This information is also stored within the HSS, while each unique device
address (IP address) is stored with its associated public user identity in the S-CSCF.
All devices attempting to register will be challenged by the network registrar (the
S-CSCF assigned to the subscriber during the registration process). This challenge is
110 Chapter 5
to authenticate the subscription, preventing unauthorized access. The registration is
challenged by rejecting the initial registration and forcing a second registration message
containing the proper credentials.
The registration is rejected by returning the response 401 Unauthorized to the device.
When the S-CSCF sends this response, it stores the CALL ID from the REGISTER
and queries the HSS for the subscriber??™s credentials. The credentials consist of the
cipher key as well as the authentication key. These are explained in much more detail
in Chapter 6.
When the subscriber device receives the response, it will generate a new REGISTER
containing the proper credentials and with the same CALL ID as the original
REGISTER. The S-CSCF then knows by the CALL ID that this is in response to the
earlier rejection and can then correlate the two REGISTER messages.
Another method would be to always have the device send its credentials each time it
registers a new location with the network. This would work but would also generate a
lot of traffic between the S-CSCF and the HSS.
Pages:
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241