About the Sentinel Authentication Gateway

The Sentinel Authentication Gateway provides 3GPP Generic Authentication Architecture (GAA) support for the Rhino VoLTE TAS. This release allows IMS devices (UEs) to authenticate with their home network and securely login to the XCAP server.

The Sentinel Authentication Gateway consists of two main components:

BSF Server

The Bootstrapping Security Function (BSF) server receives "bootstrap" authentication requests from UEs. These requests ask the BSF to initiate a bootstrap process between the UE and the HSS, which results in a secret key shared by the BSF and the UE. This shared key can then be used to authenticate with a Network Application Function (NAF), or application server. The Sentinel XCAP server is an example of a NAF.

NAF Authentication Filter

The NAF Authentication Filter is deployed with the Sentinel VoLTE XCAP servlet application. It implements the NAF authentication processes for the application, using the shared key generated by the bootstrapping process.

Together these components allow a UE to transparently authenticate with Sentinel VoLTE XCAP and securely perform configuration updates.

Topics

Introduction to 3GPP GAA

the main roles, interfaces, and procedures in 3GPP GAA.

Architecture Overview

the components of the Sentinel Authentication Gateway and how they implement 3GPP GAA.

Configuration

how to configure low level details for the Sentinel Authentication Gateway BSF Server and NAF Authentication Filter.

Cassandra Storage

how the Sentinel Authentication Gateway uses a Cassandra database for sharing bootstrapped security association details between the BSF and XCAP servers.

Tools

the tools provided by Sentinel Authentication Gateway for generating and verifying keys during testing.

Other documentation for the Sentinel Authentication Gateway can be found on the Sentinel Authentication Gateway product page.

Next page