Abstract-The IP Multimedia Subsystem (IMS) is a next-generation network (NGN) that integrates wireless, wired, and Internet technologies. IMS enables the convergence of voice, data and multimedia services such as Voice over IP (VoIP), Video over IP, push-to-talk, presence services or instant messaging. IMS is almost independent of access technology and uses a number of protocols such as HTTP and SMTP, while the most important is called SIP or Session Initiation Protocol. In parallel, this emerging open-based technology presents security challenges arising from multiple communication protocols such as IP, SIP and RTP etc. Due to the nature of IMS (IP-based), these networks will inherit most of the security threats that these protocols are currently facing. In this article, we have presented a security model to protect IMS resources from different attacks such as session disassembly attack, session modification attack, and media streaming attack. An authorization module is also proposed to protect IMS resources from unauthorized access. All of this impacts IMS value-added services. Keywords: Next Generation Networks, IP Multimedia Subsystem, IMS Security, Security Threats, Intrusion Detection and Prevention System, Authorization. INTRODUCTION The IP Multimedia Subsystem (IMS) provides a powerful framework for implementing next generation networks (NGN). The IP multimedia subsystem standardized by the Third Generation Partnership Project (3GPP) and 3GPP2 [1] is a technology that combines both cellular and Internet technology. IMS is a packet-switched, IP-based network that allows users to receive a wide range of multimedia services such as audio, video, and data over a single IP network. Since IP-based networks have opened a...... middle of paper ......04.[7] D. Geneiatakis, T. Dagiuklas, G. Kambourakis, C. Lambrinoudakis, S. Gritizalis, S. Ehlert, D. Sisalem, “Survey of Security Vulnerabilities in SIP Protocol”, IEEE Communication Surveys Volume 8, No.3 ISBN 1553- 877X, pp 68-81 (2006).[9] V.Gurbani, A.Jeffrey, draft-gurbani-sip-tls-use-00: "The use of Transport Layer Security (TLS) in the Session Initiation Protocol (SIP)", February 2006.[10] 3GPP, “Generic Authentication Architecture (GAA); Generic Bootstrap Architecture (GBA) (version 7), TS 33.220 V7 (2005).[11] 3GPP, “Generic Authentication Architecture (GAA); Accessing Network Application Functions Using the Hypertext Transfer Protocol over Transport Layer Security (HTTPS) (Rel.7)", TS 33.222 V7 (2005).[12] S. Bellovin, J. Ioannidis, A. Keromytis, R Stewart, "On Using Stream Control Transmission Protocol (SCTP) with IPSec", RFC 3554 (2003).