DEVELOPMENT OF IMS PRIVACY & SECURITY MANAGEMENT FRAMEWORK FOR FOKUS OPEN IMS TESTBED
Keywords:
IP Multimedia Subsystem, confidentiality, authentication, integrity protection, inter and intra domains security, Key & certificate management, HTTP & SIP securityAbstract
Privacy, confidentiality, data integrity and intrusion detection & prevention are the security methodologies to secure communication in all fields of networking, cellular and fixed communication. With the emerging of IP Multimedia Subsystem (IMS) and Next Generation Networks (NGN), there is a great need to provide secure and trusted environment to user’s sensitive information and to provide measures to protect IMS operator’s assets. The IMS needs powerful security association between multimedia client and the network before access is granted to multimedia services because of low security dependency of PS-domain. The security features to accomplish in securing access to the IMS are to protect SIP signalling, user authentication and authorization, development of network domain security and trusted domain using policy based security associations. In this paper we present the security and privacy management framework for IP Multimedia Subsystem (IMS) which consists of IMS Authentication & Key Agreement (AKA), Network Domain Security, and IMS Access Security for SIP-based and HTTP-based services. The presented IMS security framework is developed for Open IMS & 3Gb Testbed of Fokus, Fraunhofer with the objective to manage security across different interfaces like air contact between user and IMS core, inter and intra domains interfaces and between IMS Core and Application Servers. It also deals with security when the user is roaming or in home network and security for UMTS access networks. This independent security framework provides additional protection against security attacks to IMS domain along with the PS (Packet Switched) domain security or IP Security.