T.1 Introduction

33.2033G Security3GPPAccess security for IP-based servicesTS

Tools: ARFCN - Frequency Conversion for 5G NR/LTE/UMTS/GSM

3GPP IMS provides an IP-based session control capability based on the SIP protocol. IMS can be used to enable services such as push-to-talk, instant messaging, presence and conferencing. It is understood that "early" implementations of these services will exist that are not fully compliant with 3GPP IMS.

It is expected that there will be a need to deploy some IMS-based services before products are available which fully support the 3GPP IMS security features defined in the main body of this specification. Non-compliance with security features specified in the main body of this specification is expected to be a problem mainly at the UE side, because of the potential lack of support of the USIM/ISIM interface (especially in 2G-only devices) and because of the potential inability to support IPsec on some UE platforms.

Although full support of security features specified in the main body of this specification is preferred from a security perspective, it is acknowledged that early IMS implementations will exist which do not support these features. Therefore, there is a need to ensure that simple, yet adequately secure, mechanisms are in place to protect against the most significant security threats that will exist in early IMS implementations.

This Annex documents an interim security solution for early IMS implementations that are not fully compliant with the IMS security architecture specified in the main body of this specification. For security reasons, the provisions in this Annex only apply to IMS procedures used over the 3GPP PS domain.