ANSI SCTE 173-3 pdf free download

ANSI SCTE 173-3 pdf free download.Specifications for authentication in preferential telecommunications over IPCablecom2 networks.
6 Authentication in IPCablecom2
Authentication in IPCablecorn2 networks is impacted by two dimensions:
location of originating and terminating devices or VoIP user agent (UA) functionality; and
form of idcntity prcscntcd by the preferential telecommunication service requester and manner hy which the asserted identity is verified.
Authentication entails receiving identification and identity verification/validation information necessary, prior to au(Iionziiig coiiipletion of a piefercntial priority call or session. This capability should exist on the access network and it must also be propagated throughout all relevant network entities to provide, as much as possible, end-to-end preferential treatment. The manner in which end- to-end preferential treatment is provided is outside the scope of this standard.
The following four possibilities arc to be considered for calls that require preferential treatment:
1) Originate from a UA at a location authorized for preferential treatment services and terminate at a LJA at any general location.
2) Originate from a UA at a location authorized for preferential treatment services and terminate at a UA at a location that is authorized for preferential treatment services.
3) Originate from a UA at a general location and terminate at a UA at a location authorized for preferential treatment services.
4) Originate from a UA at a general location and terminate at a UA at any general location.
Authentication itself can be subdivided into two (or sometimes three) components: The first is receipt of identification information, which identifies the preferential service requester. The second is receipt of identification verification information that allows the network to verify the accuracy of the requester’s claimed identity when placing a preferential service call, so that the information can be propagated to all relevant entities in the network, should the call be authorized. The third component, necessary in some situations, may require validating the identity against a database of authenticated identities.
Another factor that can impact authentication is whether preferential treatment for access will be
authorized on a:
• per call basis, or a
• subscription basis.
Currently, identification and authentication are combined through the use of a personal identification number (PIN) presented by the caller after dialling an access number for enabling preferential treatment. This PIN may be validated against a PIN database to determine authorized services. PIN based authentication actually authenticates the requester, not the device being used when making the request, and thus allows preferential treatment requests to be initiated from any device. Also, this approach allows calls that require preferential treatment to be originated from circuit switched telephone devices attached to private PBX systems. The PIN based authentication approach was designed specifically for per call requests. IPCablccom2-cnablcd infrastructures should accommodate this legacy approach along with providing other forms of identification and authentication for VoW-based calls using the session initiation protocol (SIP).
Appendix III of [ITU-T J.360] and [b-ITU-T J.366.8] include (lie three SIP authentication mechanisms specified in [b-IETF RFC 32611:
• usage of HTTP authentication (section 22), also refrred to as Digest Authentication;
• usage of transport layer security (section 26.2.1), based on TLS; and usage of network layer security (section 26.2.1), based on IPsec.ANSI SCTE 173-3 pdf download.