Security and delay issues in SIP systems

The deployment of multimedia over IP (MoIP), and in particular voice over IP services, requires to solve new security issues they introduce, before completely exploiting the great opportunities they offer to telecommunication market. Furthermore, the implementation of various security measures can cause a marked deterioration in quality of service, which is fundamental to the operation of an MoIP network that meets users' quality expectations. In particular, because of the time‐critical nature of MoIP and its low tolerance for disruption and packet loss, many security measures implemented in traditional data networks are simply not applicable in their current form. This paper presents an analysis of the security options of Session Initiation Protocol‐ (SIP)‐based MoIP architecture aimed at evaluating their impact on delay. In particular, each security option is analyzed in terms of clock cycles needed to perform the related operations. This parameter could be used to estimate the delay introduced by the security mechanisms. Moreover the paper proposes a rigorous definition of five security profiles, which provide different levels of security to a MoIP system. Copyright © 2009 John Wiley & Sons, Ltd.

[1]  Eric Rescorla,et al.  Datagram Transport Layer Security (DTLS) Extension to Establish Keys for the Secure Real-time Transport Protocol (SRTP) , 2010, RFC.

[2]  Sean Turner,et al.  Secure/Multipurpose Internet Mail Extensions (S/MIME) Version 3.1 Certificate Handling , 2004, RFC.

[3]  Eric Rescorla,et al.  The Transport Layer Security (TLS) Protocol Version 1.2 , 2008, RFC.

[4]  Jon Peterson,et al.  Enhancements for Authenticated Identity Management in the Session Initiation Protocol (SIP) , 2006, RFC.

[5]  Dan Wing,et al.  Session Description Protocol (SDP) Security Descriptions for Media Streams , 2006, RFC.

[6]  Jari Arkko,et al.  Key Management Extensions for Session Description Protocol (SDP) and Real Time Streaming Protocol (RTSP) , 2006, RFC.

[7]  Dan S. Wallach,et al.  Performance analysis of TLS Web servers , 2006, TOCS.

[8]  Jon Peterson,et al.  Session Initiation Protocol (SIP) Authenticated Identity Body (AIB) Format , 2004, RFC.

[9]  Mats Näslund,et al.  The Secure Real-time Transport Protocol (SRTP) , 2004, RFC.

[10]  Xiaodong Lin,et al.  Performance Analysis of Secure Web Server Based on SSL , 2000, ISW.

[11]  Debanjan Saha,et al.  Transport layer security: how much does it really cost? , 1999, IEEE INFOCOM '99. Conference on Computer Communications. Proceedings. Eighteenth Annual Joint Conference of the IEEE Computer and Communications Societies. The Future is Now (Cat. No.99CH36320).

[12]  Randall J. Atkinson,et al.  IP Encapsulating Security Payload (ESP) , 1995, RFC.

[13]  Randall J. Atkinson,et al.  Security Architecture for the Internet Protocol , 1995, RFC.