The procedure in the present clause covers two cases

Info icon This preview shows pages 134–137. Sign up to view the full content.

View Full Document Right Arrow Icon
The procedure in the present clause covers two cases of locating the authorization entity (WAF): - The WAF is located in the IMS provider domain; - The WAF is located in a third party domain. NOTE 2: WWSF and WAF realisations can be physically co-located or physically separate; in the latter case, WWSF and WAF can reside in the same or in different domains. An example signalling flow for the present registration scenario is shown in Figure X.3.2.3-1. In this figure, by way of example SIP over secure WebSocket is used between the WebRTC IMS Client and the eP-CSCF. Other protocols (e.g. HTTP RESTful or JSON over WebSocket) can also be used. All steps in the procedure below apply to both cases of WAF location unless stated otherwise. For the example of OAuth 2.0 the WAF needs to be located in the IMS provider domain. For the normative part, the procedure applies Trusted Node Authentication (TNA) specified for IMS in Annex U of the present specification. The trusted node is the eP-CSCF residing in the operator network, according to TS 23.228 [3]. The signalling between the Trusted Node and the rest of the IMS core is unchanged from the signalling flow in Annex U of the present specification with the following exception: if the WAF is located in a third party domain then the REGISTER message is enhanced with an additional parameter, which is included to satisfy the requirements REQ 2.1 and REQ 2.2 from clause X.3.1 of the present specification. 3GPP 3GPP TS 33.203 V12.67.0 (2014-0609) 134 Release 12
Image of page 134

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Figure X.3.2.3-1: WebRTC IMS Client access to IMS using Trusted Node Authentication (example flow) The details of the signalling flows are as follows: Each step x in the signalling flow has a part x.1 providing general text applying to all realisations, irrespective of whether the WAF is located in the IMS provider domain or in a third party domain. This part x.1 is followed by text explaining how it would work for a realisation using the example of OAuth. For the example of OAuth, the WAF needs to be located in the IMS provider domain. In addition, some of the steps contain a second step x.2 that applies only when the WAF is located in a third party domain. 0. WWSF obtains authorization token 0.1 General : The WWSF requests an authorization token from the WAF. The WAF or WWSF, depending on the authorization flow used, authenticates the user via “web credentials”, i.e. credentials as commonly used for access to web based services, for example a username and password. The user's web identity is mapped to the corresponding IMS subscriber identity (i.e. IMPI and IMPU(s) ). NOTE 3: It is assumed that the WWSF or WAF maintains the mapping between a user's web identity and IMPI/IMPU. How this mapping is established (i.e. how REQ 2.5 is satisfied) is out-of-scope of this specification. Example of OAuth 2.0 : 3GPP 3GPP TS 33.203 V12.67.0 (2014-0609) 135 Release 12
Image of page 135
When using the example of OAuth 2.0 then one of the authorization flows defined by OAuth 2.0 is used.
Image of page 136

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Image of page 137
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern