This means that a SIP message coming from another
network may not contain a P-ASSERTED-ID, presenting an authentication challenge
to the operator. In this case, authentication is not necessarily needed to determine if
the subscriber should have access to the network, as this is taken care of through other
procedures. Rather, the concern is whether or not subscribers are who they say they
are, and identifying a subscriber to the destination party.
When a message is received with a PRIVACY header with the token ???ID,??? the entity
removes the P-ASSERTED-ID header from the message and forwards the message to
the destination. If the token is set to ???NONE,??? then no privacy has been requested. It
is then up to the operator policy to determine if the header is to be provided outside of
the network.
When an IMS network receives a SIP message from another network, and the PASSERTED-
ID is missing, the I-CSCF should then authenticate subscribers to verify
they are who they say they are, and they indeed have authorization to access the network.
152 Chapter 6
The HSS serving a subscriber verifies if the subscriber should have access to the visited
network, and also provides the authentication needed.
The P-CSCF also plays an important role in safeguarding the network against unauthorized
access. For this reason, all subscriber devices are forced to first connect with
the local P-CSCF.
Pages:
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317