About the Sentinel Authentication Gateway
The Sentinel Authentication Gateway provides 3GPP Generic Authentication Architecture (GAA) support for the Rhino VoLTE TAS. This release allows IMS devices (UEs) to authenticate with their home network and securely login to the XCAP server.
The Sentinel Authentication Gateway consists of three main components:
- BSF Server
-
The Bootstrapping Security Function (BSF) server receives "bootstrap" authentication requests from UEs. These requests ask the BSF to initiate a bootstrap process between the UE and the HSS, which results in a secret key shared by the BSF and the UE. This shared key can then be used to authenticate with a Network Application Function (NAF), or application server. The Sentinel XCAP Server is an example of a NAF.
- NAF Authentication Filter
-
The NAF Authentication Filter implements the NAF authentication processes for the application, using the shared key generated by the bootstrapping process.
Together these components allow a UE to transparently authenticate with XCAP Server and securely perform configuration updates.
- Sentinel XCAP Server
-
The Sentinel XCAP Server is a NAF which provides an XCAP service to allow a UE to access and modify user accessible portions of user documents in the HSS.
Topics
the main roles, interfaces, and procedures in 3GPP GAA. |
|
the components of the Sentinel Authentication Gateway and how they implement 3GPP GAA. |
|
the XCAP Server which allows a client to read, write, and modify application configuration data in their simservs document, a virtual XML document composed of user accessible portions of one or more HSS documents. |
|
how to configure low level details for the Sentinel Authentication Gateway BSF Server, NAF Authentication Filter, and Sentinel XCAP Server. |
|
how the Sentinel Authentication Gateway uses a Cassandra database for sharing bootstrapped security association details between the BSF service and NAF Filter. |
|
the tools provided by Sentinel Authentication Gateway for generating and verifying keys during testing. |
Other documentation for the Sentinel Authentication Gateway can be found on the Sentinel Authentication Gateway product page.
