PROTECTIONAGAINST UNSOLICITED COMMUNICATION FOR INTERNET PROTOCOL MULTIMEDIA SUBSYSTEM

TECHNICAL FIELD The present invention relates to the protection against unsolicited communications for Internet protocol multimedia subsystems.

The present application claims priority based on Japanese Patent Application

No. 2008-260090, the content of which is incorporated herein by reference.

BACKGROUND ART

Internet protocol multimedia subsystems (IMS) integrate networks such as public switched telephone networks (PSTN) and mobile communication networks so as to provide users (or subscribers) with various communication services, wherein the IMS serving as a pivotal role in the next generation network (NGN) is standardized by the third generation partnership project (3 GPP).

Electronic mailing services have suffered from social problems such as Spam and unsolicited (or junk) mails, which are unwanted mails unilaterally sent to recipients by senders. Unsolicited communications occur due to various factors derived from the popularization of the Internet, such as significant decreases of communication costs and advanced capabilities of network access terminals (such as personal computers purchasable by common users) transmitting numerous electronic mails to unspecified persons or sites.

The above problem (already occurring in electronic mailing services) seems to occur in the IMS due to its popularization. The 3GPP specification has initiated the protection against unsolicited communication for IMS (simply referred to as "PUCI") to protect users from Spam over the IP telephony (SPIT).

DISCLOSURE OF INVENTION

For the establishment of sessions binding operators, all operators do not necessarily have networks each enhanced in terms of the PUCI functionality for testing whether or not incoming calls are unsolicited calls. When the PUCI functionality is available only in the terminating network, other intermediate networks need to route incoming calls to the terminating network. This potentially results in a high workload of networking, since unsolicited calls or malicious calls are not detected but directly rejected by the originating network. Currently, it is impossible to detect unsolicited calls without implementing the overall PUCI functionality. The inventors seek to provide solutions as to how to benefit networks with the basic PUCI functionality by way of small changes of networking, thus demonstrating a high performance of the PUCI system.

The present invention seeks to solve the above problem by way of the following key features and effects.

(1) The PUCI system enables peering networks to carry out the PUCI functionality by integrating the basic or "PUCI-light" functionality in IMS nodes without implementing full PUCI feature sets based on global operator policy (OP) databases or local databases, wherein suspicious session information is still maintained.

(2) The PUCI-light functionality (assigned to regular IMS nodes) queries the PUCI-light information database upon processing of a new session, wherein when the database query indicates a suspicious session, the PUCI-light functionality immediately blocks the session or simply marks the suspicious session for further PUCI processing in subsequent nodes.

(3) The PUCI-light functionality is supported by the mechanism to send back the relevant PUCI information (or feedbacks) regarding PUCI applications/tests to previous IMS nodes (including the originating network) involved in the establishment of sessions.

(4) The PUCI-light functionality (assigned to standard IMS nodes) interprets feedbacks derived from PUCI applications/tests (which are performed subsequently) and stores the relevant PUCI information in either global operator policy (OP) databases or local databases (e.g. edge nodes of the core network). The relevant PUCI information stored in global/local databases enable PUCI-negating IMS nodes to reject unsolicited calls (or calls previously rejected by PUCI application servers) in a later stage.

(5) The PUCI-light functionality constitutes a part of the core IMS functionality (including a proxy call session control function (P-CSCF), an interrogating call session control function (I-CSCF), a serving call session control function (S-CSCF) and an interconnect border control function (IBCF), or a session initiation protocol based (SIP -based) system, e.g. SIP proxy/server, SBC, etc.), thus providing the PUCI-light functionality at the edge of each network.

(6) It is possible to improve the overall performance because the PUCI-light functionality at the edge of each network relies on only the database query.

(7) The PUCI-light functionality takes the information configuration (e.g. the trust level of source/domain PLMN by O&M) into account.

(8) The PUCI-light functionality considers only the feedbacks or relevant PUCI information derived from trusted networks.

BRIEF DESCRIPTION OF THE DRAWINGS

Fig. l is a block diagram showing the constitution of a PUCI system for transferring calls between originating user equipment and destined user equipment via different networks in accordance with a preferred embodiment of the present invention, which is used to explain steps Sl and S2 in processing calls.

Fig. 2 is a block diagram of the PUCI system used for explaining steps S3 and S4 in processing calls.

Fig. 3 is a block diagram of the PUCI system used for explaining steps S 5 and S6 in processing calls.

Fig. 4 is a block diagram of the PUCI system used for explaining step S7 in processing calls.

BEST MODE FOR CARRYING OUT THE INVENTION The overall PUCI functionality is reduced to a limited functionality which is directly implemented as a part of the IMS. The present invention seeks a method as to how to exchange the PUCI information related to specific calls among the interconnected networks, thus directly blocking further unsolicited communications.

The present invention is designed to implement one of global operator policy (OP) databases in the first contact point of the user equipment (UE) to the IMS, and the proxy call session control function (P-CSCF) or the interconnect border control function (IBCF) and/or the interrogating call session control function (I-CSCF) in the case of the IMS peering. The PUCI-light functionality is implemented not only as a part of the core IMS functionality (i.e. an integral part of the P-CSCF, I-CSCF, S-CSCF, and IBCF) but also as any other SIP -based systems (e.g. SIP proxy/server, SBC), thus achieving the PUCI-light functionality at the edge of the network.

The above nodes are enhanced to fulfill additional tasks, such as a database lookup related to an incoming call setup request (SIP INVITE). The database is queried directly by either a first-hop IMS node (e.g. P-CSCF, or IBCF/I-CSCF) or a PUCI application server.

A further optimization is to store the PUCI-light related information directly in the first-hop IMS node, thus optimizing the system, operation. Additionally, a new indication is made by way of pre-checking based on OP databases, wherein the pre-check information is delivered to the counterpart nodes. It is beneficial to perform first checking in the first contact point of the network, thus making it possible to rapidly reject unsolicited calls before causing high overheads in the network. This is also beneficial for the operator to improve the overall network performance. It is necessary to store the PUCI information in databases of edge nodes (e.g. P-CSCF, IBCF/I-CSCF) of the network providing the best performance, whereas the S-CSCF and any other nodes are also capable of storing the PUCI information. The OP database includes blacklist/whitelist databases and trusted/distrusted network databases in edge nodes, which are updated by use of the PUCI information which is an indication in a SIP header describing a type of mismatch currently occurring.

The session-related PUCI information includes the following parameters.

(a) Source and/or destination SIP URI dependent upon the reason for blocking the session, wherein a tuple source/destination SIP URI is essential in a personal blacklist, while only the source SIP URI is essential in a global blacklist.

(b) Source/destination IP addresses dependent upon the reason for blocking the session, wherein a tuple source/destination SIP URI is essential in the personal blacklist, while only the source SIP URI is essential in the global blacklist.

(c) Source PLMN/Operator network (where PLNM stands for "Public Land Mobile Network").

(d) SDP information (where SDP stands for "Service Delivery Platform").

(e) An original-session establishment/rejection time.

(f) A subsequent-session establishment/rejection time.

(g) Standardized PUCI testing result/code.

The following ideas are realized with respect to the PUCI information.

(1) Just a flag in a SIP BYE/ERROR message of an original session setup (INVITE) message, which is interpreted by previous IMS nodes. These nodes acquire the relevant PUCI information (e.g. source, destination, IP address, time, etc.) from SIP headers.

(2) A standardized code which informs each PUCI-light node of the reason for PUCI rejection (where "01" denotes the personal blacklist, "02" denotes the global blacklist, "03" denotes the personal/global blacklists, and "04" denotes other parameters) in the SIP BYE/ERROR message of the original session setup (INVITE) message, which is interpreted by previous IMS nodes. These nodes acquire the relevant PUCI information from SIP headers, wherein the relevant PUCI information is provided in the form of a new SIP header (referred to as a P-PUCI-Infor header) later.

(3) "Out-of-band" signaling of the PUCI information between PUCI applications/tests and PUCI-light databases is provided across or within the operator network.

(4) The PUCI-light functionality stores the relevant PUCI information in either the OP database or the local database (i.e. directly in the edge node of the core network), alternatively in global/local databases. This enables PUCI-negating IMS nodes to reject related unsolicited calls (or calls previously rejected by a real PUCI application server) in the later stage.

(5) The PUCI information is stored in one global database per each operator.

(6) The PUCI information is stored in each local network maintained by each network node. Local networks are synchronized with each other.

(7) The PUCI information is stored in plural databases maintained by different operators which are interconnected together so as to receive updates when unsolicited calls are identified.

(8) The PUCI information is stored in one centralized database which is shared by different operators or which is hosted by an operator organization like GSMA.

The present invention will be described in further detail with reference to Figs. 1 to 4 by way of the processing of incoming calls over various networks. That is, the present invention refers to a scenario in which originating user equipment is roaming in a visited IMS network (i.e. "Visited IMS ₁ ") 100 so as to place a call toward a subscriber in a home IMS network (i.e. "Home IMS ₃ ") 300. The Visited IMS 1 does not have the PUCI functionality, but a home IMS network (i.e. "Home IMS ₂ ") 200 is enhanced with the PUCI-light functionality and is thus able to receive the PUCI information related to outgoing calls toward other operators and to store the PUCI information in its database. Thus, it is possible to interconnect the databases of different peering networks (each storing the PUCI information). Alternatively, peering networks share the same database hosted by the operator organization like GSMA. Networks equipped with the limited PUCI functionality may utilize the PUCI information regarding suspicious subscribers when they are roaming or placing calls to be terminated by themselves. The Home IMS ₃ supports the full PUCI functionality which marks suspicious calls with the PUCI information based on test results, which may be reused later by other operators to update their databases.

Figs. 1 to 4 are block diagrams used for explaining the principle how to detect unsolicited calls in the Home IMS ₂ 200 with the minimal PUCI functionality, wherein both operators use their own databases which are not synchronized with each other. Herein, an originating user terminal (UE A) 10 places a call toward a destined user terminal 20 (UE B) 20 in the Home IMS ₃ 300 via the Visited IMS ₁ 100 and the Home IMS ₂ 200. The Visited IMS ₁ negating the PUCI functionality includes a P-CSCF ₁ 110 and an IBCF/I-CSCF _t 120; the Home IMS ₂ supporting the PUCI-light functionality includes an IBCF/I-CSCF ₂ 210, a S-CSCF ₂ 220, and an IBCF/I-CSCF ₂ 230 in conjunction with a database (DB) 240; and the Home IMS ₃ 300 supporting the full PUCI functionality includes an IBCFZI-CSCF ₃ 310, a S-CSCF ₃ 320, an application server (AS ₃ ) 330 in conjunction with a database (DB) 340 as well as a P-CSCF ₃ 350 connected to the user equipment (UE B) 20. (Step Sl)

In Fig. 1, the user equipment 10 sends a SIP INVITE toward the user equipment 20. The Visited IMS ₁ negating PUCI testing directly forwards an incoming call to the home IMS of the user equipment 10. Since the Home IMS ₂ 200 does not have any entry regarding the user equipment 10 in the database 240, it routes the incoming call to the terminating network. (Step S2)

The incoming call arrives at the edge node of the Home IMS ₃ 300 including the user equipment 20. Herein, the IBCF/I-CSCF ₃ 310 directly interacts with the PUCI application server (AS ₃ ) 330 so as to perform the PUCI processing, in which the incoming call is identified as an unsolicited call, for example. (Step S3) In Fig. 2, the IBCFZI-CSCF ₃ 310 rejects the incoming call so as to constitute the PUCI information (regarding the PUCI testing) in a REJECT message by use of a P-PUCI-Info header describing the PUCI testing and result. In addition, the database 340 of the Home IMS ₃ is updated in accordance with the PUCI testing and result. (Step S4)

When the REJECT message arrives at the edge node of the Home IMS ₃ such as the IBCF/I-CSCF ₃ 310 and as the S-CSCF ₃ 320, the PUCI information is stored in the database 340 in correlation with an origination/termination URI (or org/term URI). Now, the user equipment 10 is recognized as a source originating an unsolicited communication toward the user equipment 20 in the Home IMS ₂ 200. (Step S5)

In Fig. 3, the user equipment 10 resends an incoming call setup request toward the user equipment 20, which is routed to the Home IMS ₂ 200. (Step S6)

In the Home IMS ₂ 200, either the IBCF/I-CSCF ₂ 210/230 (ideally, serving as a first contact point) or the S-CSCF ₂ 220 identifies the incoming call as the unsolicited call based on the previously received PUCI information. (Step S7)

In Fig. 4, either the IBCF/I-CSCF ₂ 210/230 or the S-CSCF ₂ 220 rejects the incoming call as the user equipment 10 is marked as an unsolicited caller for the user equipment 20. Ideally, the IBCF/I-CSCF ₂ 210/230 serves as a first entry point which rejects the incoming call without invoking the terminating IMS, i.e. the Home IMS ₃ 300.

Lastly, the present invention is not necessarily limited to present embodiment, which can be further modified within the scope of the invention as defined by the appended claims.