Hi Paraho,
Good question.
Both Gx and Gy are based on Diameter protocol.
Gx updates sends the new QoS parameters to the PCEF so that the new Policy rule can be enforced.
Gy provides periodic reports to OCS and it can update the Prepaid balance. As Gy uses the IP protocol it maybe possible for a miscreant to setup
IP spoofing using Diameter peers. If a miscreant can do this then an injection
“attack” can take place and credit can be added.
Recommend that your passwords are changed on a regular basis – standard
IT Security Policy. Logs from PCEF, PCRF/OCS (Sy) should be reviewed to see
who has logged on and what activities have been performed. CSP Fraud / Finance Teams can help to detect any unusual activites with PrePaid / PostPaid / Hybrid Accounts.
The miscreant will need to have a very good working knowledge of the Diameter
protocol (Gy, Gx, Sy, RFC 4006 RFC 6733 (RFC 3588 is now “obsolete”) and has been involved with indepth verification of online charging using Tcpdump.
VBR/ Wallis Dudhnath