However, the HSS is not made available to other networks. Only the S-CSCF within
the same network should be allowed to access the HSS within any network. This is because
of the subscriber data stored within each HSS. Providing access to a non-trusted
domain would be a breach of security and would open up opportunities for subscriber
identity theft. The P-CSCF and the I-CSCF guard the S-CSCF and the HSS from unauthorized
access, as I have discussed earlier.
Think of the HSS as the brains of the operation. Any service that a subscriber is privileged
to use can be found in this one central location. All changes to the subscription
are made in one location. This is a stark difference from VoIP implementations where
the subscriber and his or her privileges are managed through various softswitches, in
a mesh configuration, or using application servers accessible by the subscriber.
Another advantage of the HSS is the ability to manage multiple identities under one
common subscription. As discussed in Chapter 3, a subscription may have only one private
user identity, but it can have multiple public user identities. Service identifiers can
also be assigned to each of the public user identities based on the one subscription. Read
Chapter 3 for more details on user identities and how these are used within the IMS.
Architecture of the IMS 19
Application Server (AS) The Application Server (AS) is a multipurpose function within
the IMS; however, it is not part of the IMS core (see Figure 1.
Pages:
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72