Security for IP multimedia applications over heterogeneous networks

Abstract: Personal mobile multimedia services are rapidly become popular. They leverage the combination of mobile and Internet-based communications, the increased capabilities of the third generation of mobile communications (3G), and the flexibility of a common transport and service platform.Cost and quality are critical factors for the success of IP multimedia services. 3G is based on hetereogeneous networks, characterized by a mixture of wired and wireless links with very different requirements on the communication itself. Furthermore, the "always best connected" paradigm requires the design of the new applications to accomodate different types of access. It turns out that the cellular link is typically the most constrained, e.g. in terms of limited bandwidth and high delay, especially when IP is used as transport.Security is an important aspect of the service. Never before has this awareness been more present, not only among technicians, but also among users. Users want the possibility to protect themselves and their data and private matters, in a way that no one else can interfere and that private communications are guaranteed to remain private. The use of the Internet as a common transport backbone, a notoriously open and adverse environment, and in general the use of the IP technology, which is receiving a bad (media) reputation in terms of the security breaches it opens, calls for an end-to-end security solution for IP multimedia services. There are also scenarios where end-to-end protection of other information is an absolute must, for example public safety communication, catastrophe and emergency communication, corporate, or government communication.This research addresses the design of a security solution for IP multimedia, striving in particular for the promotion of end-to-end security on a large scale. This research builds on the concept of a "transport-friendly" security solution: security always comes at a cost, hence it is important to control its impact on services, otherwise security is generally sacrificed.This research focused on the protection of the media traffic. It first identified the requirements that arise from IP multimedia applications in hetereogeneous networks, examined existing security solutions, and concluded that they did not fullfil the requirements raised by 3G environments. This has motivated the design of two new security protocols that are transport-friend to meet the identified requirements, so as to have a low impact on services. These two protocols have then been integrated to provide a security solution for IP multimedia in hetereogeneous networks. The research leading to this licentiate has been mostly conducted in the IETF (a standardisation body), and its results were also adopted byothers, e.g. 3GPP services.