Research On Ims Ue Software Terminal With Media Plane Security Scheme And Its Implementation

IP Multimedia Sub-system (IMS) is one kind of IP network based on Session Initiation Protocol (SIP), the highly diversified business and the existing network infrastructure make IMS has been widely used, due to loopholes and defects of IP network, IMS must take its security into account, the early access security and Network Domain Secruity (NDS) have been unable to meet the current requirements for the security of IMS, the protection of media also need to be incorporated into IMS security system.In2009, the3GPP proposed the concept of IMS media plane security for protecting the media of IMS, Using Session Description Protocol Security Descriptions for Media Streams (SDES) and Key Manager Service (KMS) to exchange keys on the control plane of IMS; Using Secure Real-time Transport Protocol (SRTP) to guarantee the confidentiality and integrity of media on the media plane. The contorl plane takes SIP signaling as the control signaling in a session, Using Transport Layer Security (TLS) Protocol or IP Security (IPSec) to assure the confidentiality and integrity of SIP signaling. In order to be compatible with different kinds of networks and terminals, IMS media plane security mechanism can be divided into three different schemes:End to access edge (E2ae) with SDES, End to end (E2e) with SDES and E2e with KMS, different schemes have different characteristics and application scenarios. This dissertation is mainly to study the IMS media plane security mechanism, and realize the IMS User Equipment (UE) supporting the mechanism.In order to get a preliminary understanding for IMS media plane security mechanism, an introduction to development of this mechanism is given at the beginning of the thesis, then the structure, the protocol and Common business of IMS network, and the encryption and key exchanging of information security are interpretted. Subsequently, the access security and NDS of IMS are investigated as well as the details and procedure of IMS media plane security mechanism, then present the design and implementation of KMS server, and analyse the feasibility of using the TLS in protection of media. Finally introduce the design and implementation of soft terminal supporting IMS media plane security mechanism, test the soft terminal combining with IMS core network simulation platform, and capture the packets to analyze and verify correctness of UE’s function.