1 / 18

563.13.1 VoIP security

563.13.1 VoIP security. Presented by: Nalin Pai VoIP Group: Milan Lathia, Nalin Pai, Zahid Anwar, Mike Tucker University of Illinois Spring 2006. Agenda. Provide an overview of VoIP. Provide an understanding of how a SIP-based VoIP infrastructure operates,

maleah
Download Presentation

563.13.1 VoIP security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. 563.13.1 VoIP security Presented by: Nalin Pai VoIP Group: Milan Lathia, Nalin Pai, Zahid Anwar, Mike Tucker University of Illinois Spring 2006

  2. Agenda • Provide an overview of VoIP. • Provide an understanding of how a SIP-based VoIP infrastructure operates, • Describe the security vulnerabilities and security mechanisms currently used to protect SIP-based VoIP systems, • Outline the project which will be accomplished by the team during the term.

  3. Part 1: Overview of VoIP

  4. Voice packets transmitted using IP Traditional networking infrastructure carries voice traffic Analog voice is digitized and transmitted as IP packets Standards based (e.g., H.323, G.711, G.729, RTP, UDP, IP, RSVP) What is VoIP?

  5. Lower cost of ownership – Cost savings are the primary short-term reason to converge voice, data and video onto a single IP network. Easy implementation of innovative services. – Unified Messaging, Instant Messaging etc. In the future, Internet Telephony Service Providers (ITSP) may use a single infrastructure for providing both, Internet access and Internet telephony – Only data-oriented switches could be deployed for switching data as well as packetized voice – Multiplexing data and voice could also result in better bandwidth utilization than in today's over-engineered voice-or-nothing links Why VoIP?

  6. VoIP users may also profit of its software-oriented nature: – Software solutions may be easily extended and integrated with other services and applications – E.g. whiteboarding, electronic calendar, or WWW – Deployment of new IP telephony services requires significantly lower investment in terms of time and money than in the traditional PSTN environment Why VoIP? (2)

  7. VoIP Market • 56% of all phone lines in Western Europe will be VoIP by 2009. • The number of residential VOIP customers more than tripled to 4.2 million users in 2005, and is expected to hit 18 million by 2008. • US VOIP subscribers grew to 4.5 million and industry revenue surpassed $1 billion in 2005. • The market for VoIP services in Asia is expected to rise from nearly $5.5 billion in 2004 to over $10 billion by 2009. • 25% of new phone lines in Q3 2005 in Asia were VoIP lines. Source: TEQConsult Group

  8. Comparison of PSTN & VoIP

  9. VoIP standards • H.323 (ITU) • - H.225 call control protocol • - H.245 media control protocol • - RTP (Real-time transport protocol) for media • - H.235 security • Other standards related to codecs. • Session information protocol (SIP) • - IETF standard • - text based request response messages • - Uses SDP (session description protocol) to • describe media content • - Uses RTP for media.

  10. VoIP Deployment Models • Enterprise, the VoIP infrastructure is deployed in the enterprise network, • Hosted, the VoIP infrastructure is deployed by a service provider in the network and • Peer-to-Peer, employs a highly distributed infrastructure.

  11. V V V V Present Enterprise Hosted Deployment (PSTN Transport) ENUM DNS WAN Application Server AAA Router Enterprise B Enterprise A PSTN GW PSTN GW PSTN PSTN Phone

  12. V V Present: Service Provider Deployment(PSTN Transport) Service Provider AAA Application Server ENUM DNS PSTN GW SBC WAN PSTN Router PSTN Phone Enterprise B Enterprise A

  13. Future?: “Pure” IP VoIP Call Service Provider AAA ENUM DNS SBC Router Enterprise B Enterprise A

  14. Peer-to-Peer Deployment

  15. How skype works • Two types of nodes, ordinary nodes and super nodes • Central log server, all other services are decentralized. • Super nodes aid NAT traversal • Communication between two end points behind symmetric NAT takes place through a relay host

  16. Firewall/NAT Traversal Issues in VoIP • Firewalls are designed for outgoing connections, thus incoming calls are rejected. • Voice signaling contains connection addresses which may not be publicly routable.

  17. Firewall/NAT Traversal Solutions for VoIP • Interactive Connectivity Establishment (ICE) draft-ietf-mmusic-ice-06 • Uses STUN to discover, create and verify connectivity paths • Uses TURN to relay media if necessary • Session Border Controllers (media relay)

  18. References • NIST- Security Considerations for Voice Over IP Systems, D. Richard Kuhn et al • SIP: Session Initiation Protocol RFC 3261 • FCC advisory notice on 911 and VoIP http://www.fcc.gov/cgb/consumerfacts/voip911.pdf • An Analysis of the Skype Peer-to-Peer Internet Telephony Protocol - Salman A Baset http://www1.cs.columbia.edu/~library/TR-repository/reports/reports-2004/cucs-039-04.pdf

More Related