ip multimedia subsystems (ims): a...

© 2006 Bechtel Corporation. All rights reserved. 13

INTRODUCTION

In recent years, both the Internet and wirelesscommunications have experienced a surge of

activities and successes. The success of theInternet stems from two main facts: It providesuseful applications such as e-mail, World WideWeb (www), and instant messaging (IM), and ituses readily available open protocols thatpromote and facilitate the development ofvarious services and applications. The success ofmobile communications is self-evident. Thistechnology has experienced explosive growthand provides wide coverage, touching almostevery aspect of peoples’ lives. Currently, there aremore than 1 billion mobile customers, and thisnumber is growing!

Wireless systems dubbed as beyond third-generation (3G+) seek to merge these twosuccessful communications modes to provide thepower of the Internet—and all of its services andapplications—with the convenience of ubiquitouswireless access. The new architecture expected toaccomplish this, the Internet Protocol (IP)multimedia subsystem (IMS), is defined in astandard created by the Third GenerationPartnership Project (3GPP™), one of the mainstandards organizations for 3G networks.

Different aspects of the IMS (call control,charging, roaming, etc.) have been formalizedand published in various 3GPP technicalspecifications [1–15]. The first version of the IMSwas published by the 3GPP in Release 5 of the

universal mobile telecommunications system(UMTS). Release 6 of the UMTS, introduced inMarch 2005, provided some enhancements to the first release and introduced new concepts,such as support for access independence, wirelesslocal area network (WLAN) integration, and IM and presence services. Release 7, underdevelopment with an expected release in mid-2007, will focus primarily on fixed and mobileconvergence issues.

The Third Generation Partnership Project 2(3GPP2), the main standardization body for 3Gnetworks based on cdma2000®, has establishedthe multimedia domain (MMD), its own versionof the IMS specification. The IMS and the MMDare very similar, with the main differencescentering on two issues:

IP MULTIMEDIA SUBSYSTEMS (IMS):A STANDARDIZED APPROACH TO ALL-IP CONVERGED NETWORKS

Abstract—The IMS is a standardized approach to offering Internet services anywhere at any time usingcellular technology. The first release of the IMS is tailored for GPRS/UMTS, whereas later releases will allowaccess independence, including WLANs and even fixed networks such as xDSL and cable modem.

The IMS is based on open interfaces and common elements that make it possible to provide integrated, secure,IP-based, multimedia, multisession applications to mobile and fixed users, with guaranteed end-to-end QoS androaming capabilities, while providing the same services as the home network, and across different accesstechnologies. The IMS also allows a single sign-on authentication and provides a flexible architecture forcharging and billing. Deployment of the first version of IMS products is expected in early 2006.

Issue Date: January 2006

Rasoul Safavian, PhD [email protected]

The 3GPP, formed in December 1998, is acollaboration of telecommunications industryorganizations to produce globally applicabletechnical specifications for 3G mobilesystems and to maintain and develop GSMstandards. Participants include major regionaltelecommunications standards bodies suchas ARIB of Japan, CSCA in China, CommitteeT1 of the US, and TTA of Korea, as well asmarket representatives such as the UMTSforum, 3G America, GSM associations, andthe IPv6 forum.

Bechtel Telecommunications Technical Journal 14

ABBREVIATIONS, ACRONYMS, AND TERMS

2G second generation, the original digital mobile phone service

2.5G “second-and-a-half” generation, a marketing designation for an intermediate level of digital mobile phone service responding to demands for greater bandwidth

3G third generation, enhanced digital mobile phone service at broadband speeds enabling both voice and nonvoice data transfer

3G+ beyond 3G, envisioned as all-digital, entirely packet-switched radio networks involving hybrid networking and access technologiesthat globally integrate services and technology while providing the multiple QoS of an ATM network and the flexibility of an IP network

AAA authentication, authorization, and accounting

ACA accounting answerACR accounting requestAoR address of recordAPI application program interfaceAS application serverATM asynchronous transfer modeAUC authentication centerAUTN authentication tokenAV authentication vectorBGCF breakout gateway control functionBICC bearer independent call controlCAMEL customized application for mobile

network enhanced logicCAP CAMEL application partcapex capital expenseCCA credit control answerCCC credit control clientCCF charging collection functionCCR credit control requestCDF charging data functioncdma2000® A family of standards, developed

through comprehensive proposals from Qualcomm, describing the use of code division multiple access technology to meet 3G requirements for wireless communication systems

CDR charging data recordCGF charging gateway functionCk cipher key

COPS common open policy serviceCS circuit switchedCSCF call SCFCSEQ context sequence (number)DEC decisionDiameter A protocol that provides a

framework for any services requiring AAA/policy support across many networks and that primarily supports mobile IP, accounting, network access, and strong security

DiffServ differentiated servicesDNS domain name systemDSCP differentiated services code pointECF event charging functionFTP file transfer protocolGGSN gateway GPRS support nodeGPRS general packet radio serviceGSM/gsm global system for mobile

communicationGTP GPRS tunneling protocolHLR home location registerHSS home subscriber serverHTTP hypertext transport protocolI-CSCF interrogating CSCFIk integrity keyIKE Internet exchange keyIM instant messagingIMS IP multimedia subsystemIM-SSF IP multimedia service switching

functionIntServ integrated servicesIP Internet ProtocolIP-CAN IP connectivity access networkIPSec IP securityIPv4 Internet Protocol version 4IPv6 Internet Protocol version 6ISC IMS service control (interface)ISDN integrated services digital networkISIM IMS subscriber identity moduleISUP ISDN user partIWF interworking functionMAA multimedia authentication answerMAP mobile application partMAR multimedia authentication requestMegaco media gateway control

January 2006 • Volume 4, Number 1 15

MGCF media gateway control functionMGW media gatewayMIME multipurpose Internet mail extensionMMD multimedia domainMRF multimedia resource functionMRFC MRF controlMRFP MRF processorMSC mobile switching centerMTP message transfer partNAI network access identifierOCF online charging functionopex operating expenseOSA open service accessOTA over the airPCM pulse code modulationPCS personal communication systemP-CSCF proxy CSCFPDA personal digital assistantPDF policy decision function (same as

policy decision point [PDP])PDG packet data gatewayPDP packet data protocol; also: policy

decision point (same as PDF)PEP policy enforcement pointPHB per-hop behaviorPLMN public land mobile networkPS packet switchedPSTN public switched telephone networkPTT push to talkQoS quality of serviceRADIUS remote authentication dial-in user

serviceRAND random numberREQ requestRES responseRFC Request for CommentsRSVP resource reservation protocolRTCP real-time transport control protocolRTP real-time transport protocolRTSP real-time streaming protocolSA security associationSAA server assignment answerSAR server assignment requestSBLP service-based local policySCF session control functionSCP service control point

SCS service capability serverS-CSCF serving CSCFSCTP streaming control transmission

protocolSDP session description protocolSEG security gatewaySGSN serving GPRS support nodeSGW signaling gatewaySIM subscriber identity moduleSIP session initiation protocolSLF subscriber location functionSMS short message serviceSMTP simple mail transfer protocolSS7 Signaling System Number 7, a

common channel signaling system defined by the ITU and used to provide a suite of protocols that enables circuit and noncircuit-related information to be routed about and between telecommunications networks

SSP subscriber service profileTCP transmission control protocolTHIG topology hiding internetwork

gatewayTLS transport layer securityTUP telephone user partUA user agentUAA user authorization answerUAC UA clientUAR user authorization requestUAS UA serverUDP user datagram protocolUICC UMTS integrated circuit cardUMTS universal mobile

telecommunications systemURI uniform resource identifier URL uniform resource locatorUSIM UMTS subscriber identity moduleVoIP voice over IPWiMAX worldwide interoperability for

microwave accessWLAN wireless local area networkwww World Wide WebxDSL term used for all forms of

technology using a digital subscriber line

XRES expected response


The need to deploya new domain

may naturally bequestioned,

especially at a timewhen networkoperators are

struggling with costsof deploying 3G

networks and arealso facing reduced

voice revenues.

• Mobility. The 3GPP2’s MMD is built on top ofmobile IP, whereas the 3GPP’s IMS managesmobility through general packet radioservice (GPRS), which provides a Layer 2tunneling mechanism.

• IP versions supported. The MMD supportsboth IPv4 and IPv6, whereas the IMS initiallysupported only IPv6. However, due topressure from telecommunications operators,newer versions of the IMS also support bothIPv4 and IPv6.

This paper focuses on the 3GPP’s IMS. Thediscussion opens with an overview of IMS andthe advantages it holds for network operators.Since an IMS network is basically an advancedmobile session initiation protocol (SIP) network,the paper then explores SIP networks and theirmain features and functionalities. Next, IMS basicarchitecture, components, interfaces, etc., areexamined. The discussion then turns to IMSfunctionalities and operations issues, such as IMSprerequisites, registration, session setup,roaming, security, quality of service (QoS), and charging. Finally, key benefits offered by the IMS approach are summarized in theconcluding remarks.

OVERVIEW OF THE IMS AND WHY IT IS NEEDED

As defined by the 3GPP, the IMS is a newsubsystem that enables convergence of data,

speech, and mobile network technology over anIP-based infrastructure. It provides an integratedservice control platform that allows the creationof multimedia and multisession applicationsusing wireless (and recently wireline) transportcapabilities. It is a combination of new networkelements and interfaces, i.e., a new core networkdomain, which creates a new service deliveryenvironment.

The need to deploy a new domain may naturallybe questioned, especially at a time when networkoperators are struggling with costs of deploying3G networks and are also facing reduced voicerevenues. After all, second-generation (2G)terminals can act as modems to transmit IPpackets over a circuit, and 2G and 3G terminalscan use native packet-switched (PS) technology toperform data communications. To evaluate theneed to deploy the IMS, the following discussionexamines conventional network domains, theservices they can offer, and how they handlevarious new service offerings. The end users’experiences are also considered.

Shortcomings of Conventional Network DomainsThe circuit switched (CS) domain is used bytraditional CS networks, which offer simple user-to-user voice services or short-message services(SMSs). Even though voice services were, andperhaps to some degree will continue to be, amajor source of revenue for network operators,voice revenues have been dropping in the lastfew years, mainly due to increased competitionfor existing subscribers.

Operators have been looking for ways todifferentiate themselves by offering new andcreative data services. The PS domain of PSnetworks or basically 2.5 and 3G networks hashelped PS network operators to introduce user-to-server data services, where a user directlyaddresses a specific server to execute the servicein question; furthermore, these services takeadvantage of IP transport and provide “alwayson” connectivity. Unfortunately, PS networkshave not been very successful, perhaps due toinsufficient bandwidth, lack of enticingapplications, confusing charging schemes, longdelays in service offerings, etc. Furthermore,increasing the bandwidth alone may not provesufficient to enable the plethora of new anddesirable services that customers may demand.

ORGANIZATIONS MENTIONED IN THIS PAPER

3GPP™ Third Generation Partnership Project, formed in December 1998 as a collaboration agreement bringing together a number of telecommunication standards bodies to produce globally applicable technical specifications for 3G mobile systems and to maintain and develop GSM standards

3GPP2 A sister project to 3GPP that is a collaboration agreement dealing with North American and Asian interests regarding 3G mobile networks based on cdma2000

ARIB Association of Radio Industries and Businesses (Japan)

CSCA Consortium on Standards and Conformity Assessment (China)

IETF Internet Engineering Task Force

ITU International Telecommunications Union

TTA Telecommunications Technology Association (Korea)


Thus, a newplatform or domain

is needed withunified features;

common elements;and open,

standardizedinterfaces that can

be used by allexisting and futureapplications and

services. The IMS—the domain of

services—meets this need.

Also, network operators, in a rush to offer data services, deployed specialized isolated island solutions that often did not integrate wellwith the other services. These dedicated solutionsare typically proprietary and use dedicatedcomponents and interfaces that cannot be usedfor other applications. This is particularly truewhen the applications are provided by differentvendors. The island solutions also typically donot support roaming. While the island approach,also known as the vertical application platform,may be acceptable for deploying small-scale dataapplications or services, it neither scales well indeploying many diverse services or applications,

nor provides synergy among the applications.Furthermore, use of this traditional approachincreases not only capital expense (capex), butalso operating expense (opex), since eachapplication may have different operating andmaintenance requirements [16–18].

Thus, a new platform or domain is needed withunified features; common elements; and open,standardized interfaces that can be used by allexisting and future applications and services. TheIMS—the domain of services—meets this need.Figure 1 shows the position of the three domains(CS, PS, and IMS) in a mobile network [17].

Figure 1. CS, PS, and IMS Domains in a Mobile Network (After [16])


Desirable Characteristics of the IMSThe desirable features, requirements, andarchitecture for this new domain are delineated inthe 3GPP’s technical specification for IMS servicerequirements [1, 2].

The IMS domain supports the following keyrequirements:

• IP multimedia sessions, i.e., delivery ofmultimedia sessions over PS networks

• A mechanism to negotiate and enforce QoS

• Integration with Internet and CS networkssuch as public switched telephone networks(PSTNs) and existing cellular networks

• Full roaming capabilities

• Single sign-on and authentication

• Single converged billing

• Strong operator controls with respect toservices delivered to end users

• Rapid service creation without requiringstandardization

• Access independence, i.e., allows accesstechnologies other than GPRS and UMTS(e.g., WLANs and x-type digital subscriberline technology [xDSL])

The IMS also provides improved end-userexperience over that offered by the other twodomains. CS domain users can access only onetype of service per bearer or session. And whilemultiple, parallel IP sessions may be available toPS domain users, bandwidth, QoS, and chargingissues may hinder effectiveness. Implementationof the IMS infrastructure will enable three generaltypes of services to be offered:

• User-to-user

• Multiuser

• Server-to-user

The user-to-user services enabled by IMS extendbeyond today’s simple voice call or SMS textmessaging to include services such as voice overIP (VoIP), video telephony, chat sessions, andpush-to-talk (PTT). The IMS multiuser servicesinclude one-to-many and many-to-one servicessuch as multimedia conferencing, group chatsessions, and multiuser PTT services. Theseservices are enabled in the IMS via a dedicatedmedia server, the multimedia resource function(MRF), which is discussed in the section of thispaper on IMS architecture. Finally, deployingIMS enables operators to introduce manyinnovative server-to-user services by virtue of (1) its ability to locate users within the network,

i.e., its mobility management; (2) its signalingabilities allowing servers to act as user agents(UAs), i.e., initiating and receiving SIP messages;and (3) its ability to integrate SIP-based enablingservices such as IM and presence. Server-to-userservices include click-to-dial, dynamic pushservices, etc., and could be based on presence,status, geographic location, device type andcapabilities, media preference, etc. To fullyappreciate these capabilities, a more thoroughunderstanding of SIP and SIP networks is needed.Therefore, a discussion of SIP networks has beenprovided in the next section of this paper.

Using IMS, end users also have much morecontrol over the services than they do under theCS and PS domains. For instance, an end user caninitiate multiple services within a single session,also known as dynamic media control; add ormodify some components of a session (e.g., byadding a video component to an ongoing voicecall); or add or drop a user during an ongoingconference call or chat session. In summary, IMS,while not designed to create new services, offersall the services, current and future, that theInternet provides.

Protocols Used in the IMSIn any communications network, protocols usedfall into two basic categories: signaling andcontrol plane, and media or user plane. The IMSis built based on IP protocols, and signaling andcontrol protocols for session initiation and controlare based on the SIP (Request for Comments,[RFC] 3261 [19]) and session description protocol(SDP) (RFC 2327 [20]). To transport IMS signalingprotocols, the reliable streaming control trans-mission protocol (SCTP) or transmission controlprotocol (TCP) is used. Media plane protocolsused for media delivery are based on the real-time transport protocol/ real-time controlprotocol (RTP/RTCP) (RFC 3550 [21]) fortransporting real-time media such as audio orvideo. Near-real-time streaming media aretransported using the real-time streamingprotocol (RTSP). Both RTP/RTCP and RTSPtypically use the user datagram protocol (UDP) as the transport protocol to avoid TCP’s setup, teardown, and retransmission delays.Non-real-time media are delivered using hyper-text transport protocol (HTTP) (RFC 2616), simple mail transport protocol (SMTP), or file transfer protocol (FTP), with TCP as thetransport protocol.

IP protocols are developed mainly by the IETFand the ITU and are published by their respectiveorganizations as RFCs and ITU-T documents.

Other protocols used in the IMS include:

• CS call control

— Telephony user part (TUP) (ITU-T Q.721)

— Integrated services digital network(ISDN) signaling user part (ISUP) (ITU-TQ.761)

— Bearer independent call control (BICC)(ITU-T Q.1901). An evolution of ISUP,BICC completely separates the signalingplane from the media plane and can runover asynchronous transfer mode (ATM),Signaling System Number 7 (SS7), or IP.

• Multimedia session establishment andcontrol

— Packet-based multimedia communica-tions systems ITU-T H.323. Unlike BICC,this protocol is designed from scratch tosupport IP technologies in establishingmultimedia sessions.

— Media gateway control (Megaco) (ITU-TH.248). This protocol is used to controlthe IMS media gateway (MGW).

• Authentication, authorization, andaccounting (AAA)

— Diameter (RFC 3588 [22]). An evolutionof remote authentication dial-in userservice (RADIUS) (RFC 2866 [23]),Diameter:

– Is used by the network and the userto authenticate and authorize eachother

– Has a base protocol, complementedby so-called Diameter applicationsthat are customized extensions to thebase Diameter to suit a particularapplication in a given environment

– Interacts with SIP during sessionsetup in one application, performscredit control accounting in anotherapplication, etc.

• Policy and QoS control

— Common open policy service (COPS)(RFC 2748 [24]). This is a request/response protocol used between thepolicy server (the policy decisionfunction [PDF], also known as the policydecision point [PDP]) and the policyclient (the policy enforcement point[PEP]). COPS supports two modes:outsourcing and configurable orprovisioning. In the outsourcing mode,the PEP contacts the PDF each time a

policy decision is needed. The PDFmakes the decision and communicatesthis information to the PEP forenforcement. In the configurable orprovisioning mode, the PDF configuresthe PEP with the enforcement policy,which the PEP stores and uses forcurrent and future decisionmaking.

Since the main protocols used for sessioninitiation, description, control, modification, andtermination in IP networks are SIP and SDP, theIMS is considered basically an advanced mobileSIP network. The essentials of SIP/SDP and SIPnetworks are examined next.

SIP NETWORKS

Purpose of SIPSIP is a general-purpose application-layerprotocol designed to establish, modify, andterminate multimedia sessions in IP networks [25,26]. It also allows other participants to be invitedto ongoing sessions. The main goal of SIP is todeliver a session description to a user at the user’scurrent location. Once the user has been locatedand the initial session description delivered, SIPcan deliver new session descriptions to modifythe characteristics of the ongoing session or toterminate the session. In short, SIP supports thebasic aspects of the multimedia session: userlocation, user availability, user capabilities,session negotiation, and session management.

Session DescriptionsA session description contains enoughinformation for a remote user to be able toestablish, join, modify, or terminate a session. Asession description could include informationsuch as the IP addresses and port numbers towhich the media services need to be sent and thecoder-decoders (codecs) used to encode the voice,image, and video elements. SIP uses SDP, themost common format to describe a multimediasession. SDP has a text-based format and consistsof two basic parts: session-level information andmedia-level information.

Even though SIP uses SDP to transport thesession description, SIP is completelyindependent of the format of the objects ittransports. Objects that SIP transports could besession descriptions written in formats other thanSDP, or any other piece of information.

SIP is a two-way session description exchangeprotocol, also known as the offer/answer orrequest/response transaction model. Since SIP is


In short, SIPsupports the basic

aspects of themultimedia session:

user location, user availability,user capabilities,

session negotiation,and session

management.


SIP uses a SIP URI(RFC 3261) to

identify users. A SIPURI is similar to ane-mail address and

consists of the user’s name and the domain

name of the homenetwork operator.

based on HTTP, it is text-based, which makes SIPeasier to debug and to extend, but less efficient in terms of size and required time/bandwidth to transmit.

SIP TransactionsA SIP transaction consists of a request from aclient or user agent (UA), usually referred to as aUA client (UAC); zero or more provisionalresponses; and a final response from a server,usually referred to as a UA server (UAS). SIPmessages begin with a start line, a header field, and a message body [26].

Start LineThe start line is also called a request line in therequest message and a response line in theresponse message. It consists of a method name, therequest-uniform resource identifier (URI), and theprotocol version, currently SIP/2.0. The methodname indicates the purpose of the request, andthe request-URI contains the destination addressof the request. The response line consists of theprotocol version (e.g., SIP/2.0) and the status of thetransaction, including both a number and itsequivalent readable phrase (e.g., 100 TRYING). Asample SIP transaction is shown in Figure 2. Inthis transaction, (1) a request is made by a UAC(Bob) to establish a session with a UAS (Alice) viaan INVITE request (method), and (2) the replyfrom the UAS (Alice) is 100 TRYING, confirmingthat Bob’s request has been received.

Some of the major SIP methods (request types)are listed in Table 1.

Header FieldFollowing the start line is the header field, whichis composed of a mandatory part and an optionalpart. The mandatory part contains fields such asTo, which carries the destination URI; From,which carries the originator’s URI; and ContentSequence (CSEQ), which includes the sequencenumber and method name used to match repliesto requests.

Message BodyThe message body carries multipurpose Internetmail extension (MIME) encoded messages.Message bodies starting with Content-Dispositionare session descriptions. Message bodies are sentin their entirety, i.e., they are not parsed at proxyservers in between and may be encrypted by the UAC.

User IdentificationSIP uses a SIP URI (RFC 3261) to identify users. A SIP URI is similar to an e-mail mail address andconsists of the user’s name and the domain nameof the home network operator. It may also includeoptional descriptions placed after a semicolon.An example of a SIP URI is:

[email protected]

This address, the public user identity, is assignedby the home network operator. Public useridentities are used to route SIP signaling.

Since the PSTN can only interpret digits, andsince the PSTN is going to be in use for theforeseeable future, the IMS also accommodatespublic user identity telephone uniform resourcelocators (URLs) (RFC 2806), which carry atelephone number. An example of a telephoneURL is:

+1-123-456-7890

IMS operators typically assign at least one SIPURI and one telephone URL to each subscriber.Operators may assign more than one public useridentity to a user, i.e., one or more for personaluse and one or more for business use.Figure 2. SIP Transaction: (1) INVITE Request Message and

(2) 100 TRYING Reply Message

Table 1. Sample SIP Methods

Method Description

INVITE Establishes a session

ACK Acknowledges the establishment of the session

CANCEL Cancels a pending request

REGISTER Maps a public URI with the user’s current location

UPDATE Modifies characteristics of a session

MESSAGE Carries an instant message

SUBSCRIBE Subscribes to an event

NOTIFY Notifies an IMS terminal about a certain event

BYE Terminates the session


Along with a public user identity, subscribersalso receive a private user identity—basically auser name and a password—that takes the formof a network access identifier (NAI) (RFC 2486).The private user identity is not used to route SIPsignals, but only to authenticate subscribers.Private user identity is usually stored in the IMSterminal’s UMTS integrated circuit card (UICC).The UICC typically contains a subscriber identitymodule (SIM) card needed for a global system formobile communication (GSM) call, a UMTSsubscriber identity module (USIM) card neededfor UMTS calls, and an IMS subscriber identitymodule (ISIM) card needed for IMS calls. Withouta UICC, only emergency calls can be placed usingthe terminal.

The ISIM card not only stores the user’s privateuser identity, but also public user identity, homenetwork domain URI, and long-term secrets. Thelong-term secret is used for authentication and forcalculating the integrity key (Ik) and cipher key(Ck) used between the terminal and the network.The IMS terminal uses the Ik to protect SIPsignaling integrity between the IMS terminal andthe network. IMS security is discussed in detail inthe IMS Operations section of this paper.

SIP Network Extensions and EntitiesIn the IMS, extensions are (and continue to be)made to SIP. New methods and header fields canbe defined and easily integrated into the coreprotocol. For instance, SIP has an extension todeliver instant messages and an extension tohandle subscriptions to events. SIP uses eitherTCP or UDP as the transport protocol. UDP isusually preferred, because it does not have theoverhead associated with TCP setup, teardown,and retransmission.

The main entities in a SIP network are:

• UA. The UA—that is, the SIP endpoint—isthe entity that initiates and receives SIPrequests and generates the provisional andfinal responses.

• Registrar server. This entity keeps track of userlocations. The UA sends a registrationmessage to the registrar. This information issaved in a location server for future use; thisserver may or may not be co-located with theregistrar.

• Proxy server. This entity is simply a SIP routerthat receives, processes, and forwards SIPrequests and responses. It receives SIPmessages from a UA or from another proxyand routes them to its destination UA oranother proxy.

• Redirect server. This entity receives SIPrequests and returns an alternative locationwhere the user may be available.

SIP RegistrationRegistration is the process by which a useridentifies himself/herself and his/her currentlocation to the network. To illustrate how thisworks, the basic registration process performedin a SIP (not necessarily mobile or IMS) networkis outlined for a hypothetical user, Alice Smith[26]. Alice has a public user identity—also known as her address of record (AoR)—[email protected], where domain is thedomain of Alice’s home network operator. Thisaddress is used by Alice no matter where she logson. When Alice logs on at her computer at work,her workplace SIP URI is [email protected];when she logs on at her computer at school, sheuses a SIP URI of [email protected]. Alice’sAoR is the address known by the public, i.e., the address that anyone trying to contact Alicewould use. Alice must always register her current location with the registrar so that theregistrar knows where to forward incomingrequests to Alice.

All SIP requests arrive at the proxy server, whichmay or may not be co-located with the registrar.If the two are co-located, SIP messages arriving atthe proxy server are directly forwarded to Alice’snew location. If the proxy server and theregistrar—more specifically, the location server ofthe registrar—are separate, then the proxy serverneeds to first contact the location server to learnthe current location of Alice, and then forwardthe message. Figure 3 illustrates the latter process.

Figure 3. Proxy Server and Registrar (including Registrar’s Location Server)


The IMS networkcan basically

be divided intothree layers:

• Application orservice layer

• Control orsignaling layer

• Access orconnectivitylayer

Conducting a SIP Session SetupHaving covered the basic SIP transactions, thediscussion turns to setup of a multimedia sessionusing SIP. Returning to the hypothetical userexample, Bob and Alice are assumed to havealready registered their current locations with thenetwork; now, Bob wants to establish a sessionwith Alice. Alice is using her personal digitalassistant (PDA), and the proxy server, registrar,and location server are all co-located. Thefollowing process takes place (see Figure 4):

1. Bob sends an INVITE request to Alice’s AoRat the proxy server.

2. The proxy server sends a receipt via a 100 TRYING message.

3. The proxy server looks up Alice’s currentlocation and forwards the request to Alice’s PDA.

4. Alice’s PDA sends a confirmation reply via a100 TRYING message.

5. Alice’s PDA sends a 180 RINGING messageindicating that it has been alerted to therequest to establish a session.

6. Alice’s PDA sends a 200 OK reply messageback to the proxy server. This reply includes a Contact header field in the message (so that Bob can use this URI to contact Alicedirectly for all future transactions), along with an SDP message describing Alice’s PDA session components such as audio andvideo; the codec used for each sessioncomponent; and the transport informationsuch as port numbers, IP addresses, andtransport protocol.

7. The proxy server forwards this 200 OK replymessage along with the SDP to Bob.

8. Bob sends an ACK message directly to Alice.At this point, Bob and Alice can initiate asession, say, an audio session.

9. Bob decides to terminate the session andsends a BYE message directly to Alice.

10. Alice sends an OK reply directly back to Boband the session terminates.

Note that if, in the middle of the session, eitherBob or Alice wants to modify the session (forinstance, by adding a video component), he or she can send either an UPDATE request oranother INVITE request with an updated session description.

Building on the foregoing discussion of SIPnetworks, the following sections examine the IMS network’s architecture; the entities involved in the IMS; and the performance ofvarious operations such as registration, sessionsetups, roaming, security, QoS and policysupport, and charging.

IMS ARCHITECTURE

As depicted in Figure 5, the IMS network canbasically be divided into three layers:

• Application or service layer

• Control or signaling layer

• Access or connectivity layer

The application or service layer containsapplication servers (ASs) such as the SIP AS,

Figure 4. Conducting a SIP Session


third-party open service access (OSA) AS, andlegacy service control point (SCP) AS. The IMScontrols service via the subscriber’s homenetwork and those signaling network elementsdistributed in the application layer and thecontrol layer. This arrangement enablessubscribers to receive the same types of serviceswhile they are roaming.

The control layer contains signaling networkelements or control servers for session setup,modification, and termination or for managingcalls. The heart of the control layer consists of thecall session control function (CSCF) servers, alsoknown as SIP servers. This layer also includes thehome subscriber server (HSS) database,subscriber location function (SLF) database, PDF,and breakout gateway control function (BGCF).

Figure 5. IMS Network Architecture (After [26])

The heart of thecontrol layer

consists of the CSCF servers, also known as

SIP servers.


The connectivity or access layer is used totransport signaling traffic and media streams.This layer contains switches, router, and media-processing entities (MGWs, signaling gateways[SGWs], MRF controls [MRFCs], and MRFprocessors [MRFPs]). Since IMS is designed to beaccess independent, it can connect to differenttypes of existing and emerging access networksas long as they have IP connectivity. Accessnetworks that can connect with the IMS includeGPRS/UMTS, 2G networks such as GSM viagateways, PSTNs via gateways, enterprise fixednetworks via IP Centrex, residential fixednetworks via xDSL or cable modem, WLANs, and worldwide interoperability for microwaveaccess (WiMAX).

Next, elements of each layer are examined alongwith their respective roles or functions inestablishing, modifying, and terminating asession; supporting roaming; providing desiredQoS; providing charging information; etc. Thediscussion begins with the control layer elements,since the IMS calls basically start from this point:

• CSCF server is also known as the SIP server,since it processes SIP signaling. There arethree types of CSCFs: proxy (P-CSCF),interrogating (I-CSCF), and serving (S-CSCF).

— P-CSCF is the first point of contact, in the signaling plane, between the IMSterminal and the IMS network. From the SIP point of view, the P-CSCF acts as a SIP proxy server, i.e., all requestsinitiated by the IMS terminal or destinedfor the IMS terminal traverse the P-CSCF,which provides data integrity andconfidentiality by using IP security(IPSec) to maintain a security associationbetween itself and each IMS terminal.The P-CSCF handles the chargingrecords for billing purposes by creatingand maintaining a charging data record(CDR) that can be consolidated at acharging gateway function (CGF). The P-CSCF also provides QoS authorizationand control by providing the necessaryinformation to the PDF for resourceauthorization and QoS control. The IMSalso supports roaming services via the P-CSCF. (Roaming, QoS, charging, etc.,are discussed in more detail in the IMSOperations section of this paper). Also,once the P-CSCF authenticates the user,it asserts the identity of the user to therest of the nodes (or IMS elements) in the network, so those nodes do not need to authenticate the user again. IMS networks usually have several P-CSCFs for the sake of scalability andredundancy, and each P-CSCF serves acertain number of IMS terminals, basedon its capacity.

— I-CSCF is a proxy server that is located at the edge of an administrative domainand that interfaces with SLF and HSSdatabases. These interfaces are based on the Diameter protocol. The I-CSCFretrieves user location information and routes the SIP requests to theirappropriate destinations, typically an S-CSCF. The I-CSCF also assigns an S-CSCF if there is more than one. The

COMMONLY USED IMS INTERFACEDESIGNATORS

Cx between HSS and I-CSCF/S-CSCF

Dx between SLF and I-CSCF/S-CSCF

Gm between I-CSCF/S-CSCF and user equipment

Go between PDF and PEP

Gq between PDF and P-CSCF

Mb between IM-MGW and entities such as user terminal, MRFP, AS

Mi between BGCF and I-CSCF/S-CSCF

Mj between BGCF and MGCF

Mk within a given BGCF (intra-BGCF)

Mn between MGCF and MGW

Mp between MRFC and MRFP

Mw between CSCFs within the same network

Ro between OCF and S-CSCF, MRFC, SIP-AS, et al.

Sh between HSS and AS (SIP-AS or OSA-SCS)

Si between HSS and IM-SSF

Za between security domains (inter-domain)

Zb within a given security domain (intra-domain)

Note: X/(Y) notation on the interfacesindicates that the interface is X and theprotocol used on that interface is Y.


I-CSCF selects the S-CSCF based on theinformation queried from the HSSthrough the Diameter-based Cx interface.If there are multiple HSSs, the I-CSCFmust first contact the SLF (explainedbelow) through the Diameter-based Dxinterface to obtain the HSS addresses.The I-CSCF may also act as a topologyhiding internetwork gateway (THIG) byhiding sensitive information about thedomain, such as the number of servers,their domain name system (DNS) names,and their capacities. An IMS networkmay have several I-CSCFs for the sake of scalability and redundancy.

— S-CSCF is essentially a SIP proxy thatrelays SIP messages, a SIP UA thatinitiates and terminates SIP transactions,and a SiP registrar that authenticatesusers during registration. Mostimportantly, the S-CSCF controls thesession. The S-CSCF interfaces with the HSS via Diameter protocol anddownloads the user’s profile andauthentication vector (AV) to be used in user authentication. The user profileincludes the subscriber service profile(SSP), which has trigger points and user-specific filter criteria. The S-CSCFuses this information to control a user’saccess to different ASs. The S-CSCF also collects data for charging purposes.An IMS network may have several S-CSCFs for the sake of scalability andredundancy. Both the S-CSCF and the P-CSCF maintain session timers, i.e., they are stateful proxies.

• HSS is a stateless Diameter server and adatabase that holds all of the subscriber’sinformation. It is basically an advanced homelocation register (HLR) that holds userinformation, including location, security data(AV), user profile SSP, trigger points andfilter criteria, and the user’s allocated S-CSCF. The HSS may also support HLR/authentication center (AUC) functionalityand mobile-application-part (MAP)-basedinterfaces for legacy 2G and 2.5G networks.Subscriber data stored in the HSS is the key enabler for service mobility acrossdifferent types of access networks and foruser roaming between different networkoperators. A network may require more thanone HSS due to the number of subscribersand the capacity of the HSS. Because of itsimportance, the HSS is always implementedin redundant configuration.

• SLF is a Diameter-based redirect agent orserver that maps the user’s address to aspecific HSS. A network with a single HSSdoes not require an SLF.

• PDF may be part of the P-CSCF or astandalone entity. It interacts with the P-CSCF via the Diameter-based Gq interfaceand with the PEP at the packet data gateway(PDG) via the COPS-based Go interface. ThePDG for the GPRS/UMTS network is thegateway GPRS support node (GGSN).

• AS is a SIP entity that hosts and executesservices. New IMS-specific services areexpected to be developed in SIP ASs. An ASmay host several different applications.

• IP multimedia service switching function (IM-SSF) is a specialized AS that allows reuseof a GSM network’s customized applicationfor mobile network enhanced logic (CAMEL)services in the IMS. The IM-SSF allows thegsmSCF to control an IMS session.

• MRF provides the source for media in thehome network. It enables the home networkto play announcements, mix media streams,transcode between different codecs, performmedia analyses, and provide statistics. TheMRF is divided into two parts: MRFC andMRFP. MRFC acts as a SIP UA and containsan interface with the S-CSCF. It also controlsresources in the MRFP via a Megacointerface. The MRFP implements all media-related functions, such as playing media.

• BGCF is the SIP server with routingfunctionality based on telephone numbers. It is used in sessions that are initiated by IMS terminals and addressed to users in a CS network such as PSTN or other cellular network. The BGCF’s mainfunctionality is to select an appropriatePSTN/CS gateway.

• Media gateway control function (MGCF) is the main node of the PSTN/CS gateway. It has two primary functions: (1) to performcontrol signal protocol conversion from SIPto BICC or ISUP with the SGW, and (2) tocontrol the resources in the MGW. The MGWconverts the media formats between RTP onthe SIP side and pulse code modulation(PCM) on the PSTN side.

IMS OPERATIONS

Some of the more important issues in IMSnetwork operations, such as prerequisites,

registration, session setup, security, QoS and

An applicationserver is a

SIP entity that hosts and executes

services. New IMS-specificservices are

expected to bedeveloped in

SIP ASs. An AS may host several

differentapplications.


policy support, and charging, are examined inthis section.

IMS Operation PrerequisitesBefore a user can access IMS service, the IMS terminal must perform three major tasks:Access the IMS home or visited network via theIP connectivity access network (IP-CAN),discover the P-CSCF address, and perform IMS level registration.

The IP-CAN could be GPRS/UMTS, WLAN, orxDSL, although Release 5 of the 3GPP (the firstrelease of the IMS) supports only GPRS/UMTS.Thus, the IMS terminal must perform a GPRSAttach with the serving GPRS support node(SGSN) and perform bearer level authenticationwith the HLR. To discover the IP address of the P-CSCF, which is stored at the GGSN, theterminal must perform a packet data protocol(PDP) context activation with the GGSN. Finally,the terminal must perform IMS level registrationwith the CSCF and the HSS. At this point, the IMSterminal can access various applications on ASsvia the CSCF.

IMS User Authentication and SecurityAssociationsBefore a user can complete IMS level registration,the user must perform user authentication and establish security associations. Userauthentication in the IMS is based on achallenge/response algorithm and the secretsstored in the ISIM part of the UICC and in theHSS. The S-CSCF is the entity that performs theauthentication, and the P-CSCF is the entity that

performs the integrity and confidentialityprotection of the messages.

The authentication process begins after theprimary PDP context activation, when the IMSterminal sends a SIP register request to the CSCF. The CSCF contacts the HSS and obtains theuser’s AV. The AV is composed of a randomnumber (RAND) challenge, an authenticationtoken (AUTN), the expected response (XRES), theCk, and the Ik. The XRES is calculated based on aknown algorithm RAND and a stored secret. The CSCF replies with a SIP 401 message andincludes both the RAND and the AUTN. Uponreceiving this message, the IMS terminalcomputes its own response (RES) based on thereceived RAND, the same known algorithm usedby the CSCF, and the secret keys retrieved from its ISIM card. The IMS terminal sendsanother SIP register request message thatincludes its own RES. Upon receiving thismessage, the CSCF compares the XRES with theRES, and, if they agree, the CSCF replies with theSIP 200 OK message. This process is summarizedin Figure 6.

To provide integrity and confidentiality, the P-CSCF and the IMS terminal establish two IPSecsecurity associations (SAs) between themselves.One SA is established from the terminal’s client-protected port to the P-CSCF’s server-protectedport, and the other SA is established from the P-CSCF’s client-protected port to the terminal’sserver-protected port. Both SAs support traffic inboth directions. The P-CSCF and the IMS terminalneed to agree on a set of parameters to establishthe two IPSec SAs. The P-CSCF obtains the Ck

and the Ik in the SIP 401 unauthorized replymessage from the S-CSCF. The P-CSCFremoves both keys before relaying themessage to the IMS terminal. To negotiatethe rest of the IPSec parameters, the P-CSCFand the IMS terminal use the same two SIPregister messages that are used forauthentication. After these steps arecompleted, IPSec is permanently set up forthe duration of the session hop-by-hopbetween the P-CSCF and I-CSCF, I-CSCF andS-CSCF, S-CSCF and AS, AS and HSS, P-CSCF and S-CSCF, and S-CSCF and otherentities such as BGCF and MGCF. Alongwith the foregoing actions, encryption mayalso take place between the IMS terminal andthe GGSN on the radio bearer end. Thisprocess is shown in Figure 7.

Figure 6. IMS User Authentication

To provide integrity and

confidentiality, the P-CSCF and the IMS terminal

establish two IPSec SAs

betweenthemselves.


IMS Level RegistrationIMS level registration involves the followingbasic actions:

• The P-CSCF and the S-CSCF are assigned tothe IMS terminal, and a path is establishedbetween them.

• The IMS terminal is authenticated.

• Integrity and confidentiality securityassociations are set up.

• The S-CSCF downloads the user profilefrom the HSS.

• The S-CSCF stores the address informationin the HSS.

Specific steps in the IMS level registration processare as follows:

Step 1: The IMS terminal sends a SIPregister request message to the P-CSCF and compresses thismessage to save transmissionbandwidth and minimize signalingdelays. The receiving P-CSCFdecompresses the request message.

Step 2: If there are multiple S-CSCFs, the P-CSCF forwards the request to the I-CSCF, so that the I-CSCF can select an S-CSCF to serve theuser’s session.

Step 3: The I-CSCF sends a Diameter-baseduser authorization request (UAR)message to the HSS, requesting theaddresses of all available S-CSCFs.

Step 4: The HSS replies with a user authori-zation answer (UAA) message thatincludes a list of all available S-CSCFs.

Step 5: The I-CSCF selects one S-CSCF andforwards the register request to theselected S-CSCF.

Steps 6–7: The S-CSCF retrieves the user AVfrom the HSS via a Diameter-basedmultimedia authentication request(MAR) message and a Diameter-based multimedia authenticationanswer (MAA) message.

Steps 8–10: From the AV, the S-CSCF computesthe user-specific challenge data andsends this information via a 401UNAUTHORIZED message to theIMS terminal through the I-CSCF,P-CSCF, and IMS terminal.

Steps 11–15: The IMS terminal computes itsauthentication response and sendsit to the S-CSCF via another registerrequest message.

Steps 16–17: The S-CSCF verifies the responseand, if correct, downloads thesubscriber profile from the HSS viaDiameter-based server assignmentrequest (SAR) and server assign-ment answer (SAA) messages. TheS-CSCF may contact an AS (or ASs)for service control as specified inthe SSP.

Figure 7. IMS Security Associations


Steps 18–20: Finally, the S-CSCF sends a 200 OKmessage back to the IMS terminalvia the I-CSCF and the P-CSCF.

A graphic representation of the above steps isshown in Figure 8.

IMS Session SetupSession setup is the process of discoveringnetwork nodes and signaling paths.

Building on the SIP session setup functionalitydetailed earlier in this paper, the IMS offers additional functionality, including SIP signaling compression, SIP messageintegrity/confidentiality protection, QoS-relatedcapabilities and features, routing capabilities tothe PSTN/CS networks, tracking and recordingof charging information, etc.

IMS SecurityIMS security can be divided into two areas [9, 10, 26]: access security and network security.Access security involves authentication of usersand networks and protection of traffic betweenIMS terminals and networks. Network securityinvolves protection of traffic between securitydomains. (A security domain is a networkmanaged by a single administrative authority.)

For access security, as indicated in the earlierdiscussion of IMS level registration, an IMSterminal request message travels through the P-CSCF and the S-CSCF during the registrationprocess. The S-CSCF performs the authenti-cation, and the P-CSCF establishes two IPSecassociations to protect the traffic to and from the terminal.

To provide network security, all traffic enteringor leaving a security domain passes through asecurity gateway (SEG), as shown in Figure 9.Security associations between SEGs areestablished and maintained using the Internetkey exchange (IKE) protocol (RFC 2409). Thetraffic between SEGs is protected using IPSecencapsulation security payload (ESP) (RFC 2406)running a tunnel mode.

Within a security domain, network nodes useIPSec to exchange traffic with each other and withthe SEG. The inter-domain interfaces, Za, requiremandatory authentication, integrity protection,and encryption. The intra-domain interfaces, Zb,carry only intra-domain signaling traffic andrequire mandatory integrity protection.Encryption on these interfaces is optional. Figure 10 illustrates this process.

Figure 8. IMS Level Registration

Within a securitydomain, network

nodes use IPSec toexchange traffic

with each other andwith the SEG.


In addition to the mandatory network layersecurity (IPSec), the IMS also provides optionaltransport layer security (TLS) and applicationlayer security (e.g., HTTP digest authenticationfor SIP).

The IMS also contains three interfaces, Cx, Dx, andSh, that use authentication functions. Interface Dxis the interface between the SLF and the I-CSCFand P-CSCF. Interface Cx is the interface betweenthe HSS and the I-CSCF and P-CSCF. Andinterface Sh is the interface between the HSS andthe ASs. In all three interfaces, Diameter is theauthentication protocol. Diameter runs overreliable transport protocols such as TCP andstreaming control transmission protocol (SCTP).

IMS-CS InterworkingSince CS networks and the PSTN will remain inuse for the foreseeable future, the IMS alsoprovides interworking capabilities with BICC-and ISUP-based legacy networks (e.g., PSTN,ISDN, and CS public land mobile networks[PLMNs]). The main IMS functional entitiesinvolved are the BGCF, MGCF, IM-MGW, andSGW. IMS-CS interworking architecture is shownin Figure 11.

The BGCF’s main functionality is to select anappropriate network in which interworking withthe CS domain will take place, or to select an

appropriate CS/PSTN gateway, if interworkingwill take place in the same network in which theBGCF resides. The MGCF is the component thatcontrols the IM-MGW and that performs SIP-to-BICC or SIP-to-ISUP call-related signaling

Figure 9. Network Security Between Domains

Figure 10. Intra-Domain and Inter-Domain Network Security

Figure 11. IMS-CS Interworking Architecture (Source [11])

Since CS networks and thePSTN will remain

in use for theforeseeable future,

the IMS also providesinterworking

capabilities withBICC- and

ISUP-based legacy networks.


interworking. The IM-MGW converts mediaformats provided in one type of network to theformat required in another type of network; forinstance, it provides the interface between the PSdomain and the CS domain. The IM-MGW mayalso be connected via the Mb interface to variousnetwork entities such as a user terminal (via aGPRS tunneling protocol [GTP] tunnel to aGGSN), an MRFP, or an AS. The SGW performsthe call-related signaling conversion to or fromthe BICC/ISUP-based MTP transport networks tothe BICC/ISUP-based SCTP/IP transportnetworks and forwards the converted signalingto or from the MGCF. The SGW may beimplemented as a standalone entity or located inanother entity in the CS network or the IM-MGW.

IMS QoS Support MechanismThe QoS support mechanism ensures that thecritical elements of IP transmission such astransmission rate, gateway delays, and error ratescan be measured and guaranteed in advance. Thisfunction is performed mainly via the PDF, whichinteracts with and controls the underlying packetnetwork (i.e., the access network resources) viathe Go interface with an element in the PDGcalled the PEP. The PDG for the GPRS/UMTS isthe GGSN, which hosts the PEP. Policy-relatedinformation is transmitted between the PDF andthe PEP using COPS (RFC 2478).

Currently, two basic methods support QoS on the Internet: integrated services (IntServ)

(RFC 2215 [27]) and differentiated services(DiffServ) (RFC 3260 [28]).

IntServ is designed to provide end-to-end QoSwith two classes of services: controlled load andguaranteed. IntServ uses resource reservationprotocol (RSVP) to reserve resources with thedesired QoS. RSVP also ensures that the routersreceiving resource reservation requests are therouters that will actually route the packets. Thisfunction is performed via a two-way handshake,in which one endpoint (endpoint A) sends aPATH message to the other endpoint (endpointB), recording all the visited intermediate nodes.Then, in the reverse direction starting at endpointB, a RES message is sent through all the nodesrecorded in the PATH message, this time actuallyreserving the resources.

Note that a router in the path can reject a resourcereservation request either because it does nothave the required resources or because therequester does not have the permissions toreserve those resources. Thus, RSVP can beconsidered as not only a resource reservationprotocol, but also an admission control protocol.

The main drawback of IntServ is that it does notscale well. This is primarily because (1) thenetwork needs to store a large amount ofinformation, and (2) routers need to look up large tables before they can route the packets. To address these issues, DiffServ architecture was proposed.

The main drawbackof IntServ is that it does not scale

well. This isprimarily because

(1) the networkneeds to store alarge amount ofinformation, and

(2) routers need tolook up large tables

before they canroute the packets.

Figure 12. QoS Authorization


In DiffServ, routers identify packet treatmentwithout the need for table lookup. Packettreatments, known as per-hop behaviors (PHBs),are identified by 8-bit codes called differentiatedservices code points (DSCPs). Packets are markedat the edge of the network with a certain DSCP, sothat routers in the path apply the correct PHB tothem. DSCPs are encoded in the Types of Servicefield of IPv4 and the Traffic Classes field of IPv6.Two examples of PHBs are expedited forwardingand assured forwarding. In expedited forwardingPHB, packets never experience congestion in the network. In assured forwarding PHB, packet-drop precedence is determined, allowinglow priority packets to be discarded before high priority packets; some packets may in fact be discarded.

In the IMS, end-to-end QoS involves both QoSover the access network and QoS in the corenetwork. This implies that QoS-requiredresources have to be provisioned and enforced onboth sides. This can be done by using a link-layerRSVP on the access network side and the DiffServmethod (or RSVP) on the network side. On theGPRS/UMTS access network, the link-layerresource reservation is performed via PDPcontext activation, and the GGSN maps link layerresource reservation flows to DiffServ code pointsin the network [7, 8, 26].

Specific steps in the QoS provisioning process aredescribed below.

For inbound sessions:

Step 1: An INVITE request message arrivesat the P-CSCF/PDF.

Step 2: The P-CSCF adds a mediaauthorization token to the messageand forwards this message to theIMS terminal.

Step 3: The IMS terminal creates a PDPcontext activation request messageand sends it to the SGSN.

Steps 4–6: The SGSN receives this messageand checks the user’s subscriptioninformation stored in the HSS usingmobile application part (MAP)protocol. If the IMS terminalrequests more resources than it isallowed to use, the SGSN adjuststhe requested resources to theappropriate level and sends a PDPcontext request message to theGGSN, along with the authorizationtoken.

Step 7: The GGSN extracts the token andthe packet flow identifier and sendsthis information to the PDF usingthe COPS REQ (request) message.The packet flow identifier containsthe source address, the destinationaddress, the source port number,the destination port number, andthe transport protocol used.

Step 8: The PDF responds to the GGSNwith a COPS DEC (decision)message that contains the QoScharacteristics of the IMS terminal’sauthorized session. This is knownas service-based local policy (SBLP)information. The GGSN uses thisinformation to install packet filtersthat allow only authorized packetflows to be transmitted over a givenPDP context.

Step 9: The GGSN (actually the PEPresiding in the GGSN) sends an RTP message to the PDF indicatingthat it will comply with the PDF’s policy.

Step 10: The GGSN sends a PDP contextresponse message back to theSGSN, authorizing the SGSN for therequested PDP context.

Step 11: The SGSN forwards this response tothe IMS terminal.

Figures 12 and 13 summarize the above process.

For outbound sessions of the QoS provisioningprocess, only the initial steps differ from those forinbound sessions. Replacing Steps 1 and 2 ofinbound sessions, the corresponding stepsinvolved in outbound sessions are:

Step 1a: The IMS terminal sends an INVITE request message to the P-CSCF/PDF.

Step 1b: The P-CSCF/PDF forwards thismessage to the callee.

Step 2a: The P-CSCF sends a sessionprogress message to the callee.

Step 2b: The P-CSCF also adds theauthorization token to this messageand forwards it to the IMS terminal.

Steps 3 through 11 of outbound sessions areidentical to those of inbound sessions of the QoSprovisioning process.

On the GPRS/UMTSaccess network,

the link-layerresource reservation

is performed viaPDP context

activation, and theGGSN maps link

layer resourcereservation flows to DiffServ code

points in thenetwork.


As was mentioned earlier, the GGSN/PEP mustalso play the role of a DiffServ edge router andmap the required QoS to the appropriate DSCP toprovide the desired QoS on the core network side,assuming DiffServ is used there.

IMS Service DeliveryOne of the main features of the IMS is its servicedelivery capabilities. The primary IMS networkelements involved in service delivery are the S-CSCF, which acts as the central session controlpoint; the ASs, where the actual services resideand service-specific SIP processing is performed;the HSS, which provides information on theservices and qualities accessible to the IMS user;and the MRF (along with MRFC and MRFP),which controls the media resources.

The IMS employs three types of service deliveryplatforms: SIP-AS, OSA-AS, and legacy SCP. Thesubscriber’s S-CSCF interacts with the serviceplatforms through a SIP-based, intra-operatorinterface known as the IMS service control (ISC).ASs may access user data in the HSS forapplication-specific information via the Shinterface; as mentioned earlier, the S-CSCFdetermines whether to invoke a particular ASbased on specific filter criteria from the user’s SSPstored in the HSS. Multiple applications canreside on a single AS.

Service control in the IMS is home network based,which means that the user receives the sameservices whether operating in the home networkor roaming into a visited network.

IMS RoamingAs indicated earlier, roaming is handled via theP-CSCF. The P-CSCF is the only node or elementin the IMS that must be located in either the homenetwork or the visited network. Also, when IPconnectivity access is via GPRS or UMTS, thelocation of the P-CSCF is subordinate to thelocation of the GGSN. In roaming scenarios,GPRS and UMTS allow the GGSN to be locatedeither in the home network or the visitednetwork, while the SGSN is always located in thehome network. Furthermore, in the IMS, both theGGSN and the P-CSCF share the same network,and the P-CSCF controls the GGSN via the Go interface.

Currently, the IMS allows two configurations forroaming. In the first configuration, shown inFigure 14a, the P-CSCF (and the GGSN) arelocated in the home network. This arrangementwould probably be used in the early stages of IMSdeployment. In this configuration, the visitednetwork is not required to have an IMS-compliant(i.e., 3GPP Release 5 or newer) GGSN. The visitednetwork only provides the radio bearers and theSGSN services for the roaming terminal. The only

Figure 13. QoS Authorization Flow (Inbound Session)

The IMS employsthree types of

service deliveryplatforms: SIP-AS,

OSA-AS, and legacy SCP.


negative aspect of this configuration is that mediaare first routed to the home network and then totheir destination, introducing unnecessary andundesirable delays. This configuration, however,allow immediate deployment of the IMS and IMS roaming [26].

In the second configuration, shown in Figure 14b,the P-CSCF and the GGSN are located in thevisited network, i.e., the visited network has anIMS-compliant GGSN. There may be a move tothis configuration after initial IMS deployment.

IMS ChargingThe IMS supports both offline (or post-paid) andonline (or real-time pre-paid) charging services.The IMS charging architecture is shown in Figure 15 [12–14, 29].

The online charging services are handled by the online charging function (OCF) AS; the offline charging services are handled by the charging collection function (CCF) AS. In Release 6, the CCF is upgraded to the chargingdata function (CDF).

The CCF/CDF is a stateless Diameter-based ASthat does not maintain session states, but keepstrack of transaction states. It creates, updates, andcloses charging data records (CDRs) based onaccounting request (ACR) messages it receivesfrom IMS elements. There are three types of ACRmessages: ACR (Start) to generate the CDR andstart accounting, ACR (Update) to update theCDR, and ACR (Stop) to update and close theCDR. Figure 16 depicts the signaling flow for asession-based offline charging scenario in whichan ACR (Start) is triggered upon receipt of anINVITE request message to start a session; anACR (Update) is started when the interim periodelapses, and an ACR (Stop) is triggered uponreceipt of a session termination BYE requestmessage.

The OCF is a stateful Diameter-based AS thatmaintains both session states and transactionstates for online charging. IMS elementsinteracting via the Ro interface with the OCFinclude the S-CSCF, MRFC, and SIP ASs. The S-CSCF interacts with the SCF of the OCF forsession-based pre-paid service control, while the

Figure 14a. P-CSCF and GGSN Located in a Home Network (After [26])

Figure 14b. P-CSCF and GGSN Located in a Visited Network (After [26])

The IMS supportsboth offline

(or post-paid) and online (or

real-time pre-paid)charging services.


SIP AS and the MRFC interact with the eventcharging function (ECF) of the OCF for content-based pre-paid control. The SIP-Diameterinterworking function (IWF) provides SIPto/from Diameter format conversion and alsoacts as a credit control client (CCC).

Depending on the received SIP messages and theservice usage condition, the CCC sends aDiameter-based credit control request (CCR)message to the OCF/SCF, and the OCF/SCFsends a credit control answer (CCA) replymessage. There are basically three types of CCRs(and CCAs): CCR (Start), CCR (Update), and CCR (Stop).

CCR (Start) corresponds to the initial CCRmessage to start a session and is triggered whenthe CCC receives an INVITE request to start thesession. Via this CCR message, the CCC checkswith the OCF/SCF to verify that the IMS terminalhas enough credit left for session initiation andusage and then reports back in the CCA replymessage. At this point, the IWF/CCC startstiming or counting session usage. When thegranted units or account balances near depletion,the CCC sends a CCR (Update) message to theOCF/SCF to request more credit. The OCF/SCFreplies to this request via a CCA and includes theamount of additional credit, if any. Finally, if atermination request is received via a BYE requestmessage, the CCC sends a CCR (Stop) message to

Figure 15. IMS Charging Architecture

Figure 16. Session-Based Offline Charging


the OCF/SCF and reports the amount of creditused and the amount left over. Of course, if thecredit is depleted before a SIP termination requestarrives, and additional credit cannot be obtained,the CCC can force the session to be terminated.

CONCLUSIONS

The IMS allows an evolutionary move to all-IP converged networks. But in terms of

capabilities and features offered, the IMS is truly a revolutionary approach to multimedia,multisession service deployment. It providesflexible session control with desirable featuressuch as guaranteed end-to-end QoS, roamingcapabilities, security, and easy and convenientcharging. It also allows horizontal servicedeployment by offering a common platform withreusable components and open interfaces. Forinstance, the IMS will be able to offer PTT with almost immediate user access. DeployingPTT service will be as easy as uploading the AS software in an AS and uploading the client application software over the air (OTA) tothe user’s terminal. With the IMS in place,services and applications can be deployed morequickly, easily, and economically than everbefore. Thanks to the IMS, the vision of a personalcommunication system (PCS) can finally becomea reality! �

TRADEMARKS

3GPP is a trademark of the EuropeanTelecommunications Standards Institute (ETSI) in France and other jurisdictions.

cdma2000 is a registered trademark of the Telecommunications Industry Association (TIA-USA).

REFERENCES

[1] 3GPP TS 23.228, “Service Requirements for theInternet Protocol (IP) Multimedia Core NetworkSubsystem (IMS), Stage 1.”

[2] 3GPP TS 23.228, “IP Multimedia Subsystem(IMS); Stage 2.”

[3] 3GPP TS 24.229, “IP Multimedia Call ControlProtocol Based on SIP and SDP.”

[4] 3GPP TS 23.002, “Network Architecture.”[5] 3GPP TS 32.299, “Diameter Charging

Applications.”[6] 3GPP TS 24.228, “Signaling Flows for the IP

Multimedia Call Control Based on SIP and SDP.”[7] 3GPP TS 23.207, “End-to-End Quality of Service

(QoS) Concept and Architecture.”

[8] 3GPP TS 29.208, “End-to-End Quality of Service(QoS) Signaling Flows.”

[9] 3GPP TS 33.203, “3G Security; Access Security for IP-Based Services.“

[10] 3GPP TS 33.210, “Security Requirements.”[11] 3GPP TS 29.163, “Interworking Between the IP

Multimedia (IM) Core Network (CN) Subsystemand Circuit Switched (CS) Networks.”

[12] 3GPP TS 32.225, “TelecommunicationManagement; Charging Management; ChargingData Description for the IP MultimediaSubsystem (IMS).”

[13] 3GPP TS 32.260, “TelecommunicationManagement; Charging Management; IPMultimedia Subsystem (IMS) Charging.”

[14] 3GPP TS 32.295, “TelecommunicationManagement; Charging Management; ChargingData Record (CDR) Transfer.”

[15] 3GPP TS 32.260, “IP Multimedia Subsystem (IMS) Charging.”

[16] “Siemens IP Multimedia Subsystems (IMS),”Siemens White Paper.

[17] “IP Multimedia Subsystem IMS Overview andApplications,” 3G America White Paper.

[18] “IMS–IP Multimedia Subsystem,” Ericsson White Paper, October 2004.

[19] RFC 3261, “SIP: Session Initiation Protocol,” June 2002.

[20] RFC 2327, “SDP: Session Description Protocol,”April 1998.

[21] RFC 3550, “RTP/RTCP: Real Time Protocol/Real Time Control Protocol,” July 2003.

[22] RFC 3588, “Diameter,” September 2003.[23] RFC 2866, “RADIUS: Remote Authentication

Dial-In User Services,” June 2000.[24] RFC 2478, “COPS: Common Open Policy

Services,” January 2000.[25] G. Camarillo, SIP Demystified, McGraw-Hill,

2001.[26] G. Camarillo and M.–A. Garcia-Martin, The 3G IP

Multimedia Subsystems (IMS): Merging the Internetand the Cellular World, John Wiley & Sons, August 2004.

[27] RFC 2215, “IntServ: Integrated Service,”September 1997.

[28] RFC 3260, “DiffServ: Differentiated Services,”April 2002.

[29] “IMS Signaling Architecture,” Ulticom WhitePaper, 2005.

BIOGRAPHY

Rasoul Safavian brings morethan 15 years of experience in the wired and wirelesscommunications industry to his position as BechtelTelecommunications’ new vicepresident of Technology,Americas Regional BusinessUnit. He is charged withestablishing the overall

technical vision for Bechtel’s American markets andproviding guidance and direction to its specific

The IMS allows an evolutionarymove to all-IP

converged networks.But in terms of

capabilities andfeatures offered,

the IMS is truly a

revolutionaryapproach tomultimedia,

multisession servicedeployment.


technological activities. In fulfilling this responsibility,he will be well served by his background in cellular/PCS, fixed microwave, satellitecommunications, wireless local loops, and fixednetworks; his working experience with major 2G, 2.5G,3G, and 4G technologies; his exposure to the leadingfacets of technology development as well as itsfinancial, business, and risk factors; and his extensiveacademic, teaching, and research experience.Before joining Bechtel in June 2005, Dr. Safavianoversaw advanced technology research anddevelopment activities, first as vice president of theAdvanced Technology Group at Wireless Facilities, Inc.,then as chief technical officer and vice president ofengineering at GCB Services. Earlier, over an 8-yearperiod at LCC International, Inc., he progressedthrough several positions. Initially, as principalengineer at LCC’s Wireless Institute, he was in charge ofCDMA-related programs and activities. Next, as leadsystems engineer/senior principal engineer, heprovided nationwide technical guidance for LCC’s XMsatellite radio project. Then, as senior technicalmanager/senior consultant, he assisted key clients withthe design, deployment, optimization, and operation of3G wireless networks.Dr. Safavian is quite familiar with the ElectricalEngineering departments of four universities: TheGeorge Washington University, where he has been anadjunct professor for several years; The PennsylvaniaState University, where he is an affiliated facultymember; Purdue University, where he received his PhD in Electrical Engineering, was a graduate researchassistant, and was later a member of the visiting faculty;and the University of Kansas, where he received bothhis BS and MS degrees in Electrical Engineering andwas a teaching and a research assistant. He is a seniormember of the IEEE and a past official reviewer ofvarious transactions and journals.

ip multimedia subsystems (ims): a...

Documents