One of the most important concerns in virtually all computer systems is security, i.e., the ability to protect information and system resources from intrusions from hackers, malware, viruses, worms or the like. This concern is particularly worrisome when computing platforms are networked within Internet Protocol (IP)-based networks that can be accessed by untrusted users/devices and thereby open windows of vulnerability to the computing platforms.
For example and without limitation, the IP Multimedia Subsystem (IMS) is an architectural framework for delivering converged multimedia services (e.g., voice, video, data) to end users via an IP platform. IMS components use Session Initiation Protocol (SIP) for signaling to and from various other IMS components and end users. SIP messages are ASCII based, easy to read, create and modify; and therefore vulnerable to eavesdropping, interception and spoofing by untrusted users/devices. A related problem is that IP protocols, IP addressing formats and the like are well understood and can be spoofed or modified by unscrupulous users/devices.
There are a variety of approaches to address computer security. Anti-virus software or patches can detect and eliminate threats based on characteristic patterns (or “signatures”) of known threats (e.g., known viruses), or they may employ a set of heuristics or rules to detect threats based on general behaviors. Firewalls protect the perimeter of a security domain by monitoring, blocking, or proxying communications from untrusted users that are directed to components inside the firewall. Generally, however, both of these approaches require periodic updates, reconfiguration or the like to address constantly evolving numbers and types of threats and may cause some degradation of performance of the protected platform.