金康双,王泽兵,冯雁,陈海燕

DOI: https://doi.org/10.3969/j.issn.1001-3695.2004.08.034

2004-01-01

Abstract:Session Initiation Protocol(SIP) is the Internet Engineering Task Force (IETF) standard for IP telephony,and it has a promising applied prospect.In this work,the security authentication mechanism used by SIP is described.Moreover an experimental performance analysis of the SIP security mechanisms is provided,which based on the open source Java implementation of a SIP proxy server.

高俊娜,于继万,朱华飞,潘雪增

2004-01-01

Abstract:In current SIP protocol,to interact with other domain services,a node need multi-authentication processes. This paper integrates SAML into SIP protocol which well extends SIP authentication mechanism between multi-domains. It makes full use of SAML capability based on XML to bring an easy method to implement single sign-on(SSO).

Si Duanfeng,Long Qin,Han Xinhui,Zou Wei

DOI: https://doi.org/10.1109/ICCCAS.2004.1346199

2004-01-01

Abstract:We have proposed a generic SIP-based application topology model called secure multimedia communication infrastructure (SMCI) and constructed a real multimedia communication application based on it. We now emphasize the security issues in the SMCI and give the entire secure framework in detail. We also analyze the processing load of our security mechanism in order to explain the practicability of our secure framework. Hop by hop and end to end security are introduced to defend the attacks of registration hijacking, impersonating a server, tampering with message bodies, tearing down sessions, denial of service and amplification. We also considered the privacy problem that will be the most important consideration in the future. Finally, a security analysis is presented to demonstrate that the proposed security mechanisms are robust and efficient to secure the SMCI.

Jin-long Hu,Ling Zhang,Yong Xu,Zhao Ye

DOI: https://doi.org/10.3969/j.issn.1000-565X.2012.04.001

2012-01-01

Abstract:As the traditional software-based SIP security schemes are vulnerable to embezzlement, deception and invasion, a dual authentication framework combined with the trusted computing technology is proposed for endpoint system and user identity. Then, a new SIP security scheme for Internet multimedia communication is presented, which takes advantage of the trusted platform module and the direct anonymous attestation algorithm to design a new registration sub-protocol for improving the security of multimedia communication systems. Moreover, the security of the registration sub-protocol is verified by using the provable security model, and the characteristics of the whole scheme are finally analyzed.

SHAN Linwei,SHAN Xiuming,REN Yong

DOI: https://doi.org/10.3969/j.issn.1000-3428.2006.14.047

2006-01-01

Abstract:Multimedia network conference is an important network application.The security support of implementing the network conference is necessary.Tiffs article firstly introduces the session initiation protocol and the inter-domain network conference model;then,it analyzes the security framework principles and presents the full design;finally,it combines the security framework with the network conference management functions and presents an example of signaling flow.

FENG Li,WANG Jun,SHA Li,LI Jun-chao,HOU Hui-chao

2011-01-01

Abstract:Existing research on the SIP conferencing always only focuses on system architecture,utility function and running performance,but overlooks security issue in conferences.The security problems mainly summarize to two kinds,which are confidentiality problems caused by leakage and reliability problems caused by SIP attacks.According to these problems in SIP conferencing,this paper proposes a series of methods to advance SIP standard conferencing framework.The conference confidentiality technology research includes password security and media security.We use moderator's authentication and encryption to achieve double insurance.The conference reliability research mainly includes standardized examination,protocol extensions and SIP flooding intrusion detection.We verify the reasonableness via the experiment at last.

桂宁,陈松乔,杨建

DOI: https://doi.org/10.3969/j.issn.1000-3428.2002.03.056

2002-01-01

Abstract:This paper proposes a practical secure model for IP multicast A/V conference. Its implementation was also introduced. This impleme ntation uses the session descriptor protocol, security subsystem of Win 2000 active directory and secure conference NetMeeting. This model has the main features of security ,flexibility and easy disposition.

Qing Lü

2007-01-01

Abstract:Session Initiation Protocol (SIP) is an important protocol adopted by the 3rd Generation Partnership Project (3GPP) for the IP Multimedia Subsystem (IMS). Facing the complex and open Internet environment, the security of SIP is poor. After the analysis of the security threats to SIP aiming at cleartext transmission of SIP message and lack of authentication methods, the scheme of data encryption and authentication are researched. And then, we discuss how using the existent techniques for improving the security of SIP and propose the ideas of the security solution to SIP.

Li Zhenxing,Zhu Zhixiang

2008-01-01

Abstract:Through the research of multicast conference and centralized conference's models,having analyzed the users' needs,we designed a new conference model.This model uses centralized controlling signals and distributed media in its structure.This model provides another solution for holding conference on Internet.Because SIP has characters as simplicity,easy to extend and expand,we realize this model on SIP.In this article,we give detailed mechanisms to its several commonly used conference control functions.

Zhaoxin Zhang,Binxing Fang,MingZeng Hu,Hongli Zhang

2007-01-01

Abstract:With the development of multimedia technology, SIP (Session Initiation Protocol), as a simple, flexible and extensible protocol, has become the research focus of the NGN. In this case, the security issues of SIP become a very critical problem simultaneously. Through studying the security of SIP, this paper validates five attack ways in practical circumstances, including Registration Hijacking, INVITE attack, re-INVITE attack, Tearing Down Sessions, and DoS. Finally, through synthetic analysis and experiments, proposes four available measures to enhance the security of SIP: Improved Identity Authentication for HTTP Digest, Encryption with Hop-by-Hop, Forbidding the Lawless Third Part Register, Forbid the rewriting in 'From' Field and 'To' Field.

Chen Xiao,Shilong Ma,Jianwei Niu,Lifeng Wang,Baosong Shan,Tan Chen

DOI: https://doi.org/10.1109/sec.2008.62

2008-01-01

Abstract:Transmission security of media data in video conference system has been a challenging task, since those data are high volume and latency sensitive. Partial encryption and other media encryption schemes are effective approaches to encrypt those data. However, a partial disclosure of media data can leak the secret about the conference, moreover when wireless terminals joint in those systems, the limited wireless bandwidth and computational capability will lead to new security challenges. To solve those problems, a novel security scheme for video conference system with wireless terminals is proposed, which integrates three key modules seamlessly: 1) wireless access gateway based on adaptive selective forwarding; 2) dynamic optimal selective control mechanism for securing multi-datastream in the system; 3) a novel lightweight fast media data encryption algorithm. A prototype has been implemented in an actual video conferencing system. Admire. Experimental results show the efficiency of the scheme is suitable for real-time applications.

Bin Hou,Yu Q. Lu,De X. Ye,Gang Liu

2006-01-01

Abstract:This paper introduced the confidentiality and integrality of multimedia data in the SIP-based VoIP system, explained the essentiality and actuality of the problem, and analysed the key technology. Based on the theory of separating application and carrying layer, the encryption was designed on application layer, transparent to the transport layer and end-to-end, media stream security solution in VoIP.

赵哲峰,张刚,谢克明,王一平

DOI: https://doi.org/10.16355/j.cnki.issn1007-9432tyut.2009.04.026

2009-01-01

Abstract:The Session Initiation Protocol(SIP) was used in signal control of video surveillance system.The system's two modules: video server and video client were proposed.With ARM+DSP dual core structure,the video server can implement sampling,coding,compressing and network transferring task.Based on the windows,the client part can implement video data receiving,managing,storing and user interface.The implementation of SIP in signal control in system was described in detail.

He Zhiwei,Huang Benxiong,Wang Furong

DOI: https://doi.org/10.3969/j.issn.1672-9722.2006.11.026

2006-01-01

Abstract:This paper describes an extension for the session initiation protocol(SIP),which enables end-to-end security of the session description protocol(SDP) together with firewall/network address translation(NAT) traversal.This solution bases on secure multipurpose internet mail extension(S/MIME) and the middlebox communications(MIDCOM) protocol.The user authorizes a proxy server to encrypt the session description on behalf of the user.The proxy determines the capabilities of the receiving party and encrypts the SDP for a SIP proxy server in the receiving domain.As long as each end-user may contact its trustworthy SIP proxy via a secure connection and authorize this proxy to encrypt the signaling data,the session information is secured end-to-end.

池刚毅,赵明生,扈旻

DOI: https://doi.org/10.3969/j.issn.1000-3428.2004.03.063

2004-01-01

Abstract:The article analyzes the basic content of the session initiation protocol, discusses its protocol stack, and gives a method of realization. Then it discusses the application of SIP in the multimedia conference, designs the control model of SIP-based multimedia conference system. Finally the paper gives a simple example.

杨家海

DOI: https://doi.org/10.3969/j.issn.1000-7180.2003.12.020

2003-01-01

Abstract:After an overview of existing security control methods in CSCW systems, the paper proposes a new security control model which introduced the X.509 certificate-based authentication method into CSCW systems. Based on this model, the design and implementation of a secure multimedia conference system prototype, MCS/CA are discussed. In contrast to conventional conference system, MCS/CA enhanced integrated security control mechanism with certificate application, certificate-based authentication, session key negotiation, and data encryption/decryption.

Yuting Feng,Feng Xiong,Wenchao Huang,Yan Xiong

DOI: https://doi.org/10.1109/bigcom53800.2021.00005

2021-01-01

Abstract:The Internet Engineering Task Force (IETF) proposed the Session Initiation Protocol (SIP) as the IP-based telephony protocol. With the widespread application of the Voice over IP (VoIP) on Internet, Security problems of SIP have received a lot of attention of researchers and the authentication mechanism in SIP is becoming increasingly important. Many studies reveal that the initial version of SIP specification suffers malicious attacks. To improve the security of the authentication mechanism in SIP, amendments and supplements are expressed over years. Researches on the previous specification have been carried out and some attacks are found, such as replay attack, online dictionary attack, man in the middle attack, etc. However, there is currently a lack of security analysis to the fresh security mechanisms of SIP. In this paper, we accommodate such a requirement by analyzing the security properties of SIP Digest Access Authentication Scheme adopting a formal protocol analysis tool SPAN. The authentication scheme is modeled in the validator according to two practical scenarios. With the two back-ends of SPAN, the two models of authentication scheme are verified both as safe. This result confirms that the supplemented version of SIP authentication mechanism is more reliable.

Qifan Yang,Tiancheng Zhang

DOI: https://doi.org/10.1109/ICFCC.2010.5497469

2010-01-01

Abstract:The advent of conference mobile call demands the security communication between end users. However, currently there is no efficient secure end-to-end protocol exists for conference mobile call. This slows down the steps of conference communication. In this paper a secure end-to-end protocol for remote conference is designed base on previous experts work, which is one-to-one end-to-end protocol. In addition, security analysis from perspectives of confidentiality, authenticity, anonymity, freshness as well as preventing from denial of service (DoS) attack on the protocol is made. At the end, the efficiency of this protocol is discussed.

LOU Yue,SHI Rong-hua,CAO Ling-xi

2006-01-01

Journal of Computer Applications

Abstract:With regard to the representative security threats to SIP, Session Initiation Protocol(SIP) secure authentication model based on strong authentication technology was put forward, and its security was analyzed. The authentication model achieves strong authentication by combining smart card with digital certificate, extends SIP accordingly, and imports strong authentication technology into SIP. The model implements the duplex secure authentication of session, and ensures the confidentiality, authenticity, integrality and undeniability of SIP message transportation. As a result, it improves the security of SIP.

YANG Xiao-bao,ZHU Zhi-xiang

DOI: https://doi.org/10.3969/j.issn.1007-3264.2009.05.031

2009-01-01

Abstract:SIP is the IETF proposed protocol at IP network for multimedia communication's application layer control protocol.This article researches and analyses the background,functions,network elements,message formats,video conference signaling in the control of the media capacity of consultations,as well as softswitch communications mechanisms of SIP protocol.A centralized multimedia conference architecture design of terminals is provided,and general research is done for the core of the SIP terminal in centralized video conference——the conversation process,the ability of media arrangement,and the security mechanisms.