Analysis of Token and Ticket Based Mechanisms for Current VoIP Security Issues and Enhancement Proposal

نویسندگان

Patrick Battistello

Cyril Delétré

چکیده

These last few years, the security of VoIP architectures has become a sensitive issue with many vulnerability announcements. This article first aims to distinguish the threats and the applicable protection mechanisms depending on the underlying VoIP architecture. We then investigate the properties of a specific class of existing call establishment mechanisms based on tokens or tickets. In the last section, an enhancement to these mechanisms is proposed which lifts some of the previously seen limitations, especially the DoS risks, the token storage constraint or the transport impact of large tickets.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Security testing of session initiation protocol implementations

The mechanisms which enable the vast majority of computer attacks are based on design and programming errors in networked applications. The growing use of voice over IP (VOIP) phone technology makes these phone applications potential targets. We present a tool to perform security testing of VOIP applications to identify security vulnerabilities which can be exploited by an attacker. Session Ini...

متن کامل

Securing the Media Stream Inside VoIP SIP Based Sessions

One of the main issues encountered in the development of VoIP applications and infrastructures relates with ensuring the security of the communication channel between peers. The discussion on this subject can be split in two principal directions: the signaling path security and the media path security. In this document we focus on the latter by overviewing the current most important available m...

متن کامل

Alternative Graphical Authentication for Online Banking Environments

Many financial institutes tend to implement a secure authentication mechanism through the utilization of the One-Time-Password (OTP) technique. The use of a hardware security token to generate the required OTP has been widespread. Despite the fact that this method provides a fairly high level of security, many systems have not taken into consideration the need for a secure alternative login met...

متن کامل

VoIP Technology: Investigation of QoS and Security Issues

Voice over IP (VoIP) is the technology allowing voice traffic transmission as data packets over a private or a public IP network. VoIP allows significant benefits for customers and communication services providers. The main are cost savings, rich media service, phone and service portability and mobility, and the integration with other applications. Nevertheless, the deployment of the VoIP techn...

متن کامل

SIP Security Status Quo and Future Issues

Today, the session initiation protocol (SIP) is the predominant protocol for Voice-over-IP (VoIP) signalling. The intention of this paper is to present an overview of VoIP security issues both current and future – focusing on SIP. We start by presenting some fundamental differences between VoIP and the public switched telephone network (PSTN). We then look at specific problems for SIP signallin...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}

با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره شماره

صفحات -

تاریخ انتشار 2010

Analysis of Token and Ticket Based Mechanisms for Current VoIP Security Issues and Enhancement Proposal

نویسندگان

چکیده

منابع مشابه

Security testing of session initiation protocol implementations

Securing the Media Stream Inside VoIP SIP Based Sessions

Alternative Graphical Authentication for Online Banking Environments

VoIP Technology: Investigation of QoS and Security Issues

SIP Security Status Quo and Future Issues

عنوان ژورنال:

اشتراک گذاری