The week's pick
Reseach Article
Securing Session Initiation Protocol for VOIP Services
| International Journal of Computer Applications |
| Foundation of Computer Science (FCS), NY, USA |
| Volume 115 - Number 18 |
| Year of Publication: 2015 |
| Authors: Amina M. Elmahalwy, Osama S. Youness, Wail S. Elkilani |
10.5120/20253-2622
|
Amina M. Elmahalwy, Osama S. Youness, Wail S. Elkilani . Securing Session Initiation Protocol for VOIP Services. International Journal of Computer Applications. 115, 18 ( April 2015), 30-36. DOI=10.5120/20253-2622
Abstract
VOIP (voice Over Internet Protocol) has many advantages but at the same time it has security threats not encountered in PSTN (Public Switched Telephone Networks). The paper deals with the security of the widely used protocol for signaling. The Session Initiation protocol (SIP) is considered the most used signaling protocol for calls over the internet. Securing SIP is becoming more and more important. This paper focusing on the SIP security mechanisms of authentication, and proposing an authentication model based on the Kerberos protocol to provide single sign-on, achieving two way authentications, to reduce the computation against authentication checks for each client, and prevent against Session Teardown Attack and Registration Hijacking attack. It acts as a trust third party to allow secure access to VOIP services. In this paper we implemented the SIP-Kerberos system and record the average time that the users need to authenticate at Kerberos and the average time needed to register at SIP server. The measured performance result of the solution is suitable for heavy loads in the SIP architecture.
References
- J. Rosenberg, H. Schulzrinne, G. Camarillo, A. Johnston, J. Peterson,R. Sparks, M. Handley, and E. Schooler, "SIP: Session Initiation Protocol," RFC 3261 (Proposed Standard), Internet Engineering Task Force, Jun. 2002, updated by RFCs 3265, 3853, 4320, 4916,5393, 5621, 5626, 5630, 5922, 5954, 6026. [Online].
- Chou-Chen Yanga, Ren-Chiun Wangb, Wei-Ting Liuc," Secure authentication scheme for session initiation protocol", Computer& Security (24) (2005) 381–386.
- Jared Ring, Kim-Kwang Raymond Choo, Ernest Foo, Mark Looi," A new authentication mechanism and key agreement protocol for SIP using identitybasedcryptography", Proceedings of AusCert R&D Stream (2006) 61–72
- A. Shamir, "Identity-based cryptosystem and signature schemes", in: Advance inCryptology-Crypto 1984, LNCS, vol. 196, Springer, Berlin, 1984, pp. 47–53.
- A. Dulanik and I. Sogukpinar, "SIP Authentication Scheme using ECDH", in: Proc. Enformatika, vol. 8 (2005) 350 - 353. M. Young, The Technical Writer's Handbook. Mill Valley, CA: University Science, 1989
- F. Wang, Y. Zhang, "A new provably secure authentication and key agreement mechanism for SIP using certificateless public-key cryptography", Computer Communication 31 (2008) 2142–2149.
- D. Geneiatakis, C. Lambrinoudakis, "A lightweight protection mechanism against signaling attacks in a SIP-Based VoIP environment", Telecommunication Systems Springer 36 (4) (2007) 153–159.
- L. Wu et al. ," A new provably secure authentication and key agreement protocol for SIP using ECC", Computer Standard & Interfaces 31 (2) (2009) 286–291.
- Jung-Shian Li, Chuan-Kai Kao and Shiou-Jing Lin, "A Kerberos based Single Sign-On System for VoIP SIP Servers and Clients with a Terminal Mobility Capability ", Computer Communication Control and. Automation (3CA), 2010 International Symposium on, 2010.
- Massachusetts Institute of Technology," Kerberos: The Network Authentication Protocol". http://web. mit. edu/kerberos/, Accessed: Apr, 2013.
- https://software. intel. com/sites/manageability/AMT_Implementation_and_Reference_Guide/default. htm?turl=WordDocuments%2Fintroductiontokerberosauthentication. htm.
- Yudi Prayudi, Tri K Priyambodo , "Study on Cryptography as a Service (CAAS)", International Journal of Advanced Research in Computer Science and Software Engineering 4(10), October - 2014, pp. 150-156
Index Terms
Keywords