淡江大學機構典藏:Item 987654321/35095
English  |  正體中文  |  简体中文  |  Items with full text/Total items : 62821/95882 (66%)
Visitors : 4011692      Online Users : 949
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library & TKU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
    •  Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version


    Please use this identifier to cite or link to this item: https://tkuir.lib.tku.edu.tw/dspace/handle/987654321/35095


    Title: 會談起始協定之安全模型探討與增強
    Other Titles: Study and enhancement of the security model of session initiation protocol
    Authors: 江仁秋;Chiang, Jen-chiu
    Contributors: 淡江大學資訊工程學系碩士班
    洪文斌;Horng, Wen-bing
    Keywords: 網路電話;會談起始協定;安全斷言標記語言;橢圓曲線密碼學;資訊安全;認證;授權;Session Initiation Protocol;SIP;Voice over IP;VOIP;SAML;Identity;Access Control;Elliptic Curve Cryptography;ECC;ECDH;security;authentication;Authorization;Spoofing
    Date: 2008
    Issue Date: 2010-01-11 06:00:45 (UTC+8)
    Abstract: 網路語音傳輸技術(Voice over IP, VoIP)是近年來快速成長的應用,各種新技術不斷的被提出來,較廣為人知的有H.323與會談起始協定(Session Initiation Protocol, SIP),但是因為H.323的協定過於繁雜、欠缺擴展性,相對於H.323,SIP則具有高度的彈性與擴充性,吸引各方的注意力,逐漸成為VoIP 的主流標準。
    SIP是由IETF (Internet Engineering Task Force)所制定之公開標準協定,用於建立、控制和終止會話,屬於應用層級的控制協定,與底層的協定關聯性不強,容易實作於不同的網路媒體上,其承襲了其他網際網路標準協定的設計準則,具備簡易性、高度的彈性與擴充性,因為SIP建構於公開的網際網路上且與其底層的協定之間只是鬆散的藕合關係,任何一個層級均有可能成為安全上的漏洞,變成駭客下手攻擊的目標,因此常見於網際網路上的安全問題也必然會發生在SIP的應用環境裡,提供一個安全的SIP應用環境是SIP能否被廣為接受的重要因素,這些安全議題,包括防止竊聽、私密外洩、身分辨識以及防止其他不勝枚舉的惡意攻擊。
    在RFC3261中,建議以TLS (Transport Layer Security)、IPSec (IP Security)或是S/MIME (Secure / Multipurpose Internet Mail Extensions)保護SIP的通訊安全,TLS與IPSec是屬於鏈結式的安全架構在實際應用中並不容易維持;S/MIME需要公開金鑰基礎建設(PKI),成本太高。另外在RFC3261中所建議的訊息摘要挑戰認證機制 (HTTP Digest Authentication) 則是因為無法做到雙向認證,容易遭到惡意攻擊。此外,在RFC3261文件中,也欠缺對參與會談者授權機制的敘述,於是有研究提出使用SAML來提供更豐富的資訊,讓受話端能對發話端進行更複雜的授權處理。
    在本論文中,主要在探討SIP的認證與授權機制,採用了以橢圓曲線金鑰交換演算法為基礎的方法達到了本地端雙向認證;將原本單向的SAML安全斷言擴展為雙向,能夠為將來的SIP擴展應用帶來更豐富的授權機制;以雙向的安全斷言為基礎,提供了原本沒有信任關係的會談雙方能夠認證對方,達到全域性的雙向認證;同樣以雙向的安全斷言為基礎,能在不需維持中間節點間鏈結式信賴關係的條件下,提供了即時的訊息簽章功能,克服回覆訊息容易遭到攻擊的缺點。
    Voice over IP (VoIP) is a fast growing technique of recent years. Various new protocols have been proposed, in which H.323 and Session Initiation Protocol (SIP) are two well-known major standards. However, due to its complexity and lack of extensibility, H.323 is gradually replaced by SIP because SIP provides high flexibility and extensibility. Thus, SIP has drawn a lot of attentions and is gradually becoming the mainstream standard of IP telephony.
    SIP, introduced by Internet Engineering Task Force (IETF), is a public standard protocol, used to establish, maintain, and terminate the communication session. SIP is an application layer protocol, less related to lower layer protocols. It is easy to implement SIP on different networks. Since SIP inherits the design principles of other Internet protocols, it possesses simplicity, flexibility, and extensibility. Because SIP is based on the public Internet and its lower layer protocols are loosely coupled, each of such protocols can be a vulnerability and becomes a target of hacker’s attacks. Hence, how to establish a secure SIP environment is an important factor whether SIP can be widely accepted. The security issues include resistance to eavesdropping, privacy protection, person identification, and withstanding other malicious attacks.
    In RFC3261, it is recommended to use Transport Layer Security (TLS), IP security (IPSec) and Secure/Multipurpose Internet Mail Extensions (S/MIME) to protect SIP security. However, since TLS and IPSec are hop-by-hop mechanisms, it is not easy to maintain the chaining relationship maintained between nodes on the security path of TLS and IPSec in the real environment. On the other hand, S/MIME needs the PKI infrastructure. However, PKI and the longer message body created by S/MIME will lead higher cost. Besides, the HTTP digest authentication suggested by RFC3261 does not provide mutual authentication; it is vulnerable to malicious attacks. In addition, in RFC3261, there is a lack of the statement of authorization of communicating participants. Therefore, some research proposed to use SAML to provide more information (the trait-based authorization) such that the recipient can perform more complicated authorization procedure to the sender.
    In this paper, we investigate the authentication and authorization of SIP. We use the Elliptic Curve Diffie-Hellman (ECDH) key exchange algorithm to provide the local mutual authentication. In addition, we extend the SAML one-way secure assertion to two-way to provide more flexible authorization mechanism. Based on ECDH and bi-lateral SAML assertions, the proposed method provides the global mutual authentication without pre-shared secrets. Thus, more authorization functionalities between parties can be achieved. Furthermore, the proposed method can also be used in signing request and response messages to cope with the threats which come from attacks on SIP responses.
    Appears in Collections:[Graduate Institute & Department of Computer Science and Information Engineering] Thesis

    Files in This Item:

    File SizeFormat
    0KbUnknown322View/Open

    All items in 機構典藏 are protected by copyright, with all rights reserved.

    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library & TKU Library IR teams. Copyright ©   - Feedback