折腾:
【已解决】搞懂rcsjta的core的Provisioning中IMS name合法用户账号的写法和逻辑
期间,从RCS的core的api:Provisioning 中

看到 IMS的认证有2种:
- GIBA
- DIGEST
需要去搞清楚含义。
找到了相关注册部分的代码
src/com/gsma/rcs/core/ims/network/ImsNetworkInterface.java
/** * Load the registration procedure associated to the network access */ public void loadRegistrationProcedure() { switch (mImsAuthentMode) { case GIBA: if (sLogger.isActivated()) { sLogger.debug("Load GIBA authentication procedure"); } mRegistrationProcedure = new GibaRegistrationProcedure(); break; case DIGEST: default: if (sLogger.isActivated()) { sLogger.debug("Load HTTP Digest authentication procedure"); } mRegistrationProcedure = new HttpDigestRegistrationProcedure(); break; } }
RCS GIBA DIGEST
- Training contents
- Introduction
- (IMS and RCS standardisation, horizontally and vertically integrated networks, RCS-e and RCS R1-R5 services),
- Architecture
- (basic IMS architecture, RCS R1-R5 architecture, IPX architecture, numbering and addressing, ENUM in IMS, DNS and ENUM in RCS/IPX),
- Access networks
- (PS bearer services in GSM/GERAN, UMTS/UTRAN, LTE/E-UTRAN, Broadband Access – I WLAN, QoS, Policy Control and Charging – PCC),
- Signalling procedures
- (SIP & SDP, SIP signalling bearer establishment, media bearer establishment, IMS discovery, registration, subscriber profile, initial filter criteria, mobile-to-mobile call, mobile-to-PSTN call, multi-device environment and SIP forking),
- Security
- (IMS authentication, SIP confidentiality and integrity, SIP Digest, SIP Digest with TLS, GPRS-IMS-Bundled Authentication – GIBA, Generic Authentication Architecture – GAA),
- Enhanced address book & Presence service
- (Enhanced address book and Presence service in RCS R1-R5, network address book, address book synchronisation in single and multi-device environment, presence information sharing, service availability/capability discovery, social presence relationship, geo-localisation, VIP contacts, 3GPP IMS Presence service, Presence Server, Resource List Server, OMA XDMS, XCAP, OMA Presence Service, service capability discovery via SIP options in RCS-e),
- Image Share & Video Share
- (service capability discovery for IS&VS, IS&VS session setup, IS&VS in RCS R1-R5e, multi-device environment),
- Messaging & File transfer
- 3GPP IMS Messaging
- (immediate messaging, session-based messaging, SMS over generic IP-CAN),
- OMA Instant Messaging (IM)
- (pager mode, large message mode, session mode, file transfer mode, 1-to-1, peer to peer, 1-to-many chat, predefined and ad-hoc group chat, deferred delivery, history and search, IM baring, final delivery reports),
- OMA Converged IP Messaging (CPM)
- (store and forward, common message store, CPM – SMS/MMS interworking),
- RCS-e/RCS5 Messaging
- (multi-device environment, 3GPP and OMA messaging services in RCS-e/RCS5),
- Geolocation services
- (geolocation PUSH and PULL).
- IP Voice and IP Video Call overview*
- (VoLTE and VoHSPA overview, MMTel architecture, call setup, supplementary services),
- Auto configuration and provisioning
- (RCS managed objects, first time registration and client configuration provisioning, re-registration, OMA DM, OMA CP).
另外也找到几处提到了GIBA:
参考资料
RCS UICC
然后去整理RCS中安全Security相关内容。
【总结】
略微有点理解了
IMS认证,属于安全security方面的内容
- Security涉及到
- IMS authentication
- SIP confidentiality and integrity
- SIP Digest
- SIP Digest with TLS
- GIBA=GPRS-IMS-Bundled Authentication
- GAA=Generic Authentication Architecture
其中:
- DIGEST=SIP DIGEST
- GIBA=GPRS-IMS-Bundled Authentication
- RCS的Security安全
- IMS authentication
- 认证总体流程
- 3GPP网络环境中,即使IMS(订阅)用户通过了PS域的认证,也还要经过IMS的IMPI的认证,才能继续访问IMS的服务
- -》即2步认证
- 第一步:PS的认证
- 具体实现:3GPP AKA
- 第二步:IMS的IMPI
- 具体实现:IMS AKA
- 图
- 相关名词
- IMPI=IP Multimedia Private Identity=IP多媒体私有识别码
- AKA=Authentication and Key Agreement=认证和密钥协商
- 常称为:3GPP AKA
- UTMS AKA
- UTMS中的双向认证机制叫做:UTMS AKA
- IMS AKA
- 认证流程
- 认证成功
- 用户认证失败
- 网络认证失败
- 同步失败
- SIM
- 相关名词
- UICC=Universal integrated circuit card
- 别称:SIM卡
- 含义:在GSM或UTMS网络中移动终端中的智能卡 =SIM卡
- 图
- 细节
- 包含应用(程序)
- 不同网络
- GSM网络中,UICC中包含一个SIM应用
- UTMS网络中,UICC中包含一个USIM应用
- cdmaOne/CDMA2000网络中,UICC除了包含USIM和SIM外,还包含一个CSIM应用
- 一张卡可能包含多个程序
- 一张卡可能同时支持GSM和UTMS
- ISIM = IMS SIM
- 是什么:一种应用程序application
- UICC vs SIM vs ISIM vs USIM vs CSIM 关系
- USIM = Universal SIM = SIM
- 以及:
- 【整理】IMS系统中的User Identity用户标识用户身份相关基础知识
- SIP confidentiality and integrity
- 期间先去:
- 【未解决】运行RCS服务是否需要IMS的AS服务器以及P-CSCF等相关名词含义
- 相关
- ESP=(IPsec 的)Encapsulating Security Payload
- SA=Security Association=安全关联
- 建立安全关联
- SA1和SA2的使用
- SIP Digest
- 是一种认证方法,只适用于非3GPP的访问网络
- 基于HTTP DIGEST,实现UE和HE之间的双向认证
- SIP Digest
- SIP Digest with TLS
- SIP Digest with TLS
- GIBA=GPRS-IMS-Bundled Authentication
- 背景:
- 3GPP的IMS安全功能,很好
- 但是早期的时候,早期设备,并不能很好的支持这方面的功能
- 比如早期的2G手机,不支持USIM、ISIM
- 因为本身不支持IPsec
- 需要一个简单但够用的安全机制
- -》出现了:GIBA
- 别名:early IMS security=-早期IMS安全(机制)
- 原理
- 在HSS中创建一个安全绑定
- 在两者之间
- SIP级的标识 :公开/私有的用户身份
- GRPS级别的 承载/网络层的标识:IP地址
- GIBA认证流程
- GAA=Generic Authentication Architecture
- 背景:
- 许多应用(程序)都有个需求是,在通讯之前,实现互相认证,以实现在一个客户端(比如UE)和一个AS(应用程序服务器)的通讯
- 所以需要一个通用认证的架构
- -》GAA
- GAA应用举例
- GAA机制签发资格证书
- GBA
- =Generic Bootstrapping Architecture=通用引导架构
- GBA架构
- 服务发现过程
- BSF地址
- 引导初始化
- GBA的引导过程的初始阶段
- GBA引导过程
- GBA引导使用过程
- SSC架构
- 签发证书
- 相关
- BSF= Bootstrapping Server Function
- NAF=Network Application Function
结论:
- RCS的认证,是用的RCS所依赖的IMS的认证
- IMS的认证
- 有两种
- GIBA
- 旧手机,比如2G手机,不支持USIM/ISIM的,采用GIBA
- 简介实现最基本的账号的安全认证
- (基于HTTP的,SIP协议的)DIGEST
- 对比:另外一种是(基于HTTPS的,即TLS的,SIP协议的DIGEST)
- 概述:是最新的认证方式
- 最新手机和终端和账号,一般都用这个