ATIS PTSC
October, 2016
Arlington, VA
Contribution
TITLE:NS/EP NGN-GETS Use Casesfor SHAKEN
SOURCE*:Applied Communication Sciences
ISSUE NUMBER:
______
Abstract
This contribution proposes NS/EP NGN-GETS Use Cases for SHAKEN.
______
1Introduction
This contribution discusses NS/EP NGN Priority Service (NGN-PS) use cases for SHAKEN.
2Discussion
Use of SHAKEN will need to take into consideration support of National Security / Emergency Preparedness Next Generation Priority Services (NS/EP NGN-PS) call scenarios. The following are example NS/EP NGN-PS Access Number (AN), Number Translation (NT) and Feature Code (FC) calls taken into consideration applicability of SHAKEN for both basic call scenarios and call scenarios with anonymity:
Example Basic NS/EP NGN-GETS Call Scenarios# / Call Scenario / Description / Unique Consideration for NS/EP NGN-GETS
1 / GETS-AN Origination in NS/EP Service Provider network / GETS-AN call originates in NS/EP Service Provider network (e.g., residential or enterprise access):
- Originating Service Provider signing attestation of the Caller-ID and NS/EP NGN-GETSService Provider is the same
- NS/EP Service Provider performs GETS PIN validation and authorization
- Terminating network validates received token attesting Caller-ID
Attestation of Caller-ID and NGN-GETS PIN validation and authorization are independent processes.
2 / GETS-AN Origination in LEC where Caller-ID is not signed by LEC before routing to the NS/EP NGN-PS Service Provider (IXC) / GETS-AN call originating in a LEC network (e.g., residential or enterprise access) is routed to NS/EP NGN-PS Service Provider:
- LEC does not include any token attesting Caller-ID (e.g., LEC is unable to sign Caller-ID)
- Receiving NS/EP NGN-PS Service Provider (IXC) performs GETS PIN validation and authorization
- NS/EP NGN-PS Service Provider (IXC) signs partial attestation of the Caller-ID
- Terminating service provider verifies received token attesting Caller-ID
Since the NGN-GETS Service Provider does not have verified association with the telephone number being used for the call it may not be able to sign full attestation of the Caller-ID. However, the NGN-GETS Service Provider could sign a partial attestation of the based on the NGN-GETS relationship with the customer (i.e., GETS PIN validation and authorization). This will allow the terminating service provider to display partial verification to the called party and increases probability of the NGN-GETS call being answered.
3 / GETS-AN Origination where LEC signs Caller-ID attestation and routes call to NS/EP NGN-PS Service Provider (IXC) / GETS-AN call originates in LEC network:
- LEC service provider signs full attestation of the Caller-ID and routes call to NS/EP NGN-PS Service Provider (IXC)
- Receiving NS/EP NGN-PS Service Provider (IXC) performs GETS PIN validation and authorization and routes call
- Terminating service provider verifies received token attesting Caller-ID
If NS/EP NGN-PS Service Provider (IXC) is acting as a B2BUAthen the original token may need to bereplaced with a token attesting the Caller-ID
4 / FC Origination in NS/EP NGN-PS Service Provider Network / FC call originates in NS/EP NGN-PS Service Provider Network:
- NS/EP Service Provider (Home Network) performs WPS authentication/authorization and signs full attestation of the Caller-ID
- Terminating network verifies received token attesting Caller-ID
Attestation of Caller-ID is independent process from WPS authentication/authorization.
5 / FC+GETS-AN Origination / FC+GETS-AN call originates in NS/EP NGN-PS Service Provider network (or visited network):
- NS/EP NGN-PS Service Provider (Home Network) performs WPS authentication/authorization and signs full attestation of the Caller-ID
- NS/EP NGN-PS Service Provider performs GETS PIN validation and authorization and routes call
- Terminating network verifies received token attesting Caller-ID
In this scenario it is assumed that the WPS and GETS Service Providers are different (or different network segments). If NS/EP NGN-PS Service Provider (IXC) is acting as a B2BUAthen the original token may need to bereplaced with a token attesting the Caller-ID
Example NS/EP NGN-GETS Calls with Anonymity
# / Example Scenario / Description
6 / GETS-NT or GETS-PDN with Anonymity Origination in NS/EP Service Provider network / GETS-NT or GETS-PDN call originates in NS/EP Service Provider network (e.g., residential or enterprise access):
- NS/EP NGN-PS Service Provider performs GETS PIN validation and authorization
- Caller-ID is altered by NS/EP Service Provider for anonymity
- NS/EP Provider signs full attestation of the altered Caller-ID
- Terminating network verifies received token attesting Caller-ID
6 / GETS-NT or GETS-PDN with Anonymity Origination in LEC network / GETS-NT or GETS-PDN call originates in a LEC network:
- LEC signs full attestation of the Caller-ID
- Receiving NS/EP Service Provider (IXC) performs GETS PIN validation and authorization
- Caller-ID is altered by NS/EP Service Provider for anonymity
- NS/EP Service Provider signs full attestation of the altered Caller-ID
- Terminating network verifies received token attesting Caller-ID
7 / FC+GETS-NT or GETS-PDN with Anonymity Origination / FC+GETS-NT or GETS-PDN call originates in NS/EP NGN-PS Service Provider network (or visited network) where WPS and GETS Providers are different:
- WPS Provider performs WPS authentication/authorization and signs full attestation of the Caller-ID
- Receiving NS/EP NGN-PS Service Provider (IXC) performs GETS PIN validation and authorization
- Caller-ID is altered by NS/EP NGN-PS Service Provider for anonymity
- NS/EP Service Provider signs full attestation of the altered Caller-ID
- Terminating network verifies received token attesting Caller-ID
3Proposal
It is proposed that the example use cases beincluded in the Draft Verified Caller ID Use Case TR and used to determine if any enhancements are needed for the SHAKEN framework.
______