Tech-invite3GPPspaceIETFspace
21222324252627282931323334353637384‑5x

Content for  TR 33.829  Word version:  12.0.0

Top   Top   Up   Prev   None
0…   4…
4 Overview5 IMS conferencing6  SRVCC7 Services for user groups with high security requirements8 IMS messaging9 Communications diversion10 Mid-call lawful Interception11 IMS T.38 fax12 ConclusionsA IANA considerationsB Pre-shared key MIME protectionC MIKEY general extension payload for 3GPP ad-hoc conferencingD Setup of TLS-PSK using MIKEYE MIKEY-TICKET profile for pre-shared key MIME protectionF MIKEY general extension payload for message proof-of-origin$ Change history

 

4  Overviewp. 9

5  IMS conferencingp. 9

5.1  Introductionp. 9

5.1.1  Generalp. 9

5.1.2  Immediate security observations/requirementsp. 10

5.1.3  Requirementsp. 11

5.2  Use casesp. 12

5.2.1  Ad hoc conferencingp. 12

5.2.1.1  Main eventsp. 12

5.2.1.2  Three party conferencingp. 12

5.2.2  Planned conferencesp. 13

5.3  Solution(s)p. 13

5.3.1  Generalp. 13

5.3.1.1  Policies for secure conferencesp. 13

5.3.1.2  Group keys versus bilateral keysp. 13

5.3.2  SDES-based solutionp. 14

5.3.2.1  Discussionp. 14

5.3.2.2  Recommended Solutionp. 16

5.3.3  KMS-based solutionp. 17

5.3.3.1  Introductionp. 17

5.3.3.2  Overview of the solutionp. 17

5.3.3.3  Secure conference creation with a conference factory URIp. 18

5.3.3.4  Inviting other users to a secure conferencep. 19

5.3.3.4.1  Conference creator includes an URI list at conference creationp. 19
5.3.3.4.2  Conference creator sends REFER to conference focusp. 20
5.3.3.4.3  Conference creator sends REFER to other userp. 23

5.3.3.5  User joining a secure conferencep. 24

5.3.3.6  Subscription to conference event packagep. 25

6  SRVCCp. 25

6.1  Introductionp. 25

6.2  Use case descriptionp. 26

6.3  Solution(s)p. 26

7  Services for user groups with high security requirementsp. 27

7.1  Generalp. 27

7.2  Use casesp. 27

7.3  Solution(s)p. 27

7.3.1  MIKEY-IBAKEp. 27

8  IMS messagingp. 28

8.1  Introductionp. 28

8.1.1  Generalp. 28

8.1.2  Immediate security observationsp. 29

8.2  Use casesp. 29

8.2.1  Immediate messagingp. 29

8.2.1.1  Generalp. 29

8.2.1.2  Deferred deliveryp. 30

8.2.1.3  Multiple recipientsp. 31

8.2.2  Session-based messagingp. 31

8.2.2.1  (One-to-one) session-based messagingp. 31

8.2.2.2  Session-based conference messagingp. 32

8.3  Solution(s)p. 33

8.3.1  KMS-based solutionp. 33

8.3.1.1  Immediate messagingp. 33

8.3.1.1.1  UE sends a SIP MESSAGEp. 33
8.3.1.1.2  UE receives a SIP MESSAGEp. 34
8.3.1.1.3  List server forwards a SIP MESSAGE to multiple recipients using a PSIp. 34
8.3.1.1.4  List server forwards a SIP MESSAGE to multiple recipients using a URI-listp. 34

8.3.1.2  One-to-one session based messagingp. 34

8.3.1.3  Session based messaging conferencesp. 35

8.3.2  Solutions that leverage IMS control plane securityp. 35

8.3.2.1  Immediate messagingp. 35

8.3.2.2  One-to-one session based messagingp. 35

8.3.2.2.1  Generalp. 35
8.3.2.2.2  E2m security for one-to-one session based messagingp. 36
8.3.2.2.2.1  Terminating security at an ASp. 36
8.3.2.2.2.2  Terminating security at the IMS access gatewayp. 37
8.3.2.2.3  Hop-by-hop security for one-to-one session based messagingp. 37

8.3.2.3  Session based messaging conferencesp. 38

8.3.2.4  Preferred approach for IMS messaging security that leverages IMS control plane securityp. 38

8.3.2.4.1  Security for immediate messaging using SIP MESSAGE messages leveraging IMS control plane securityp. 38
8.3.2.4.2  Security for session based messaging using MSRP leveraging IMS control plane securityp. 39

9  Communications diversionp. 39

9.1  Introductionp. 39

9.2  Use cases and requirementsp. 40

9.3  Solution(s)p. 41

9.3.1  SDES-based solutionp. 41

9.3.1.4  Recommended solutionp. 42

9.3.2  KMS-based solutionp. 42

9.3.2.1  Generalp. 42

9.3.2.2  KMS-based solution number 1p. 42

9.3.2.3  KMS-based solution number 2p. 44

10  Mid-call lawful Interceptionp. 45

10.1  Introductionp. 45

10.2  Use casesp. 45

10.3  Solutionsp. 45

10.3.1  Carrying key recovery material in MKI fieldp. 45

10.3.2  Use locally stored informationp. 45

11  IMS T.38 faxp. 46

11.1  Introductionp. 46

11.2  Use casesp. 46

11.3  Analysisp. 47

11.4  E2ae security for T.38 fax using DTLSp. 47

12  Conclusionsp. 47

12.1  IMS messaging securityp. 47

12.2  IMS conferencing securityp. 48

12.3  IMS call diversion securityp. 48

12.4  Mid-call start of interceptp. 48

12.5  IMS T.38 fax securityp. 48

A  IANA considerationsp. 50

A.1  IANA assignmentsp. 50

B  Pre-shared key MIME protectionp. 51

B.1  New smime-type parameterp. 51

B.2  Creating an Auth-Enveloped messagep. 51

B.3  Using MIKEY-TICKET to transfer the protection keyp. 52

C  MIKEY general extension payload for 3GPP ad-hoc conferencingp. 53

C.1  Payload formatp. 53

D  Setup of TLS-PSK using MIKEYp. 53

D.1  The TLS Prot Typep. 53

D.2  Establishing a TLS connectionp. 54

D.3  Usage with SDPp. 55

E  MIKEY-TICKET profile for pre-shared key MIME protectionp. 55

F  MIKEY general extension payload for message proof-of-originp. 56

F.1  Payload formatp. 56

$  Change historyp. 56

Up   Top