Non registration messages this sub clause are handled

Info icon This preview shows pages 79–81. Sign up to view the full content.

View Full Document Right Arrow Icon
non-registration messages, this sub-clause) are handled by logically separated protocol engines and thus each mechanism has its own nonce, cnonce and nonce-count parameters. NOTE 1b: The usage of the same SD-AV for authentication of non-registration messages and of registration messages requires the storage of the SD-AV in S-CSCF during the authentication of registration messages (cf. subclause N.2.1.1), as retrieval of AVs from HSS is only specified for handling of registration messages. In case of dynamic password change (cf. clause N.2.5), the SD-AV (or SD-AVs) used for generating the challenge(s) are specified in clause N.2.5. - If the check is successful then the request has been authenticated, and the S-CSCF sends a 2xx AUTH_OK towards the UE; - If the check fails, based on local policy the S-CSCF may choose to re-challenge the user by using the same procedure described in this subclause, or reject the request by sending a 403 response. When the UE is to send a non-REGISTER SIP request it should first check whether it has a digest challenge stored which was previously received in a Proxy-Authenticate header. If such a digest challenge is available in the UE the UE should use it together with the nonce-count mechanism as specified in RFC 2617 [12] to calculate a digest response, include the digest response in a Proxy-Authorization header and send this header together with the non-REGISTER SIP request. NOTE 2: According to RFC 2617 [12], the S-CSCF may send a 407 (Proxy Authentication Required) as a response to any non-REGISTER request, indicating that the nonce is stale and the digest response shall be recomputed using the fresh challenge sent in the same 407 message. When the S-CSCF has successfully used the SIP Digest proxy authentication mechanism it shall check if the public user identity asserted by the P-CSCF belongs to the implicit registration set (i.e. the public user identities associated with the authenticated user). If the check is not successful the S-CSCF shall reject the non-registration request. NOTE 3: Such a rejection may occur when one of the conditions mentioned in NOTE 1 is not fulfilled. 3GPP 3GPP TS 33.203 V12.67.0 (2014-0609) 79 Release 12
Image of page 79

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
NOTE 4: When TLS according to Annex O is used, or when IPsec according to the main body or Annex M is used, then the failure conditions mentioned in NOTE 1 and Annex Q.3 cannot occur, and the public user identity asserted by the P-CSCF is reliable. N.2.2 Authentication failures N.2.2.1 User Authentication failure If the S-CSCF detects the user authentication failure due to an incorrect response (received in SM9), the S-CSCF sends a failure notification to the UE. The S-CSCF shall set the registration-flag in the HSS to unregistered or Not registered if the IMPU is not currently registered. To set the flag the S-CSCF sends in CM3 a Cx-Put to the HSS as shown in Figure 5. If the IMPU is currently registered, the S-CSCF does not update the registration flag. The HSS responds to CM3 with a Cx-Put-Resp in CM4.
Image of page 80
Image of page 81
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern