Presentation is loading. Please wait.

Presentation is loading. Please wait.

SURA/ViDe 4th Annual Workshop SIP, Security & Threat Models Dr. Samir Chatterjee School of Information Science Claremont Graduate University Claremont,

Similar presentations


Presentation on theme: "SURA/ViDe 4th Annual Workshop SIP, Security & Threat Models Dr. Samir Chatterjee School of Information Science Claremont Graduate University Claremont,"— Presentation transcript:

1 SURA/ViDe 4th Annual Workshop SIP, Security & Threat Models Dr. Samir Chatterjee School of Information Science Claremont Graduate University Claremont, CA

2 SURA/ViDe 4th Annual Workshop Outline of Talk Videoconferencing Environment Videoconferencing Environment SIP – What, Why, How? SIP – What, Why, How? A Security Framework A Security Framework Various Threat Models Various Threat Models Summary Summary

3 SURA/ViDe 4th Annual Workshop Internet-2 Campus A PSTN User agent A User agent B User Agent C SIP Server (Proxy, Registrar, Location) Worldcom SIP gateway (A laptop) VC Components Cell phone Legacy phone Campus B H.323 terminal H.323 Gatekeeper LDAP Dir serv MCU

4 SURA/ViDe 4th Annual Workshop SIP (The IETF Standard) Session Initiation Protocol is a signaling standard approved by IETF for real-time multimedia session establishment. Session Initiation Protocol is a signaling standard approved by IETF for real-time multimedia session establishment. Sessions can be voice, video or instant messaging and is described by SDP. Sessions can be voice, video or instant messaging and is described by SDP. Basic components: Basic components: –User Agent (UA): works on behalf of users to set up calls –Proxy Servers (PS): keeps track of location of end-points –Registrar: Each UA registers to inform current location and preferred reachability information SIP also has been approved for 3G wireless systems. SIP also has been approved for 3G wireless systems.

5 SURA/ViDe 4th Annual Workshop SIP Entities SIP UA SIP server (registrar and proxy) SIP UA Location Server (Not part of SIP entity but is required. Can use LDAP server. I am using Oracle 8.0 at CGU to hold user accounts) I am Samir Chatterjee. Today I will be reachable at I am Doug Sicker. Today I can be reached at 1.First Register 2.Make a call (voice, video) 3.Hang up.

6 SURA/ViDe 4th Annual Workshop Making a Call in SIP SIP proxy At cgu.edu (1) Invitation to a session for LS (2) Where is Samir reachable? (3) Try (4) Invitation to a session for UA to Proxy interaction

7 SURA/ViDe 4th Annual Workshop Inter-Realm SIP Bob on a desktop With a SIP VC-UA SIP Proxy Alice on a desktop With a SIP VC-UA INVITE Invite from Bob 180 Ringing 200 OK SIP Proxy If Bob is valid, Forward INVITE Can I trust you? Sure, I belong to the same club 180 Ringing Realm CGU.EDURealm: Microsoft.com

8 SURA/ViDe 4th Annual Workshop Security Framework Authentication is means of identifying another entity. There are many ways to authenticate another entity, but the typical computer based methods involve user ID/password or digitally signing a set of bytes using a keyed hash Confidentiality Cryptographic confidentiality means that only the intended recipients will be able to determine the contents of the confidential area Integrity A message integrity check is means of insuring that a message in transit was not altered Authorization Once identification of a correspondent is achieved, a decision must be made as to whether that identity should be granted access for the requested services. This is the act of authorization. This is often done using access control lists (ACL). Privacy They want to make sure others do not know what they are doing or transmitting. Some people prefer anonymity. In a higher education environment, faculty and student reserve the right to privacy. Non-repudiation Reverse protection Administration Billing and accounting, maintenance of Call Data Records (CDRS) Audit-trail Do not shred documents – Enron!

9 SURA/ViDe 4th Annual Workshop Classic Threat Models Registration Hijacking – A registrar assesses the identity of a UA. The From header of a SIP request can be arbitrarily modified and hence open to malicious registration. Registration Hijacking – A registrar assesses the identity of a UA. The From header of a SIP request can be arbitrarily modified and hence open to malicious registration. Impersonating a server – A UA contacts a Proxy server to deliver requests. The server could be impersonated by an attacker. Mobility in SIP further complicates this. Impersonating a server – A UA contacts a Proxy server to deliver requests. The server could be impersonated by an attacker. Mobility in SIP further complicates this. Tampering with message bodies Tampering with message bodies

10 SURA/ViDe 4th Annual Workshop More threats Tearing down sessions – insert a BYE Tearing down sessions – insert a BYE Denial of Service attacks - Denial of service attacks focus on rendering a particular network element unavailable, usually by directing an excessive amount of network traffic at its interfaces. In much architecture SIP proxy servers face the public Internet in order to accept requests from worldwide IP endpoints. SIP creates a number of potential opportunities for distributed denial of service attacks that must be recognized and addressed by the implementers and operators of SIP systems Denial of Service attacks - Denial of service attacks focus on rendering a particular network element unavailable, usually by directing an excessive amount of network traffic at its interfaces. In much architecture SIP proxy servers face the public Internet in order to accept requests from worldwide IP endpoints. SIP creates a number of potential opportunities for distributed denial of service attacks that must be recognized and addressed by the implementers and operators of SIP systems

11 SURA/ViDe 4th Annual Workshop Challenges Authentication – SIP currently has the HTTP style digest mechanism. But it is not enough. Authentication – SIP currently has the HTTP style digest mechanism. But it is not enough. We need a single sign-on authentication mechanism. Shiboleth may be the approach to take. We need a single sign-on authentication mechanism. Shiboleth may be the approach to take. Authorization using ACLs the read/write/execute controls that are embedded in file systems Authorization using ACLs the read/write/execute controls that are embedded in file systems New approaches - Traditional access control models are broadly categorized as discretionary access control (DAC) and mandatory access control (MAC) models. New models such as role-based access control (RBAC) and task-based access control (TBAC) have been proposed to address the security requirements. New approaches - Traditional access control models are broadly categorized as discretionary access control (DAC) and mandatory access control (MAC) models. New models such as role-based access control (RBAC) and task-based access control (TBAC) have been proposed to address the security requirements.

12 SURA/ViDe 4th Annual Workshop Summary VidMid-VC is leading the way on solving these important security stuff. VidMid-VC is leading the way on solving these important security stuff. See See Thank You. Any Questions?


Download ppt "SURA/ViDe 4th Annual Workshop SIP, Security & Threat Models Dr. Samir Chatterjee School of Information Science Claremont Graduate University Claremont,"

Similar presentations


Ads by Google