ECPI Capstone Project 480
Professor Elizabeth McCarthy
by
Sergio Cedillo
IMS stands for IP Multimedia Subsystem (IMS) which is a Service Delivery Architecture.
IP Multimedia Subsystem (IMS) is an architecture that enables wireline, wireless and cable operators to offer a new generation of rich multimedia services
Standardization of IMS architecture would provide Internet Protocol (IP)-based mobile and fixed multimedia services
IMS could allow operators who own different types of networks with varying architectures to offer the same services to all of their customers.
IMS is a key element of 3G cellular architecture.
It is an architectural framework for delivering everywhere access to all services that internet provides from cellular networks.
This is the IMS vision.
The Implementation of IMS is critical in order to enhance the cellular telecommunications experience for both the client and service provider and to keep up with fast paced business. The difference of having IMS in the 3G architecture and not having it greatly weighs in favor of the IMS realization.
Services provided by internet can be accessed from cellular communications with the existing circuit switched (CS) and packet switched (PS) technology.
Grow and protect subscriber base, increase ARPU (Average Revenue Per User)
Faster time to market with new services
Have quality of service(QoS), proper charging protocols, and the integration of different services.
Interoperability with other networks and other country's networks.
Adds call session control to the packet network (GPRS)
enables peer-to-peer real-time services - such as voice, video – over a packet-switched domain
scalable common service control (based on SIP) gives the ability to manage parallel user services
Rich service creation environment - Media Mixing
Ability to pick and mix various multimedia flows in single or multiple sessions
Can handle real-time voice, video, data
Connectivity Network Independence
Provides access to IP based services independent of the underlying connectivity technology (mobile / fixed)
IMS is based upon an open standard with a strong evolutionary advantage
IMS architecture & Session initiated protocol (SIP) may be easily extended to provide for new services - Integrated service model
Open charging model
Shared Resources• Media server resources
• Common user data
• Single user profile across applications
• Integrated applications
Session Control• Common Session Control (SIP)
• Provides common service policies
• Leverages investments across
multiple
applications
Access Network Agnostic• Eliminates multiple service solutions
• Network transparency
• Consistent services across networks
Converged Applications• Across Networks
• Reduced development costs and time
• Voice, Video and data services
• Write once / use many
Transport
Control
Applications
DSL Mobile PSTN
Voice
Video
HostedServices
Web Content
MP3
Win Media
Text
Data
SIP
Access
CMTS
AccessNetwork
OtherNetworks
Web Portal
Application
Servers
Session
ControlCentralized Database
Media
Control &
Gateways
Media
ServerAccess
Layer
Session
Control
Layer
Application
Layer
Open Industry Standard Support
for a Variety of Applications:
• Speed Applications to market
Common Session Control Element to
Provide Service Interworking
• Predictable interactions between multiple
services
Common Subscriber
Database with Open
Interfaces
Service Consistency Across Wireless,
Wireline and VoIP Endpoints:
•Retain ownership of the subscriber and their
services
•Ability to provide differentiated services
Distributed Session Control
• IMS flexibility and scalability reduce OPEX
• Support mobility/portability
Common support for CoS,
QoS, security, scalability,
reliability, and performance
Common OAM&P Environment
• Ease integration into OSS/BSS/NMS
Common
OAM&P,Billing,
etc.
Capable of Interworking
with the PSTN (i.e.
legacy IN-based
services)
“All-IP
Network”
Internet
Mobile Networks
Mobile communications is going IP
Separation of transport and control
Voice-data integration IP-based applications End-to-end IP transport
The Internet is going mobile
Wireless access Terminal and user mobility Global roaming and handover Quality of Service (QoS)
Source: http://www.hindawi.com/journals/wcn/2008/589623.fig3.html
• Application Servers are unaware of the existence of other
AS', and whether these will be linked-in. (Transitional
problems from Legacy to IMS structure).
• The application server decides whether to remain linked-in
for the whole session by adding its address to the Record-
Route SIP header.
• No service or session state will be passed between
application servers unless they use proprietary extensions
i.e. are co-designed.
• Response messages are routed to the AS’s in the reverse
order due to demand overflow.
• If during call handling procedure an AS retargets the SIP
request by changing the Request URI, subsequent filter analysis
in the S-CSCF is stopped and the S-CSCF forwards the request
towards the new target without linking-in the other AS’ specified
by IFC.
IMS & SIP enable a rich feature set of Converged
Services ….. but also open up the network to IP
based vulnerabilities
IMS & SIP vulnerabilities include:
OS level vulnerabilities
IP Layer 3 vulnerabilities
IMS Framework related vulnerabilities
SIP/RTP/H.248/etc. protocol vulnerabilities
VoIP/Video/PoC/etc. Application vulnerabilities
VoIP SPAM
Well known in the data world
New, unique &
real time
sensitive
Application level
vulnerabilities
Compromised mobile phones Zombie hard/soft phones Modified phone with malicious intent
Malicious/Malformed/Spoofed signaling attacks Malicious/Malformed/Spoofed media attacks Spoofed IMS Emergency session attacks Presence update attacks Initiating Conferencing to block the network resources
International community having direct access to the IMS core network Charging fraud - Signaling directly to avoid charging
Misconfigured/partially configured UEs and/or Network elements
Non-GPRS access such as WLAN or BB can be attacked directly from the internet without a subscription
SPAM which there is no solution at this time.
Control Servers
• Signaling Weaknesses
• Mgt Vulnerabilities
Access Network
/ Internet
User Device
• Worms/Viruses
• OS Vulnerabilities
• Network
Impersonation
Access
• Eavesdropping
• Man-in-the-
Middle Attacks
• Session
Hijacking
Network
Attachment
• Weak
Authentication
• Policy Mis-
configuration
• IP Attacks
Application
Servers
• Un-patched
App/OS
Exploits
• Authentication
& Authorization
Flaws
Back-End
Systems
• Location
Misdirection
• Information
Storage
• Weak App-to-
App
Authentication
Web Servers
• Inadequate Input
Validation
• Authorization
Flaws
• Insecure Sessions
Proxy Servers
• User
Impersonation
• SIP Parameter
Manipulation
• Denial of
Service
Third Party Application
Access
• Malicious Applications
• Authentication &
Authorization Flaws
• Insecure Partner
Networks
PSTN
Core
Network
Possible Security Threats to IMS
Zombie attackers
Spoofed Packets
Spammer
P/S/I CSCFSLF/PDF/IBCF/IWF
MGCF
MRFC
BGCF
SGF
MGW
MRFP
T-MGF
MMD core
SIP Server Call Server
Media Gateway
HSS Apps Chrg
IP-IP GW
ABGF
IBGF
Both Network & Subscribers
can be attacked
Human attackers
Attack Types:
• Flood Denial of Service
• Signaling
• Media
• Distributed DoS
• Stealth DoS
• Target individual or
group of users
• Blended attacks
• Recruit zombies and
use them to launch an
attack
• SPAM
• SPAM over Internet
Telephony (SPIT)
15
DSLEthernet
Home Shopping
Eth.DTV Tuner
Second Line
VoIP
Residential
Gateway
Live Content
Video on Demand
Games Console
Notebook
PDA
Cable
Home
Security
Fiber
802.11b/g
Router
Set-top Box
Antenna
WirelineCable/DSL
IMS Core Network
EV-DOHRPD
EV-DOeHRPD
UMTS LTE WiMAX Satellite
IMS - IP Multimedia SubsystemUMTS - Universal Mobile Telecommunications Service EV-DO - Evolution – Data Optimized HRPD - High Rate Packet Data
eHRPD – enhanced High Rate Packet DataLTE - Long Term EvolutionWiMAX - Worldwide Mobility for Internet Access)
Wireline Wireless
Image
SMS
MMS
Presence
Active
phonebook
Push-To-Talk
Text
Voice
Voice
Sharing
Video
Person-to-Persondominates traffic growth
Movies
Photos
Internet
Text/Pictures
SMS/MMS
HTTP
Streaming
Download
Video
Music
Ring tonePerson-to-Contentknown usability patterns
Enterprise
LAN
Call Center Server
w/ Voip Gateway
Agents on
IP Phones
PSTN
Agent on
Soft PhoneCustomer
Customer
RTP
H.323 T1/E1
ISDN/CAS
• All Agents in single location
• Uses all-in-one system to handle all calls
• Signaling and Media combined in one system
Signaling
Gateway
Enterprise
LAN
Application
ServerAgents on
IP Phones
PSTN
Agent on
Soft PhoneCustomer
Customer
Web
Customer
Customer
Remote
Agent
Internet
MRF
RTP
RTP
Media GW
SIP/
VoiceXML
MSCML
• Improved Scalability: Separate Application from Media
• Ability to add new media such as video as needs evolve
• Fast development using SIP + XML
IMS Access Independent is an answer to future business needNeeds careful inter-operation scenariosUnique Profile is essentialSeamless Services (Next Step)This interconnection of IMs opens new services for the
subscribers of these networksWith these modification PacketCable can support SIP based
(intelligent) end usersThere is no need anymore to pass through PSTN for
interconnection to cellular networksCellular Users can benefit high quality and large bandwidth of
PacketCable for their access too.Wireless Cable-Modems can support even seamless vertical
handover between Cellular and PacketCableUsers have more freedom in their end-device selection
The 3G IP Multimedia Subsystem (IMS): Merging the Internet and the Cellular Worlds" by Gonzalo Camarillo, Miguel-Angel García-Martín, John Wiley & Sons, 2006
The IMS: IP Multimedia Concepts and Services" by Miikka Poikselka, Aki Niemi, Hisham Khartabil, Georg Mayer, John Wiley & Sons, 2006
http://en.wikipedia.org/wiki/IP_Multimedia_Subsystem
John F. Koegel Buford, Multimedia Systems, Addison Wesley, 1994.
Borko Furht, Handbook of Multimedia Computing, CRC, 1999.
Ralf Steinmetz and Klara Nahrstedt, Multimedia: Computing, Communications and Applications, 1995.
Miika Poikselka, Georg Mayer, Hisham Khartabil, Aki Niemi: The IMS, Wiley, 2004
G. Camarillo, M. Garcia-Martin, The 3G IP Multimedia Subsystem (IMS) : Merging the Internet and the Cellular Worlds, Wiley, 2004
Gonzalo Camarillo, SIP Demystified, McGraw-Hill, 2002.
IMS Forum – www.imsforum.org
3GPP – www.3GPP.org
Internet Engineering Task Force – www.ietf.org
ETSI TISPAN -http://portal.etsi.org/portal_common/home.asp?tbkey1=TISPAN
IP Multimedia Subsystem. Diss. Motorola, 2005. 17 Oct. 2010, Retrieved October 16, 2010 http://www.motorola.com/networkoperators/pdfs/new/IMS-WhitePaper.pdf
Consumer VoIP and Beyond: Service Provider Challenges and Opportunities. Lucent Technologies Retrieved October 16, 2010 from http://www.kirkleycommunications.com/samples/Lucent_voip.pdf
Top Related