Professional Documents
Culture Documents
IP Multimedia Service IP Multimedia Service IP Multimedia Service IP Multimedia Service Example: Example
IP Multimedia Service IP Multimedia Service IP Multimedia Service IP Multimedia Service Example: Example
example:
IP Multimedia Subsystem
1
What is IMS?
• IP Multimedia Subsystem (IMS) is an
architecture for offering services on the Internet World Mobile World
packet domain.
IP Optimised
convergence
Technology
architecture for offering multimedia
services.
IMS
2
What is IMS (IP-Multimedia Subsystem)? (1)
• It was originally designed by the wireless standards body 3rd Generation Partnership
Project (3GPP), and is part of the vision for evolving mobile networks beyond GSM.
3
What is IMS (IP-Multimedia Subsystem)? (2)
4
Relation with other services
5
What does IMS give? 1/2
• Person-to-machine communications
6
IMS: The truth…
7
IMS: The truth…
8
What does IMS give? 2/2
• Access agnostic
9
Layered View of IMS (1)
Figure 1
10
Functional Components of IMS (1)
• P-CSCF (Proxy-CSCF)
– Entry point to IMS for devices ( Both Home &
Visited )
– Forward SIP messages to the S-CSCF
• I-CSCF (Interrogating-CSCF)
– Entry point to IMS from other networks
• S-CSCF (Serving-CSCF)
– Provides Session control services for the IMS
client
– Maintains a session state as needed by the
network operator
• HSS (Home Subscriber Service)
– Information about the end users and the
services
• BGCF (Breakout gateway control function)
– Selects the network in case of PSTN breakout
– Selects a MGCF, for inter-working with the
PSTN
11
IMS Home Network - Functional Elements
Home Subscriber Server
• Centralized DB
• HLR successor Application Servers
• User profile • Push-to-talk
• Filter criteria (sent to S-CSCF) • Instant messaging Media Resource Function Controller
• Which applications • Telephony AS • Pooling of Media servers (e.g. conference)
Domain Name Server • Which conditions • 3rd party or IMS Vendor
Home Network
UA/UE
SIP
DNS AS
AS P-CSCF
ENUM
HSS AS Media Gateway
Diameter Control Function
SIP • Interfaces to PSTN/PLMN by
• Converting SIP <-> ISUP
SIP SIP MRFC
P-CSCF I-CSCF S-CSCF • Interworking RTP to circuit
UA/UE SIP • H.248 control of MGW
MS MS
SIP
SIP
SIP
SIP
BGCF MGCF
ISUP
Call Session SIP
H.248 SS7
Control Function
• SIP registration RTP TDM PSTN
• SIP session setup MGW
UA/UE
SIP
Access DNS AS
HSS AS
AS P-CSCF SIP
RTP ENUM
SIP Diameter
RTP SIP
SIP
Interrogating CSCF
• Entry point for incoming calls
• Determines S-CSCF for Subscribers
• Hides network topology
13
IMS UE Registration
Register Register
MAR/MAA
Unauth Unauth
HSS S-CSCF P-CSCF
MAR/MAA Register Register
UA/UE
14
IMS Subscription to UE State Changes
Subscribe
Notify
HSS S-CSCF P-CSCF
Subscribe Subscribe
Notify Notify
UA/UE
Now the Elements can Inform Each Other of Registration State Changes
15
A Typical Example of an IMS Call
Network Y
Network X
AS
AS
S-CSCF
S-CSCF
HSS
HSS I-CSCF
I-CSCF
P-CSCF
P-CSCF
SGSN
GRX
DSL/Cable Modem
Network Z (UMTS/GPRS)
GGSN
DSLAM/CMTS
RNC
User A User B
16
Session Initiation Protocol (SIP) in IMS
17
SIP based session management
18
SIP Message Types
Requests – Sent from client to server
INVITE
ACK
REFER
OPTIONS
BYE
CANCEL
REGISTER
SUBSCRIBE
NOTIFY
MESSAGE
19
SIP Message Types (Contd.)
Responses – Sent from server to the client
Success
Redirection
Forwarding
Request failure
Server failure
Global failure
20
Experiences and Challenges
• Charging
• IPv4/v6 Interworking
• Identity Management and USIM/ISIM Migration
• Security and Authentication
21
Charging
• Two fundamental charging approaches.
– Offline charging (e.g. pay for bill)
– Online charging (e.g. pre-pay credit)
• Other charging mechanisms:
– Session-based charging
– Event-based charging
– Flow-based charging
22
IMS – Security Challenges
23
IMS - Mobile 2 Mobile Security
• 3GPP did not account for it in the design,
• GSMA identified the problem:
• IMS introduces Mobile to Mobile traffic.
• GPRS was not intended for that
• The problem : difficult to control M2M traffic
24
3GPP Release 5 Security
25
Access Security: Authentication Principles
26
Integration of Authentication Protocol into DIAMETER and SIP
27
Access Security: Security Mode Establishment between UA and P-CSCF
28
Access security: Protection of SIP signalling between UA and P-CSCF
29
Other IP Multimedia Subsystem Security Issues (1)
30
Other IP Multimedia Subsystem Security Issues (2)
• Session transfer
– guidance on security aspects based on GSM call transfer feature
• authorisation and accounting of transferred leg needs to involve
transferring party who has dropped out of session
• should there be a limit to the number of transferred sessions?
• should final destination be hidden from calling party?
• Security aspects of other IP multimedia subsystem services?
• End-to-end security
31
Typical SIP attacks
• Malformed Message Attacks
• Buffer Overflow Attacks
• Denial-of Service attacks
• RTP session hijacking
• Injection of unauthentic RTP packets into existing RTP flows
• Re-use of compromised SIP credentials
• Hostile SIP network elements
32
Books
• G. Camarillo, M. A. Garcia-Martin: “The 3G IP
Multimedia Subsystem (IMS): Merging the Internet and
the Cellular Worlds". Jon Willey & Sons, 2004.
33