—IP multimedia subsystem (IMS) has evolved as a platform to provide communication, multimedia and internet services in next generation network. With this unified convergence of cellular network and internet, security vulnerabilities have also increased. There is a need to protect the signaling channel as well as media stream from unauthorized access and other network attacks. In this paper we propose a multilayer application-aware IPSec mechanism having varying level of encryption for signaling and media. The use of IPSec in transport mode for securing end-to-end traffic reduces the delay and overall overhead in comparison to the hop-by-hop security mechanism adopted by 3GPP. We also propose ISKEP, a key exchange protocol for securing media plane over IP based IMS network. The security analysis shows that our technique provides mutual authentication, lawful inception, forward secrecy and protection against Replay attack.
—3GPP, IP multimedia subsystem, IPSec, key exchange, security.
The authors are with ABV-Indian Institute of Information Technology and Management, Gwalior, India. He is now with Infosys Limited, Bangalore, India (e-mail: firstname.lastname@example.org, email@example.com).
Cite: Chaitanya and Nirmal Roberts, "A Multilayer Application-Aware IPSec Mechanism for IP Multimedia Subsystem," International Journal of Future Computer and Communication vol. 3, no. 4, pp. 247-251, 2014.