论文信息 - SIP Security Attacks and Solutions: A state-of-the-art review

SIP Security Attacks and Solutions: A state-of-the-art review

The fundamental network-security services required for SIP are: preserving the confidentiality and integrity of messaging, preventing replay attacks or message spoofing, providing for the authentication and privacy of the participants in a session, and preventing DoS attacks. This paper introduces the SIP related security problems, illustrates some of identified threats/attacks, their impact on the overall SIP security and a list of indicative solutions and briefly describes SIP's security mechanisms

S. El Sawda | P. Urien | P. Urien | S. El Sawda

[1] Michael Elkins,et al. MIME Security with Pretty Good Privacy (PGP) , 1996, RFC.

[2] Christopher Allen,et al. The TLS Protocol Version 1.0 , 1999, RFC.

[3] Andreas Steffen,et al. SIP Security , 2004, DFN-Arbeitstagung über Kommunikationsnetze.

[4] Jon Peterson,et al. A Privacy Mechanism for the Session Initiation Protocol (SIP) , 2002, RFC.

[5] Luca Veltri,et al. SIP security issues: the SIP authentication procedure and its processing load , 2002 .

[6] Jari Arkko,et al. Security Mechanism Agreement for the Session Initiation Protocol (SIP) , 2003, RFC.

[7] Lawrence C. Stewart,et al. HTTP Authentication: Basic and Digest Access Authentication , 1999 .

[8] Tim Berners-Lee,et al. Hypertext transfer protocol--http/i , 1993 .

[9] James S. Tiller. A technical guide to IPSec virtual private networks , 2000 .

[10] Dan Harkins,et al. The Internet Key Exchange (IKE) , 1998, RFC.