UBC Theses and Dissertations

UBC Theses Logo

UBC Theses and Dissertations

Improved IP multimedia subsystem authentication mechanism in next generation networks J. Sharma, Madhu

Abstract

The provision of IP Multimedia Subsystem (IMS) introduces important advantages for users of 3G-WLAN access networks. In order to enjoy the benefits of a standardized IMS architecture, the user has to undergo authentication procedure with the access network, followed by an authentication procedure with the IMS layer. This multi-pass authentication procedure is essential for securing IMS from malicious users, resulting in added overhead and possible quality of service degradations. This approach is highly inefficient. The problem is further compounded when the user moves from one WLAN domain into another, which requires the authentication procedure to be repeated. To mitigate this problem, we present a lightweight, robust, and architecture-compatible IMS authentication protocol that implements a one-pass IMS procedure by promoting efficient key re-use for a mobile user. We further show how our protocol is extended to support IMS access over Long Term Evolution (LTE) -Heterogeneous network. IMS, an access network agnostic overlay, is adopted as a de facto standard for for delivering voice over LTE. We make use of Home Node B femtocells to perform the role of IMS proxy. To verify the feasibility of using our protocol in mobile networks, an abstract model of our protocol is derived. The abstract model is emulated using Asterisk server and virtualization techniques. The security of the proposed protocols is verified using the Automated Validation of Internet Security Protocols and Applications (AVISPA) security analyzer. We also analyze the authentication delay of our proposed scheme. Numerical results reveal a reduction in user authentication delay of more than 50 percent compared to the existing authentication procedure.

Item Media

Item Citations and Data

Rights

Attribution-NonCommercial-NoDerivatives 4.0 International