Security Services in IMS
Total Page:16
File Type:pdf, Size:1020Kb
Security Services in IMS Lehrstuhl für UNIKASSEL Kommunikationstechnik VERSITÄT Prof. Dr.-Ing. Klaus David COMMUNICATIONS TECHNOLOGY (CT1) Report on Security Services in IMS (IP Multimedia Subsystem) By Hariharan, Priya - 24200190 Siddiqui Abbas Ali - 24200213 July 2005 1 Security Services in IMS CONTENTS 1. ABSTRACT................................................................................................................ 3 2. MARKET TRENDS IN COMMUNICATION.............................................................. 4 2.1 What Customer and Operator needs?? ..................................................................................................... 5 3. IP MULTIMEDIA SUBSYSTEM (IMS)....................................................................... 6 3.1 Motivation for IP Multimedia Subsystem (IMS)....................................................................................... 6 3.2 Definition of IP Multimedia Subsystem (IMS).......................................................................................... 6 3.3 The IMS - Overview................................................................................................................................. 6 4. SECURITY..................................................................................................................... 8 4.1 Need for Security...................................................................................................................................... 8 4.2 Security Services in IMS.......................................................................................................................... 9 4.3 IMS Security Architecture...................................................................................................................... 10 4.4 Access Security in IMS .......................................................................................................................... 11 4.4.1 SIP Signaling Protection................................................................................................................. 11 4.4.2 Authentication for IMS Services .................................................................................................... 11 4.4.3 Authentication Process in IMS ....................................................................................................... 14 4.4.4 Session Initiation Process in IMS ................................................................................................... 15 4.4.5 SIP Signaling Protection................................................................................................................. 16 4.4.6 User within Home Network............................................................................................................ 17 4.4.7 User in Visited Network ................................................................................................................. 18 4.5 IMS HTTP-Access Security ................................................................................................................... 19 4.6 IMS – Network Domain Security........................................................................................................... 20 4.7 IMS Media Plane Security...................................................................................................................... 22 5. CONCLUSION ........................................................................................................... 23 6. REFERENCES: ............................................................................................................ 24 2 Security Services in IMS 1. Abstract Person-to-person mobile communication is undergoing a transformation that will see users sharing rich content like never before. Based on the technologies of IP Multimedia Subsystem (IMS) and Session Initiation Protocol (SIP), the mobile and Internet domains will merge, allowing users to access, create, consume and share digital content using interoperable devices. IMS enables services to be delivered in a standardized, well- structured way that truly makes the most of layered architecture. At the same time, it provides a future-proof architecture that simplifies and speeds up the service creation and provisioning process, while enabling legacy inter-working. The horizontal architecture of IMS enables operators to move away from vertical ‘stovepipe’ implementations of new services – eliminating the costly and complex traditional network structure of overlapping functionality for charging, presence, group and list management, routing and provisioning. The Security issue is one of the essential for such a service. Security experts preach that hackers, software vandals, content pirates and other security threats will never be totally eliminated. The tools of the hackers' trade -- the viruses, worms and other assorted collections of malicious code—have a way of morphing and mutating into new forms and shapes. Since IMS is an open architecture, it is vulnerable to threats. In this report, we have presented the present market trends in Communication, role of IMS and it’s overview, IMS security architecture & various security services in IMS. 3 Security Services in IMS 2. Market trends in Communication More than 100 years ago, the telephone eliminated the obstacle of distance. The mobile phone came next, removing the obstacle of location. Today, telephony, mobility, and the Internet are converging. Mobile phones were used initially for voice communications. With the invention of short message service (SMS), or text messaging, mobile services began to shift towards becoming increasingly data-based. Today, we are on the brink of having mobile communications as varied and powerful as our imagination. Multimedia messaging - or MMS (Multimedia Messaging Service) - opens up the possibility of including much more than just text: images, graphics, and voice and audio clips. Fig 1 Market Trends in Communication User and enterprise needs will drive multimedia service evolution for both mobile and fixed operators. Users expect to be able to do more with their communications services, for less money, and are showing an interest in services beyond voice. They are attracted towards wide range of communications information and entertainment services in a user friendly and cost effective way. Users want access to the services wherever, whenever and however they want. Technologies like broadband access, Voice over IP (VoIP) and wireless LAN 4 Security Services in IMS (WLAN, or WiFi) are reducing the entry barrier to new service providers in both the fixed and mobile communications worlds. Today’s operators, therefore, need a way to make their services more appealing to users and to maintain their customer relationships and revenue flow. They need to make the best use of their current technology investments and embrace new ones –to create service packages that are easy and attractive for subscribers to use. 2.1 What Customer and Operator needs?? For Customer ¾ Rich user experience more broadband on move, communicate in real time using any combination of voice, video, picture & messages ¾ Convenience and ease of use interoperability between terminals & operators ¾ Safe Communication Free from middleware or malicious attacks, authorized access. For Operator ¾ Expand service offerings and revenues ¾ Controlled subscriber and business relationships ¾ Service Interoperability for mass market services 5 Security Services in IMS 3. IP Multimedia Subsystem (IMS) 3.1 Motivation for IP Multimedia Subsystem (IMS) • Enables rich communications combining multiple media or services • New IP-based services, easier & faster service creation and execution • Access independency, easier inter-working with the Internet • Services available over different access technologies • One network architecture for accommodating all services • Providing and requiring optimized Quality of Service • Smooth evolution from today’s networks and standards • Cost efficiency, evolution for current solutions • Openness: both specifications and (distributed) architecture 3.2 Definition of IP Multimedia Subsystem (IMS) “The IP Multimedia Subsystem (IMS) is an IP multimedia and telephony core network that is defined by 3GPP and 3GPP2 standards and organizations based on IETF Internet protocols. IMS is access independent as it supports IP to IP session over wire-line IP, 802.11, 802.15, CDMA, packet data along with GSM/EDGE/UMTS and other packet data applications. IMS is a standardized reference architecture that consists of session control, connection control and an applications services framework along with subscriber and services data. * “ * [Adapted from Lucent IP Multimedia Subsystem Overview] Some examples of IMS services are: ¾ Instant messaging - Peer to Peer messaging in real time ¾ Push to talk (PTT) - walkie talkie service ¾ Presence - dynamic profile of the user, visible to others and used to control services, information on personal status, terminal status, terminal capability, location, mood, personal logo ¾ Gaming – Peer to Peer or multiparty ¾ Rich Call 3.3 The IMS - Overview IP-based systems offer network operators the opportunity to expand their services, integrating voice and multimedia communications and delivering them into new environments with new purposes. This is what the industry calls convergence, bringing multiple media, multiple points of access, and multiple modes of and purposes for communication together into a single network.