The standard example solution presents the default components of a Kiuru MSSP system. Kiuru RADIUS server can be used to enable access to the company VPN using mobile signatures. Application providers connect to the Acquiring Entity using ETSI 102 204 protocol. Other operators in the same mesh connect to the Routing Entity using ETSI 102 207 protocol.
Separate Registration Entity
This solution separates the Registration Entity into its own MSSP server instead of bundling the role with that of the HomeMSSP. This gives better security possibilities as the HomeMSSP has only read access to the MobileUser database. The Registration Authorities have their own access and authorization channel for user data modifications.
This solution divides all MSSPs and other components into separate security zones which are firewalled from each other. All third parties access the system through proxy servers and have no direct connections to the MSSPs. Databases are secured in their own zone to match the company’s data management policies.