Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

A protection method for access security of IP multimedia subsystem

A multimedia subsystem and security technology, applied in the direction of synchronous sending/receiving encryption equipment, data exchange through path configuration, etc., can solve the problems that the user terminal does not support the use of certificates, cannot authenticate UE identity, etc., and overcomes the problem of weak two-way authentication Effect

Active Publication Date: 2006-01-18
ZTE CORP
View PDF0 Cites 31 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0020] Although the above TLS-based IMS access security scheme enables protected IMS signaling to penetrate NAT, it still has many problems
A more serious security problem is the one-way authentication problem during the establishment of a TLS session, because the TLS protocol supports the use of certificates for identity authentication by both communication parties, while 3GPP only supports the use of certificates on the network side, and does not support the use of certificates on the user terminal. Therefore, during the TLS session negotiation process between the UE and the P-CSCF, only the UE is allowed to authenticate the P-CSCF, and the P-CSCF cannot authenticate the identity of the UE, so the attacker can pretend to be a user to access the IMS, and act as a middleman for legitimate users. attack

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A protection method for access security of IP multimedia subsystem
  • A protection method for access security of IP multimedia subsystem
  • A protection method for access security of IP multimedia subsystem

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0051] This embodiment combines image 3 , Describes the method for protecting IMS access security with TLS protocol in the present invention. In this embodiment, both the UE and the P-CSCF support three security mechanisms: TLS, IPSec / IKEv2, and IPSec / IMS AKA. The P-CSCF has a higher priority for TLS support. The UE's IMS access process is as follows:

[0052] 1. The UE sends an initial registration message (Register) SM1 to the P-CSCF, which contains the message headers of require, proxy-require, and security-client. The headers of the require and proxy-require messages contain the tag "sec-agree" option, which indicates that the P-CSCF must support the UE's security mechanism. The Security-client message header contains a list of security mechanisms supported by the UE and its parameters. The content is "TLS; IPSec / IKEv2; IPSec / IMS_AKA, SPI_U, Port_U, cipher suite list". The security-client message header contains three Security mechanism: TLS, IPSec / IKEv2 and IPSec / IMSAKA, whe...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

This invention discloses a method for protecting the switch-in safety of the IP multimedia subsystem, characterized in that the UE and P-CSCF will negotiate a sharing code when the UE registering, setting up a safety communication channel based on the sharing code, making the IMS message transmitting between UE and P-CSCF safety, and the protected IMS message will penetrate the NAT transparently. The method combines the UE' registering process, safety channel negotiating process and the data coding process together, making sure the two-way identification between UE and P-CSCF; besides, the method also prevent the attacker attacking the go-between.

Description

Technical field [0001] The present invention relates to the security field of communication systems. Specifically, the present invention relates to a protection method for IMS (IP Multimedia Subsystem) access security. Background technique [0002] IMS is a subsystem that supports IP multimedia services proposed by 3GPP2 in Release5. It consists of all core network functional entities that can provide multimedia services, including a collection of signaling and bearer-related functional entities. These functional entities involve CSCF ( Call State Control Function), MGCF (Media Gateway Control Function), MRF (Media Resource Function) and HSS (Home Subscriber Server), etc. IMS is based on the SIP (Session Initiation Protocol) system. SIP is a text-based signaling protocol that works as a client / server. IMS uses SIP call control mechanisms to create, manage, and terminate various types of multimedia services. In addition to SIP as the core, IMS has a wide range of adaptability to v...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L12/28H04L9/12
Inventor 田峰李睿
Owner ZTE CORP
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com