Diameter Authorization Process
SBR Carrier performs Diameter authorization based on subscriber data provided by HSS. SBR Carrier can enforce fine-grained authorization policy by using local profiles. SBR Carrier uses local profiles in combination with the subscriber profile stored in the HSS to provide additional security for authorization. During the authorization process, SBR Carrier uses user-defined profile selection rule sets to select the local profile used to authorize the request.
SBR Carrier determines what service scenario is being requested based on the contents and the origin of the request (non-3GPP network access device). The service scenario is relevant to authorization (the user’s subscriptions).
SBR Carrier downloads the primary non-3GPP network profile data used for policy decisions from the HSS during authentication. SBR Carrier downloads whatever information is available from the HSS, and tolerates any (or all) missing values because it is assumed that the Web GUI configures the local profile to compliment the HSS profile. The protocols at the SWx reference point ensure that the downloaded profile remains synchronized with HSS while the SBR Carrier server is registered with the HSS. In particular, HSS invokes the policy update procedure if the policy is changed on the HSS while the SBR Carrier server is the registered AAA server.