Chapter 12 - Security in the IMS

IMS security is divided into access security (specified in 3GPP TS 33.203 [28]) and network security (specified in 3GPP TS 33.210 [29]). Access security (which we describe in Section 12.1) includes authentication of users and the network, and protection of the traffic between the IMS terminal and the network. Network security (which we describe in Section 12.2) deals with traffic protection between network nodes, which may belong to the same or to different operators.
Nội dung trích xuất từ tài liệu:
Chapter 12 - Security in the IMSChapter 12Security in the IMSIMS security is divided into access security (specified in 3GPP TS 33.203 [28]) andnetwork security (specified in 3GPP TS 33.210 [29]). Access security (which we describein Section 12.1) includes authentication of users and the network, and protection of thetraffic between the IMS terminal and the network. Network security (which we describein Section 12.2) deals with traffic protection between network nodes, which may belong tothe same or to different operators. The IMS started originally supporting IPsec for both access and network security(we described IPsec in Section 11.6). Later, support for TLS was added to both accessand network (we described TLS in Section 11.3). In addition, HTTP Digest AccessAuthentication and the HTTP Digest Access Authentication using Authentication and KeyAgreement (AKA) are also supported (see Section 11.1). Early deployments of IMS useda simplified customized security solution which leveraged authentication at the GPRS level(specified in the Technical Report 3GPP TR 33.978 [20]). Finally, a variation of the earlyIMS security solution has been customized for the fixed IMS access in the so-called NASS-IMS bundled authentication. We expect new security mechanisms to be added in later IMSreleases. The following sections address all of these security aspects.12.1 Access SecurityA user accessing the IMS first needs to be authenticated and then authorized to use IMS beforethey can use any IMS services. The authentication and authorization may generally lead tothe establishment of IPsec security associations between the IMS terminal and the P-CSCF,a TLS connection between them, or it may lead to a link between the specific IP-CAN andthe IMS. This process is piggybacked to the current IMS registration process. The S-CSCF,armed with the authentication vectors downloaded from the HSS (Home Subscriber Server),authenticates and authorizes the user. The S-CSCF delegates the role of establishing theaccess security association to/from the IMS terminal to the P-CSCF. This security associationcan either be an IPsec connection, a TLS connection, or leveraged from the IP-CAN. Duringthe authentication process the user also authenticates the network to make sure that they arenot speaking to a forged network.The 3G IP Multimedia Subsystem (IMS): Merging the Internet and the Cellular Worlds Third EditionGonzalo Camarillo and Miguel A . Garc ıa-Mart´n ´ ı© 2008 John Wiley & Sons, Ltd. ISBN: 978-0-470-51662-1 CHAPTER 12. SECURITY IN THE IMS29412.1.1 Authentication and AuthorizationIMS support several authentication mechanisms. The actual mechanism used is determinedby the commonality among the supported mechanism by the network and by the IMSterminal. In general, the authentication mechanism is determined by the presence of asecurity module or smart card in the IMS terminal, such as a Universal Integrated CircuitCard (UICC), and the linkage of the IMS network to the IP-CAN.12.1.1.1 HTTP Digest Access AuthenticationHTTP Digest Access Authentication is the simplest form of authentication in SIP. We havealready described it in Section 11.1. The mechanism is part of the core SIP specification(RFC 3261 [286]) and it is mandatory to be implemented in clients and servers. HTTP DigestAccess Authentication is a straight-forward adaptation of the same mechanism used for webauthentication, and originally specified in RFC 2617 [145] for HTTP. The mechanism merelyrequires a username and a password. The username is the Private User Identity. The passwordis a shared secret stored at the HSS and known by the user. The password is never sent in theclear, so it cannot be eavesdropped. In HTTP Digest Access Authentication the server alwaysauthenticates the client; the client can also authenticate the server. HTTP Digest Access Authentication has some security limitations and, thus, is onlyallowed to be used to access the IMS via access networks that have not been defined by 3GPP.In particular, if a user provides his username and password to some friends, they can accesstheir IMS services (and presumably be charged for them) and can impersonate the originaluser. In addition, HTTP Digest Access Authentication does not generate session keys, whichare mandated for establishing an IPsec connection. So, it is not possible to use HTTP DigestAccess Authentication in conjunction with IPsec. However, it is possible to use HTTP DigestAccess Authentication and establish a TLS connection. Owing to these limitations, HTTPDigest Access Authentication is typically the least preferred authentication mechanism inIMS and, in particular, is not allowed for cellular IP-CANs (e.g., GPRS), where UICC-basedmechanisms are required. If HTTP Digest Access Authentication is used, it is used over aTLS connection. Section 12.1.3 discusses the establishment of the TLS connection. When using HTTP Digest Access Authentication, mutual authentication between a userand the network in the IMS is based on a username and long-term shared secret that is knownto both the user and the network. This is called the password. The username and passwordcombination can be stored in non-volatile memory in the terminal or they might need to beentered manually when the IMS terminal is started. The username and password combinationis also stored in the HSS. To achieve mutual authentication the ISIM and the HSS have toshow to each other that they know the secret key. However, the terminal that contains theISIM speaks SIP, but the HSS does not. To resolve this issue the S-CSCF assigned to the usertakes the role of the authenticator. Effectively, the HSS delegates this role to the S-CSCF. The S-CSCF uses the Diameter protocol to obtain SIP Digest authentication vectors fromthe HSS t ...