This book gives a detailed overview of SIP specific security
issues and how to solve them
While the standards and products for Vo IP and SIP services have
reached market maturity, security and regulatory aspects of such
services are still being discussed. SIP itself specifies only a
basic set of security mechanisms that cover a subset of possible
security issues. In this book, the authors survey important aspects
of securing SIP-based services. This encompasses a description of
the problems themselves and the standards-based solutions for such
problems. Where a standards-based solution has not been defined,
the alternatives are discussed and the benefits and constraints of
the different solutions are highlighted.
Key Features:
* Will help the readers to understand the actual problems of
using and developing Vo IP services, and to distinguish between real
problems and the general hype of Vo IP security
* Discusses key aspects of SIP security including
authentication, integrity, confidentiality, non-repudiation and
signalling
* Assesses the real security issues facing users of SIP, and
details the latest theoretical and practical solutions to SIP
Security issues
* Covers secure SIP access, inter-provider secure communication,
media security, security of the IMS infrastructures as well as Vo IP
services vulnerabilities and countermeasures against
Denial-of-Service attacks and Vo IP spam
This book will be of interest to IT staff involved in deploying
and developing Vo IP, service users of SIP, network engineers,
designers and managers. Advanced undergraduate and graduate
students studying data/voice/multimedia communications as well as
researchers in academia and industry will also find this book
valuable.
Innehållsförteckning
Foreword.
About the Authors.
Acknowledgment.
1 Introduction.
2 Introduction to Cryptographic Mechanisms.
2.1 Cryptographic Algorithms.
2.2 Secure Channel Establishment.
2.3 Authentication in 3GPP Networks.
2.4 Security Mechanisms Threats and Vulnerabilities.
3 Introduction to SIP.
3.1 What is SIP, Why Should we Bother About it and What are
Competing Technologies?
3.2 SIP: the Common Scenarios.
3.3 Introduction to SIP Operation: the SIP Trapezoid.
3.4 SIP Components.
3.5 Addressing in SIP.
3.6 SIP Message Elements.
3.7 SIP Dialogs and Transactions.
3.8 SIP Request Routing.
3.9 Authentication, Authorization, Accounting.
3.10 SIP and Middleboxes.
3.11 Other Parts of the SIP Eco-system.
3.12 SIP Protocol Design and Lessons Learned.
4 Introduction to IMS.
4.1 SIP in IMS.
4.2 General Architecture.
4.3 Session Control and Establishment in IMS.
5 Secure Access and Interworking in IMS.
5.1 Access Security in IMS.
5.2 Network Security in IMS.
6 User Identity in SIP.
6.1 Identity Theft.
6.2 Identity Authentication using S/MIME.
6.3 Identity Authentication in Trusted Environments.
6.4 Strong Authenticated Identity.
6.5 Identity Theft Despite Strong Identity.
6.6 User Privacy and Anonymity.
6.7 Subscription Theft.
6.8 Fraud and SIP.
7 Media Security.
7.1 The Real-time Transport Protocol.
7.2 Secure RTP.
7.3 Key Exchange.
8 Denial-of-service Attacks on Vo IP and IMS Services.
8.1 Introduction.
8.2 General Classification of Denial-of-service Attacks.
8.3 Bandwidth Consumption and Denial-of-service Attacks on SIP
Services.
8.4 Bandwidth Depletion Attacks.
8.5 Memory Depletion Attacks.
8.6 CPU Depletion Attacks.
8.7 Misuse Attacks.
8.8 Distributed Denial-of-service Attacks.
8.9 Unintentional Attacks.
8.10 Address Resolution-related Attacks.
8.11 Attacking the Vo IP Subscriber Database.
8.12 Denial-of-service Attacks in IMS Networks.
8.13 Do S Detection and Protection Mechanisms.
8.14 Detection of Do S Attacks.
8.15 Reacting to Do S Attacks.
8.16 Preventing Do S Attacks.
8.17 DDo S Signature Specification.
9 SPAM over IP Telephony.
9.1 Introduction.
9.2 Spam Over SIP: Types and Applicability.
9.3 Why is SIP Good for Spam?
9.4 Legal Side of Unsolicited Communication.
9.5 Fighting Unsolicited Communication.
9.6 General Antispam Framework.
Bibliography.
Index.