Dorgham Sisalem, John Floroiu, Jiri Kuthan, Ulrich Abend, Henning Schulzrinne
Sip Security
By Dorgham Sisalem, Jiri Kuthan, Ulrich Abend et al.
Dorgham Sisalem, John Floroiu, Jiri Kuthan, Ulrich Abend, Henning Schulzrinne
Sip Security
By Dorgham Sisalem, Jiri Kuthan, Ulrich Abend et al.
- Gebundenes Buch
- Merkliste
- Auf die Merkliste
- Bewerten Bewerten
- Teilen
- Produkt teilen
- Produkterinnerung
- Produkterinnerung
Internet Telephony is one of the most important and fastest growing technologies for emerging mobile networks, as it provides a viable technical and economical alternative to current telecommunication networks. SIP is a standard protocol that has become the de-facto standard for VoIP and multimedia services. SIP Security is the the first book to give a detailed overview of SIP-specific security issues that will be of great interest to technicians, service users of SIP, network engineers, designers, managers, advanced undergraduate and graduate students, and researchers in academia and…mehr
Andere Kunden interessierten sich auch für
- Man Young RheeWireless Mobile Internet Security134,99 €
- Andrei GurtovHost Identity Protocol (Hip)122,99 €
- Abhijit BelapurkarDistributed Systems Security117,99 €
- Stuart JacobsEngineering Information Security156,99 €
- Kazuo SakiyamaSecurity of Block Ciphers132,99 €
- Xiaodong LinVehicular AD Hoc Network Security and Privacy149,99 €
- Stuart JacobsSecurity Management of Next Generation Telecommunications Networks and Services159,99 €
-
-
-
Internet Telephony is one of the most important and fastest growing technologies for emerging mobile networks, as it provides a viable technical and economical alternative to current telecommunication networks. SIP is a standard protocol that has become the de-facto standard for VoIP and multimedia services. SIP Security is the the first book to give a detailed overview of SIP-specific security issues that will be of great interest to technicians, service users of SIP, network engineers, designers, managers, advanced undergraduate and graduate students, and researchers in academia and industry.
Obwohl es inzwischen einen ausgereiften Industriestandard zu SIP gibt, sind die grundlegenden Sicherheitsfragen dazu noch immer nicht ausreichend geklärt. Die gegenwärtige Lage, die Anstrengungen in der Forschung sowie mögliche Lösungsansätze werden ausführlich behandelt.
Hinweis: Dieser Artikel kann nur an eine deutsche Lieferadresse ausgeliefert werden.
Obwohl es inzwischen einen ausgereiften Industriestandard zu SIP gibt, sind die grundlegenden Sicherheitsfragen dazu noch immer nicht ausreichend geklärt. Die gegenwärtige Lage, die Anstrengungen in der Forschung sowie mögliche Lösungsansätze werden ausführlich behandelt.
Hinweis: Dieser Artikel kann nur an eine deutsche Lieferadresse ausgeliefert werden.
Produktdetails
- Produktdetails
- Verlag: Wiley & Sons
- Artikelnr. des Verlages: 14551636000
- 1. Auflage
- Seitenzahl: 350
- Erscheinungstermin: 1. Mai 2009
- Englisch
- Abmessung: 254mm x 177mm x 25mm
- Gewicht: 732g
- ISBN-13: 9780470516362
- ISBN-10: 0470516364
- Artikelnr.: 23421098
- Verlag: Wiley & Sons
- Artikelnr. des Verlages: 14551636000
- 1. Auflage
- Seitenzahl: 350
- Erscheinungstermin: 1. Mai 2009
- Englisch
- Abmessung: 254mm x 177mm x 25mm
- Gewicht: 732g
- ISBN-13: 9780470516362
- ISBN-10: 0470516364
- Artikelnr.: 23421098
Dorgham Sisalem Dr. Dorgham Sisalem received his M.Eng. and Ph.D. from the Technical University of Berlin in 1995 and 2000 respectively. He worked at the Fraunhofer Institute Fokus, Berlin, as researcher, later as head of department, and was involved in implementing and realizing the first SIP based conferencing system in 1998. He was further involved in the development of the SIP Express Router (SER) which is currently the most widely used open source SIP proxy. In 2003, he co-founded iptelorg which offered SIP-based VoIP solutions to ISPs and telecommunication providers until it was acquired by Tekelec in 2005. In the same year, Dorgham Sisalem joined Tekelec as Director of Strategic Architecture with main involvement in IMS security issues. He is a part time lecturer at the Technical University of Berlin and has more than 100 publications including international conferences and journals. John Floroiu Dr. John Floroiu graduated from the Polytechnic University of Bucharest, Romania in 1993 where he continued to work as a teaching assistant and received his Ph.D. in 1999. He joined the Fraunhofer Institute Fokus, Berlin in 1999 where he participated in numerous research and industry projects. His interests covered various fields including mobility, security and quality of service in IP networks, and later was involved with multimedia service architectures. Currently with Tekelec, John Floroiu works on crafting the architectures and products for the next generation of communication systems. Jiri Kuthan Jiri Kuthan is Assistant Vice-President for engineering with Tekelec. In this capacity, Jiri forms the company's technological strategy for all-IP-based networks, and leads two R&D teams. Jiri's career began in 1998 with a research position at Fraunhofer Institute Fokus, a renowned research institute in Berlin, Germany. His early work in the VoIP and security field began with contributing to the IETF standardization efforts and participating in EU-funded and industry-funded research projects. The most renowned result of his, by then small R&D team, was the creation of the open-sourced software for Internet telephony, known as "SIP Express Router (SER)". Jiri co-founded a company bringing the software and its concepts to the industry: iptelorg GmbH. The company deployed Internet telephony with major Internet Service Providers, received prestigious Pulver 100 award and was acquired by Tekelec in 2005. Ulrich Abend Ulrich Abend graduated in computer sciences at the Technical University of Berlin in 2004. During his studies he worked as an engineer at Fraunhofer Institute Fokus where he had a major role in the development of the SIP Express Media Server (SEMS). Being part of the iptelorg team from the very beginning he was responsible for leading the development of the carrier class SIP platform SOP, based on the SIP Express Router (SER) and supporting components. SOP was successfully deployed at major customers across Europe and the United States. In early 2006 Ulrich Abend co-founded IPTEGO, an IMS service assurance company headquartered in Berlin. As CTO he is leading the team of SIP experts creating IPTEGO's next generation IMS product Palladion. Henning Schulzrinne Prof. Henning Schulzrinne received his undergraduate degree in economics and electrical engineering from the Darmstadt University of Technology, Germany, his MSEE degree as a Fulbright scholar from the University of Cincinnati, Ohio and his Ph.D. degree from the University of Massachusetts in Amherst, Massachusetts. He was a member of technical staff at AT&T Bell Laboratories, Murray Hill and an associate department head at GMD-Fokus (Berlin), before joining the Computer Science and Electrical Engineering departments at Columbia University, New York. He is currently chair of the Department of Computer Science. He is co-author of the Real-Time Protocol (RTP) for real-time Internet services, the signaling protocol for Internet multimedia conferences and telephony (SIP) and the stream control protocol for Internet media-on-demand (RTSP). He served as Chief Scientist for FirstHand Technologies and Chief Scientific Advisor for Ubiquity Software Corporation. He is a Fellow of the IEEE, has received the New York City Mayor's Award for Excellence in Science and Technology, the VON Pioneer Award and the TCCC service award.
Foreword.
About the Authors.
Acknowledgment.
1 Introduction.
2 Introduction to Cryptographic Mechanisms.
2.1 Cryptographic Algorithms.
2.2 Secure Channel Establishment.
2.3 Authentication in 3GPP Networks.
2.4 Security Mechanisms Threats and Vulnerabilities.
3 Introduction to SIP.
3.1 What is SIP, Why Should we Bother About it and What are Competing
Technologies?
3.2 SIP: the Common Scenarios.
3.3 Introduction to SIP Operation: the SIP Trapezoid.
3.4 SIP Components.
3.5 Addressing in SIP.
3.6 SIP Message Elements.
3.7 SIP Dialogs and Transactions.
3.8 SIP Request Routing.
3.9 Authentication, Authorization, Accounting.
3.10 SIP and Middleboxes.
3.11 Other Parts of the SIP Eco-system.
3.12 SIP Protocol Design and Lessons Learned.
4 Introduction to IMS.
4.1 SIP in IMS.
4.2 General Architecture.
4.3 Session Control and Establishment in IMS.
5 Secure Access and Interworking in IMS.
5.1 Access Security in IMS.
5.2 Network Security in IMS.
6 User Identity in SIP.
6.1 Identity Theft.
6.2 Identity Authentication using S/MIME.
6.3 Identity Authentication in Trusted Environments.
6.4 Strong Authenticated Identity.
6.5 Identity Theft Despite Strong Identity.
6.6 User Privacy and Anonymity.
6.7 Subscription Theft.
6.8 Fraud and SIP.
7 Media Security.
7.1 The Real-time Transport Protocol.
7.2 Secure RTP.
7.3 Key Exchange.
8 Denial-of-service Attacks on VoIP and IMS Services.
8.1 Introduction.
8.2 General Classification of Denial-of-service Attacks.
8.3 Bandwidth Consumption and Denial-of-service Attacks on SIP Services.
8.4 Bandwidth Depletion Attacks.
8.5 Memory Depletion Attacks.
8.6 CPU Depletion Attacks.
8.7 Misuse Attacks.
8.8 Distributed Denial-of-service Attacks.
8.9 Unintentional Attacks.
8.10 Address Resolution-related Attacks.
8.11 Attacking the VoIP Subscriber Database.
8.12 Denial-of-service Attacks in IMS Networks.
8.13 DoS Detection and Protection Mechanisms.
8.14 Detection of DoS Attacks.
8.15 Reacting to DoS Attacks.
8.16 Preventing DoS Attacks.
8.17 DDoS Signature Specification.
9 SPAM over IP Telephony.
9.1 Introduction.
9.2 Spam Over SIP: Types and Applicability.
9.3 Why is SIP Good for Spam?
9.4 Legal Side of Unsolicited Communication.
9.5 Fighting Unsolicited Communication.
9.6 General Antispam Framework.
Bibliography.
Index.
About the Authors.
Acknowledgment.
1 Introduction.
2 Introduction to Cryptographic Mechanisms.
2.1 Cryptographic Algorithms.
2.2 Secure Channel Establishment.
2.3 Authentication in 3GPP Networks.
2.4 Security Mechanisms Threats and Vulnerabilities.
3 Introduction to SIP.
3.1 What is SIP, Why Should we Bother About it and What are Competing
Technologies?
3.2 SIP: the Common Scenarios.
3.3 Introduction to SIP Operation: the SIP Trapezoid.
3.4 SIP Components.
3.5 Addressing in SIP.
3.6 SIP Message Elements.
3.7 SIP Dialogs and Transactions.
3.8 SIP Request Routing.
3.9 Authentication, Authorization, Accounting.
3.10 SIP and Middleboxes.
3.11 Other Parts of the SIP Eco-system.
3.12 SIP Protocol Design and Lessons Learned.
4 Introduction to IMS.
4.1 SIP in IMS.
4.2 General Architecture.
4.3 Session Control and Establishment in IMS.
5 Secure Access and Interworking in IMS.
5.1 Access Security in IMS.
5.2 Network Security in IMS.
6 User Identity in SIP.
6.1 Identity Theft.
6.2 Identity Authentication using S/MIME.
6.3 Identity Authentication in Trusted Environments.
6.4 Strong Authenticated Identity.
6.5 Identity Theft Despite Strong Identity.
6.6 User Privacy and Anonymity.
6.7 Subscription Theft.
6.8 Fraud and SIP.
7 Media Security.
7.1 The Real-time Transport Protocol.
7.2 Secure RTP.
7.3 Key Exchange.
8 Denial-of-service Attacks on VoIP and IMS Services.
8.1 Introduction.
8.2 General Classification of Denial-of-service Attacks.
8.3 Bandwidth Consumption and Denial-of-service Attacks on SIP Services.
8.4 Bandwidth Depletion Attacks.
8.5 Memory Depletion Attacks.
8.6 CPU Depletion Attacks.
8.7 Misuse Attacks.
8.8 Distributed Denial-of-service Attacks.
8.9 Unintentional Attacks.
8.10 Address Resolution-related Attacks.
8.11 Attacking the VoIP Subscriber Database.
8.12 Denial-of-service Attacks in IMS Networks.
8.13 DoS Detection and Protection Mechanisms.
8.14 Detection of DoS Attacks.
8.15 Reacting to DoS Attacks.
8.16 Preventing DoS Attacks.
8.17 DDoS Signature Specification.
9 SPAM over IP Telephony.
9.1 Introduction.
9.2 Spam Over SIP: Types and Applicability.
9.3 Why is SIP Good for Spam?
9.4 Legal Side of Unsolicited Communication.
9.5 Fighting Unsolicited Communication.
9.6 General Antispam Framework.
Bibliography.
Index.
Foreword.
About the Authors.
Acknowledgment.
1 Introduction.
2 Introduction to Cryptographic Mechanisms.
2.1 Cryptographic Algorithms.
2.2 Secure Channel Establishment.
2.3 Authentication in 3GPP Networks.
2.4 Security Mechanisms Threats and Vulnerabilities.
3 Introduction to SIP.
3.1 What is SIP, Why Should we Bother About it and What are Competing
Technologies?
3.2 SIP: the Common Scenarios.
3.3 Introduction to SIP Operation: the SIP Trapezoid.
3.4 SIP Components.
3.5 Addressing in SIP.
3.6 SIP Message Elements.
3.7 SIP Dialogs and Transactions.
3.8 SIP Request Routing.
3.9 Authentication, Authorization, Accounting.
3.10 SIP and Middleboxes.
3.11 Other Parts of the SIP Eco-system.
3.12 SIP Protocol Design and Lessons Learned.
4 Introduction to IMS.
4.1 SIP in IMS.
4.2 General Architecture.
4.3 Session Control and Establishment in IMS.
5 Secure Access and Interworking in IMS.
5.1 Access Security in IMS.
5.2 Network Security in IMS.
6 User Identity in SIP.
6.1 Identity Theft.
6.2 Identity Authentication using S/MIME.
6.3 Identity Authentication in Trusted Environments.
6.4 Strong Authenticated Identity.
6.5 Identity Theft Despite Strong Identity.
6.6 User Privacy and Anonymity.
6.7 Subscription Theft.
6.8 Fraud and SIP.
7 Media Security.
7.1 The Real-time Transport Protocol.
7.2 Secure RTP.
7.3 Key Exchange.
8 Denial-of-service Attacks on VoIP and IMS Services.
8.1 Introduction.
8.2 General Classification of Denial-of-service Attacks.
8.3 Bandwidth Consumption and Denial-of-service Attacks on SIP Services.
8.4 Bandwidth Depletion Attacks.
8.5 Memory Depletion Attacks.
8.6 CPU Depletion Attacks.
8.7 Misuse Attacks.
8.8 Distributed Denial-of-service Attacks.
8.9 Unintentional Attacks.
8.10 Address Resolution-related Attacks.
8.11 Attacking the VoIP Subscriber Database.
8.12 Denial-of-service Attacks in IMS Networks.
8.13 DoS Detection and Protection Mechanisms.
8.14 Detection of DoS Attacks.
8.15 Reacting to DoS Attacks.
8.16 Preventing DoS Attacks.
8.17 DDoS Signature Specification.
9 SPAM over IP Telephony.
9.1 Introduction.
9.2 Spam Over SIP: Types and Applicability.
9.3 Why is SIP Good for Spam?
9.4 Legal Side of Unsolicited Communication.
9.5 Fighting Unsolicited Communication.
9.6 General Antispam Framework.
Bibliography.
Index.
About the Authors.
Acknowledgment.
1 Introduction.
2 Introduction to Cryptographic Mechanisms.
2.1 Cryptographic Algorithms.
2.2 Secure Channel Establishment.
2.3 Authentication in 3GPP Networks.
2.4 Security Mechanisms Threats and Vulnerabilities.
3 Introduction to SIP.
3.1 What is SIP, Why Should we Bother About it and What are Competing
Technologies?
3.2 SIP: the Common Scenarios.
3.3 Introduction to SIP Operation: the SIP Trapezoid.
3.4 SIP Components.
3.5 Addressing in SIP.
3.6 SIP Message Elements.
3.7 SIP Dialogs and Transactions.
3.8 SIP Request Routing.
3.9 Authentication, Authorization, Accounting.
3.10 SIP and Middleboxes.
3.11 Other Parts of the SIP Eco-system.
3.12 SIP Protocol Design and Lessons Learned.
4 Introduction to IMS.
4.1 SIP in IMS.
4.2 General Architecture.
4.3 Session Control and Establishment in IMS.
5 Secure Access and Interworking in IMS.
5.1 Access Security in IMS.
5.2 Network Security in IMS.
6 User Identity in SIP.
6.1 Identity Theft.
6.2 Identity Authentication using S/MIME.
6.3 Identity Authentication in Trusted Environments.
6.4 Strong Authenticated Identity.
6.5 Identity Theft Despite Strong Identity.
6.6 User Privacy and Anonymity.
6.7 Subscription Theft.
6.8 Fraud and SIP.
7 Media Security.
7.1 The Real-time Transport Protocol.
7.2 Secure RTP.
7.3 Key Exchange.
8 Denial-of-service Attacks on VoIP and IMS Services.
8.1 Introduction.
8.2 General Classification of Denial-of-service Attacks.
8.3 Bandwidth Consumption and Denial-of-service Attacks on SIP Services.
8.4 Bandwidth Depletion Attacks.
8.5 Memory Depletion Attacks.
8.6 CPU Depletion Attacks.
8.7 Misuse Attacks.
8.8 Distributed Denial-of-service Attacks.
8.9 Unintentional Attacks.
8.10 Address Resolution-related Attacks.
8.11 Attacking the VoIP Subscriber Database.
8.12 Denial-of-service Attacks in IMS Networks.
8.13 DoS Detection and Protection Mechanisms.
8.14 Detection of DoS Attacks.
8.15 Reacting to DoS Attacks.
8.16 Preventing DoS Attacks.
8.17 DDoS Signature Specification.
9 SPAM over IP Telephony.
9.1 Introduction.
9.2 Spam Over SIP: Types and Applicability.
9.3 Why is SIP Good for Spam?
9.4 Legal Side of Unsolicited Communication.
9.5 Fighting Unsolicited Communication.
9.6 General Antispam Framework.
Bibliography.
Index.