Presentation is loading. Please wait.

Presentation is loading. Please wait.

Call Server LIS VPC ESGW SR Manhattan PSAP LO=Wall St Route=Manhattan PSAP The Location Object (LO) is provided in the call setup information to the Call.

Published byCharlotte Hazelwood Modified over 9 years ago

Similar presentations

Presentation on theme: "Call Server LIS VPC ESGW SR Manhattan PSAP LO=Wall St Route=Manhattan PSAP The Location Object (LO) is provided in the call setup information to the Call."— Presentation transcript:

1 Call Server LIS VPC ESGW SR Manhattan PSAP LO=Wall St Route=Manhattan PSAP The Location Object (LO) is provided in the call setup information to the Call Server. The Call Server requests the VPC to instruct it as to which is the correct serving PSAP to route the call to for the location described in the LO. The VPC provides that routing information and the call is established The Location Object (LO) is provided in the call setup information to the Call Server. The Call Server requests the VPC to instruct it as to which is the correct serving PSAP to route the call to for the location described in the LO. The VPC provides that routing information and the call is established Emergency Call Routing using an LO

2 Call Server LIS VPC ESGW SR Manhattan PSAP LO=Wall St PROBLEM: This means any user could send an LO to appear it is calling from a specific location (spoof that location). This means it will cause the call to be sent to the PSAP regardless of the actual location of the caller PROBLEM: This means any user could send an LO to appear it is calling from a specific location (spoof that location). This means it will cause the call to be sent to the PSAP regardless of the actual location of the caller LO=Wall St Route=Manhattan PSAP Casual location spoofing

3 DATA Hash Value Original SIGNATURE DATA XMT Hash Value Xmt Hash Val Decrypted SIGNATURE Hash Function Private Key Encrypt Hash Function ORIGINDESTINATION Public* Key Decrypt Transmission Data signing by private/public key encryption – Overview tutorial Compare * Mechanism by which the public key is known to the destination is implementation dependent. There are a number of options.

4 Call Server LIS VPC ESGW SR Manhattan PSAP A way to prevent users from sending arbitrary locations is to have the location information signed by the actual access network. The LIS provides the location but it also provides a signature object which can be checked at the VPC to determine whether this location was genuinely determined at that point in the network. A casually spoofed location can then be detected at the VPC. A way to prevent users from sending arbitrary locations is to have the location information signed by the actual access network. The LIS provides the location but it also provides a signature object which can be checked at the VPC to determine whether this location was genuinely determined at that point in the network. A casually spoofed location can then be detected at the VPC. LO=Wall St Route=Manhattan PSAP LO LIS =Wall St X Preventing casual location spoofing with a signed LO

5 Call Server LIS VPC ESGW SR Manhattan PSAP PROBLEM: If the signed LO is static (always the same), then it only needs to be obtained once, and may be used any number of times even without an ongoing presence at the access. A non-casual spoofer can obtain a copy of the signed LO using any one-time-capture of the signed LO at the access. While casual spoofers and nuisance callers may have been deterred, it will not stop a more determined person. Signed LO information could be readily distributed around the internet if it was never subject to change. PROBLEM: If the signed LO is static (always the same), then it only needs to be obtained once, and may be used any number of times even without an ongoing presence at the access. A non-casual spoofer can obtain a copy of the signed LO using any one-time-capture of the signed LO at the access. While casual spoofers and nuisance callers may have been deterred, it will not stop a more determined person. Signed LO information could be readily distributed around the internet if it was never subject to change. LO LIS =Wall St One time copy of LO LIS Route=Manhattan PSAP LO LIS =Wall St One time theft/copy of a signed LO

6 Call Server LIS VPC ESGW SR Manhattan PSAP In addition to signing the LO, the LIS may provide a timestamp associated with the signature. That is, the signature would be on the expiry time in addition to the LO. The VPC needs to be synchronized to some degree with the LIS (e.g. expiry based on UTC clock) but it can make a determination if an excessively old copy of the LO is being used. If the expiry time is brief enough, then it limits the usefulness of a one-time copy of a signed LO. In addition to signing the LO, the LIS may provide a timestamp associated with the signature. That is, the signature would be on the expiry time in addition to the LO. The VPC needs to be synchronized to some degree with the LIS (e.g. expiry based on UTC clock) but it can make a determination if an excessively old copy of the LO is being used. If the expiry time is brief enough, then it limits the usefulness of a one-time copy of a signed LO. LO LIS-OldTime =Wall St Route=Manhattan PSAP LO LIS-CurrentTime =Wall St X Preventing one time copy spoofing with an expirable signed LO

7 Call Server LIS VPC ESGW SR Manhattan PSAP HOWEVER: A determined attacker, or group of attackers, could establish a single device in a target area to provide a real time feed of the unexpired signed LO credentials. This may be a device owned by the attackers or be done by compromising a single user’s device in that area. Since the same unexpired signed LO would be valid for all users, an attack through “amplification” could be raised, where multiple calls are generated using the same location object. HOWEVER: A determined attacker, or group of attackers, could establish a single device in a target area to provide a real time feed of the unexpired signed LO credentials. This may be a device owned by the attackers or be done by compromising a single user’s device in that area. Since the same unexpired signed LO would be valid for all users, an attack through “amplification” could be raised, where multiple calls are generated using the same location object. LO LIS-CurrentTime =Wall St Real time copy of LO LIS-CurrentTime Route=Manhattan PSAP LO LIS-CurrentTime =Wall St Amplification using a real time feed of unexpired signed LO key LO LIS-CurrentTime =Wall St

8 Call Server LIS VPC ESGW SR Manhattan PSAP The LIS can generate a unique identifier for each device it provides an LO to. This unique identifier can also be signed by the LIS and be included in the key. The VPC is then able to identify whether two call routing requests have arrived for the same device – or whether a very large number of requests are coming for the same device. A more constrained form of amplification is still possible if the attacker utilizes different VSP Call Server operators where they know that those VSPs use different VPC operators. This still significantly limits the number of distinct calls and is more difficult to engineer. The LIS can generate a unique identifier for each device it provides an LO to. This unique identifier can also be signed by the LIS and be included in the key. The VPC is then able to identify whether two call routing requests have arrived for the same device – or whether a very large number of requests are coming for the same device. A more constrained form of amplification is still possible if the attacker utilizes different VSP Call Server operators where they know that those VSPs use different VPC operators. This still significantly limits the number of distinct calls and is more difficult to engineer. LO LIS-CurrentTime-ClientID =Wall St Real time copy of LO LIS-CurrentTime-ClientID Route=Manhattan PSAP LO LIS-CurrentTime-ClientID =Wall St Preventing amplification using a unique client ID LO LIS-CurrentTime-ClientID =Wall St X VPC can detect that one call already exists for this ClientID

9 Location Object (LO) Location Credentials (LC) Hash Value CertificateExpiry TimeClient-IDSignature Hash Function Private Key Encrypt Location Credentials Construction – created by the LIS The Certificate included with the credentials is unique to the LIS, issued by a recognized certificate authority so the LIS can be properly identified. It contains the public key information for that LIS that permits the key to be decrypted. The LC may be delivered as a separate VoIP signaling parameter or it could be a defined parameter within the LO itself.

10 Call Server LIS VPC ESGW SR Manhattan PSAP An alternative anti-spoofing measure is to rely on comparing a piece of information that is transferred in the call setup and is unique to the Call Server client and is also known to the LIS. An example of this may be the IP address of the device. If this is unique and known to both the LIS and the VSP and is transported as part of the signaling to the VPC. Then the VPC can compare the signed end point ID with that delivered in the call signaling. The effectiveness of this depends on the ability of the LIS to identify some common information reliably and regardless of VoIP protocol. NATs may be problematic. More investigation and discussion needed to determine the viability of such an approach since it may require a linkage between the VoIP Call Server and the LIS. An alternative anti-spoofing measure is to rely on comparing a piece of information that is transferred in the call setup and is unique to the Call Server client and is also known to the LIS. An example of this may be the IP address of the device. If this is unique and known to both the LIS and the VSP and is transported as part of the signaling to the VPC. Then the VPC can compare the signed end point ID with that delivered in the call signaling. The effectiveness of this depends on the ability of the LIS to identify some common information reliably and regardless of VoIP protocol. NATs may be problematic. More investigation and discussion needed to determine the viability of such an approach since it may require a linkage between the VoIP Call Server and the LIS. LO LIS-CallORigin=A =Wall St Real time copy of LO LIS-CallOrigin=A Alternative possibility: Preventing spoofing by call origin point signing CallOriginID=B + LO LIS-CallOrigin=A =Wall St X OriginPoint=B Call Origin point identifier for B does not match what is provided in the call signaling. CallOriginID=B + LO LIS-CallOrigin=A =Wall St OriginPoint=A (common knowledge)

11 Alternative (optional additional) architecture utilizing V3 interface LIS Call Server VPC V2 V3 LK An alternative to sending cryptographic information (LIS signed data) in the call signaling is for the VPC to obtain the LO directly from the LIS. The LIS-ID can be sent transparently in a Location Key (LK) without needing to send the actual certificate. This is because the LIS credentials can be established directly over the V3 interface. It is not necessary to use an expiry time because the LIS can provide instantaneous feedback as to the validity of the LK.ClientID within its access network.. The users location information does not need to be sent through the call signaling path so privacy is protected. The V3 interface communications are fully encrypted by two way certificate exchange between the VPC and LIS, further enhancing privacy cf and unencrypted VoIP channel. An alternative to sending cryptographic information (LIS signed data) in the call signaling is for the VPC to obtain the LO directly from the LIS. The LIS-ID can be sent transparently in a Location Key (LK) without needing to send the actual certificate. This is because the LIS credentials can be established directly over the V3 interface. It is not necessary to use an expiry time because the LIS can provide instantaneous feedback as to the validity of the LK.ClientID within its access network.. The users location information does not need to be sent through the call signaling path so privacy is protected. The V3 interface communications are fully encrypted by two way certificate exchange between the VPC and LIS, further enhancing privacy cf and unencrypted VoIP channel. LO

12 Location Key (LK) LIS-IDClient-ID Location Key (LK) Construction Location Key does not contain any cryptographic information. Since the LIS provides real time confirmation of the presence of a matching client ID, there is no requirement to transport an expiry value. The LIS credentials are exchanged via the V3 interface and do not require transporting within the LK. Since the LO information is obtained directly from the LIS, there is no imperative to sign the LK information. If the LK is stolen, it still has to be represented by a genuine client presence in the access. Either a “drone” device has to be physically placed in the access to obtain the LK or the LK of an innocent user has to be stolen by compromising the device in real time. Location Key does not contain any cryptographic information. Since the LIS provides real time confirmation of the presence of a matching client ID, there is no requirement to transport an expiry value. The LIS credentials are exchanged via the V3 interface and do not require transporting within the LK. Since the LO information is obtained directly from the LIS, there is no imperative to sign the LK information. If the LK is stolen, it still has to be represented by a genuine client presence in the access. Either a “drone” device has to be physically placed in the access to obtain the LK or the LK of an innocent user has to be stolen by compromising the device in real time.

Download ppt "Call Server LIS VPC ESGW SR Manhattan PSAP LO=Wall St Route=Manhattan PSAP The Location Object (LO) is provided in the call setup information to the Call."

Similar presentations

VoIP i2 Architecture Part II

VoIP i2 Architecture Part II
Overview Network security involves protecting a host (or a group of hosts) connected to a network Many of the same problems as with stand-alone computer.

Overview Network security involves protecting a host (or a group of hosts) connected to a network Many of the same problems as with stand-alone computer.
Supervisor :Dr. Lo'ai Ali Tawalbeh Done by: Wa’el Musa Hadi

Supervisor :Dr. Lo'ai Ali Tawalbeh Done by: Wa’el Musa Hadi
Chapter 14 – Authentication Applications

Chapter 14 – Authentication Applications
NETWORK SECURITY.

NETWORK SECURITY.
Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.

Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.
Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.

Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.
PIS: Unit III Digital Signature & Authentication Sanjay Rawat PIS Unit 3 Digital Sign Auth Sanjay Rawat1 Based on the slides of Lawrie.

PIS: Unit III Digital Signature & Authentication Sanjay Rawat PIS Unit 3 Digital Sign Auth Sanjay Rawat1 Based on the slides of Lawrie.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Umut Girit 200535027.  One of the core members of the Internet Protocol Suite, the set of network protocols used for the Internet. With UDP, computer.

Umut Girit  One of the core members of the Internet Protocol Suite, the set of network protocols used for the Internet. With UDP, computer.
H. 323 Chapter 4.

H. 323 Chapter 4.
CCNA – Network Fundamentals

CCNA – Network Fundamentals
CISCO NETWORKING ACADEMY PROGRAM (CNAP)

CISCO NETWORKING ACADEMY PROGRAM (CNAP)
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.

CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Packet Leashes: Defense Against Wormhole Attacks Authors: Yih-Chun Hu (CMU), Adrian Perrig (CMU), David Johnson (Rice)

Packet Leashes: Defense Against Wormhole Attacks Authors: Yih-Chun Hu (CMU), Adrian Perrig (CMU), David Johnson (Rice)
Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.

Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.
1 Digital Signatures & Authentication Protocols. 2 Digital Signatures have looked at message authentication –but does not address issues of lack of trust.

1 Digital Signatures & Authentication Protocols. 2 Digital Signatures have looked at message authentication –but does not address issues of lack of trust.
(4.4) Internet Protocols Layered approach to Internet Software 1.

(4.4) Internet Protocols Layered approach to Internet Software 1.
Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.

Similar presentations

Ads by Google