User-Centric Service Provisioning for IMS Salekul Islam and Jean-Charles Grégoire Institut national de la recherche scientifique Montréal, Québec, Canada
{islam, gregoire}@emt.inrs.ca
ABSTRACT The IP Multimedia Subsystem (IMS) is a converged framework for delivering voice, video and data communication services to mobile and fixed users. The present operatorcentric IMS model, which assume a single operator for the access network, IMS core and application servers, restricts if and how users can access services beyond the IMS core network. The present IMS model, by limiting the subscribers’ choice might be rejected by many end users. User-centric service provisioning should establish the users’ control and thus commence the customer interest for IMS. In this paper, we study the problems that a user-centric IMS architecture should address, and broaden the scope of our previously designed, third-party service enabled IMS model [21] by showing its use in user-centric service provisioning. Third-party offered service subscription and session setup procedures are explained with two use cases. The Users’ profile management and privacy endurance, possible terminal implications are also discussed in the context of a user-centric IMS model.
Categories and Subject Descriptors C.2.1 [Computer-Communication Networks]: Network Architecture and Design—Network communications, Wireless communication; C.2.2 [Computer-Communication Networks]: Network Protocols—Applications (SMTP, FTP, etc.)
General Terms Design
Keywords IMS; IMS services; User-centric model; Service provision.
1.
INTRODUCTION
The IP Multimedia Subsystem (IMS) [4] is a Session Initiation Protocol (SIP) [15]-based generic architectural framework for delivering voice, video and data communication services to mobile and fixed users. IMS is becoming the de
facto standard for real-time multimedia communication services for wireline and wireless operators alike. It focuses on the transparent delivery of multimedia and communication applications with SIP. It has successfully attracted the operators’ attention due to its foundation on two widely deployed technological building blocks: IP and SIP. IMS breaks the traditional isolated, dedicated, per-service architecture, and introduces the application-oriented horizontal solution. In the IMS service model, the IMS middle layer separates the service layer from the transport layer for greater flexibility. Hence, the benefit of IMS is to provide, through the middleware, access–independent, streamlined, common mechanisms for billing, authentication, security, Quality of Service (QoS), etc. Therefore, in the IMS service model, common functions are reutilized rather than being (re–)implemented in multiple copies. The IMS layered approach provides the freedom of introducing new services very quickly in response to market dynamics to satisfy the demands of the end users. Operators and Service Providers (SP) are keen to deploy IMS as it is expected to increase their Average Revenue Per User (ARPU) significantly. However, with all these benefits, revenue-generating deployment of IMS-based services has not been widely experienced yet. IMS deployment has been slow due to a number of challenges, a key one being the operator-centric implementation of IMS and its lack of usercentric service provisioning. The existing model assumes a single operator for the access network, IMS core, user profile and application servers. The IMS operator is responsible for every state of a service life-cycle. In many cases, the operators fail to offer a popular service due to their own limitations (e.g., resource limitation) or for administrative reasons (e.g., broadcasting rights). Moreover, some SPs are not willing to outsource their control over the end users. Consequently, end users are deprived from the wide range of IMS-compatible applications hosted by the third-party SPs. A new paradigm of user-centric service architecture, built around the end users’ needs and requirements, is getting popular among the users. In a competitive environment with choices between services, providers, devices and technologies — users are accustomed to a level of control that was unimaginable a few years earlier. End users not only consume services but also share, recommend and subscribe to services according to their needs and preferences. Moreover, advanced users with their powerful User Equipments (UE) (e.g., iPhone, Smartphone, etc.), will definitely like to
End User
PDA
Transport Layer
Control Layer
SEG-B IP network
Cell
IP Phone
Home Network A
Visited Network B
Radio access network
Service Layer
SEG-A S-CSCF
P-CSCF
IP connectivity access network
I-CSCF IMS Core B
AS
HSS
IMS Core A
Laptop AS: HSS: I-CSCF: IMS:
Application Server Home Subscriber Server Interrogating CSCF IP Multimedia Subsystem
P-CSCF: S-CSCF: SEG:
Proxy CFCF Serving CSCF Security Gateway
Figure 1: Functional architecture of Next-Generation Networking (NGN) IMS. enjoy more freedom than the existing IMS model offers. IMS could be extended to provide excellent tools that allow the operator to remain in control of the network technology, but put the users in control of their service experience. In this paper, we study the problems that should be addressed to design a user-centric IMS architecture and service provisioning. We presented a third-party services-enabled IMS architecture in [21], which extends the current IMS model to offer users access to IMS–compatible services even beyond the IMS domain. In our previous study, we focused on multiple user authentications at different SPs and ended up with a Single-Sign On (SSO) enabled augmented authentication architecture. However, a number of other key challenges, such as enhancing user control, subscription to third-party services, establishing business relationships with a new SP, session setup, etc. were not studied. It is worthwhile to mention that the architecture we previously designed in [21] will leverage in providing better user-control, and thus will be the first step in designing a user-centric IMS model. In this paper, we have broadened the scope of our third-party enabled IMS model by showing its applicability in user-centric service provisioning. Two use-case depicting user’s subscription and session setup procedures for thirdparty services have been presented. We have also discussed other challenges that a user-centric IMS model should consider, such as scalable management of subscription information at different domains, ensuring user’s privacy and possible implications on the end-user’s terminal.
2.
IP MULTIMEDIA SUBSYSTEM (IMS)
IMS was originally designed by the wireless standards body, the 3rd Generation Partnership Project (3GPP) [8] for UMTS. It was later extended to support other networks, such as Wireless LAN, CDMA 2000 and fixed line through the NextGeneration Networking (NGN) [7] architecture. The functional inter-domain architecture of NGN IMS is shown in Figure 1, where only the key components of the IMS core are highlighted.
2.1
IMS core and authentication
The core functional components for call control include different Call Session Control Functions (CSCF), such as Proxy CSCF (P-CSCF), Interrogation CSCF (I-CSCF) and Serving CSCF (S-CSCF). The P-CSCF is a SIP proxy that sits on the path of all signaling messages and ensures that SIP registration is passed to the correct home network or SCSCF. The S-CSCF is a SIP server and the signaling plane’s central node; it registers users and provides services to them. The I-CSCF, a SIP proxy located at the edge of the home network, takes part in user roaming. The Home Subscriber Server (HSS) is the master user database and supports the IMS network entities in handling calls/sessions. It contains subscription-related information (i.e. user profiles), and performs authentication and authorization of the user. The ICSCF and the S-CSCF use a AAA protocol, Diameter, for communicating with the HSS. Application Servers (AS) host and execute the services and communicate with the core network through the S-CSCF using the SIP protocol. IMS Authentication and Key Agreement (AKA) [3] is a challenge-response based authentication mechanism, which uses symmetric cryptography and provides mutual authentication between the IMS Services Identity Module (ISIM) of the UE and the home network. For identification, the ISIM uses the IP Multimedia Private Identity (IMPI), which has the form of a Network Access Identifier (NAI). The HSS of the home network and ISIM share a long-term key associated with the IMPI. On successful authentication of the UE, the S-CSCF registers the IM Public Identity (IMPU) of the UE, and the user is allowed to receive any service for which he has proper authorization. Moreover, the visited and home networks are connected through two Security Gateways (SEG), which establish a trusted link between the two networks following the Network Domain Security (NDS)/IP specification [2].
2.2
IMS service provisioning
The operator-centric IMS service provisioning is based on the walled-garden business model [22, 17]. In a walledgarden model, every content or service the end users wish to
get comes from the operator’s portfolio. Access to outer services are not allowed and third-party services, if provided, appear under the operator’s brand name. The present IMS model assigns the duties of service creation, deployment and maintenance to the core operator. Although third-party services are not precluded in the IMS specification (see Figure 4.2 of [4]), their detailed implementation means are not studied. The IMS-compatible SIP-based services are implemented at the Application Servers (AS). The HSS maintains user profiles to keep subscription information by following the guidelines of the Generic User Profile (GUP) [5]. A user profile is tagged by the UE’s private identity (i.e., the IMPI) and is composed of one or several service-specific service profile(s). Each instance of a service profile consists of public identities (which are associated with that service profile), service authorization information (list of subscribed services), filtering criteria, etc. In IMS service model, the ASs have access to user profiles in the HSS through the intra-operator Sh interface. The protocol used for message exchange through Sh interface is Diameter [19]. The telecommunications world prefer walled-garden business model for a simple core reason: control over the end users. These types of models have many pros including customer and revenue control, control over the subscribers’ information, QoS, security, etc. This will reduce the CAPEX and OPEX costs, and allows for faster introduction of consistent service offerings across the entire subscriber base. However, a walled-garden business model brings a number of key shortcomings, such as the cost (and ultimate price) of QoS and service customization, and limiting the subscribers’ choice while the customers’ appetite for third-party services has fully developed. Therefore, many end users will reject the walled-garden IMS model and use public Internet alternatives [22]. Consequently, instead of increasing the ARPU the walled-garden IMS may work against the interests of both network providers and end-users by limiting the activities, and reducing the number of participants in a service ecosystem. Therefore, it could be concluded that the IMS will be able to fulfill its promise only once telcos start thinking beyond the closed models.
3.
RELATED WORK
In this section, we have summarized the previous work from both telecom industries and academia, which is related to user-centric service provisioning in IMS. In the area of telco service provisioning, user-centric service creation and execution is becoming a new paradigm, which further extends the user-centric business models. In a user-centric service creation model, end users (not necessarily technically welleducated) can create, manage, share and execute their own, personalized services that fit their needs better. Users’ privacy and data protection, which are considered big challenges for such a distributed business model, have been studied in [17]. In the OPUCE project1 , the user-centric approach is applied to the combination of the Web and network services over the NGN architecture [16]. The OPUCE platform introduces a highly flexible service provisioning environment that considers all aspects of service lifecycle from creation to withdrawal of a service. 1
http://www.opuce.tid.es
The ADAMANTIUM project2 is studying an IMS-compatible Multimedia Content Management System (MCMS), which focuses on dynamic cross layer adaptation for optimization of the user experience in terms of perceptual quality for IPTV and VoIP services [13]. This will enrich the current IMS management functions by providing perceptual awareness to all the network layers and delivery chain nodes. A user-centric and quality-aware multimedia service delivery framework for IMS architecture has been presented in [10], which provides better end-to-end QoS. It is implemented at the session layer, completely user-driven, designed to be user-centric, and adaptable to terminal and session mobilities. In [23], the architectural roles of the SIP and Web services have been analyzed in the pre-IMS and IMS environments illustrating when the SIP and Web services are functionally competing, complementary or neutral in delivering value or in constructing wider Service Delivery Platform. In [11], Web Service SIP (WSIP), a converged communication service paradigm over IP has been presented. A WSIP node is composed of a SIP endpoint and a Web service SOAP node. The SIP endpoint communicates with the SIP world through SIP signaling while the SOAP node provides a native and generic service integration environment for binding SIP based communication with the Web services. In [12] a mobile peer-to-peer (P2P) Web-services framework is presented, which enables the creation of arbitrary P2P applications on mobile devices within the IMS. Using the Webservices framework, the end users’ terminals can share and publish a Web-service interface, which provides the capability of coupling arbitrary applications using Web-service technologies and supports the IMS infrastructure as well. The related work we have summarized could be classified into three categories: user-centric service creation, enhanced QoS and providing Web services through SIP signaling. The user-centric service creation and execution model will repel the operators for a number of reasons: loosing total control over the customers and the deployed services, revolutionary changes to the existing IMS service model, dependency on the expertise of the end users, etc. Therefore, an IMS service model that secures the interests of all three parties—the operator, SPs and the end users—is needed to build. The focus of the user-centric QoS is different from user-centric service provisioning, while the user-centricity is built around the users’ experience rather outsourcing the control to the users’ premises. Finally, receiving Web services through SIP signaling is not an applicable approach in our study and its limitation will be further illustrated in section 5.5.
4.
REQUIREMENTS
Existing IMS architecture should be extended to meet the following requirements:
• A user-centric IMS architecture must support thirdparty services offered by a SP different from the IMS core operator. Hence, it should support different administrators for the access network, the IMS core, and the application servers. 2
http://www.ict-adamantium.eu
End User
Switching
Transport
Identity Provider
Home Network PDA
Radio access network
SEG-A
IP network
Cell
IP Phone
Service
SEG-B
Za Za
Gm P-CSCF
IP connectivity access network
Mw
Service Provider Network
Za
S-CSCF
SIP Server
SEG-C
Identity store
Cx
SIP-AS ISC
Cx
UIA
HSS PfS
Identity store
USD
IMS Core A Laptop HSS: IMS: P-CSCF: PfS: S-CSCF:
Home Subscriber Server IP Multimedia Subsystem Proxy CSCF Profile Server Serving CSCF
SEG: SIP-AS: UIA: USD:
Security Gateway SIP Application Server User Identity Asserter User Subscription Database
SIP Diameter
Figure 2: SSO-enabled architecture for third-party services in IMS. • A third-party enabled IMS architecture should leave the subscription control to the end users. Hence, the SPs will implement any SIP services by researching the user demands. The users will be provided with a list of services and will have freedom to subscribe to any service given that it could be delivered using the IMS control plane and consumed using the UE’s capabilities. • New partnerships between the IMS operator and a SP will emerge due to the subscription of a third-party SP. The partnerships might be formed dynamically or out-of-band. • The existing IMS terminal or UE acts as a SIP client and lacks a number of capabilities such as searching a specific service, downloading a piece of code, running a code, etc. Therefore, a SIP client should be capable of interacting with the user possibly through a web-based user interface. • In a user-centric IMS model, the user will maintain sperate business relationships with each SP he has subscribed to. Hence, the complete user profiles will be maintained by the HSS of the home IMS domain and each SP will receive only the SP-specific user data from the HSS. This will create the need of minimizing the volume of information maintained at different places. Moreover, while sharing user information between the HSS and an SP, user privacy should be ensured and proper user consent should be taken before sharing any sensitive user data.
5.
USER-CENTRIC SERVICE PROVISION
The IMS architecture must offer third-party services to be considered as a user-centric service provision enabled. Although third-party services are not precluded in the IMS specifications (see Figure 4.2 of [4]), the detailed implementation means are not addressed. Moreover, the business relationships among the IMS core and the SPs that could emerge through this, have never been studied. Hence, we first present the IMS architecture that we previously de-
signed [21] to offer users different IMS-based services even beyond their own domain.
5.1
Third-party services in IMS
The extended IMS architecture shown in Figure 2 was designed to offer third-party services. The possibility of multiple authentication and authorization should be considered while designing an extended IMS model to support services beyond the IMS domain. A user (in a fixed or wireless network) or UE (in a cellular network) will be authenticated first by the access network. Next, using IMS-AKA, the IMS core will authenticate the UE. If the services are administered by the same operator, no further authentication is required. However, to receive third-party services, the user will have to re-authenticate and re-authorize to each SP. The architecture, shown in Figure 2, is primarily dependent on the Security Assertion Markup Language (SAML) [9] to transfer security information, and thus reduces the burden of end users and SPs with an SSO feature. We have introduced an entity named User Identity Asserter (UIA), which performs the tasks of the Identity Provider (IdP). The UIA creates and forwards necessary assertions to the SP to confirm the authentication status of the users. A User Subscription Database (USD) has been introduced as an integral entity of the HSS. In our extension, the USD maintains the user profiles that are related to external SPs. Depending on the underlying business model between the SP and the IMS home network, the USD also maintains other user-related information, such as billing, presence, etc. Given that the IMS core network primarily depends on SIP for signaling, the SP’s network must implement a SIP server entity to serve as the endpoint of the SIP calls forwarded by the UIA. It should be noted that, in Figure 2, the SIP Application Server (SIP AS) is shown as the only service that the SP is providing. However, the SP could deploy even a non-SIP service (e.g., IPTV [6]) as long as that non-SIP service could be delivered through a session established by the SIP signaling messages. Once the SP network establishes an authentication context with the UE, the user might be authorized again by the SP (e.g., in case of a prepaid service,
(IMPU, IMRI, SP)
(IMLI, IMRI, UIA) Id store
Id store Home Network (IMS core) UE
Service Portal
Service Provider Network
Identity Provider
HSS (USD)
UIA
Service Repository
SIP-Server
PfS
Operator offered 1. Establish partnership, SLA, etc. 2. Get/search services
3. Offer services
SP offered 0. Service request (SP, ICSI) 1. Establish partnership, SLA, etc. 2. Get/search services
3. Offer services 4. Subscribe service (IMPU, SP, ICSI)
8. ACK (IMPU, IMLI)
5. Update user profile (IMPU, SP, ICSI)
8. ACK (IMPU, IMLI)
6. Sh-Update (IMPU, ICSI, user profile)
7. Create (IMPU, ICSI, user profile) 8. ACK (IMPU, IMLI)
8. ACK (IMPU, IMLI) 9. Build ID Federation
9. Build Identity Federation
Update ID store
Update ID store
Figure 3: User subscription to third-party services. the user’s remaining credit will be checked before providing the service). Therefore, the SP maintains user profiles for each user. Hence, a Profile Server (PfS) will be located inside the SP’s network, which communicates with the SIP server through a secure channel. All three domains—the home network, the IdP and the SP network are connected through SEGs following the NDS/IP specification [2].
5.2
Subscription to services
In this paper, we have extended our previous IMS model by adding a service portal and a service repository at the home and the SP networks respectively. The service portal provides a comprehensive list of services provided by the IMS core and other SPs. By using the portal, the user is able to search and find an appropriate service. On the SP’s side, the service repository stores the services the SP has implemented. The subscription procedure for a third-party service is shown in Figure 3. A Service Level Agreement (SLA) plays a key role in building partnerships between the operator and an SP. An SLA defines legal relationships between the operator and an SP, and forms a partnership by binding the operator and an SP through a legal contract. It could be negotiated and established dynamically [20]. An SLA includes a wide range of information related to the service the SP is providing, such as the resources (hardware and software) to be provided, the QoS level to be maintained, the cost of pro-
viding the service, the liability to compensation if SLAs are not met, etc. A user is offered different services either by the IMS operator or directly by the SP. In case of the operator-offered services, the IMS operator establishes an SLA with an SP before offering any service. On receiving the list of services from the SP’s service repository, the operator, through the service portal, offers the users the available services. In this case, the users have less freedom and control since the operator limits the choice of the SPs from which the user can request any service. In case of the SP-offered services, the user is informed of different services through any out-of-band methods, such as mailing list, SMS, web-sites, etc. Next, the user sends a service request message that includes the SP’s identity (e.g., the URI of the SP) and the IMS Communication Service Identifier (ICSI). An ICSI uniquely identifies an IMS communication service [1]. On receiving the service request message, the operator checks if an earlier partnership had been established with the SP. Otherwise, it verifies its business policies and negotiates an SLA to establish a partnership with the SP. If the negotiation is successful and a partnership is established, the operator receives the list of services from the service repository of the SP. Next, the user is offered the available services through the portal. The SP-offered services could be classified as semi-walled garden business
Home Network (IMS core) UE
P-CSCF
1. IMS AKA
HSS
S-CSCF
1. IMS AKA
Service Provider Network SIP Server
PfS
1. IMS AKA
2. Subscription authentication using ID federation 3. INVITE (initial SDP offer)
4. INVITE (initial SDP offer) 5. Cx-Pull (user profile)
6. Service Control (authorization) 7. INVITE (initial SDP offer) 8. Cx-Pull (user profile)
9. Service Control (authorization) 10. Offer Response
10. Offer Response
10. Offer Response
Figure 4: Partial session establishment procedure. model [17] since the customers are free to enjoy any thirdparty services and contents by following the operator’s business policy and resource constraints.
authorization) without re-authenticating at the SP by providing SAML assertions which are issued by the UIA.
The user expresses his subscription interest to the portal by sending a subscribe service message that includes the IMPU of the UE, the URI of the SP and the ICSI. The portal sends a request to the HSS to update the user profile (of third-party services) maintained by the USD. The HSS sends an Sh-update message to the SIP server of the SP to create a new user profile maintained by the PfS. The PfS creates a user profile and a local identity, IM Local Identity (IMLI). The user profile is indexed with the IMLI. The PfS returns a subscription confirmation that includes the IMLI to the SIP server to forward the confirmation to the HSS. The HSS forwards the confirmation to the user.
The partial media session establishment procedure is shown in Figure 4. The IMS operator does not provide any service before authenticating and registering the UE. The IMS core authenticates the UE using IMS-AKA and the S-CSCF registers the IMPU of the UE before granting access to the IMS network. Next, using the SSO facility, the end user subscription is authenticated by the SP. The operational sequence for the SSO-enabled user authentication is explained in [14].
When necessary user profiles are created at the operator and the SP domains, the local identities of the user (i.e., the IMPU and the IMLI) could be associated using a pseudonym identifier to establish an identity federation. Establishing an identity federation is a prerequisite for an SSO-enabled architecture. The identity federation use case has been explained in [14], which takes advantage of SAML V2.0’s ability to dynamically establish a federated identity. On successful federation establishment, the UIA creates a pseudonym identifier, IM Remote Identity (IMRI), and associates the UE’s IMPU with the SP via the IMRI. An entry with (IMPU, IMRI, SP) is added to the UIA’s Id store. Similarly, at the SP’s end, an entry with (IMLI, IMRI, UIA) is added to the SIP server’s Id store. When the federation has been established, the user can access the service at the SP (with proper
5.3
Session establishment
The actual session establishment is initiated by the UE by sending a SIP INVITE message that includes the initial media description offer through Service Description Protocol (SDP) [18] to the P-CSCF. The initial SDP represents one or more media for a multi-media session. The capabilities of the terminal have impact on the SDP description in the session flow, since different terminals may support different media types (e.g., video, audio or data) and different audio and video codecs. The P-CSCF, from the registration procedure, remembers the next-hop CSCF for this UE. Hence, the P-CSCF forwards the SIP INVITE message to the SCSCF. If the user profile for this UE is not available, the S-CSCF downloads it from the USD/HSS using the Cx-Pull messages. The S-CSCF invokes the service logic to verify the authorization of the requested SDP based on the user’s subscription for requested multi-media services. Given that the SIP server of the SP domain functions similar tasks of the S-CSCF, the S-CSCF of the IMS core on successful authorization of the SDP request, forwards the INVITE message
User User Interactions
Data plane
UE Maps user input to SIP message
Service Provider GUI SIP UA
Service information/ Download code SIP Signaling
Service Portal
Service Repository
P-CSCF
SIP Server
IMS Core
Figure 5: Enhanced UE for user-centric model. to the SIP server following the S-CSCF to S-CSCF procedure specified in [4]. The SIP server retrieves the user profile from the PfS (if no such profile is available at the SIP server on that moment) and authorizes the requested SDP. On successful authorization, the SIP server responds with an answer (Offer Response message) to the S-CSCF, which contains the media stream capabilities of the SP’s SIP AS. The Offer Response message is passed to the UE along the established session path.
5.4
User profiles and privacy
Maintaining user profiles scalably and ensuring user privacy is a big challenge for a user-centric IMS model. In the present single-operator IMS model, user profiles are maintained by the HSS, a central repository for the IMS core network. The Application Servers (AS), which are under the control of the IMS core operator, receive required user information (e.g., a service-specific service profile of the user profile) from the HSS through a secured intra-operator interface (Sh). However, in case of a third-party enabled IMS model, the number of places that user profiles are maintained will grow each time the user subscribes to a service from a new SP. A user profile is created at the PfS of a SP when for the first time a user subscribes to a service. The PfS receives user information from the HSS/USD through the SIP server of the SP. Although, there is no direct interface between the HSS and the SIP server of the SP (see Figure 2), we could assume a virtual Sh-type interface exists between these two entities. The SP network may also request for user’s attribute(s) by sending SAML queries to the UIA. The HSS retrieves user information from the USD and supplies it to the UIA, which sends SAML responses to the SIP server. To minimize the volume of the information maintained by the PfS, the HSS provides only the servicespecific user information. The proposed model has provisions for ensuring user privacy and consent while the user subscribes to a third-party service and the identity federation is established. The HSS will supply user information to the SIP server and also respond to SP network queries that are strictly limited to the user’s subscription. The domain of such queries should be defined under the SLA between the IMS core and the SP network. Moreover, by using pseudo identifier for account linking, the
user’s real identity (e.g., name, email address, etc.) is never revealed to the SP network and the user’s anonymity could be achieved. Moreover, an identity federation will only be built with proper user consent and user consent should be taken before sharing any private or sensitive information of the user with the SP in case the information sharing policies are not clearly stated in the SLA of the IMS core and the SP.
5.5
Terminal implications
The UE is the IMS-capable terminal used by the subscriber to access IMS services. It contains the SIP User Agent (UA) that generates and terminates SIP messages on the user’s behalf. SIP is a text-based protocol for establishment, control, and finalization of sessions between endpoints and also for control of the media channels between them. Although SIP is a simple, yet powerful signaling protocol, it supports a limited user interface and fails to extend the terminal’s side capabilities by downloading a piece of code on the fly. The solutions presented in [11, 12] focus on providing Webservices by establishing SIP sessions. Hence, a SIP-based control plane will be used to deliver Web-services and not necessarily IMS/SIP services. Therefore, these types of approaches are not suitable for our study. The detailed guideline for the implementation of user-centric UEs are outside the scope of this paper. We have depicted the important components of the UE and their interactions with the IMS core and the SP networks in Figure 5. A UE should be equipped with rich Graphical User Interfaces (GUI) (e.g., a Web-based GUI) while acting as a SIP UA as well. Hence, a Web-based interface integrated with a SIP UA should be implemented at the users’ terminals. The GUI communicates with the service portal at the IMS core network, which receives service related information from the SP’s service repository. The SIP UA communicates with the P-CSCF of the home network using standard SIP signaling. The GUI sits in between the user and the SIP UA and maps user’s responses to the appropriate SIP massages and vise versa. The enhanced UE must be able to dynamically extend the code base unlike what is provided by the current 3G terminals. Any user request to download a piece of code from a third-party SP must be forwarded to the IMS operator by the GUI. The IMS operator scrutinizes the request and ap-
proves the request according to its resource limitations and the capabilities of the UE. This will also protect the IMS operator and the UE from experiencing any vulnerabilities generated by a malicious downloaded code.
6.
CONCLUSION AND FUTURE WORK
We have presented a user-centric service provisioning approach for IMS. The third-party services enabled IMS model that we previously designed has been successfully applied to provide better user control and emerge new business models. Our user-centric IMS model benefits all three parties: users, SPs and network operators. Users can fulfill their appetite for third-party services while using the IMS control plane for session establishment and maintenance; the SPs can implement a wide range of IMS/SIP services without any investment on IMS core network implementation and maintenance and the operators may seeing new forms of business partnerships with the SPs. In future work, we would like to explore the terminal implications by integrating Web-based GUIs and SIP UA. Finally, we will implement our model by extending the available open source implementations of IMS/SIP.
Acknowledgement The work described here is part of a deliverable to a project funded by Bell Canada through its Bell University Laboratories R&D program. S. Islam acknowledges the support of Qu´ebec Government, through its Fonds Qu´eb´ecois de la Recherche sur la Nature et les Technologies (FQRNT) Postdoctoral Scholarship program.
7.
REFERENCES
[1] “3rd Generation Partnership Project; Technical Specification Group Core Network and Terminals; IP Multimedia (IM) session handling; IM call model; Stage 2”. 3GPP TS 23.218 V8.4.0, Dec. 2008. [2] “3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; 3G Security; Network domain security; IP network layer security”. 3GPP TS 33.210 V8.1.0, Oct. 2008. [3] “3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; Access security for IP-based services”. 3GPP TS 33.203 V8.3.0, Jun. 2008. [4] “3rd Generation Partnership Project: Technical Specification Group Services and System Aspects; IP Multimedia Subsystem (IMS), Stage 2”. 3GPP TS 23.228 V8.5.0, Jun. 2008. [5] “3rd Generation Partnership Project: Technical Specification Group Services and System Aspects; Service requirement for the 3GPP Generic User Profile (GUP); Stage 1”. 3GPP TS 22.240 V8.0.0, Dec. 2008. [6] “Telecommunications and Internet converged Services and Protocols for Advanced Networking (TISPAN); IPTV functions supported by the IMS subsystem”. ETSI TS 182 027 Ver. 3.0.2, Jul. 2008.
[7] “Telecommunications and Internet converged Services and Protocols for Advanced Networking (TISPAN); NGN Functional Architecture”. ETSI ES 282 001 V2.0.0, Mar. 2008. [8] The 3rd Generation Partnership Project (3GPP). http://www.3gpp.org/. [9] “Security Assertion Markup Language (SAML) V2.0 Technical Overview”. OASIS Committee Draft 02, Mar. 2008. [10] C. Balakrishna and K. Al-Begain. “Towards a User-Centric and Quality-Aware Multimedia Service Delivery Implementation on IP Multimedia Subsystem”. In Proc. of the First International Conference on Next Generation Mobile Applications, Services and Technologies (Oct. 2007). [11] F. Liu, et al. “WSIP – Web Service SIP Endpoint for Converged Multimedia/Multimodal Communication over IP”. In Proc. of the 11th International Conference on Intelligence in Service Delivery Networks (July 2004), pp. 690–697. [12] G. Gehlen, et al. “Mobile P2P Web Services using SIP”. Mobile Information Systems 3, 3, 4 (2007), 165–185. [13] H. Koumaras, et al. “Perceptually Enabled and User Centric IMS Architecture: The ADAMANTIUM Project”. In Proc. of Telecommunications and Multimedia (July 2008). ´goire and S. Islam. “An SSO-Enabled [14] J.-Ch. Gre Architecture for Beyond the IMS Domain Services”. Submitted to the 6th International Workshop on Next Generation Networking Middleware. [15] J. Rosenberg, et al. “SIP: Session Initiation Protocol”. RFC 3261, June 2002. [16] J.C. Yelmo, et al. “A user-centric service creation approach for Next Generation Networks”. In Proc. of the IEEE International Conference on Web Services (May 2008), pp. 211–218. [17] J.C. Yelmo, et al. “Privacy and data protection in a user-centric business model for Telecommunications services”. In Proc. of The Future of Identity in the Information Society (June 2008), pp. 447–461. [18] M. Handley, et al. “SDP: Session Description Protocol”. RFC 4566, June 2006. [19] P. Calhoun, et. al. “Diameter Base Protocol”. RFC 3588, Sept. 2003. [20] P. Hasselmeyer, et al. Implementing an SLA Negotiation Framework. In Proc. of the eChallenges Conference (2007), pp. 154–161. ´goire. IMS Deployment [21] S. Islam and J.-Ch. Gre Challenges: Services Beyond the IMS Domain. Submitted to IEEE Communications Magazine (2008). [22] S. Issaeva. “Walled Gardens and Open Models: IMS Business Models for an Applications-centric World”. White Paper, Pyramid Research. [23] W. Zielinski. “Competing or Complementary: SIP and Web technologies in migration to NGN”. In Proc. of the 11th International Conference on Intelligence in Service Delivery Networks (Oct. 2007).
