This is why the IMS
must be well protected and all possible security measures implemented. From the access
level to the signaling plane, security should be a primary concern to all operators.
In fact, if ever there was an argument as to why IMS makes sense, security is that
argument. There are a number of functions that have been defined for the IMS to prevent
these types of attacks from taking place.
The industry has learned many mistakes with VoIP and has taken to heart the
threats that an open Internet model brings to a structured telecommunications environment.
This is why the 3GPP set out defining the IMS??”partly due to issues with
interoperability of VoIP elements, and partly because of the lack of security in early
SIP implementations.
In fact, if one looks at the documented cases to date of VoIP security breaches, they
involved some form of the attacks already described. Simple SIP as defined by the IETF
failed to address many security issues, remaining an open and vulnerable protocol.
The extensions defined by the 3GPP for SIP in the IMS domain address these and
many more issues, as we will discuss in this chapter. This is why security is one of the
best arguments for IMS, even though there is still some work to be done.
Securing the IMS
There are numerous ways one can secure networks. In GSM networks, subscriber authentication
is already implemented.
Pages:
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296