The present invention is directed generally to facilitating communications in packet-switched networks, and is directed more specifically to identity management in the IMS (3GPP IP (Internet protocol) multimedia subsystem) context in a manner that enables anonymous access by users to 3rd party application servers.
There are many types of communications networks, and they are used for a variety of purposes. Voice networks have been in place for some time in the form of the familiar PSTN (public switched telephone network) and, more recently, PLMNs (public land mobile networks) for mobile users. Each of these is, generally speaking, a circuit-switched network where a dedicated circuit is set up between a calling party and a called party for the duration of the call. In a packet-switched network, by contrast, information to be communicated is divided into small packets that are individually addressed and sent through a series of interconnected components such as routers and servers until they reach their destination where they are reassembled. These types of networks were developed chiefly for interconnecting computers or computer networks. Packet-switched networks may be relatively small, such as a LAN (local area network) or vast, as is the case with the well-known Internet. The Internet is actually a collection of computer networks that are linked together so that they can communicate with each other. Naturally, for this to be possible each of these networks must use a common set of rules for assembling and transmitting information packets. A basic set of rules enabling Internet communications is referred to as the IP (Internet protocol).
Components of communication networks are themselves also configured and operated according to standard protocols that have been (and continue to be) developed and promulgated by standard-setting bodies. On such group is the 3GPP (3rd Generation Partnership Project). 3GPP has, for example, promulgated standards for a new network architecture known as IMS (IP Multimedia Subsystem). IMS is an architectural framework for delivering multimedia content for mobile users. Multimedia, as its name implies, includes traditional voice and data communication as well as streaming audio and video or a combination of all of these. The IMS architectural framework is directed to session and connection control services as well as application services. It is an effort to collectively define all IP-based wireless services such as voice and data as well as signaling and control. A brief overview of an IMS network follows.
FIG. 1 is a simplified block diagram illustrating a network 100 including selected components related to operation of an IMS, in which embodiments of the present invention may be advantageously implemented. Network 100 includes an AS (application server) 105 connected to application 110 and HSS (home subscriber server) 115. Application servers provide services related to IMS communications and interface with the applications 110 themselves. Note that although this depiction of the IMS architecture shows a single AS and application, in reality of course there are many such devices in the communication network. The HSS 115, typically associated with a mobile user's home network (or domain), and maintains information useful to the IMS such as subscriber profiles and current location. These components are considered to be part of the application and services layer of the IMS architecture.
The application and services layer interfaces with an IMS layer using SIP (session initiation protocol) control signaling. Specifically, the AS 105 and the HSS 115 communicate with the CSCF (call session control function) 120 to perform such functions as setting up and terminating communication sessions. CSCF 120 is part of the IMS layer, and is actually representative of the P-CSCF (proxy-CSCF) 122, the ICSCF (interrogating-CSCF) 124, and the S-CSCF (serving-CSCF) 126. Generally speaking, the S-CSCF 122 interfaces directly with the AS 105, while the P-CSCF 126, which may be in a user's home network or in a visited network, is the proxy server that initially directs user call toward their target destination. Also shown in the IMS layer of FIG. 1 is a GW (gateway) 140, which allows the IMS to communicate with outside networks such as 3rd party network 150. As used herein, “3rd party network” is a general term for describing networks and entities outside of a particular user's home domain these “outside” entities may or may not be “trusted”, that is, have an established and verifiable relationship with the home network.
The access layer of an IMS network enables mobile users to access the services offered via the IMS. In FIG. 1 the access layer is represented by access networks 130, which include for example cellular networks and WLANs (wireless LANS). Access networks 130 typically interface with the CSCF 120 via a packet-switching IP network (not shown). UE (user equipment 135 represents the mobile device carried by a network subscriber.
When a user seeks the services offered by an AS, the UE 135 establishes contact with an access network 130, and a communication session is established. When the AS is in the user's home domain, as with AS 105, access will be permitted (or denied) based on the home network's security procedures. At times, however, a user will wish to establish a call to an AS outside of the home domain, for example thorough GW 140 to 3rd party network 150. If accomplished in the same manner as home-domain access, some concerns arise. The outside AS in 3rd party network 150 may not be known to the home domain or “trusted”, and providing it with the identity of the user of UE 135 during the communication session may enable it to later contact the user for purposes that may be undesirable or even malicious. The outside AS may, for example, send unwanted advertising or surveillance programs to the UE 135, or attempt to ‘steal’ the user from the home network. According to existing IMS procedures, however, the user identity is provided to the AS so that, among other reasons, the outside AS may address return messages to the user.