A Secure Architecture for Nomadic User in IMS Network

The IP multimedia subsystem IMS is a basis for a significant new architecture which offers network operators the opportunity to expand their services, by integrating voice and multimedia communications and delivering them into new environments with new purposes. Basically, the IMS is an overlay network on top of IP layer that uses Session Initiation Protocol SIP as the primary signaling mechanism. SIP works at the application layer in IP networks. It is thus faced to not only the IP-networks security issues, but also to new issues which are related to the SIP protocol directly. Consequently, using IMS bears several new security challenges. This paper presents the most relevant SIP-related security vulnerabilities and threats, and the implementation and simulation test bed to experiment two versions of the SIP Asterisk software to emphasize these threats. The different security mechanisms that can be deployed to overcome the SIP security issues while putting emphasis the most important ones are discussed. Afterwards, the authors propose adaptable solutions to the SIP threats already identified for a specific service access information from anywhere in IMS context. Finally, conclusions are drawn and some perspectives are introduced to improve the security of multimedia applications.

[1]  Danny Crookes,et al.  Shoeprint Image Retrieval Based on Local Image Features , 2007 .

[2]  Victor Fajardo,et al.  Diameter Base Protocol , 2003, RFC.

[3]  Mats Näslund,et al.  The Secure Real-time Transport Protocol (SRTP) , 2004, RFC.

[4]  Alexander Pretschner,et al.  A Trustworthy Usage Control Enforcement Framework , 2011, 2011 Sixth International Conference on Availability, Reliability and Security.

[5]  Florence Gaunet,et al.  A Navigational Aid for Blind Pedestrians Designed with User- and Activity-Centered Approaches , 2010 .

[6]  Hui-Feng Huang A New Efficient Authentication Scheme for Session Initiation Protocol , 2006, JCIS.

[7]  Patrik Fältström,et al.  The E.164 to Uniform Resource Identifiers (URI) Dynamic Delegation Discovery System (DDDS) Application (ENUM) , 2004, RFC.

[8]  Derek Atkins,et al.  Threat Analysis of the Domain Name System (DNS) , 2004, RFC.

[9]  Jon Peterson S/MIME Advanced Encryption Standard (AES) Requirement for the Session Initiation Protocol (SIP) , 2004, RFC.

[10]  T. Magedanz,et al.  Protecting IP Multimedia Subsystem (IMS) Service Delivery Platform from Time Independent Attacks , 2007 .

[11]  Mark Handley,et al.  RFC 4566: SDP: Session Description Protocol , 2006 .

[12]  Eric Rescorla,et al.  Datagram Transport Layer Security , 2006, RFC.

[13]  Eric Rescorla,et al.  Diffie-Hellman Key Agreement Method , 1999, RFC.

[14]  David Taniar,et al.  International Journal of Mobile Computing and Multimedia Communications , 2010 .