Why you might use a Centralized SHAKEN Server, and how
ATIS published a technical report that describes a Centralized Signing and Signature Validation Services architecture than can be used in a STIR/SHAKEN deployment. Let’s look at why you might use that, and how.
The ATIS report addresses a potential issue: what if a carrier has many call session controllers (switches, SBCs) in their network? Do you have to set up separate authentication, signing, verification and signature validation servers for each call session controller? Or could you set up just one centralized set of shared servers?
The ATIS report assumes that a carrier with many network devices performing authentication and verification would want to centralize the service. The report describes in detail how communication should take place between the authentication server and a centralized signing server and also between the verification server and a centralized signature validation server.
This illustration shows the path a call would take when authenticated and signed by the originating carrier and verified by the terminating carrier.
The Authentication Service and Verification Service are lightweight applications that send requests to the centralized Signing Service and Signature Validation Service via HTTP. The Signing Service and Signature Validation Service could be combined into a single centralized server.
TransNexus STIR/SHAKEN architecture
We have developed STIR/SHAKEN functionality in our ClearIP and NexOSS software products. The authentication and verification services receive signing and verification requests as SIP messages (per ATIS-1000074).
In addition, NexOSS can be configured as a centralized SHAKEN server using HTTP per ATIS-1000082 on a call-by-call basis.
The NexOSS Centralized SHAKEN Server can be integrated with a softswitch or policy engine at the center of a network or with Session Border Controllers (SBCs) at the network edge.
This architecture provides plug-and-play interoperability with any network equipment:
- Ribbon PSX
- Metaswitch Perimeta
- Oracle Acme Packet
- And any other system that supports ATIS-1000082.
In addition, we help service providers with all aspects of STIR/SHAKEN deployment, including registering with the Policy Administrator and filing their Robocall Mitigation certification with the FCC.
Contact us today to learn more.
This information will only be used to respond to your inquiry. TransNexus will not share your data with any third parties. We will retain your information for as long as needed to retain a record of your inquiry. For more information about how we use personal data, please see our privacy statement.
Our STIR/SHAKEN products:
- Most affordable commercial solutions
- Work with your existing network
- Include support with deployment