Summary - The IP Multimedia Subsystem (IMS) is a next generation network (NGN) that integrates wireless, wireline, and Internet technologies. IMS enables the convergence of voice, data and multimedia services such as voice over IP (VoIP), video over IP, push-to-talk, presence or instant messaging services. IMS is almost independent of access technology and uses a number of protocols such as HTTP and SMTP, the most important of which is called SIP or Session Initiation Protocol. At the same time, this emerging open technology presents security challenges related to several communication protocols such as IP, SIP and RTP, etc. Due to the nature of IMS (IP-based), these networks will inherit most of the security threats that these protocols currently face. In this article, we have presented a security model to protect IMS resources against different attacks such as session deletion attacks, session modification attacks and media streaming attacks. An authorization module is also offered to protect IMS resources against unauthorized access. All of these affect IMS Value Added Services. Keywords: Next Generation Networks, IP Multimedia Subsystem, IMS Security, Security Threats, Intrusion Detection and Prevention System, Authorization I. INTRODUCTIONThe IP Multimedia Subsystem (IMS) provides a powerful framework for deploying next generation networks (NGN). The IP multimedia subsystem standardized by the 3rd Generation Partnership Project (3GPP) and 3GPP2 [1] is a technology that merges cellular and Internet technologies. IMS is a packet-switched, IP-based network that allows users to receive a wide range of multimedia services such as audio, video and data over a single IP network. As IP networks have opened up a...... middle of paper ......04.[7] D. Geneiatakis, T. Dagiuklas, G. Kambourakis, C. Lambbrinoudakis, S. Gritizalis, S. Ehlert, D. Sisalem, “Survey of security vulnerabilities in the SIP protocol”, IEEE Communication Surveys Volume 8, No.3 ISBN 1553-877X, pages 68 to 81 (2006).[9] V.Gurbani, A.Jeffrey, draft-gurbani-sip-tls-use-00: “The Use of Transport Layer Security (TLS) in Session Initiation Protocol (SIP)”, February 2006 .[10] 3GPP, “Generic Authentication Architecture (GAA)”; Generic Boot Architecture (GBA) (version 7), TS 33.220 V7 (2005).[11] 3GPP, “Generic Authentication Architecture (GAA)”; Access to Network Application Functions Using Hypertext Transfer Protocol over Transport Layer Security (HTTPS) (Rel.7),” TS 33.222 V7 (2005).[12] S. Bellovin, J. Ioannidis, A. Keromytis, R. Stewart, “On Using the Stream Control Transmission Protocol (SCTP) with IPSec,” RFC. 3554 (2003).