Methods and systems for distributed authentication and caching for internet protocol multimedia subsystem and other session initiation protocol systems

US 20080155659A1
Filed: 12/26/2006
Published: 06/26/2008
Est. Priority Date: 12/26/2006
Status: Active Grant

First Claim

Patent Images

1. A method for distributing authentication in Internet Protocol Multimedia Subsystem and other Session Initiation Protocol systems, the method comprising the steps of:

loading a local database copy of user profiles in edge elements in a network; and

pre-authenticating Session Initiation Protocol requests by service requestors utilizing the local database copy of the user profiles, wherein the pre-authenticating comprises partial or full authentication of the Session Initiation Protocol requests.

View all claims

6 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Network elements in IMS or other SIP systems are configured to pre-authenticate SIP requests either as proxy or by snooping. One or more of these network elements are pre-loaded with a local database copy of the user profiles as typically contained in the HSS inside of the IMS control structures. A master database, such as the one typically contained in the HSS, is distributed to all network elements using database distribution methods. Advantageously, pre-authentication solves bottleneck issues in the SIP mechanism by allowing an end user device to use fully authenticated SIP requests. This prevents the requirement to perform authentication, authorization, and accounting (AAA) all the way back to the core IMS network, alleviating lag and scaling issues. Additionally, network elements including can become aware of the services requested through SIP requests, and track these requests for optimization. Specifically, resources requested based upon SIP requests can be cached.

Citations

20 Claims

1. A method for distributing authentication in Internet Protocol Multimedia Subsystem and other Session Initiation Protocol systems, the method comprising the steps of:
- loading a local database copy of user profiles in edge elements in a network; and
  
  pre-authenticating Session Initiation Protocol requests by service requestors utilizing the local database copy of the user profiles, wherein the pre-authenticating comprises partial or full authentication of the Session Initiation Protocol requests.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The method of claim 1, further comprising the steps of:
    - authorizing the Session Initiation Protocol requests utilizing the local database copy of the user profile; and
      
      accounting the Session Initiation Protocol requests utilizing the local database copy of the user profile.
  - 3. The method of claim 1, further comprising the step of loading the local database copy of the user profiles in switch elements in the network.
  - 4. The method of claim 1, further comprising the step of updating the local database copy of the user profiles.
  - 5. The method of claim 1, wherein the local database utilizes a multi-stage cascaded distributed architecture.
  - 6. The method of claim 1, wherein the user profiles comprise substantially the same information as contained in the Home Subscriber System.
  - 7. The method of claim 1, wherein the local database copy comprises a partial copy of the user profiles corresponding to users of the network.
  - 8. The method of claim 1, wherein the Session Initiation Protocol requests are pre-authenticated by proxy or by snooping.
  - 9. The method of claim 2, wherein the edge and switch elements have decryption keys to view the Session Initiation Protocol requests.
  - 10. The method of claim 9, wherein the keys comprise dynamic and pre-shared keys, and wherein the encryption is Internet Protocol Security (IPSec).
  - 11. The method of claim 1, further comprising the steps of pre-authenticating Extensible Mark-Up Language requests utilizing the local database copy of user profiles, wherein the pre-authenticating comprises partial or full authentication of the Extensible Mark-Up Language requests.

12. A method for resource caching in Internet Protocol Multimedia Subsystem and other Session Initiation Protocol systems, the method comprising the steps of:
- observing a user'"'"'s requests for services; and
  
  loading a caching mechanism responsive to the user'"'"'s request for services, wherein the request for services comprises a Session Initiation Protocol request or an Extensible Mark-up Language request.
- View Dependent Claims (13, 14)
- - 13. The method of claim 12, further comprising the steps of:
    - observing the user'"'"'s vector through space and location; and
      
      loading the caching mechanism responsive to the user'"'"'s vector through space and location.
  - 14. The method of claim 12, wherein the caching mechanism is aware of the user, a service type, and a community of users, and wherein the caching mechanism performs caching responsive to the user, the service type, and the community of users.

15. An enterprise private network or service provider network utilizing Internet Protocol Multimedia Subsystem or Session Initiation Protocol comprising:
- a plurality of edge elements;
  
  a plurality of switch elements, wherein the plurality of edge elements and plurality of switch elements are interconnected; and
  
  a local database comprising user profiles, wherein the local database is pre-loaded on one or more of the plurality of edge elements;
  
  wherein the one or more of the plurality of edge elements are configured to pre-authenticate, authorize, and account for Session Initiation Protocol requests utilizing the local database.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The enterprise private network or service provider network of claim 15, wherein the local database is pre-loaded on the plurality of switch elements, and one or more of the plurality of switch elements are configured to pre-authenticate, authorize, and account Session Initiation Protocol requests utilizing the local database.
  - 17. The enterprise private network or service provider network of claim 15, wherein the user profiles comprise substantially the same information as contained in the Home Subscriber System.
  - 18. The enterprise private network or service provider network of claim 15, wherein the local database is updated periodically with current user profile data through distributed database techniques.
  - 19. The enterprise private network or service provider network of claim 15, wherein the Session Initiation Protocol requests are pre-authenticated by proxy or by snooping.
  - 20. The enterprise private network or service provider network of claim 15, wherein the edge elements are configured to cache resources responsive to Session Initiation Protocol requests.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Ciena Corporation
Original Assignee
Ciena Corporation
Inventors
Duncan, Ian H., Ong, Lyndon Y., Gazier, Michael A.

Granted Patent

US 8,467,290 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/4
CPC Class Codes

H04L 63/08   for authentication of entit...

H04L 63/0884   by delegation of authentica...

H04L 63/164   at the network layer

H04L 65/1016   IP multimedia subsystem [IMS]

Methods and systems for distributed authentication and caching for internet protocol multimedia subsystem and other session initiation protocol systems

First Claim

6 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Methods and systems for distributed authentication and caching for internet protocol multimedia subsystem and other session initiation protocol systems

First Claim

6 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links