Diameter End-to-End Security (DESS)

11 Diameter End-to-End Security (DESS)

The Diameter protocol plays a crucial role in modern telecommunications networks for Authentication, Authorization, and Accounting (AAA) functions. To enhance the security of Diameter messages, oracle introduces the Diameter End-to-End Security (DESS) feature, allowing the signing and verification of messages exchanged between network nodes. DESS uses digital signatures to validate Diameter messages, mitigating the risk of unauthorized message alterations.

Figure 11-1 Dess Phase 1

DESS Phase 1 model with Secure Perimeter (basic case from E2E signature)

Figure 11-2 Case2

DESS Phase 1 model with Secure Perimeter (option if IPX needs to modify some Diameter fields)