WebRTC (Web Real Time Communication) Web Server Function), an eP-CSCF (enhanced Proxy-CSCF (Call Session Control Function)), an S-CSCF (Serving-CSCF), and an HSS (Home Subscriber Server),
wherein:
the WWSF sends a token to the UE in an IMS (IP (Internet Protocol) Multimedia Subsystem) registration;
the UE sends a REGISTER message with the token to the eP-CSCF;
the eP-CSCF verifies the token;
the eP-CSCF forwards the REGISTER message to the S-CSCF;
the S-CSCF receives a subscription profile from the HSS; and
the S-CSCF sends a 200 OK message to the UE via the eP-CSCF.
- The communication system according to Claim 6, wherein the UE requests information for the IMS registration from the WWSF.
- The communication system according to Claim 6 or 7, further comprising an authorization node,
wherein the WWSF requests the token from the authorization node.
- The communication system according to any one of Claims 6 to 8,
wherein the WWSF sends an IMPU (IMS public user identity) together with the token to the UE,
wherein the UE sends the REGISTER message with the IMPU and the token to the eP-CSCF, and
wherein the eP-CSCF verifies the IMPU together with the token.
- The communication system according to any one of Claims 6 to 9, wherein the UE comprises a WIC (WebRTC IMS Client).
- An authentication method of a UE (User Equipment) comprising:
receiving a token from a WWSF (WebRTC (Web Real Time Communication) Web Server Function) in an IMS (IP (Internet Protocol) Multimedia Subsystem) registration;
sending a REGISTER message with the token to an eP-CSCF (enhanced Proxy-CSCF (Call Session Control Function)) that verifies the token and forwards the REGISTER message to an S-CSCF (Serving-CSCF); and
receiving a 200 OK message from the S-CSCF, the S-CSCF receiving a subscription profile from an HSS (Home Subscriber Server), via the eP-CSCF.
- The authentication method according to Claim 11, further comprising:
requesting information for the IMS registration from the WWSF on the initiation of the authentication method.
- The authentication method according to Claim 11 or 12,
wherein the UE receives an IMPU (IMS public user identity) together with the token from the WWSF,
wherein the UE sends the REGISTER message with the IMPU and the token to the eP-CSCF that verifies the IMPU together with the token.
- The authentication method according to any one of Claims 11 to 13, wherein the UE comprises a WIC (WebRTC IMS Client).
- A UE (User Equipment) connectable to a communication system including a WWSF (WebRTC (Web Real Time Communication) Web Server Function), an eP-CSCF (enhanced Proxy-CSCF (Call Session Control Function)), an S-CSCF (Serving-CSCF), and an HSS (Home Subscriber Server), the UE comprising:
a receiving unit that receives a token from the WWSF in an IMS (IP (Internet Protocol) Multimedia Subsystem) registration and receives a 200 OK message from the S-CSCF, the S-CSCF receiving a subscription profile from the HSS, via the eP-CSCF; and
a sending unit that sends a REGISTER message with the token to the eP-CSCF, the eP-CSCF verifying the token and forwarding the REGISTER message to the S-CSCF.
- The UE according to Claim 15, wherein the UE requests information for the IMS registration from the WWSF.
- The UE according to Claim 15 or 16,
wherein the receiving unit receives an IMPU (IMS public user identity) together with the token from the WWSF,
wherein the sending unit sends the REGISTER message with the IMPU and the token to the eP-CSCF that verifies the IMPU together with the token.
- The UE according to any one of Claims 15 to 17, wherein the UE comprises a WIC (WebRTC IMS Client).
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP2016557360A JP6330916B2 (en) | 2013-12-19 | 2014-12-18 | System and method for webRTC |
US15/105,310 US10142341B2 (en) | 2013-12-19 | 2014-12-18 | Apparatus, system and method for webRTC |
Applications Claiming Priority (4)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP2013262170 | 2013-12-19 | ||
JP2013-262170 | 2013-12-19 | ||
JP2014002633 | 2014-01-09 | ||
JP2014-002633 | 2014-01-09 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2015093058A1 true WO2015093058A1 (en) | 2015-06-25 |
Family
ID=52432876
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/JP2014/006334 WO2015093058A1 (en) | 2013-12-19 | 2014-12-18 | APPARATUS, SYSTEM AND METHOD FOR webRTC |
Country Status (3)
Country | Link |
---|---|
US (1) | US10142341B2 (en) |
JP (1) | JP6330916B2 (en) |
WO (1) | WO2015093058A1 (en) |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2016165672A1 (en) * | 2015-07-08 | 2016-10-20 | 中兴通讯股份有限公司 | Voice service registration method and device |
CN106254562A (en) * | 2016-10-14 | 2016-12-21 | 北京邮电大学 | Route selection method, server and system in WebRTC system |
KR20170139128A (en) * | 2015-08-31 | 2017-12-18 | 텐센트 테크놀로지(센젠) 컴퍼니 리미티드 | Method and system for processing voice communication, electronic device and storage medium |
CN108353072A (en) * | 2015-11-09 | 2018-07-31 | 诺基亚通信公司 | Enhancing media plane optimization in web real-time Communication for Power scenes |
WO2019036410A1 (en) | 2017-08-18 | 2019-02-21 | T-Mobile Usa, Inc. | Web access in 5g environments |
Families Citing this family (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP6328775B2 (en) * | 2014-01-13 | 2018-05-23 | ノキア ソリューションズ アンド ネットワークス オサケユキチュア | Security against access to IP Multimedia Subsystem (IMS) in Web Real Time Communications (WebRTC) |
US10284425B2 (en) * | 2014-01-29 | 2019-05-07 | Cellco Partnership | Device registration awareness for over-the-air updates |
US9912705B2 (en) * | 2014-06-24 | 2018-03-06 | Avaya Inc. | Enhancing media characteristics during web real-time communications (WebRTC) interactive sessions by using session initiation protocol (SIP) endpoints, and related methods, systems, and computer-readable media |
WO2015199462A1 (en) * | 2014-06-27 | 2015-12-30 | Samsung Electronics Co., Ltd. | Method and apparatus for providing quality of service for web-based real-time communication |
WO2016073935A1 (en) * | 2014-11-07 | 2016-05-12 | T-Mobile Usa, Inc. | Multiple device association with a single telephone number |
EP3494667B1 (en) * | 2016-08-03 | 2020-12-23 | Telefonaktiebolaget LM Ericsson (PUBL) | Guest user access in the ip multimedia subsystem ims |
CN112350985A (en) * | 2020-09-15 | 2021-02-09 | 南斗六星系统集成有限公司 | Method and system for realizing access of mobile equipment to FreeWITCH |
Family Cites Families (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8195940B2 (en) | 2002-04-05 | 2012-06-05 | Qualcomm Incorporated | Key updates in a mobile wireless system |
US8984615B2 (en) * | 2009-04-08 | 2015-03-17 | At&T Mobility Ii, Llc | Web to IMS registration and authentication for an unmanaged IP client device |
WO2011098138A1 (en) * | 2010-02-12 | 2011-08-18 | Telefonaktiebolaget Lm Ericsson (Publ) | Ip multimedia subsystem user identity handling method and apparatus |
US20130227663A1 (en) * | 2010-10-08 | 2013-08-29 | Telefonica S.A. | Method, a system and a network element for ims control layer authentication from external domains |
US8955081B2 (en) * | 2012-12-27 | 2015-02-10 | Motorola Solutions, Inc. | Method and apparatus for single sign-on collaboraton among mobile devices |
US9331967B2 (en) * | 2013-02-04 | 2016-05-03 | Oracle International Corporation | Browser/HTML friendly protocol for real-time communication signaling |
-
2014
- 2014-12-18 US US15/105,310 patent/US10142341B2/en active Active
- 2014-12-18 WO PCT/JP2014/006334 patent/WO2015093058A1/en active Application Filing
- 2014-12-18 JP JP2016557360A patent/JP6330916B2/en active Active
Non-Patent Citations (5)
Title |
---|
"3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; 3G security; Access security for IP-based services (Release 12)", 3GPP STANDARD; 3GPP TS 33.203, 3RD GENERATION PARTNERSHIP PROJECT (3GPP), MOBILE COMPETENCE CENTRE ; 650, ROUTE DES LUCIOLES ; F-06921 SOPHIA-ANTIPOLIS CEDEX ; FRANCE, vol. SA WG3, no. V12.3.0, 19 September 2013 (2013-09-19), pages 1 - 122, XP050712660 * |
"3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; Study on Security for WebRTC IMS Client access to IMS; (Release 12)", 21 November 2013 (2013-11-21), XP050766138, Retrieved from the Internet <URL:http://www.3gpp.org/ftp/tsg_sa/WG3_Security/TSGS3_73_SanFrancisco/Docs/Drafts/> [retrieved on 20131121] * |
"3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; Study on Web Real Time Communication (WebRTC) access to IMS (Stage 2) (Release 12)", 25 November 2013 (2013-11-25), XP050764393, Retrieved from the Internet <URL:http://www.3gpp.org/ftp/tsg_sa/WG2_Arch/Latest_SA2_Specs/Latest_draft_S2_Specs/> [retrieved on 20131125] * |
"Study on Security for WebRTC IMS Client access to IMS; (Release 12", 3GPP TR 33.ABC (S3-131125, November 2013 (2013-11-01) |
"Study on Web Real Time Communication (WebRTC) access to IMS (Stage 2) (Release 12", 3GPP TR 23.701, November 2013 (2013-11-01) |
Cited By (13)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2016165672A1 (en) * | 2015-07-08 | 2016-10-20 | 中兴通讯股份有限公司 | Voice service registration method and device |
US10412227B2 (en) | 2015-08-31 | 2019-09-10 | Tencent Technology (Shenzhen) Company Limited | Voice communication processing method and system, electronic device, and storage medium |
KR102040755B1 (en) * | 2015-08-31 | 2019-11-27 | 텐센트 테크놀로지(센젠) 컴퍼니 리미티드 | Method and system for processing voice communication, electronic device and storage medium |
KR20170139128A (en) * | 2015-08-31 | 2017-12-18 | 텐센트 테크놀로지(센젠) 컴퍼니 리미티드 | Method and system for processing voice communication, electronic device and storage medium |
JP2018522323A (en) * | 2015-08-31 | 2018-08-09 | テンセント・テクノロジー・(シェンジェン)・カンパニー・リミテッド | Voice communication processing method and system, electronic apparatus, and storage medium |
CN108353072A (en) * | 2015-11-09 | 2018-07-31 | 诺基亚通信公司 | Enhancing media plane optimization in web real-time Communication for Power scenes |
CN108353072B (en) * | 2015-11-09 | 2021-08-10 | 诺基亚通信公司 | Enhanced media plane optimization in web real-time communication scenarios |
US11310293B2 (en) | 2015-11-09 | 2022-04-19 | Nokia Solutions And Networks Oy | Enhanced media plane optimization in web real time communication scenarios |
CN106254562A (en) * | 2016-10-14 | 2016-12-21 | 北京邮电大学 | Route selection method, server and system in WebRTC system |
WO2019036410A1 (en) | 2017-08-18 | 2019-02-21 | T-Mobile Usa, Inc. | Web access in 5g environments |
CN110999393A (en) * | 2017-08-18 | 2020-04-10 | T移动美国公司 | World wide web access in a 5G environment |
EP3649804A4 (en) * | 2017-08-18 | 2021-03-24 | T-Mobile USA, Inc. | Web access in 5g environments |
US11082458B2 (en) | 2017-08-18 | 2021-08-03 | T-Mobile Usa, Inc. | Web access in 5G environments |
Also Published As
Publication number | Publication date |
---|---|
JP6330916B2 (en) | 2018-05-30 |
US20160315938A1 (en) | 2016-10-27 |
US10142341B2 (en) | 2018-11-27 |
JP2017502624A (en) | 2017-01-19 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10142341B2 (en) | Apparatus, system and method for webRTC | |
EP1879324B1 (en) | A method for authenticating user terminal in ip multimedia sub-system | |
ES2379964T3 (en) | Method to initiate communications based on IMSI | |
JP5345154B2 (en) | Message handling in IP multimedia subsystem | |
EP2359577B1 (en) | Correlating communication sessions | |
US20130227663A1 (en) | Method, a system and a network element for ims control layer authentication from external domains | |
KR20120109580A (en) | Authentication method, system and device | |
CA2729926A1 (en) | Method and apparatus for instance identifier based on a unique device identifier | |
US20130091546A1 (en) | Transmitting Authentication Information | |
WO2007003140A1 (en) | An authentication method of internet protocol multimedia subsystem | |
US20110173687A1 (en) | Methods and Arrangements for an Internet Multimedia Subsystem (IMS) | |
US20220408251A1 (en) | Method for supporting authentication of a user equipment | |
EP2011299B1 (en) | Method and apparatuses for securing communications between a user terminal and a sip proxy using ipsec security association | |
US11490255B2 (en) | RCS authentication | |
US9848048B2 (en) | Method and apparatus for transmitting an identity | |
EP2040433B1 (en) | Password update in a communication system | |
SB et al. | „Diameter-based Protocol in the IP Multimedia Subsystem “ |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 14831096 Country of ref document: EP Kind code of ref document: A1 |
|
ENP | Entry into the national phase |
Ref document number: 2016557360 Country of ref document: JP Kind code of ref document: A |
|
WWE | Wipo information: entry into national phase |
Ref document number: 15105310 Country of ref document: US |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 14831096 Country of ref document: EP Kind code of ref document: A1 |