1. Students: Yuri Manusov, Boris Umansky, Yevgeni Fishman Academic Advisor: Prof. Yuval Alovich Industry Advisor: Yuri Granovski With Motorola, Israel

2. Problem definition: More and more telecommunication providers use VoIP infrastructure. Eavesdropping to someone conversation is very simple (requires connection to internet and packet capture software). Spam over the phone becomes more and more popular. Business clients are interested in more secured telecommunication services. Telecommunication providers interested to supply them with these services.

3. Available Solutions: Nowadays SIP(Session Initiation Protocol) is widely used for VoIP. The caller sends a request to SIP server with the callees nickname, receives its IP as a response and establishes P2P communication between two hosts. Callees nickname Callees IP Conversation

4. Available Solutions(cont.): There are couple solutions for VoIP security available nowadays. SRTP and ZRTP protocols are both secured type of RTP (Real-time Transport Protocol), which is the 4 th layer in VoIP. Main problems of these protocols: Clients shall perform initial master key exchange. Not all SIP clients supports these protocols. Special hardware for every client required to create strong master key. There is no well known service for communication control management.

5. Project Requirements [R1]Rule Based Authorization The system shall provide specified authorization of users according to the rules kept in the configuration storage. Rules shall be user based or time based. [R2]Security The system shall provide clients with the ability to establish IPSec secured session, or an unsecured session, according to the rules kept in the configuration storage.

6. Project Requirements(cont.) [R3]Dynamic Configuration The system shall provide users with the ability to control their own configurations, more specifically, the rules of the authorization, and the rules of the security. The system shall provide the users with GUI in order to do that. [R4] Communication History Storage: The system shall store all the history of the communications that took place.

7. Telecommunication Provider Server Our Project: JBOSS Server JSLEE Server SIP Resource Adapter Communication Control Application IP Host 1 SIP ClientEnabler IPSec Module IP Host 2 SIP ClientEnabler IPSec Module Data Storage Control Rules Manager SIP Request SIP Request Event Pre-shared Key Host 2 IP Configuration HTTP IPSec Communication

8. Our Project(cont.) Project Scope: Communication Control Application: JSLEE service that provides Rules Based authorization and communication history storage as described in requirements [R1],[R4]. Enabler: Application, running on the host station, that will configure IPSec communication between clients [R2]. Data Storage: SQL based DB to store all the required data [R3],[R4]. GUI for Configuration Control Application [R3]. Project uses: SIP client, SIP RA and SLEE server provided by Mobicents, IPSec module provided by OS. Out of Scope: Registration of users. Communication between SIP Server and Communication Control Application.