IMS NETWORK IDENTITY MANAGEMENT
First Claim
1. A method of providing secure communication session set-up between a user using a UE (user equipment) device associated with a home domain and a 3rd party service that is not associated of the home domain, said method comprising the steps of:
- receiving, in an identity server associated with the home domain, a control message relating to the communication session;
determining whether identity translation of the control message is necessary;
performing identity translation with respect to the control message if it is determined to be necessary; and
sending the translated control message toward its target.
1 Assignment
0 Petitions
Accused Products
Abstract
There is disclosed a manner of enabling secure communications between a UE (user equipment) device operating though a packet-switched network and a 3rd party service outside of the user'"'"'s home domain. The packet-switched network may be, for example, configured according and IMS architecture and use SIP control signaling. An identity server in the user'"'"'s home domain is coupled with a proxy server or gateway and receives control messages, on which the identity server effects identity translation if needed. Translating messages targeted for the third party serve includes stripping user identifying information and adding a domain identifier to the message. It may also include adding an identity token. Where an identity token is not added, it may be provided upon request to a 3rd party service entity. Translating messages targeted for the UE includes adding a user identifier for home domain routing.
-
Citations
26 Claims
-
1. A method of providing secure communication session set-up between a user using a UE (user equipment) device associated with a home domain and a 3rd party service that is not associated of the home domain, said method comprising the steps of:
-
receiving, in an identity server associated with the home domain, a control message relating to the communication session; determining whether identity translation of the control message is necessary; performing identity translation with respect to the control message if it is determined to be necessary; and sending the translated control message toward its target. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
-
-
22. An identity server for securing communications between a user and a 3rd party service, comprising:
-
a network interface for receiving control message and for sending translated control messages; a determiner coupled to the network interface for determining whether identity translation of the control message is necessary; and a translator for performing identity translation with respect to the control message if it is determined to be necessary by the determiner. - View Dependent Claims (23, 24, 25, 26)
-
Specification