Zusammenfassung
Das IP Multimedia Subsystem (IMS) stellt eine gemeinsame Anstrengung der Standardisierungsgremien für Festnetz- und Mobilkommunikation dar, deren Ziele sowohl die Entwicklung einer neuen Architektur für Betreibernetze als auch die Unterstützung zukünftiger Dienste sind. In diesem Artikel geben wir einen Überblick über die Implikationen der aus dem Internet bekannten Sicherheitsproblematiken. Wir analysieren die Sicherheitsanforderungen einer IMS-basierten Netzarchitektur und zeigen mögliche Lösungsansätze auf. Wir kommen zu dem Schluss, dass für eine sichere IMS-Umgebung ein über die Standardisierung hinausgehendes Maß an Netzüberwachung unbedingt notwendig ist, damit die grundlegende Funktionalität sicher gewährleistet werden kann.
Summary
The IP Multimedia Subsystem (IMS) was developed by a common initiative of the standardization bodies 3GPP and ETSI TISPAN with the aim to provide a platform for fixed and mobile network operators that supports future communication services. In this article we give an overview about the implications that security threats already known from the Internet have on IMS. We analyze the security requirements of an IMS based network architecture and describe possible security solutions. Finally, we argue that for a secure IMS environment extensive traffic monitoring is required in order to provide IMS-based services in a secure manner.
This is a preview of subscription content, log in via an institution to check access.
References
Ahamad, M., Amster, D., Barrett, M., Cross, T., Heron, G., Jackson, D., King, J., Lee, W., Naraine, R., Ollmann, G., Ramsey, J., Schmidt, H. A., Traynor, P. (2008): Emerging cyber threats report for 2009. Technical report, Georgia Tech Information Security Center
Berger, A., Hefeeda, M. (2009): Exploiting SIP for botnet communication. In: Proc. of the 5th Workshop on Secure Network Protocols, Princeton, NJ
Berger, A., Gojmerac, I., Jung, O. (2009): Internet security meets the IP multimedia subsystem: an overview. Security and Communications Networks
Calhoun, P., Loughney, J., Guttman, E., Zorn, G., Arkko, J. (2003): Diameter Base Protocol. RFC 3588
Darilion, K. (2008): Analysis of a VoIP Attack
ETSI ES 282 001 V3.4.1. (2009): Telecommunications and Internet converged Services and Protocols for Advanced Networking (TISPAN); NGN Functional Architecture
European Telecommunications Standard Institute (ETSI). Feasibility study for prevention of unsolicited communication in the NGN. 2008. TR 187.009 V2.1.1
European Telecommunications Standard Institute (ETSI). NGN Congestion and Overload Control – Part 2: Core GOCAP and NOCA Entity Behaviours. 2010. ES 283.039–2 V3.1.1
3rd Generation Partnership Project (3GPP). (2009a): 3 G security; Network Domain Security (NDS); IP network layer security (Release 9). TS 33.210 V9.0.0
3rd Generation Partnership Project (3GPP) (2009b): IP Multimedia Subsystem (IMS); Stage 2 (Release 9). TS 23.228 V9.2.0
3rd Generation Partnership Project (3GPP) (2009c): Study of Mechanisms for Protection against Unsolicited Communication for IMS (PUCI). TR 33.937 V9.0.0
Hirschbichler, M., Egger, C., Pasteka, O., Berger, A. (2009): Using E-Mail SPAM DNS Blacklists for Qualifying the SPAM-over-Internet-Telephony Probability of a SIP Call. In: Third International Conference on Digital Society. ICDS '09: 254–259
Livadas, C., Walsh, R., Lapsley, D., Strayer, W. T. (2006): Using machine learning techniques to identify botnet traffic. In: Proc. of the 31st IEEE Conference on Local Computer Networks: 967–974
Rosenberg, J., Jennings, C. (2008): The Session Initiation Protocol (SIP) and Spam. RFC 5039 (Informational)
Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, A., Peterson, J., Sparks, R., Handley, M., Schooler, E. (2002): SIP: Session Initiation Protocol. RFC 3261
Strayer, W., Lapsely, D., Walsh, R., Livadas, C. (2008): Botnet detection based on network behavior. In: Botnet Detection, Advances in Information Security: 1–24. Springer-Verlag
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Jung, O., Berger, A., Hirschbichler, M. et al. IMS security and what we should learn from the Internet. Elektrotech. Inftech. 127, 116–120 (2010). https://doi.org/10.1007/s00502-010-0730-5
Received:
Accepted:
Issue Date:
DOI: https://doi.org/10.1007/s00502-010-0730-5