Trusted and Non-trusted Interworking
Download
Report
Transcript Trusted and Non-trusted Interworking
Page 1
Inter Working Between Trusted
and Non-Trusted Models
LBS Roaming Meeting, Macau
March 22, 2007
Roaming Scenarios Matrix
Page 2
Visited
operator
Trusted
Non-Trusted
(V1/V2 or proprietary2)
Proprietary
Trusted1
Home
operator
• Sharing BSA
• PDE interconnection
• DNS
• Sharing BSA
• PDE interconnection
• DNS
• Sharing BSA
• PDE interconnection
• DNS
Non-Trusted • Sharing BSA
(V1/V2 or
• PDE interconnection
proprietary) • MPC allocates
V-PDE
• Sharing BSA
• PDE interconnection
• MPC interconnection
• Sharing BSA
• PDE interconnection
• MPC allocates
V-PDE
• Sharing BSA
• PDE interconnection
• Sharing BSA
• PDE interconnection
• Sharing BSA
• PDE interconnection
Trusted
Proprietary
trusted
1
Proprietary trusted LBS carrier is a carrier that uses a custom scheme for TCP/IP wrapper
for IS-801 signaling.
2 Proprietary nontrusted LBS carrier is a carrier that is architecturally similar to V1/V2
nontrusted and uses an MPC, but such a carrier uses additional custom interfaces to
address special needs.
Non-Trusted to Trusted Roaming (Without An Inter-PDE
Interface)
Page 3
• The Visited MS connects to H-MPC and sends services layer authorization request.
The H-MPC detects that the MS is roaming based on SID/NID information and
allocates the V-PDE address in service authorization response
• The Visited MS initiated an IS-801 positioning session with the V-PDE
• The H-MPC positioning authorization records and VDE billing procedures can be
used for settlement/billing
Home operator – Nontrusted LBS model
Visited operator – Trusted LBS model
Network connection
MIP tunnel
HA
AAA
AAA
PDSN
FA
PDSN
Internet
H-MPC
H-PDE
PCF
RAN
BSA
Services layer signaling on
MS-MPC interface. V-PDE
allocation by H-MPC
V-PDE
BSA
PCF
RAN
Positioning layer (IS-801)
signaling between MS and
V-PDE
Non-Trusted to Trusted Roaming (With An Inter-PDE
Interface)
Page 4
• For LBS roaming between a nontrusted (home) and a trusted (visiting) carrier, the H-MPC
allocates the H-PDE address as it normally does for its home devices
• The roaming device initiates IS-801 call flow with the H-PDE
• The H-PDE sends transaction requests over the inter-PDE connection to satisfy the
requested IS-801 call flow
• The H-PDE uses existing home procedures for settlement/billing
Home operator – Nontrusted LBS model
Visited operator – Trusted LBS model
Network connection
MIP tunnel
HA
AAA
AAA
PDSN
FA
PDSN
H-MPC
V-PDE
H-PDE
PCF
RAN
Internet
BSA
Services layer signaling on
MS-MPC interface.
Inter-PDE transaction protocol
PCF
RAN
BSA
Positioning layer (IS-801)
signaling between MS and
H-PDE
Trusted to Non-Trusted Roaming (With Inter PDE
Interface)
Page 5
Visited operator – Non-Trusted LBS model
Home operator – Trusted LBS model
Network connection
MIP tunnel
HA
AAA
AAA
PDSN
FA
PDSN
Internet
V-MPC
H-PDE
PCF
RAN
V-PDE
BSA
Inter-PDE transaction protocol
PCF
RAN
BSA
Positioning layer (IS-801)
signaling between MS and
H-PDE
• The Mobile Station in this case always connects to its H-PDE for doing positioning using IS801 signaling
• The H-PDE detects that the Mobile Station is roaming in this case and the H-PDE then uses
transaction services over the inter-PDE link to serve the IS-801 session of the roaming mobile
station
• The H-PDE uses existing home procedures for billing and settlement
Trusted to Non-Trusted Roaming (With DNS)
Page 6
Visited operator – Non-Trusted LBS model
Home operator – Trusted LBS model
Network connection
MIP tunnel
HA
AAA
AAA
PDSN
FA
PDSN
Internet
V-MPC
H-PDE
PCF
RAN
V-PDE
BSA
PCF
RAN
BSA
Positioning layer (IS-801)
signaling between MS and
H-PDE
• The Mobile Station in this case uses a LBS specific DNS FQDN (Example
SID.NID.Local.PDE) to do DNS resolution for the V-PDE IP address
• Once V-PDE IP address is received, the Mobile Station initiates the IS-801 session
with the V-PDE. More details on how the DNS solution can be implemented can be
found on the CDG IRT WiKi page
• Once IS-801 session is completed. the V-PDE can send an unsolicited report
message (gpsoreq’) to the V-MPC. V-MPC can use this message for
billing/settlement.
Trusted to Non-Trusted Roaming (continued)
Page 7
•
•
For the PDE interconnection solution using transaction protocol the
roaming device always connects to the H-PDE and the H-PDE
appropriately sends transaction requests to the V-PDE to complete the IS801 call flow.
The H-PDE and V-PDE are interconnected using standard solutions,
such as VPN. This is a controlled interface on which the roaming
partner provides a wholesale LBS service.
User level authentication is not the responsibility of V-PDE. The V-PDE
will serve the incoming location requests in a trusted manner with the
assumption that all the authentication checks have been successfully
performed at the Home LBS system.
For the DNS solution, the device in the visited network will get the V-PDE
IP address via DNS resolution. Details on how the DNS resolution
schemes can work are captured in a separate document on CDG IRT WiKi
page.
The non-trusted visited carrier’s PDE should allow the roaming
partner’s devices to access the visited PDE via a new trusted port.
Once the LBS application resolves the V-PDE’s IP address (via DNS),
it will attempt to access the V-PDE on the new trusted port.