User authentication in SIP
نویسنده
چکیده
Today Voice over Internet Protocol (VoIP) is used in large scale to deliver voice and multimedia over the packet data networks, such as the Internet. The Session Initiation Protocol (SIP) is widely used as a signalling protocol for VoIP. As SIP is being used more, the security of it is an important issue. In this paper, we concentrate on user authentication in SIP. We examine current solutions in authentication and analyse them. As a result, some security issues and problems were found, which expose the SIP authentication to different kind of threats.
منابع مشابه
ملزومات امنیتی پیادهسازی IMS SIP سرور امن
IMS (IP Multimedia Subsystem) network is considered as an NGN (Next Generation Network) core networks by ETSI. Decomposition of IMS core network has resulted in a rapid increase of control and signaling message that makes security a required capability for IMS commercialization. The control messages are transmitted using SIP (Session Initiation Protocol) which is an application layer protocol. ...
متن کاملUsing Cryptographically Generated SIP-URIs to Protect the Integrity of Content in P2P-SIP
Recently, it has been proposed to use a peer-to-peer network instead of servers to facilitate SIP user registration and location. One of the main security problems of using SIP in a peer-to-peer setting (P2P-SIP) is the authentication of content (the binding of SIP-URI and user location) in the absence of a central authority. Using self-certifying data is one known approach to authenticate cont...
متن کاملSIP Vulnerabilities Testing in Session Establishment & User Registration
This paper describes an attack-directed approach to test SIP authentication vulnerabilities in session establishment and user registration. This approach aims to exercise the known areas of weakness including the inherent vulnerabilities in SIP specification and the implementation vulnerabilities caused by programmers’ negligence. By using this approach and a self-made testing tool, we have suc...
متن کاملA New Mechanism For Mutual Authentication In SIP
The greatest threat in the new generation network which is called NGN is unsafe authentication. Communication between new servers in NGN world is done based on Session Initiation Protocol (SIP). SIP is an application-layer control operating on top of a transport protocol which allows creating, modifying, and terminating sessions among more agents. For authentication, SIP relies on HTTP Digest b...
متن کاملBare PC SIP User Agent Implementation and Performance for Secure VoIP
Bare PC systems, which run applications without using any operating system (OS) or kernel, are immune to attacks targeting a specific OS. They also perform better than conventional systems due to their reduced overhead. We describe the design, implementation and performance of a SIP user agent (UA) for secure VoIP on a bare PC system. In particular, we discuss SIP functions and message handling...
متن کامل