How to authenticate fixed terminals in FMC

Source: Internet
Author: User

Due to the differences between the fixed network and mobile network in terms of access bandwidth, terminal authentication, and terminal mobility, how to view and solve these differences has become a key issue for IMS-based FMC.

The concept and architecture of IMS was initially proposed by 3GPP In R5. As a new domain in the third generation mobile communication, IMS provides multimedia services for users and achieves separation of business and control. In version 3GPPR7, IMS is extended from only providing GPRS access to support WLAN and fixed broadband access, realizing the independence of access. At the same time, IMS adopts the same SIP protocol and similar architecture as fixed Softswitch, which lays the foundation for the integration of fixed and mobile systems based on IMS. Currently, IMS has been studied by multiple standard organizations. 3GPP and PP2 focus on IMS applications in mobile communication, the Application of IMS in fixed network and network fusion is studied in TISPAN and ITU-T. It can be said that the emergence of IMS provides an unprecedented opportunity for the integration of fixed and mobile services and networks.

From the perspective of standard maturity, IMS has mature applications in mobile communication through a series of standards such as R5, R6, and R7 developed by 3GPP, the creator of IMS, various vendors have also been able to provide commercial IMS devices and Terminals Based on R5 and R6. Relative to mobile, IMS-based standards for fixed network and network convergence are not very mature, and some problems are still being studied. Due to the differences between the fixed network and mobile network in terms of access bandwidth, terminal authentication, and terminal mobility, how to view and solve these differences has become a key issue for IMS-based FMC.

Due to the inherent differences between fixed terminals and mobile terminals, IMS is originated in the mobile communication field. Therefore, when IMS is extended to the fixed network field, it will face some problems. The following describes the problems and possible solutions of fixed terminals in IMS access authentication.


We know that the biggest difference between a fixed terminal and a mobile terminal is the portability and mobility of the terminal. Mobile terminals are mostly private and carried by individuals. They are highly mobile and need to support roaming and switching between networks and networks. The roaming range is large and can be global. Fixed Network terminals are generally deployed in a fixed place, such as a home or office. They share some common features, such as sharing between family members and colleagues. Fixed terminals generally do not have strong mobile and roaming features (WLAN terminals have a certain degree of mobility and roaming ).

Due to the existence of these features, fixed network terminals and mobile terminals are significantly different at the beginning of the design. Mobile Terminals focus on authentication and authentication at the beginning, and have powerful functions such as information encryption, mobile and roaming. Mobile Terminals have their own public signs for users, such as MSISDN, and private signs for networks, such as IMSI. Most fixed terminals access the network directly through wired lines, so there is not much attention to authentication and authentication. In addition, there are generally only public signs (such as phone numbers and IP addresses ), the private flag is missing. To meet IMS-based integration of fixed and mobile devices, fixed terminals need to be improved and improved accordingly.

Meets certification requirements

IMS has specific requirements for user identification. IMS users have both public and private user logos, which correspond to the current mobile users' MSISDN and IMSI, but they have their own features in the IMS stage.

Each IMS user is assigned at least one public user sign. The public user flag can be SIPURI or TelURI. In some cases, a user needs multiple public user logos. For example, the user wants to distinguish his/her Office and home numbers, in this case, you need to assign the user a public office user sign and a public household user sign.

Each IMS user must have at least one private user ID. Unlike the public user ID, the format of the private user ID is not SIPURI or TelURI, but network access identity. Unlike the public user identity, the private user identity is not used to determine the route of the network, but is used for identification and authentication. It exists in the UICC of the terminal.

What is the relationship between the user, public user sign, and private user sign? The private public user ID corresponds to the smart card in the user's terminal. A user can have multiple terminal smart cards, so there can be multiple private user IDs, each private public user ID can correspond to multiple public user IDs ("one machine, multiple accounts "), in turn, a public user sign can also be associated with multiple private user signs (similar to "1 "). Therefore, the relationship between the user, private public user sign, and public user sign is 1: m: n.

According to the 3GPP standard, IMS users adopt the AKA authentication method. This method uses the extended Digest authentication to carry AKA authentication parameters for authentication. The network allows UICC cards including ISIM and USIM to access IMS, which is not supported for SIM card access with weak security. ISIM is derived from IMS, where the user's public and private user logos and authentication parameters are stored. For USIM that has not been upgraded to ISIM, the terminal can access the IMS network only by generating public and private user tags Based on IMSI in USIM.

Fixed terminal IMS

Fixed Network IMS terminals will include a large number of traditional terminals currently in use and new terminals supporting IMS services in the future. Generally, the UICC card is not configured for traditional fixed terminals, and only the public user logo is used. The private user logo is missing, and AKA authentication method is not supported. Therefore, to implement IMS-based FMC, you need to expand the user identification and authentication methods of fixed terminals. At the same time, IMS must support different authentication methods.

According to the above 3GPP authentication method for mobile terminals, TISPAN recommends that the terminals support UICC cards that contain ISIM/USIM and adopt AKA authentication. For terminals that do not support UICC, the SIPDigest authentication method can be used, but the fixed terminal is required to have parameters such as public user signs and private user signs for authentication.

The following principles are recommended for terminal authentication of fixed network IMS Based on TISPAN regulations and terminal types:

Try to be consistent with mobile terminals. UICC cards and AKA authentication methods are preferred. For terminals that cannot use UICC cards, Digest and other authentication methods can be used. The terminal's public user logo can use the current number and other public signs. The private user logo can be based on the unique characteristics of the terminal. Fixed terminal IMS authentication and authentication can adopt the following solutions:

1) For new terminals that support IMS services, the terminals must support UICC cards containing ISIM, use public and private user signs consistent with the 3GPP standard, and support AKA authentication methods;

2) software terminals used on public platforms such as computers and PDAs need to be upgraded, corresponding software modules need to be added, and private user logos of terminals are generated using software, authentication can be performed in SIPDigest mode;

3) traditional hard terminals that cannot be upgraded can adopt plug-ins for authentication and authentication. Connect all hardware terminals without UICC cards to external devices (such as home gateways). This device can generate private user signs and keys required for AKA authentication for each terminal, the device is responsible for completing authentication for AKA-based terminals.

At present, IMS has become a widely favored technology to achieve the convergence of fixed and mobile networks. It is also a recognized technology development trend in the industry. Standard Organizations, equipment vendors, and operators all pay close attention to IMS-based network convergence. The designation of relevant standards, the development of network equipment, and the Technical Experiment of IMS are all in progress. Everyone hopes to achieve the integration of fixed and mobile networks through the unified IMS. Terminal connection and support, especially fixed network terminals, are also an important part of this series of work and need to be constantly researched and explored.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.