Basic Third-Party Call Control
The concept for basic third-party call control is shown in Figure 11.5, where a
controller will set up a call between two parties, A and B, without participat-
ing in the conversation in any way.
The operation is as follows:
- The controller sets up a call with the first party (party A) by sending an
INVITEmessage (Message 1 in Figure 11.5). This INVITEhas an SDP
message body with no media lines. Party A responds with a 200 OK
also containing SDP with no media lines. The controller then sends an
ACKto complete the exchange. This sets up a SIP session or dialog but
does not establish a media session. - The controller will now set up a call with the second party (party B) by
sending a second INVITE(Message 4 in Figure 11.5) without any SDP
present. This time, the controller stores the SDP data received from
party B in the 200 OKmessage (Message 5). The controller holds off
sending the ACKto party B until this media information is communi-
cated to party A in the next step. - Next, the controller re-INVITEs party A using the SDP connection and
media data supplied by party B in the previous 200 OKmessage (Mes-
sage 5 in Figure 11.5). Party A responds with SDP media information in
the 200 OK(Message 7). This SDP information is then passed back to
party B in an ACK(Message 8). An ACKwithout SDP to A completes the
session setup. Parties A and B can now exchange Real-Time Protocol
(RTP) media, since they both have the required SDP connection and
media data from each other. - From a signaling perspective, parties A and B are still communicating
with the controller and not with each other. To terminate the call, any
party can send a BYEmessage to terminate the connection to the con-
troller (as shown in Message 11 in Figure 11.5). The controller will fol-
low up by sending a BYEto the other party (Message 12). Both BYE
messages are followed by 200 OKmessages (Messages 13 and 14), and
the call is terminated.
Security for Third-Party Call Control
Third-party call control is simple to implement in well-secured IP networks
where no security risks are assumed within the trusted environment. In a
larger context, however, additional steps must be taken to authenticate the
SIP Telephony 203