This means that the
I-CSCF has the responsibility for determining what information is shared between two
networks. The I-CSCF may support topology hiding, for example, and may implement
encryption to prevent unauthorized access to proprietary information. The I-CSCF
should be implemented with all possible security options, because this entity is what
provides access to your network and its resources.
The S-CSCF is the registrar for the network and maintains all registration information
for each assigned subscriber. As discussed in other chapters, the S-CSCF can be
assigned to a subscriber in numerous different ways, but for security purposes it may
be more desirable to assign a subscriber to a fixed S-CSCF rather than dynamically
assign the subscriber each time that subscriber registers.
The HSS should also be heavily protected, since all subscriber data is stored within
the HSS. The S-CSCF provides access to the HSS and should be used to prevent unauthorized
access through authentication.
We have already talked about the various roles of the CSCF within the network and
how it is used for security. The P-CSCF protects the S-CSCF and the HSS, while the
I-CSCF protects the network from other networks.
Routing within the IMS should be more controlled than what is found in other networks.
For example, in VoIP networks, loose routing is typically used.
Pages:
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331