A vulnerability assesment framework for the IMS

Includes bibliography.With multimedia services being made available via more and more devices to end users, it is no longer feasible to develop a delivery platform for each new type of service. The IP multimedia subsystem (IMS) aims to provide a unified service delivery platform capable of supporting a wide range of multimedia, data and voice services. It has been developed with a focus on content delivery and rich communications, and has already begun to replace existing legacy GSM network components. The IMS is intended to be an access agnostic platform, capable of providing services over both mobile and fixed networks using a multi-access all-IP platform. By providing a feature-rich all IP platform, operators are able to deploy open IP-based networks, allowing for easy deployment and development of new, rich multimedia centric communication services. With the IMS in place, an operator may take the role of a service broker, providing them with far more revenue generating opportunities than just traditional voice and data. Application services may leverage the functionality provided by the IMS to create new services quickly while allowing them to be easily integrated into the network infrastructure. With the IMS gaining more and more attention from telecoms operators, and already being adopted by some, the ability to assess the security of the system becomes critical to the success of the IMS platform. While the 3GPP has placed emphasis on security throughout the development of the IMS, implementation is left up to vendors looking to create their own IMS systems. Implementation specific vulnerabilities may be missed by standard quality assurance testing, as they may be triggered only by boundary or near boundary conditions, or non-standard or unexpected state transitions

Implementing a secured IMS-based Identity exchange

With the continuous development of telecommunications, networking and the ubiquitous computing the necessity of higher bandwidth and better quality of services is always one of the most important user requirements. In this background, IP Multimedia Subsystem (IMS) is becoming very important for the Next Generation Networking (NGN) and all-Internet Protocol (all-IP) infrastructure. This new tendency provides opportunities for new operators and service providers to enter the market and to be competitive. These developments will generate new challenges related to the user identity assurance. It will be more difficult to rely on the old paradigms of the static operator relationships guaranteeing end-to-end the identity of the users. In this case there is crucial need to find new mechanisms to provide to the end points assurance about the identity of their counterparts. In this work we implemented a solution that establishes a trust between two end points by taking advantage of IMS in a roaming scenario where the visited access network may not be entirely trustworthy. In essence, this means establishing an identity association so that the parties can have operator provided assurance regarding the used identities. This allows local trust decisions and does not rely on the existence of global Public Key Infrastructure (PKI). Concretely in this work we have modified the Session Initiation Protocol (SIP) “INVITE” messages by adding new SIP headers such as the identity and the signature of the SIP entities taking part in a multimedia conversation. Every SIP entity has to add its own identity and signature and also has to verify those of its counterparts in a typical SIP “INVITE” exchange. By this work we show that establishing this kind of identity association is feasible but some scalability issues have to be taken into account such as the time delay or the size of the new messages. In order to accomplish this master thesis work, we have used the Open Source IMS Core (OSIMS) platform developed by FOKUS, SailFin project as the Application Server (AS) and IMS Communicator as the IMS client. /Kir1