ABSTRACT
The IP Multimedia Subsystem (IMS) is an access-independent, IP based service control architecture. Although, the security and data privacy aspects are very important in the IMS global objectives, they attract little attention so far. Secure access to multimedia services is based on SIP and HTTP digest on top of IMS architecture. Authentication is only based on SIP and is directly coupled to the SIP registration procedure. The third Generation Partnership Project (3GPP) provided Generic Bootstrapping Architecture (GBA) to authenticate the subscriber before accessing multimedia services over HTTP however through a heavy process. In this paper, we propose a new IMS Service Authentication scheme using Identity Based cryptography (IBC). Our solution enhances the security of the IMS authentication process and is promising in enabling new social services since it is based on the user's identity (which could be mapped to his presence). We analyzed the security of our new protocol and we began the evaluation of its performance. We obtained a better security as well as a performance gain compared to the classical service authentication approach in IMS.
- I. Tirado, "IP Multimedia Subsystem (IMS) signaling core security", Proceedings of the 5th annual conference on Information security curriculum development, pages 59--63, 2008. Google ScholarDigital Library
- RFC 3310, "Hypertext Transfer Protocol (HTTP) Digest Authentication Using Authentication and Key Agreement (AKA)", 2002Google Scholar
- D. Priselac, M. Mikuc, "Security risks of pre-IMS AKA access security solutions", available in http://www.ericsson.com/hr/etk/dogadjanja/mipro_2008/1227.pdfGoogle Scholar
- 3GPP2 S.R0086-0: "IMS Security Framework"Google Scholar
- L. Wu, Y. Zhangb and F. Wang, "A new provably secure authentication and key agreement protocol for SIP using ECC", Computer Standards & Interfaces Volume 31, Issue 2, February 2009, Pages 286--291 Google ScholarDigital Library
- C. Huang and J. Li, "One-Pass Authentication and Key Agreement Procedure in IP Multimedia Subsystem for UMTS", Advanced Information Networking and Applications, AINA '07, page(s): 482--489 Google ScholarDigital Library
- J. Ring, K. Raymond Choo and E. Foo, "A New Authentication Mechanism and Key Agreement Protocol for SIP Using Identity-based Cryptography", AusCERT2006 R&D Stream. Gold Coast, Australia, 2006.Google Scholar
- D. Boneh and M. Franklin, "Identity-Based Encryption from the Weil Pairing", Proceedings of CRYPTO '01, LNCS 2139, pages 213--229, Springer-Verlag, 2001 Google ScholarDigital Library
- G. Camarillo and M.-A. Garcia-Martin, "The 3G IP Multimedia Subsystem (IMS): Merging the Internet and the Cellular Worlds", Hoboken, NJ: Wiley, 2004. Google ScholarDigital Library
- 3rd Generation Partnership Project (3GPP) http://www.3gpp.org/Google Scholar
- Telecoms & Internet converged Services & Protocols for Advanced Networks (TISPAN), http://www.etsi.org/tispan/Google Scholar
- 3GPP Technical Specification TS 33.102: "3G security. Security Architecture".Google Scholar
- 3GPP TS 33.203: "3G security. Access security for IP-based services".Google Scholar
- 3GPP TS 33.210: "3G security. Network Domain Security (NDS). IP network layer security".Google Scholar
- 3GPP TS 123 228 "IP Multimedia Subsystem (IMS); Stage 2".Google Scholar
- 3GPP TS 133.220: "Generic Authentication Architecture (GAA); Generic Bootstrapping Architecture".Google Scholar
- A. Shamir, "Identity-Based Cryptosystems and Signature Schemes" 1984.Google Scholar
- http://www.openimscore.org/Google Scholar
- I. M. Mkwawa, D. D. Kouvatsos "Performance Evaluation and Analysis of IP Multimedia Subsystems", Fifth International Conference on Performance Modelling and Evaluation of Heterogeneous Networks, February 18th -21st, 2008 Karlskrona SwedenGoogle Scholar
- Miracl: "Multiprecision Integer and Rational Arithmetic C/C++ Library", available in http://www.shamus.ie/Google Scholar
Index Terms
- Efficient identity-based authentication for IMS based services access
Recommendations
SIP-Based IMS Signaling Analysis for WiMax-3G Interworking Architectures
The third-generation partnership project (3GPP) and 3GPP2 have standardized the IP multimedia subsystem (IMS) to provide ubiquitous and access network-independent IP-based services for next-generation networks via merging cellular networks and the ...
Mobile-initiated network-executed SIP-based handover in IMS over heterogeneous accesses
Part 2: Next Generation Networks (NGNs)The services of next generation networks are envisioned to be potentially capable of seamless mobility in spite of the heterogeneity in underlying access technologies. It is undoubted that to accomplish seamless services across heterogeneous networking ...
Performance modelling and evaluation of a mobility management mechanism in IMS-based networks
Network performance engineeringThe 3rd Generation Partnership Project (3GPP) for an IP multimedia subsystem (IMS) architecture defined a number of functional units, which exchange session initiation protocol (SIP) messages with register users and set up or terminate multimedia ...
Comments