ملزومات امنیتی پیاده‌سازی IMS SIP سرور امن

IMS (IP Multimedia Subsystem) network is considered as an NGN (Next Generation Network) core networks by ETSI. Decomposition of IMS core network has resulted in a rapid increase of control and signaling message that makes security a required capability for IMS commercialization. The control messages are transmitted using SIP (Session Initiation Protocol) which is an application layer protocol. IMS networks are more secure than typical networks like VoIP according to mandatory of user authentication in registration time and added SIP signaling headers. Also different vulnerabilities have been occurred that lead to SIP servers attacks. This paper studies the main SIP servers of IMS (x-CSCF) based on ETSI Threat, Vulnerability and Risk Analysis (TVRA) method. This method is used as a tool to identify potential risks to a system based upon the likelihood of an attack and the impact that such an attack would have on the system. After identifying the assets and weaknesses of IMS SIP servers and finding out the vulnerabilities of these hardware and software components, some security hints that can be used for secure deployment of IMS SIP servers are proposed. Modeling shows the effects of server weaknesses and threats that reduces availability. Any designed system has some assets with weaknesses. When threats have accrued based on weaknesses, the system will vulnerable. Vulnerability analysis optimizes costs and improves security.