The Sentinel Authentication Gateway provides 3GPP Generic Authentication Architecture (GAA) support for OpenCloud’s Sentinel products. This release allows IMS devices to authenticate with their home network and securely login to Sentinel’s XCAP server.
The Sentinel Authentication Gateway consists of two main components:
- BSF Server
The Bootstrapping Security Function (BSF) server receives "bootstrap" authentication requests from UEs. These requests ask the BSF to initiate a bootstrap process between the UE and the HSS, which results in a secret key shared by the BSF and the UE. This shared key can then be used to authenticate with a Network Application Function (NAF), or application server. The Sentinel XCAP server is an example of a NAF.
- NAF Authentication Filter
The NAF Authentication Filter is deployed with the Sentinel VoLTE XCAP servlet application. It implements the NAF authentication processes for the application, using the shared key generated by the bootstrapping process.
Together these components allow a UE to transparently authenticate with Sentinel VoLTE XCAP and securely perform configuration updates.
the main roles, interfaces, and procedures in 3GPP GAA.
the components of the Sentinel Authentication Gateway and how they implement 3GPP GAA.
how to install the Sentinel Authentication Gateway BSF Server and NAF Authentication Filter.
how to configure the Sentinel Authentication Gateway BSF Server and NAF Authentication Filter.
how the Sentinel Authentication Gateway uses a Cassandra database for sharing bootstrapped security association details between the BSF and XCAP servers.
the tools provided by Sentinel Authentication Gateway for generating and verifying keys during testing.
any known issues with this release
Other documentation for the Sentinel Authentication Gateway can be found on the Sentinel Authentication Gateway product page.