TR 29.800
Signalling System No. 7 (SS7) Security Gateway;
Architecture, functional description and protocol details

V7.0.0 (Wzip) 2006/03 42 p.

full Table of Contents for TR 29.800 Word version: 7.0.0

Introduction p. 4

Scope p. 5

References p. 5

Definitions, symbols and abbreviations p. 5

Network Architecture p. 6

4.1

Scenarios p. 7

4.1.1	Outbound traffic (not yet protected) from own to foreign NE p. 7
4.1.2	Inbound traffic from foreign to own NE p. 7
4.1.3	Inbound transit traffic p. 8
4.1.4	Outbound transit traffic (not relayed) p. 9
4.1.5	Outbound traffic from own to own NE p. 9
4.1.6	Inbound traffic from own to own NE p. 10
4.1.7	Outbound traffic from foreign to own NE p. 11
4.1.8	Inbound traffic from own to foreign NE p. 11
4.1.9	Outbound traffic (already protected) from own to foreign NE p. 12
4.1.10	Outbound transit traffic (relayed by SRF) p. 13

Detailed Behaviour of the SS7 Security Gateway p. 13

5.1

TCAP user traffic p. 13

5.1.1

General p. 13

5.1.2

Interactions with Mobile Number Portability p. 28

5.1.3

Interactions with SCCP segmentation p. 28

5.1.4

Protocol Details p. 29

5.1.4.1	Transformation of unprotected message to protected message p. 29
5.1.4.2	Transformation of protected message to unprotected message p. 33
5.1.4.3	Handling of received XUDTS messages and UDTS messages p. 36

5.2

Security Policy Database p. 38

5.3

Security Association Database p. 39

Migration Strategy p. 40

A.1	Transition phase from unprotected to protected message transfer p. 40
A.2	Transition phase from protected to unprotected message transfer p. 40
A.3	Transition phase from one protection mode to another protection mode p. 41

Change history p. 42