IP Multimedia Subsystem IMS - PowerPoint PPT Presentation

Loading...

PPT – IP Multimedia Subsystem IMS PowerPoint presentation | free to download - id: 4423d0-ZGNlZ



Loading


The Adobe Flash plugin is needed to view this content

Get the plugin now

View by Category
About This Presentation
Title:

IP Multimedia Subsystem IMS

Description:

IP Multimedia Subsystem IMS Rajkiran Velluri Rahul Allawadhi Rahul Parey Santosh Kandukuri History of IMS IMS first appeared in release 5 of the evolution from 2G to ... – PowerPoint PPT presentation

Number of Views:650
Avg rating:3.0/5.0
Slides: 90
Provided by: www2ItLu
Learn more at: http://www2.it.lut.fi
Category:

less

Write a Comment
User Comments (0)
Transcript and Presenter's Notes

Title: IP Multimedia Subsystem IMS


1
IP Multimedia Subsystem IMS
  • Rajkiran Velluri
  • Rahul Allawadhi
  • Rahul Parey
  • Santosh Kandukuri

2
History of IMS
  • IMS first appeared in release 5 of the evolution
    from 2G to 3G networks for W-CDMA networks
    (UMTS), when SIP-based multimedia domain was
    added to NGN networks. Support for older GSM and
    GPRS networks is also provided.
  • In 3GPP release 6, interworking with WLAN was
    added.
  • 3GPP release 7 adds support for fixed networks,
    together with TISPAN which allowed adopted a more
    generalized model able to address a wider variety
    of network and service requirements. This overall
    architecture is based upon the concept of
    cooperating subsystems sharing common components.
    This subsystem-oriented architecture enables the
    addition of new subsystems over the time to cover
    new demands and service classes. .
  • "Early IMS" was defined for IPv4 networks, and
    provides a migration path to IPv6

3
Cellular Networks
  • 1G
  • Used analog transmission and provided only
    circuit switched voice telephony
  • 2G
  • Fully digital. Offered both voice CS data
    services
  • 2.5G
  • Addition of Packet Switched Data services to 2G
    Networks.
  • 3G
  • Provide (or try to) all services over PS
    (including voice telephony)

4
IP Multimedia Subsystem (IMS)
  • The IP Multimedia subsystem standard defines a
    generic architecture for offering VoIP and
    multimedia services.
  • Internationally recognized standard first
    specified by the 3GPP ( 3rd generation
    Partnership Project)
  • Supports multiple access types GSM, WCDMA,
    CDMA2000, Wireline broadband access and WLAN.
  • Established with the aim of allowing UMTS network
    to provide all of its services over IP on an
    end-to-end basis.

5
Concept of the IP Multimedia Subsystem (IMS)
  • The IP Multimedia Subsystem is an open,
    standardized, NGN multi-media
  • architecture for mobile and fixed IP-based
    services. It's a VoIP
  • implementation based on a 3GPP variant of SIP
    (Session Initiation Protocol),
  • and runs over the standard Internet protocol.
    It's used by Telcos in NGN
  • networks (which combine voice and data in a
    single packet switched
  • network),to offer network controlled multimedia
    services.
  • The aim of IMS is not only to provide new
    services but to provide all the
  • services, current and future, that the Internet
    provides. In addition, users
  • have to be able to execute all their services
    when roaming as well as
  • from their home networks. To achieve these goals
    the IMS uses open
  • standard IP protocols, defined by the IETF.

6
Concept of the IP Multimedia Subsystem (IMS)
  • So, a multi-media session between 2 IMS users,
  • between an IMS user and a user on the Internet,
  • and between 2 users on the Internet is
    established
  • using exactly the same protocol. Moreover, the
  • interfaces for service developers are also based
    in
  • IP protocols. This is why the IMS truly merges
    the
  • Internet with the cellular world it uses
    cellular
  • technologies to provide ubiquitous access and
  • Internet technologies to provide appealing
    services.

7
IMS concept
  • The IMS concept was introduced to address the
    following network and user
  • requirements
  • Deliver person-to-person real-time IP-based
    multimedia communications
  • (e.g. voice or video telephony) as well as
    person-to-machine communications
  • (e.g. gaming service).
  • Fully integrate real-time with non-real-time
    multimedia communications
  • (e.g. live streaming and chat).
  • Enable different services and applications to
    interact (e.g. combined use
  • of presence and instant messaging).
  • Easy user setup of multiple services in a
    single session or multiple
  • simultaneous synchronized sessions.

8
IMS solution overview
Source Alcatel
9
IMS Standards
  • 3GPP and 3GPP2 - 3rd Generation Partnership
    Project 3rd
    Generation Partnership Project 2
  • Have both defined the IP Multimedia Subsystem
    (IMS)
  • The harmonization effort has kept the definitions
    as similar as possible.
  • IETF - Internet Engineering Task Force
  • Provide the definitions for SIP, SDP and other
    protocols underlying IMS
  • IMS is driving some of the work in IETF
  • OMA - Open Mobile Alliance
  • Defining services for IMS architecture, e.g.
    Instant Messaging, Push-to-Talk
  • ITU - International Telecommunication Union
  • Provides protocol definitions used by IMS
  • H.248 for media control
  • Q.1912.SIP for SIP ISUP interworking (in
    conjunction with IETF)
  • ETSI - European Telecommunications Standards
    Institute
  • TISPAN - TISPAN is merger of TIPHON (VoIP) and
    SPAN (fixed networks)
  • Agreement on reuse of 3GPP/3GPP2 IMS in
    comprehensive NGN plans

10
IMS GOALS
  • Support of real-time IP- based multimedia
    communication services (VoIP, Video Conferencing
    e.t.c). This implies that IMS will replace the CS
    domain of a UMTS network, providing all the
    traditional CS services over IP, in PS domain
  • Provide ability of interactions between services,
    so that users may combine different services in
    one session, e.g. group conferencing.

11
Characteristics of IMS
  • Takes the concept of horizontal architecture a
    step further where service enablers and common
    functions can be reused for multiple applications
  • Well integrated with existing voice and data
    networks adopting many of the key benefits of the
    IT domain
  • Horizontal architecture specifies
    interoperability and roaming, and provides bearer
    control, charging and security
  • IMS enables services to be delivered in a
    standardized, well structured manner
  • The horizontal architecture enables operators to
    avoid the problems associated with charging,
    presence, group and list management, routing and
    provisioning.

12
Advantages of IMS
  • Advantages over other existing systems
  • The core network is independent of a particular
    access technology
  • Integrated mobility for all network applications
  • Easier migration of applications from fixed to
    mobile users
  • Faster deployment of new services based on
    standardized architecture
  • An end to unique or customized applications
  • New applications such as presence information,
    videoconferencing, Push to talk over cellular
    (POC), multiparty gaming, community services and
    content sharing.
  • Evolution to combinational services, for example
    by combining instant messaging and voice
  • User profiles are stored in a central location

13
Advantages of IMS
  • Advantages over free VoIP
  • It's possible to run free VoIP applications over
    the regular Internet. Then why do we need IMS, if
    all the power of the Internet is already
    available for 3G users?
  • Quality of Service  The network offers no
    guarantees about the amount of bandwidth a user
    gets for a particular connection or about the
    delay the packets experience. Consequently, the
    quality of a VoIP conversation can vary
    dramatically throughout its duration.
  • Charging of multimedia services 
    Videoconferences can transfer a large amount of
    information, but the telecom operator can't
    charge separately for this data. Some business
    models might be more beneficial for the user (for
    instance a fixed price per message, not per
    byte) others might charge extra for better QoS.
  • Integration of different services  an operator
    can use services developed by third parties,
    combine them, integrate them with services they
    already have, and provide the user with a
    completely new service. For example if voicemail
    and text-to-speech is combined, a voice version
    of incoming text messages can be provided for
    blind users.

14
IMS SERVICES ARCHITECTURE
  • These basic services can be controlled by
    external Application Servers (AS) so as to
    provide various applications.
  • For example, IMS does not offer a conferencing or
    chat room service!
  • It provides
  • - point-to-point and point to multipoint
    transmission facilities.
  • - Group management facilities
  • - The ability for an external AS to control the
    group communication

15
IMS SERVICES ARCHITECTURE
  • To maximize flexibility IMS organizes ITS
    functionality in three layers.

16
IMS SERVICES ARCHITECTURE
  • Transport Endpoint Layer Initiates terminates
    the signaling needed to setup control sessions,
    provides bearer services between the endpoints.
    Media gateways are provided to convert from/to
    analog/digital voice telephony formats to/from IP
    packets using RTP. IMS signaling is based on SIP
    on top of IPv6
  • The session control layer provides functionality
    that allows endpoints to be registered with the
    network and sessions to be setup between them. It
    also contains the functions that control the
    media gateways and servers so as to provide the
    requested services
  • The application server layer allows sessions to
    interact with various AS entities. In this layer
    multiple sessions may be coordinated to provide
    single application.

17
IMS SERVICES ARCHITECTURE
  • Support a wide range of services, both telephony
    non-telephony oriented. All these services are
    provided over IP, end-to-end. Some of them are
    the followings
  • Voice video telephony
  • Instant Messaging
  • Chat Rooms
  • Video Conferencing
  • Multiparty Gaming

18
BROADVIEW OF IMS ARCHITECTURE
19
BROADVIEW OF IMS ARCHITECTURE
  • The IP Multimedia Core Network Subsystem is a
    collection of different functions, linked by
    standardized interfaces. A function is not a node
    (hardware box)  an implementer is free to
    combine 2 functions in 1 node, or to split a
    single function into 2 or more nodes. Each node
    can also be present multiple times in a network,
    for load balancing or organizational issues.

20
BROADVIEW OF IMS ARCHITECTURE
  • Access Network
  • The user can connect to an IMS network using
    various methods, all of which are using the
    standard Internet Protocol (IP).
  • Direct IMS terminals can register directly into
    an IMS network.
  • Fixed access, mobile access and wireless access
    are all supported.

21
BROADVIEW OF IMS ARCHITECTURE
USER DATABASE
Access Network
Access Network
22
BROADVIEW OF IMS ARCHITECTURE
  • User Database
  • The HSS (Home Subscriber Server) is the master
    user database that supports the IMS network
    entities that are actually handling the
    calls/sessions.
  • It contains the subscription-related information,
    performs authentication and authorization of the
    user, and can provide information about the
    physical location of user.
  • A SLF (Subscriber Location Function) is needed
    when multiple HSSs are used.

23
BROADVIEW OF IMS ARCHITECTURE
Call/Session Control
24
BROADVIEW OF IMS ARCHITECTURE
  • Call/Session Control
  • Several types of SIP servers, collectively
    known as CSCF, they are used to process SIP
    signaling packets in the IMS.
  • P-CSCF (Proxy-CSCF)
  • I-CSCF (Interrogating-CSCF)
  • S-CSCF (Serving-CSCF)

25
BROADVIEW OF IMS ARCHITECTURE
  • Call/Session Control
  • 1) A P-CSCF (Proxy-CSCF)
  • It is a SIP proxy that is the first point of
    contact for the IMS terminal.
  • It can be located either in the visited network
    or in the home network.
  • It has terminal which will discover its P-CSCF
    with either DHCP, or it's assigned in the PDP
    Context (in GPRS).

26
BROADVIEW OF IMS ARCHITECTURE
  • Call/Session Control
  • 2) I-CSCF (Interrogating-CSCF)
  • It is a SIP proxy located at the edge of an
    administrative domain.
  • Its IP address is published in the DNS records of
    the domain, so that remote servers can find it,
    and use it as an entry point for all SIP packets
    to this domain.
  • The I-CSCF queries the HSS using the DIAMETER Cx
    and Dx interfaces to retrieve the user location,
    and then route the SIP request to its assigned
    S-CSCF.
  • It can also be used to hide the internal network
    from the outside world, in which case it's called
    a THIG (Topology Hiding Interface Gateway).

27
BROADVIEW OF IMS ARCHITECTURE
  • Call/Session Control
  • 3) S-CSCF (Serving-CSCF)
  • It is the central node of the signaling plane.
  • It's a SIP server, but performs session control
    as well.
  • It's always located in the home network. The
    S-CSCF uses DIAMETER Cx and Dx interfaces to the
    HSS to download and upload user profiles.
  • It has no local storage of the user.

28
BROADVIEW OF IMS ARCHITECTURE
Application Server
29
BROADVIEW OF IMS ARCHITECTURE
  • Application Servers
  • Application servers (AS) host and execute
    services, and interfaces with the S-CSCF using
    SIP.
  • Depending on the actual service, the AS can
    operated in SIP proxy mode, SIP US mode or SIP
    B2BUA mode.
  • An AS can be located in the home network or in an
    external third-party network.

30
BROADVIEW OF IMS ARCHITECTURE
Media Servers
31
BROADVIEW OF IMS ARCHITECTURE
  • Media Servers
  • A MRF (Media Resource Function) provides a source
    of media in the home network.
  • It's used for Playing of announcements,
    Multimedia conferencing, Text-to-speech
    conversation (TTS) and speech recognition, Real
    time transcoding of multimedia data.
  • Each MRF is further divided into 
  • 1) A MRFC (Media Resource Function
    Controller) is a signalling plane node that acts
    as a SIP User Agent to the S-CSCF, and which
    controls the MRFP with a H.248 interface
  • 2) A MRFP (Media Resource Function
    Processor) is a media plane node that implements
    all media-related functions.

32
BROADVIEW OF IMS ARCHITECTURE
Breakout Gateways
33
BROADVIEW OF IMS ARCHITECTURE
  • Breakout Gateway
  • A BGCF (Breakout Gateway Control Function) is a
    SIP server that includes routing functionality
    based on telephone numbers.
  • It's only used when calling from the IMS to a
    phone in a circuit switched network, such as the
    PSTN or the PLMN.

34
BROADVIEW OF IMS ARCHITECTURE
PSTN gateways
35
BROADVIEW OF IMS ARCHITECTURE
  • PSTN Gateways
  • A PSTN/CS gateway interfaces with PSTN circuit
    switched (CS) networks.
  • A SGW (Signalling Gateway) interfaces with the
    signalling plane of the CS. It transforms lower
    layer protocols as SCTP into MTP, to pass ISUP
    from the MGCF to the CS network.
  • A MGCF (Media Gateway Controller Function) does
    call control protocol conversion between SIP and
    ISUP, and interfaces with the SGW over SCTP.
  • A MGW (Media Gateway) interfaces with the media
    plane of the CS network, by converting between
    RTP and PCM.

36
BROADVIEW OF IMS ARCHITECTURE
  • Charging
  • Definitions Offline charging is applied to users
    who pay for their services periodically whereas
    Online charging is applied to usera who pay
    credit-based charging which is used for prepaid
    services.
  • Offline Charging  All the SIP network entities
    involved in the session use the DIAMETER Rf
    interface to send accounting information to a CCF
    (Charging Collector Function) located in the same
    domain. CCF collects all this information, and
    build a CDR (Charging Data Record), which is send
    to the billing system (BS) of the domain.
  • Online charging  The S-CSCF talks to a SCF
    (Session Charging Function), which looks like a
    regular SIP application server. The SCF can
    signal the S-CSCF to terminate the session when
    the user runs out of credits during a session.
    The AS and MRFC use the DIAMETER Ro interface
    towards a ECF (Event Charging Function), that
    also communicates with the SCF.

37
BROADVIEW OF IMS ARCHITECTURE
  • Advantages
  • Advantages over existing systems
  • The core network is independent of a particular
    access technology
  • Integrated mobility for all network applications
  • Easier migration of applications from fixed to
    mobile users
  • Faster deployment of new services based on
    standardized architecture
  • New applications such as presence information,
    videoconferencing, Push to talk over cellular
    (POC), multiparty gaming, community services and
    content sharing.
  • User profiles are stored in a central location

38
BROADVIEW OF IMS ARCHITECTURE
  • Advantages
  • Advantages over free VoIP
  • Quality of Service  The network offers no
    guarantees about the amount of bandwidth a user
    gets for a particular connection or about the
    delay the packets experience.
  • Charging of multimedia services 
    Videoconferences can transfer a large amount of
    information. Some business models might be more
    beneficial for the user, others might charge
    extra for better QoS.
  • Integration of different services  an operator
    can use services developed by third parties,
    combine them, integrate them with services they
    already have, and provide the user with a
    completely new service.

39
BROADVIEW OF IMS ARCHITECTURE
  • Issues
  • Benefits need to be further articulated in terms
    of actual savings.
  • IMS is "operator friendly" which means that it
    provides the operator with comprehensive control
    of content at the expense of the consumer.
  • IMS uses the 3GPP variant of SIP, which needs to
    interoperate with the IETF SIP.
  • IMS is an optimization of the network, and
    investments for such optimization are
    questionable.

40
BROADVIEW OF IMS ARCHITECTURE
  • Associated Protocols
  • RFC 1889 Real-time Transport Protocol (RTP)
  • RFC 2327 Session Description Protocol (SDP)
  • RFC 2748 Common Open Policy Server protocol
    (COPS)
  • RFC 2782 a DNS RR for specifying the location of
    services (SRV)
  • RFC 2806 URLs for telephone calls (TEL)
  • RFC 2915 the naming authority pointer DNS
    resource record (NAPTR)
  • RFC 2916 E.164 number and DNS
  • RFC 3261 Session Initiation Protocol (SIP)
  • RFC 3262 reliability of provisional responses
    (PRACK)
  • RFC 3263 locating SIP servers
  • RFC 3264 an offer/answer model with the Session
    Description Protocol
  • RFC 3310 HTTP Digest Authentication using
    Authentication and Key Agreement (AKA)
  • RFC 3311 update method
  • RFC 3312 integration of resource management and
    SIP
  • RFC 3319 DHCPv6 options for SIP servers
  • RFC 3320 signalling compression (SIGCOMP)
  • RFC 3323 a privacy mechanism for SIP
  • RFC 3324 short term requirements for network
    asserted identity

41
Session Initiation Protocol -SIP
  • SIP is the core protocol for initiating, managing
    and terminating sessions in the Internet
  • These sessions may be text, voice, video or a
    combination of these
  • SIP sessions involve one or more participants and
    can use unicast or multicast communication.

42
Session Initiation Protocol - SIP
  • Provides call control for multi-media services
  • initiation, modification, and termination of
    sessions
  • terminal-type negotiation and selections
  • call holding, forwarding, forking, transfer
  • media type negotiation (also mid-call changes)
    using Session Description Protocol (SDP)
  • Provides personal mobility support
  • Independent of transport protocols (TCP, UDP,
    SCTP,)
  • ASCII format SIP headers
  • Separation of call signalling and data stream
  • Application types/examples
  • Interactive Voice over IP (VoIP)
  • Multimedia conferences (multi-party, e.g. voice
    video)
  • Instant messaging
  • Presence service
  • Support of location-based services

43
SIP in IMS
  • Mandatory existence of P-CSCF as first point of
    contact
  • Network initiated call release (e.g. due to
    missing coverage or administrative reasons)
  • Proxies are able to send BYE
  • Network Control of Media Types
  • P/S-CSCF checks the SDP in the SIP body
  • If SDP contains invalid parameters (e.g. not
    supported codecs), P/S-CSCF rejects the SIP
    request by sending a 488 (not acceptable here)
    response that contains a SDP body indicating
    parameters that would be acceptable by the
    network
  • Network Hiding (Encryption of Route and Via
    Headers)

44
SIP in IMS
  • Additional Signaling Information
  • For example Cell-ID, Mobile Network/Country Code,
    Charging-IDs
  • Information transported P-header based solution
  • Compression
  • SIP Compression is mandatory as radio interface
    is a scarce resource
  • Compression / decompression of SIP will be
    performed by the UE and the P-CSCF
  • Authentication Integrity protection
  • S-CSCF performs the Authentication using AKA
  • P-CSCF checks the integrity of messages received
    via the air interface via IPsec ESP

45
SIP based session management
46
SIP Architecture
User Agent
User Agent
Proxy Server
Proxy Server
47
SIP Entities
  • User Agent
  • User Agent Client
  • User Agent Server
  • Proxy Server
  • Redirect Server
  • Registrar Server

48
SIP Message Types
  • Requests Sent from client to server
  • INVITE
  • ACK
  • REFER
  • OPTIONS
  • BYE
  • CANCEL
  • REGISTER
  • SUBSCRIBE
  • NOTIFY
  • MESSAGE

49
SIP Message Types (Contd.)
  • Responses Sent from server to the client
  • Success
  • Redirection
  • Forwarding
  • Request failure
  • Server failure
  • Global failure

50
SIP Session Establishment and Call Termination
51
SIP Call Redirection
52
Call Proxying
53
Instant messaging based on SIP
  • SIMPLE IM protocol based on SIP
  • SIP promises interoperability between various IM
    vendors
  • SIP has unique user tracking features.
  • SIP addressing

54
IMS Security Challenges
55
Contents
  • Security Evolution of a new Architecture /
  • Protocol
  • Today Advanced Mobile OSs Cellular Viruses
  • Tomorrow Additional IMS Services ????
  • 3GPP IMS Security Specifications
  • Mobile to Mobile Security
  • GSM-SIP Security
  • Third Party Involvement increases

56
Today Cellular Viruses
  • SKULLS infects by Bluetooth
  • Mosquito constantly sends SMSs
  • to premium service
  • Reasons for threat increase
  • Smart Phone OS are sophisticated, Open
    Platforms
  • Multi Connectivity MMS, Bluetooth, Phone
    browsers (HTTP), Infra Red,
  • Mail
  • Reasons for threat reduction
  • Phones not Always connected
  • Phones dont have server applications (like
    Microsoft RPC Blaster worm)
  • Signature Mechanisms are being developed
  • Infection paths for attachments are not fully
    automatic MMS, Bluetooth
  • question asked before opening attachment

57
Tommorrow IMS
  • IMS Increases GPRS/UMTS Connectivity
  • Mobile to Mobile
  • Mobile to ADSL/Cables
  • GPRS/UMTS Mobile to CDMA-2000 Mobile
  • IMS introduces new protocols
  • IMS always connected
  • IMS should not introduce server like
    application on the Mobile phones,
  • that are constantly listening for input
  • IMS involves third parties - supplying content
  • IMS is a clear umbrella type standard for
    Cellular Multi Media
  • easier to protect, but .. much easier to attack
  • IMS operator backbone new hacking targets

58
3GPP IMS Security Specifications
  • UMTS Security is designed in Multi layers
  • Attachment level security
  • Network level security (IP, PDP Context)
  • IMS service level security (GSM-SIP Security)
  • Network Level uses IETF well
  • known security IKE IPSEC
  • Authentication
  • Encryption (optional)
  • Data Integrity
  • GSM-SIP security

59
IMS - Mobile 2 Mobile Security
  • 3GPP did not account for it in the design,
  • GSMA identified the problem
  • IMS introduces Mobile to Mobile traffic.
  • GPRS was not intended for that
  • The problem difficult to control M2M traffic

60
IMS- New Protocols- New Threats
  • IPv6
  • IMS is a main driver of IPv6 deployment
  • IPv6 Land attack
  • Cisco IOS IPv6 heap overflow attack
  • Diameter, SCTP (Cx interface)
  • Internal CSCF to HSS traffic less vulnerable,
    but data is very sensitive

61
Testing Typologies
62
Scope of Testing
Verify the IMS core-network through the usage of
a set of reference end-to-end scenarios
(including roaming users) and the analysis of
signalling on the network interfaces that are
involved Gm, Cx, Mw, Mi, Mj, Mk, Mg, Mn, Rf, Go.
  • Verify the procedures conformity to the standard
  • Reduce the time to market of new network solutions

63
P-CSCF discovery
IMS network configuration only for testing P-CSCF
discovery procedure.
64
Session Initiation Control between different
network operator
IMS configuration requiring two user located in
different home network to test interoperability
in case of Session setup and control procedures.
65
Type of Intrusions and General annoyances.
  • Virus Spread from computer to computer
  • SPAM Unwanted email
  • Denial of Service Attack send thousands of
    requests to a critical machine.

66
How most attacks work.
  • A vendor either finds or has an error in code
    reported. This code involves a vulnerability.
  • The vendor alerts their users as to vulnerability
    and the patch (a computer word for a fix).
  • Hackers learn of these vulnerability and write a
    program that exploits it. Some system managers
    ignore the patch.
  • They start scanning networks for computers that
    have not applied the patch.
  • The fun begins.

67
Scanning
  • All computers have a network address.
  • TAMU for example uses the addresses
    128.194.000.001 to 128.194.254.254 (about 65,000)
    computers
  • A computer program is written that starts at 1
    and goes to 65,000 sequentially.
  • Any time that it finds a vulnerable computer it
    takes over the computer.
  • User may not even know that it is happening.

68
Protecting yourself and your computer - Passwords
  • PASSWORD protection this is first and formost.
  • NEVER use easy to guess passwords.
  • NEVER share a password.
  • NEVER write your password on a sticky next to the
    screen
  • All passwords should include letters and numbers.

69
Protection by IMS, Campus and Internet
  • Virus Protection
  • On most computers or filtered at server.
  • Firewall for critical computers both TAMU and
    four in Physical Plant
  • SPAM filters - one on campus and one at Physical
    Plant.
  • Intrusion detection Campus and through CERT
    (Computer Emergency Response Team at CMU
    University http//www.cert.org/)

70
Security Components
71
Other Security TIPS
  • Virus Protection Set for frequent update
  • NEVER open attachments from unknown addresses (I
    dont open attachments from most known addresses)
  • Most virus notices are hoaxes. Do not ignore
    this warning your mouse could explode Check
    with IMS
  • Use email rules (example)
  • NEVER unsubscribe from a SPAM email

72
More applications are moving to WEB access for
convenience. Be sure to work with IMS on
security issues before you put info online
73
Web Applications
  • Camera security http//165.91.187.68
  • Door Access
  • UPS power
  • Voice Mail Server
  • All Web Applications are reviewed by Lauri
    Brender for Info Security and Lee McCleskey for
    general security before we will put them online.

74
3GPP IP Multimedia Subsystem (Release 5)
Cx interface based on Diameter SIP proxies get
authorisation and authentication information
HSS
REGISTER/INVITE
REGISTER/INVITE
P-CSCF
UA
REGISTER/INVITE
SIP proxy servers
SIP-based interfaces
PS domain
75
3GPP Release 5 Security
  • Packet Switched (PS) domain
  • access security features retained from 3GPP
    Release 99 specifications
  • IP Multimedia Subsystem (IMS) domain
  • new access security features to be specified
  • to protect the access link to the IMS domain
  • independent of underlying PS domain security
    features
  • network domain security features to protect
    signalling links between network elements with
    the IMS domain

76
IP Multimedia Subsystem Access Security
1. Distribution of authentication information
Draft 3GPP TS 33.203
4. Protection of SIP signalling using agreed
session key
HSS
REGISTER/INVITE
REGISTER/INVITE
P-CSCF
UA
REGISTER/INVITE
3. Session key distribution
2. Mutual authentication and session key agreement
77
IP Multimedia Subsystem Network Domain Security
Draft 3GPP TS 33.210
HSS
REGISTER/INVITE
REGISTER/INVITE
P-CSCF
UA
REGISTER/INVITE
Per-hop protection of signalling using IPsec/IKE
78
Access Security Authentication Principles
  • 3GPP authentication protocol (3GPP AKA)
  • based on secret key stored in UAs tamper-proof
    subscriber identity module (SIM) and in the HSS
  • Authentication check located in S-CSCF
  • Working assumption is to authenticate only at SIP
    registrations with on-demand re-authentication
    requiring re-registration
  • Use SIP authentication rather than an outer layer
    protocol such as TLS or IKE in order to minimise
    roundtrips

79
Integration of Authentication Protocol into
DIAMETER and SIP
  • Distribution of authentication information to
    S-CSCF using DIAMETER
  • distribution of authentication vectors for 3GPP
    AKA
  • Integration of authentication protocol into SIP
    registration
  • 3GPP AKA protocol between UA and S-CSCF
  • distribution of session key to P-CSCF

80
Possible Information Flow for Authentication and
Session Key Establishment (from draft 3GPP TS
33.203)
Changed to 407 Proxy Authentication Required
Cx-Put Cx-Pull
81
Access Security Security Mode Establishment
between UA and P-CSCF
  • Determines when to start applying protection and
    which algorithm to use
  • includes secure algorithm negotiation
  • Uses session key derived during authentication
  • Integration into SIP registration with no new
    roundtrips

82
Access security Protection of SIP signalling
between UA and P-CSCF
  • Integrity protection of SIP signalling between UA
    and P-CSCF
  • Uses session key derived during authentication
  • Symmetric scheme because of efficiency concerns
  • Candidate mechanisms include modified CMS and ESP

83
IP Multimedia Subsystem Access Security
Documentation
High level architecture
3GPP
IETF
TS 23.228 (SA2)
SIPPING WG
TS 33.203 (SA3)
Other specs (e.g. AKA) (SA3)
TS 24.228 (CN1)
TS 29.228 (CN4)
TS 29.229 (CN4)
TS 24.229 (CN1)
AAA, PPPEXT, IPsec,
Protocol detail
84
Authentication and Key Agreement Protocol (3GPP
AKA)
ISIM/UA
S-CSCF
HSS
Authentication vector request
Authentication vector response
  • Three party protocol
  • Two-pass mutual authentication protocol between
    UA and S-CSCF
  • Each authentication vector is good for one
    authentication
  • Authentication vectors can be distributed in
    batches to minimise signalling/load on HSS

Authentication request
Authentication response
Distribution of session key to P-CSCF
P-CSCF
85
Other IP Multimedia Subsystem Security Issues (1)
  • Hide callers public ID from called party
  • by encrypting remote party ID header at callers
    S-CSCF and decrypting by same S-CSCF
  • is there a requirement to hide callers IP
    addresses that are dynamically assigned?
  • Network configuration hiding
  • mechanism being developed to hide host domain
    name of CSCFs and number of CSCFs within one
    operators network

86
Other IP Multimedia Subsystem Security Issues (2)
  • Session transfer
  • guidance on security aspects based on GSM call
    transfer feature
  • authorisation and accounting of transferred leg
    needs to involve transferring party who has
    dropped out of session
  • should there be a limit to the number of
    transferred sessions?
  • should final destination be hidden from calling
    party?
  • Security aspects of other IP multimedia subsystem
    services?
  • End-to-end security

87
References
  • Draft 3GPP TS 33.203, Access security for
    IP-based services (Release 5).
  • Draft 3GPP TS 33.210, Network domain security IP
    network layer security (Release 5).
  • J. Arkko and H. Haverinen, EAP AKA
    Authentication draft-arkko-pppext-aka-00.txt.
  • V. Torvinen, J. Arkko, A. Niemi, HTTP
    Authentication with EAP, draft-torvinen-http-eap-
    00.txt (to appear).
  • L. Blunk, J. Vollbrecht, PPP Extensible
    Authentication Protocol (EAP), RFC 2284.
  • P. Calhoun et al. DIAMETER NASREQ Extensions,
    draft-ietf-aaa-diameter-nasreq-06.txt.

88
Is IMS increasing the threats for cellular
security?
89
QUESTIONS???
About PowerShow.com