1 / 8

Specifying Media Privacy Requirements in SIP

Specifying Media Privacy Requirements in SIP. Ron Shacham Henning Schulzrinne {hgs,rs2194}@cs.columbia.edu Dept. of Computer Science Columbia University. Overview. Motivation: Speakerphones, output devices and session mobility can compromise a call participant’s privacy.

kuri
Download Presentation

Specifying Media Privacy Requirements in SIP

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Specifying Media Privacy Requirements in SIP Ron Shacham Henning Schulzrinne {hgs,rs2194}@cs.columbia.edu Dept. of Computer Science Columbia University IETF 63 - SIPPING

  2. Overview • Motivation: • Speakerphones, output devices and session mobility can compromise a call participant’s privacy. • Unauthorized recording. • Goals: • Allow users to specify privacy demanded from the other device; • whether recording of the session is allowed; • at call setup and anytime during the call. • Scope: While a device may be unable to enforce requirements, they provide clear indication of intent • similar to GEOPRIV embedded handling instructions (distribution and retention) IETF 63 - SIPPING

  3. Applications • Proxy only routes the call to a device that has the right level of privacy • Disallow the other call participant from transferring the call to a public device, turning on his speakerphone, or recording the call • Force the other participant’s device to retrieve the session from a public device when the conversation becomes more private IETF 63 - SIPPING

  4. Privacy Definitions • Privacy levels • 1 = only device user may access the media • 2 = anyone in the device user’s organization (school, company, circle of friends, etc.) may access the media • 3 = anyone may access the media • A device may have multiple privacy levels, based on different settings: • A phone has level 1 when the receiver Is used, level 2 when speakerphone is used. • Privacy levels of a device may change based on its surroundings: • If nobody else is in the room, even speakerphone has level 1, but when somebody walks in, it changes to level 2 or level 3. IETF 63 - SIPPING

  5. Protocol Extensions—Caller Preferences • New feature preference: privacy • Accept-Contact: *;privacy=1;require • causes the proxy server to only route the call to a device on which only the user can view or hear • The device must respect this level of privacy (e.g., no speakerphone or transfer to a public device) for the duration of the call, unless it is updated through SDP mechanism IETF 63 - SIPPING

  6. Protocol Extensions—SDP Attributes • Session-level attributes only • May be used at call setup or in mid-call re-INVITE • Privacy • “a=required-privacy:user” demands that the other device not make media available to anyone besides the user • “a=provided-privacy:user” expresses that no other user has access to the media • When “required-privacy” is used in an offer, the answer must include the “provided-privacy” attribute with a value within the required range. The device must respect this level for the duration of the call, unless it is updated. • Recording • “a=norecord” disallows recording of the session • When used in an offer, answer must also contain this attribute value. IETF 63 - SIPPING

  7. Extension: preconditions • Use SIP preconditions to establish mutually acceptable media privacy • Is this sufficiently useful to be implemented? IETF 63 - SIPPING

  8. Open Issues • Useful enough? • Need “Require” header to ensure that old systems don’t unintentionally pretend that they are honoring the media privacy request • “Privacy”  “Sharing”? IETF 63 - SIPPING

More Related