Negotiation control method based on SIP security policy grade in IMS network

Abstract

A negotiation control method based on SIP security strategy level in an IMS network provides a negotiation control mechanism based on session initiation protocol (SIP) security strategy level in the IMS network of an IP multimedia subsystem. The method belongs to the field of network safety protection and access control technology, which is characterized in that two aspects are included: 1) According to IMS technical specification, different safety mechanisms are combined to select safety protection strategies from weak to strong, so as to provide a set of integral and unified IMS safety strategy combination for IMS and user equipment (UE) to carry out safety negotiation and strategy selection. 2) Through the newly defined SIP message domain and negotiation process, the method provides negotiation process and SIP message field format for terminals users and IMS operators, so as to allow the IMS operators and the terminal users to negotiate and determine the method of business safety strategy. Eventually, the operators can provide the safety strategies with different safety levels according to different business types and different user types, thus realizing personalized user service quality assurance, reducing resource costs brought by network safety, and realizing the optimal selection strategy for network safety protection and service quality assurance.

Description

technical field [0001] The invention relates to a SIP signaling-based user security policy division method and negotiation control method in an IP multimedia subsystem IMS, and belongs to the technical field of network security and access control. Background technique [0002] SIP signaling [0003] Session Initiation Protocol (SIP is a standard published by the Internet Engineering Task Force IETF in 1999 to solve signaling control on the IP network. The Third Generation Partnership Project 3GPP selects SIP as the session control protocol, which is an IMS architecture Core. SIP can establish audio, video, multi-party calls and other sessions, and can also be used to transmit instant messages and files, so that operators can provide comprehensive services through a unified service platform to achieve network integration. Established between users and IMS core network In the process of IP connection and acquisition of IMS services, there are mainly two communication processe...

AI Technical Summary

Problems solved by technology

There are two problems in this way: (1) It is not enough to only negotiate the security mechanism between UE and P-CSCF. According to the IMS specification and the security mechanism summarized above, some mechanisms in access security and network domain security are optional , this openness often leads to backward compatibility issues, such as incompatibility between different versions of UEs, security mechanisms between different network domains, and security configurations of different operators. Therefore, when IMS provides various multimedia services, it not only needs to provide The security mechanism negotiation protocol between UE and P-CSCF also needs to provide an internal network domain security mechanism negotiation mechanism, and finally form a complete and unified security policy composed of various security mechanisms to ensure the compatibility of IMS security

(2) The IMS network provides users with a variety of multimedia services. Users have diverse service quality QoS requirements and security requirements. Different service types and different user applications have different security requirements, and the QoS negotiation mechanism does not fully consider Network security requirements and negotiation mechanisms do not provide security-related service levels to meet user security needs

[0012] However, in the existing SIP specifications, there is no formal standard to regulate the policy control and interaction process based on the SIP protocol

Images