1. Field of the Invention
The present invention relates to a security server for use in a telecommunications network, a network processing element, a telecommunications network and a method of performing a security check on a message incoming to a telecommunications network.
2. Description of the Related Art
It is known to provide a wireless telecommunications network across which two users of mobile equipment can communicate, or a mobile user can communicate with a fixed location user by transfer of a signal from the wireless network to a land line. One known type of wireless communications network is the 3rd Generation Partnership Projects (3GPP) system which is currently being brought into use around the world. This network is known as the Universal Mobile Telecommunications System (UMTS) and one advantage that it has over previous wireless network standards is that it allows far faster rates of data transfer using a packet-switched (core) network (PS-CN) in addition to voice transfer over a circuit-switched (core) network (CS-CN). The PS-CN can connect to the Internet and the CS-CN can connect to the Public Switched Telephony Network (PSTN) and the Integrated Digital Services Network (ISDN).
In practice, the CS-CN functionality is achieved via a subsystem called the IP Multimedia Subsystem (IMS) in the PS-CN. The IMS can connect to an IP based network such as the Internet to provide services such as Voice over IP. The signaling protocol used between user equipment (UE) such as mobile telephones and the IMS and between components of the IMS is the Session Initiation Protocol (SIP). This protocol has user registration (e.g. location and communication capability), addressing and routing capabilities.
One important set of components within an IMS network is the Call Session Control Functions (CSCF). These perform a server service in that they process signals and control a wireless user's session, as well as performing an address translation function and handling of subscriber profiles. If a user is in the home network, the network is accessed via the Serving-CSCF (S-CSCF), and this server provides session control and other services for the user. If the user is roaming, the local network in the roaming location is accessed via a Proxy-CSCF (P-CSCF) which provides local control and services for the user as well as being in contact with the user's S-CSCF. The S-CSCF and if necessary the P-CSCF also perform a billing function. It is usual to have a number of S-CSCFs within an IMS network.
A further type of CSCF is an Interrogation CSCF (I-CSCF). The I-CSCF is the first point of contact within a home network for an access by a visiting user. It is arranged to communicate with the Home Subscriber Server (HSS), which holds subscriber account information and subscriber location information. The I-CSCF is set up to perform load balancing within the S-CSCFs using information provided by the HSS. Since it provides a single point of entry into the network for users from other networks, it is often used as a means to prevent operators of other networks from knowing the specific structure of the IMS network.
A problem that arises with the type of network described above is that messages arriving at the I-CSCF from outside the IMS network are not necessarily from a reliable source. Since the I-CSCF works in conjunction with the HSS it is a simple matter to determine whether an incoming message is from a user identified as having details held in the HSS or who is a subscriber to another network with which the IMS network has roaming agreements. If the message is not from such a user then access to the network can be restricted, for example by not providing any services which need to be paid for by the user unless payment is taken up front. However, a specific problem arises with messages that apparently do originate from a network subscriber listed in the HSS.
When a user attempts to access the network from outside the network, a message is sent to the network which includes an identification of the requesting user. This identification is checked by the I-CSCF in conjunction with the HSS as explained above. Many user identifications are publicly-known, so that an unauthorized user can adopt a publicly-known identification when making an access request to the network. If this publicly-known identification belongs to a subscriber of the network, even though it is determined that a user of that identity is a subscriber to the network, the access is in fact not being requested by that subscriber. Consequently the unauthorized user gains access to the network and furthermore gains access to the account of the subscriber whose identification is being adopted. Such an unauthorized user could thus use the subscriber's account and run up a significant bill without the subscriber being aware of this, perhaps until the subscriber's next monthly bill is received.
In a similar manner an unauthorized user could use an identity of a subscriber to another network who would be permitted to use the network in view of a roaming agreement between the two networks.
It would be desirable to provide a telecommunications network in which the likelihood of unauthorized access using publicly-known subscriber identifications is minimized.