[SIPForum-discussion] SIP Security Features

Mon Jun 20 03:32:10 UTC 2005

Thanks Ram,
I was going over the archives at VOIPSA and did come across a coupleof your posts on this subject. I am looking for security featuresspecific to SIP rather than VoIP in general.
VoIP Networks need to be hardened by many other means than just thefeatures in SIP.I want to focus only on SIP only as otherwise my study will become toobroad in scope.
Thanks again for your help.
Regards,Vinay

On 6/19/05, Ram Dantu <rdantu at unt.edu> wrote:> Greetings Everybody,> > We had organized two workshops on VoIP security.> Several papers were presented in these workshop.> See below the summary of 2nd VoIP security> workshop held in Washington DC (1-2 June, 2005).> > Ram Dantu> > NOTE: Workshop Proceedings (CD format) are available.> For details, see http://secnet.csci.unt.edu> > > REPORT> =====================================================================>    Summary of 2nd Workshop on VoIP Security>                   Ram Dantu> > More than 180 people have participated in the 2nd Workshop on VoIP> Security. The participants include representatives from the Department> of Homeland Security, Department of Defense, the FBI, NSA, NIST, FCC,> industry consortiums such as the International Packet Communications> Consortium (IPCC) and SIP.EDU in Internet2, VoIPSA, and several> telecommunications service providers, vendors and universities.> Some of the topics are:> > • Government standards and requirements (NIST/DISA)> • E911, GETS and CALEA (how to provide architectural and>   nodal level support)> • Transitive and end-to-end trust between calling and called parties> • Spam/DOS prevention algorithms> • Lack of test tools for security testing> • Benefits and pitfalls of session border controllers (SBC)> • Creating a research testbed (voip-specific network) for assessing>   vulnerabilities, attack containment, damage analysis due to attacks,>   and evaluating prevention/detection methodologies. This large-scale>   network complements the existing test beds (e.g., EMIST and DETER)>   and builds on top of them. Next, this research test bed can be used>   for evaluating security of future services like multimedia and IPTV.> > Program Chair's comments:> -------------------------> We are extremely pleased with the participation and enthusiasm from the> audience.  We have a good mix of government, service providers, vendors> and universities. We believe that only way to understand the> vulnerabilities and assess damage is to put a live network under a stress> and attacks. We have more than 40 people signed up for helping us in> building a research testbed. The support varies from participating in the> funding proposal, collaborative research, specifying requirements, writing> a test plan and lending us the equipment. In addition, this research> testbed will act as a platform for understanding security aspects of next> generation services and applications in a live network. All the results> will be available for the public and published in the open> conferences/workshops.> > > > > Hi List Members,> > I am in the process of compiling a list of intrinsic security features> > in SIP and how they work. This research is related to a paper I am> > planning on how enhanced SIP security can help harden VOIP Telephone> > Networks.> > Any help, pointers, links, etc. will be appreciated.> > Regards,> > Vinay> >> > _______________________________________________> > discussion mailing list> > discussion at sipforum.org> > http://sipforum.org/mailman/listinfo/discussion> >> > > --> Ram Dantu Ph.D.,> Assistant Professor,> Department of Computer Science,> University of North Texas,> Denton, Texas, 76203> tele: 940 565 2822> email: rdantu at unt.edu>