1. July 31, 2006 Page 1 3GPP2 MMD Status Jack Nasielski jackn@qualcomm.com

2. July 31, 2006 Page 2 Outline IP Multi-media Subsystem (IMS)/ Multi-Media Domain (MMD) –Background and Overview –IMS Network Architecture –3GPP/PP2 differences –Status of MMD work, current and future Bonus material –SIP Overview »SIP Functions »SIP Messages –References NB : MMD is IMS + Packet Data Subsystem

3. July 31, 2006 Page 3 IMS/MMD Background Goals –Operator cost saving (CAPEX & OPEX) –Flexible, fast service creation –Independence of access technology –Re-use IETF protocols (SIP/SDP/RTP/Diameter/etc.) 3GPP IP Multimedia Subsystem (IMS) –First All-IP Workshop in February 2000 –IMS developed in 3GPP Release 5 and 6 –Now working on Release 7 3GPP2 Multi-Media Domain (MMD) –Formed All-IP ad hoc group in 1999 –Published MMD Rev 0 in December 2003 –Published MMD Rev A in November 2005 –Now wrapping up MMD Rev B, starting Rev C PP/PP2 agreed to “harmonize” at OHG workshop in April 2002

4. July 31, 2006 Page 4 IMS is standardized in 3GPP, 3GPP2, ETSI TISPAN, CableLabs, and ITU-T (NGN) IMS defines a framework for delivering multimedia services over IP (Internet Protocol) Framework provides following Architecture (Defines Functional Entities and Interfaces) Security (Authentication, Authorization, Integrity Protection) Accounting (Offline, Online) Application Server Architecture IMS claims to be Access Network Agnostic Single IMS core can support devices on different access networks e.g. cdma2000, WLAN, WCDMA, cable-modem etc. Introduction to IMS (1)

5. July 31, 2006 Page 5 Introduction to IMS (2) Uses protocols defined by IETF –e.g., Session Initiation Protocol (SIP), Session Description Protocol (SDP), Diameter IMS defines a number of services –Services are delivered over IP –End to end IP between AT (or UE) and network Enables interaction of dissimilar user devices. Facilitates convergence of multimedia services, such as gaming, messaging, and voice.

6. July 31, 2006 Page 6 MMD (Multimedia Domain) Standardized in 3GPP2 Consists of following: –IMS (IP Multimedia Subsystem) –Packet Data Subsystem 3GPP2 IMS –3GPP IMS with added flexibility –Supports alternate authentication schemes –Access network specific changes –Single radio voice call continuity

7. July 31, 2006 Page 7 The IMS Network: Access Agnostic Residential Cable or DSL Network Residential Voice Network Enterprise IP Network 802.11/802.16 IP Network Circuit Switched Mobile Network Packet Switched Mobile Network IMS Application Servers P/S/I-CSCF Media Gateway HSS

8. July 31, 2006 Page 8 IMS Home Network Concept IP Network IMS Application Servers S-CSCF Media Gateway HSS Signaling traffic routed via user’s home network to provide the same experience when roaming. Bearer traffic routing may or may not go through the home network. Transcoding occurs only when necessary.

9. July 31, 2006 Page 9 Basic IMS Elements (1) P-CSCF HSS I-CSCFS-CSCF Visited or Home Network AS AS AS Backbone Packet Network Backbone Packet Network Access Serving CSCF Allocates resources Maintains session states Queries AAA/HSS Performs session processing and charging processing H-PCRF provides QoS and charging rules Interrogating CSCF Entry point to IMS, for incoming calls Assigns S-CSCF for users Masks network topology from external networks Proxy CSCF Initial entry point for user Access security Routes to I/S-CSCF Performs SIP compression V-PCRF controls local policy; interacts with H-PCRF Home Subscriber Server Centralized DB HLR successor User profile & filter criteria Application servers (e.g.) Push-to-talk Instant messaging Telephony AS Other 3 rd party AS Media Resource Function Controller Controls MRFP (and charging processing) MRFC Call Session Control Function SIP registration SIP session control Home Network MRFP Media Resource Function Processor Tone & Announcement Play back Conference Bridges V-PCRFH-PCRF

10. July 31, 2006 Page 10 Basic IMS Elements (2) Calling Party Visited Network Calling Party Home Network UE P-CSCF HSS S-CSCFBGCFMGCF MGW PSTN/ PLMN H.248 SIP ISUP AS DIAMETER Backbone Packet Network RAN RTP Stream PCM Breakout Gateway Control Function Selects network in which PSTN breakout occurs and the appropriate MGCF Media Gateway Control Function Translates between session based IP signaling and ISUP for session control. Media Gateway Provides an interface between the packet switched core network and the circuit switched PSTN for user traffic.

11. July 31, 2006 Page 11 IMS Services (1) Voice Over IP (VoIP) –Voice call continuity between IMS (VoIP) and Circuit Switched (CS) domains –Call delivery over IMS and CS using single DN –Inter-working with PSTN Video Telephony –Voice and Video services Presence Service –Allows exchange of presence information between users SMS delivery over IMS

12. July 31, 2006 Page 12 IMS Services (2) Push to Talk Over Cellular (PoC) –Walkie-talkie like service on cell phones Messaging –Pager-mode messaging, Session-based messaging Conferencing –Set up multi-media conferences –Conference management »Create conference, Add participants, Delete participants etc Group Management –E.g, buddy list management for Presence, PoC

13. July 31, 2006 Page 13 IMS User Identification Private User Identity –Assigned by the home network operator to identify an IM subscription (one per subscription) –Used for registration, authentication, administration, and accounting –Not used for routing SIP messages –In the form of Network Access Identifier as defined in RFC 2486 –Eg: alice@atlanta.com Public User Identity –A subscriber may have one or more public user identities. –Used to address the user for establishing communication –In the form of SIP URL or E.164 number –Eg: sip:alice@atlanta.com or tel:+18586514444 –(a public user ID may also be shared between private user IDs)

14. July 31, 2006 Page 14 Steps in IMS Registration

15. July 31, 2006 Page 15 Control Bearer Called Party Visited Network Called Party Home Network Calling Party Home Network Calling Party Visited Network UE P-CSCF HSS S-CSCF SIP Diameter UE P-CSCF AS HSS S-CSCF SIP AS SIP Diameter I-CSCF Diameter DNS Backbone Packet Network RAN Backbone Packet Network RAN Initiate SIP Invitation 1 1 Retrieve Subscriber Profile (if needed) 2 2 3 3 Apply Service Logic Retrieve Address of CLD Party Home Network and Forward INVITE. 4 4 Identify Registrar of CLD Party and Forward INVITE. 5 5 Retrieve Subscriber Profile (if needed) 6 6 7 7 Apply Service Logic Forward INVITE to CLD Party 8 8 SDP Negotiation / Resource Reservation Control 9 9 RTP Stream Ringing / Alerting 10 Answer / Connect 11 Mobile to Mobile Session Setup RTP Stream 12 Session Active

16. July 31, 2006 Page 16 IMS Security Visited Home HSS P -CSCF 1. REGISTER I -CSCF 1. REGISTER S -CSCF 1. REGISTER 4. Protection of all further SIP signalling using agreed session key between mobile and P-CSCF 2. Mutual authentication and session key agreement 3. Session key distribution from S to P-CSCF 1. REGISTER & Authentication vector distribution

17. July 31, 2006 Page 17 Policy Control Service-Based Bearer Control (SBBC) –Bearer QoS authorization and charging control at PDSN based on IMS service authorization –Tx interface connects the Policy and Charging Rules Function (PCRF) to an Application Function (e.g., P-CSCF) that is responsible for application level service decisions –Ty interface connects the PCRF to the AGW (e.g., PDSN) that is responsible for bearer resources policy enforcement. –Part of MMD Rev B. To be enhanced for Rev C (e.g., extend Ty to Packet Data Interworking Function (PDIF) for WLAN access)

18. July 31, 2006 Page 18 3GPP/3GPP2 IMS/MMD Differences

19. July 31, 2006 Page 19 IMS in 3GPP/PP2

20. July 31, 2006 Page 20 3GPP IMS Releases 3GPP IMS Release 5, 6 complete; Release 7 in progress IMS Release 5 – IMS Registration, routing and call flows, Security Architecture, Accounting (Offline and Online Charging), Application Server Architecture IMS Release 6 – Presence, Conferencing, Messaging, Flow based charging (Gx and Rx), Group management, Early IMS (security + IPv4 support), Interworking non-IMS, Service based local policy (Gq interface) IMS Release 7 –CSI - combination of CS and IMS services (parallel operation of a CS service and an IMS session between the same two users), FBI – IMS over fixed broadband, VCC – Voice Call Continuity, PCC – Policy and Charging Control, Emergency Services

21. July 31, 2006 Page 21 3GPP2 MMD Releases 3GPP2 MMD Rev 0, A complete, Rev B in progress MMD Rev 0 –Basic IMS as in Rel 5, SIP/SDP procedures, security, offline charging, service architecture MMD Rev A –Adds Presence, Conferencing MMD Rev B –Includes Optimized call flows, Service Based Bearer Control (QoS mappings), VoIP/1x call delivery and handoffs, online charging, messaging

22. July 31, 2006 Page 22 3GPP/PP2 differences 3GPP IMS and 3GPP2 MMD are very similar except for some differences noted in the next few slides The differences are essential for deploying IMS over CDMA-based 3GPP2 systems. –Access network specific changes The differences do not affect interoperability between 3GPP and 3GPP2 systems.

23. July 31, 2006 Page 23 IMS Technical Differences (1) Access Security –3GPP IMS mandates IPsec between UE and P-CSCF for integrity protection »3GPP2 allows for P-CSCF and UE to negotiate other security mechanisms using RFC 3329 (like ipsec-ike, tls, digest etc) –3GPP IMS mandates using AKA for authentication between S-CSCF and UE »3GPP2 allows for alternate authentication mechanisms like Digest

24. July 31, 2006 Page 24 IMS Technical Differences (2) Smart Cards –3GPP IMS terminals have smart cards (UICC) »USIM (UMTS SIM), ISIM (IMS SIM) applications –3GPP2 IMS does not require a UICC »IMS information can be stored in UE or R-UIM. –3GPP2 now supports UICC + ISIM for operators that choose that method.

25. July 31, 2006 Page 25 IMS Technical Differences (3) Temporary Public/Private Identifiers –3GPP creates temporary Public/Private IDs to support terminals without ISIM application. –MMD Rev 0 (first release of MMD) does not support temporary IDs –MMD Rev A supports temporary IDs »The method of generating these ID’s is different between 3GPP and 3GPP2 E.212 vs MIN based IMSIs. Anchored internet access point –In 3GPP, the GGSN is anchored for a given session. –In 3GPP2, the PDSN may change.

26. July 31, 2006 Page 26 IMS Technical Differences (4) HSS (Home Subscriber Server) vs AAA –In 3GPP2 IMS, AAA + databases represent an HSS. –Also in 3GPP2 IMS, HSS is used only for PS domain. –In 3GPP, HSS is used for both PS & CS domains. P-CSCF Discovery procedures –3GPP2 supports static configuration and DHCP for P-CSCF discovery –3GPP Rel-5 supports P-CSCF discovery through DHCP and PDP context activation. IMS Rel 5, 6, 7 roughly equivalent to MMD Rev 0, A, B respectively.

27. July 31, 2006 Page 27 Other Access Specific Info P-Access-network-Info –UE includes CDMA specific information in P-Access-network-info P-Access-network-charging-info –Included by P-CSCF –Contains access network specific information for charging HRPD-VoIP to 1X-CS interworking –Behavior specific to 3GPP2 systems –3GPP assumes dual-RF chain –3GPP2 allows architectures with both single-RF and dual-RF »(dual radio for WLAN/HRPD)

28. July 31, 2006 Page 28 Current Projects in 3GPP2 MMD X.P0013 MMD Rev B –Service Based Bearer Control (SBBC) –Optimized call flows »Optimize resource reservations to speed session setup »Show QoS procedures in PDSN and RAN Based on IS-856-A, IS-835-D AT can pre-configure QoS reservations for SIP and RTP flows –Online Charging –Messaging X.P0027 Presence X.P0029 Conferencing X.P0042 VoIP/1x interworking (voice call continuity) X.P0048 SMS over IMS X.P0049 MMD Emergency Calling

29. July 31, 2006 Page 29 New Projects in 3GPP2 MMD Security Enhancements Policy Enhancements Roaming MMD Rev C (under discussion) WLAN/HRPD VoIP/VoIP handoffs (current)

30. July 31, 2006 Page 30 3GPP2 Security Enhancements For both Multi-Media Domain and packet data network security. TSG-S will develop security requirements and the security architecture to support the following: –Methods to reuse authentication results to bootstrap keys for SIP and non-SIP applications. –Methods to detect security problems in the network –Methods to remediate problems, whether in network nodes or end- user devices –Ability to update security software on devices when required –Ability to distribute security policies throughout the system. IETF is developing some of the protocols needed for this.

31. July 31, 2006 Page 31 MMD Policy MMD Rev B defined Service Based Bearer Control (SBBC) which enables an operator apply policy to SIP services, and to provision flow based charging rules at the PDSN. SBBC provides the mapping between application layer signaling and resource management in the RAN via the Tx/Ty interfaces. SBBC is somewhat limited however, in that the PDSN is the only policy enforcement point. New work item expands the scope of MMD policy –to include overall coordination of network resource usage (for SIP and non-SIP applications) –to enable policy exchange with other operators for roaming subscribers.

32. July 31, 2006 Page 32 MMD Roaming Inter-operator roaming architecture and protocols to allow MMD operators to provide services to their customers roaming on other networks. Includes IMS and PDS aspects. The MMD system will provide home operator control of MMD services. It is expected that all bearer traffic is not required to be routed via the home system. This will allow for low latency of real time traffic in the visited system. This work item will result in a technical report or specification on MMD roaming.

33. July 31, 2006 Page 33 Bonus Material

34. July 31, 2006 Page 34 SIP Overview Internet Multimedia Protocols and Services –SIP Fundamentals –Multimedia Stack SIP Operations –SIP Trapezoid –SIP Session Establishment –Wireline vs. Wireless SIP Usage SIP Messages –SIP Methods –SIP Response Codes –SIP Message Headers and Bodies.

35. July 31, 2006 Page 35 SIP Fundamentals Application Layer Signaling Protocol Client-Server protocol Used to Establish, Modify & Terminate Multimedia sessions Part of Internet Multimedia architecture Can use TCP, UDP, SCTP, TLS etc Can run on IPv4 and IPv6 Based on HTTP –Similar text based structure –Uses URIs (Uniform Resource Identifiers) Eg: sip:alice@atlanta.com

36. July 31, 2006 Page 36 Multimedia stack

37. July 31, 2006 Page 37 Example Services Enabled by SIP Value-added telephony services Real-time multimedia communication Multimedia conferencing, gaming, and work sharing Personal mobility between different terminals and networks Presence and Instant Messaging 3 rd party call control Flexible service creation environment IP-based video streaming Computer-Telephony Integration (CTI)

38. July 31, 2006 Page 38 SIP Trapezoid Calling User Agent Called User Agent Outbound SIP Proxy Inbound SIP Proxy Location Service DNS Server Media Flow Signaling Flow

39. July 31, 2006 Page 39 Sample SIP Call Flow

40. July 31, 2006 Page 40 SIP Session Establishment User location –determination of the end system to be used for communication; User availability –determination of the willingness of the called party to engage in communications; Terminal capability negotiation –determination of the media and media parameters to be used; Session setup –"ringing", establishment of session parameters at both called and calling party; Session handling –including transfer and termination of sessions, modifying session parameters, and invoking services.

41. July 31, 2006 Page 41 Example INVITE message INVITE sip:user2_public@home2.net SIP/2.0 Via: SIP/2.0/UDP [5555::aaa:bbb:ccc:ddd]:1357;comp=sigcomp;branch=z9hG4bKnashds7 Max-Forwards: 70 Route:, P-Preferred-Identity: "John Doe" P-Access-Network-Info: 3GPP-UTRAN-TDD; utran-cell-id-3gpp=234151D0FCE11 Privacy: none From: ; tag=171828 To: Call-ID: cb03a0s09a2sdfglkj490333 Cseq: 127 INVITE Require: precondition, sec-agree Proxy-Require: sec-agree Supported: 100rel Security-Verify: ipsec-3gpp; q=0.1; alg=hmac-sha-1-96; spi=87654321; port1=7531 Contact: Content-Type: application/sdp Content-Length: (…) v=0 o=- 2987933615 2987933615 IN IP6 5555::aaa:bbb:ccc:ddd s=- c=IN IP6 5555::aaa:bbb:ccc:ddd t=907165275 0 m=video 3400 RTP/AVP 98 99 m=audio 3456 RTP/AVP 97 96 0 15

42. July 31, 2006 Page 42 Wireline vs. Wireless SIP Usage Wireline SIP assumptions –High processing power –Easily upgraded –Bandwidth plentiful Wireless terminal properties –Limited processing power –Limited bandwidth SIP characteristics –Large messages, with text encoding –Chatty message exchanges –Favoring generality and modularity over efficiency SIP adaptation for wireless terminals –SIP message compression –Service implementation on SIP servers –Use of SIP proxy servers instead of SIP redirect servers.

43. July 31, 2006 Page 43 SIP Methods INVITEUsed for Session Setup ACKAcknowledgement of final response to INVITE BYESession termination CANCELPending session cancellation REGISTERRegistration of user’s URL OPTIONSUsed to query options and capabilities INFOMid call signaling support PRACKProvisional response acknowledgement REFERTransfer user to a URL SUBSCRIBERequest notification of event NOTIFYTransport of subscribed event notification MESSAGETransport of instant message body UPDATETo update session states.

44. July 31, 2006 Page 44 SIP Response Codes 1xxInformational –Request received, continuing to process the request. 2xxSuccess –The action was successfully received, understood, and accepted. 3xxRedirection –Further action needs to be taken in order to complete the request. 4xxClient Error –The request contains bad syntax or cannot be fulfilled at this server. 5xxServer Error –The server failed to fulfill an apparently valid request. 6xxGlobal Failure –The request cannot be fulfilled at any server.

45. July 31, 2006 Page 45 SIP Message Headers and Bodies Requests and Responses consist of multiple headers and values Common headers present in all requests and responses –From logical call source –Tological call destination –Call-IDglobally (time, space) unique call identifier –CSeqrequest sequence number within a call leg –Viarecords route of SIP request, for routing the response Other headers present as needed (many) –Examples: »Contactindicates location of redirection »Record-Routeforces routing through a proxy for subsequent requests »Routeforces routing for a request through a specified path »Content-Typespecifies the Internet media type in message body »Content-Lengthindicates the number of octets in message body SDP (Session Description Protocol) –Describes multimedia sessions –Carried as message body in SIP messages

46. July 31, 2006 Page 46 SIP Functions in IMS User Agent –Application that sends and receives INVITE –Allocated to User Equipment (UE) Proxy –Intermediary program that makes requests on behalf of other clients –Allocated to CSCFs Registrar –Server that accepts REGISTER requests and updates location server –Allocated to S-CSCF Location Service –Maintaining SIP user’s contact information –Allocated to Home Subscriber Server (HSS) Authentication and Authorization –Mutual authentication between the user and the network –Allocated to UE, S-CSCF, and Home Subscriber Server (HSS)

47. July 31, 2006 Page 47 SIP Applications Setting up Voice-Over-IP calls Setting up multimedia conferences Event Notifications (Presence) Text and general Messaging Signaling Transport IPTV?

48. July 31, 2006 Page 48 3GPP2 MMD Stage 1 & 2 Documents Stage 1 and Overview Documents –S.R0037 IP Network Architecture Model for cdma2000 Spread Spectrum Systems –X.S0013-000 IP Multimedia Domain - Overview document Stage 2 Documents –X.S0013-002 IP Multimedia Subsystem (IMS) (based on TS 23.228) –X.S0013-003 IP Multimedia (IM) session handling; IM call model (based on TS 23.218) –X.S0013-007 Accounting Architecture (based on TS 32.240) –X.S0013-005 IP Multimedia (IM) Subsystem Cx Interface; Signaling flows and message contents (based on TS 29.228) –X.S0013-010 IP Multimedia Subsystem (IMS) Sh Interface signaling flows and message contents (based on TS 29.328) –X.P0013-012 MMD Service Based Bearer Control

49. July 31, 2006 Page 49 MMD Documents Stage 3 Documents –X.S0013-004 IP Multimedia Call Control Protocol based on SIP and SDP; (based on TS 24.229) –X.S0013-006 Cx Interface based on the Diameter protocol; Protocol details (based on TS 29.229) –X.S0013-008 Telecommunications management; Accounting management; Accounting data description for the IMS domain (based on TS 32.260,.298,.299) –X.S0013-011 Sh interface based on the Diameter protocol (based on TS 29.329) –X.P0013-013 MMD Service Based Bearer Control – Stage-3 for Tx Interface –X.P0013-014 MMD Service Based Bearer Control – Stage-3 for Ty Interface –X.P0013-015 IP Multimedia Subsystem; Online Charging System (based on same specs as part 008) –X.P0013-016 Messaging Service Security Documents –S.R0086-A Multimedia Domain Security Framework (based on TS 33.203) Access network Specific Documents –X.S0011-D Wireless IP Network Standard.

50. July 31, 2006 Page 50 Other MMD Documents X.P0027 Presence X.P0029 Conferencing X.R0039 Packet Switched Video Telephony X.P0042 VoIP/1x interworking (voice call continuity) X.P0048 SMS over IMS X.P0049 MMD Emergency Calling.