A novel mechanism for anonymizing Global System for Mobile Communications calls using a resource-based Session Initiation Protocol community network

Considering the widespread adoption of smartphones in mobile communications and the well-established resource sharing use in the networking community, we present a novel mechanism to achieve anonymity in the Global System for Mobile Communications (GSM). We propose a Voice over Internet Protocol infrastructure using the Session Initiation Protocol (SIP) where a smartphone registers on a SIP registrar and can start GSM conversation through another smartphone acting as a GSM gateway, by using a SIP intermediate without an extra cost. The testbed that we developed for empirical evaluation revealed no significant quality of service degradation

A VoIP Privacy Mechanism and its Application in VoIP Peering for Voice Service Provider Topology and Identity Hiding

Voice Service Providers (VSPs) participating in VoIP peering frequently want to withhold their identity and related privacy-sensitive information from other parties during the VoIP communication. A number of existing documents on VoIP privacy exist, but most of them focus on end user privacy. By summarizing and extending existing work, we present a unified privacy mechanism for both VoIP users and service providers. We also show a case study on how VSPs can use this mechanism for identity and topology hiding in VoIP peering

Usage control in SIP-based multimedia delivery

The Session Initiation Protocol (SIP) is an application layer signaling protocol for the creation, modification and termination of multimedia sessions and VoIP calls with one or more participants.SIP is widely accepted as the protocol that will dominate multimedia communications in the future and one of the reasons is that it can inherently support multidomain heterogeneous networks.While SIP operates in highly dynamic environments, in the current version its authorization support is based on traditional access control models.The main problem these models face is that they were designed many years ago, and under some circumstances tend to be inadequate in modern highly dynamic environments.Usage Control (UCON), instead, is a model that supports the same operations as traditional access control models do, but it further enhances them with novel ones.In previous work, an architecture supporting continuous authorizations on SIP, based on the UCON model, was presented.In this paper, an authorization support implementing the whole UCON model, including authorizations, obligations and conditions, has been integrated in a SIP system.Moreover, a testbed has been set up to experimentally evaluate the performance of the proposed security mechanism

The politics of internet privacy regulation in a globalised world: an examination of regulatory agencies' autonomy, politicisation, and lobbying strategies

The rapid proliferation of new information technologies has not only made internet privacy one of the most pressing issues of the contemporary area, it has also triggered new regulatory challenges because of their cross-border character. This PhD thesis examines the politics of internet privacy regulation at the global level. Existing research has largely investigated the extent to which there is no international privacy regime, when and why data protection regulations in the European Union affect member state laws and trade relations, and how interest groups shape data protection regulations in the EU. Little scholarly attention, however, has been accorded to the decision-making processes and policies produced beyond the legislative arena. Non-legislative and technical modes of policy-making are yet becoming more prominent in global politics. This research focuses on global data protection and internet privacy rules determined by leading, but little-known, internet regulatory agencies, in particular: the Internet Corporation for Assigned Names and Numbers, World Wide Web Consortium, Internet Engineering Task Force, and Institute of Electrical and Electronics Engineers. It investigates three distinct but interconnected questions regarding regulatory agencies' autonomy, politicisation, and interest groups' lobbying strategies. Each of the three questions corresponds to one substantive chapter and makes distinct contributions, using separate theoretical frameworks, methods, and analyses. Taken together, the chapters provide important theoretical arguments and empirical evidence on the making of internet privacy regulation, with a special emphasis on the role of corporate interests

Supporting group mobility in mission-critical wireless networks for SIP-based applications

Diplomityössä tarkastellaan viiveherkkien SIP-sovellusten verkkoalueiden välistä ryhmäliikkuvuutta langattomissa, IEEE 802.11x -pohjaisissa IPv4/IPv6 verkkoympäristöissä. Nykyaikaisissa kriisinhallintatehtävissä reaaliaikaisen viestinnän merkitys on viime vuosina vahvasti korostunut. Tähän tarkoitukseen käytetyt viestintäjärjestelmät ovat olleet tavallisesti erittäin kalliita. Langattomien teknologioiden nopea kehitys on kuitenkin suunnannut mielenkiinnon edullisiin, kaupallisiin siviilipuolen valmisratkaisuihin. Pitkät yhteydensiirtoviiveet ovat tärkeä ongelma reaaliaikaliikenteen yhteydensiirron kannalta. VoIP-pohjaisen puheliikenteen on todettu kestävän enimmillään suuruusluokkaa 100 ms olevia viiveaikoja palvelunlaadun ratkaisevasti kärsimättä. Linkkitason yhteydensiirron ohella duplikaattiosoitteiden tarkistuksella DHCP-osoitteenhaun aikana ja SIP-yhteyden uudelleenmuodostuksella on saumattoman yhteydensiirron kannalta olennainen merkitys. Ryhmäliikkuvuus on saanut osakseen paljon huomiota ad hoc -verkkojen tutkimuksessa. Työssä tutkitaan mandollisesti saavutettavia hyötyjä, joita ryhmäliikkuvuusmalli pystyisi perinteiseen yhteydensiirtotapaan nähden tuomaan hierarkkisissa infrastruktuurisissa SIP-verkoissa. Sovellustason liikkuvuutta ja signaloinnin tehokkuutta tarkastellaan kaistankäytön ja tietoturvallisuuden näkökulmasta. Kokeellisessa osiossa pyritään mallintamaan ryhmäyhteydensiirtoja yksinkertaisessa, simuloidussa ympäristössä. Päätelmien tueksi yhteydensiirtojen suorituskykyä arvioidaan lisäksi numeerisella analyysilla.This thesis studies the provision of group mobility during inter-domain hand-offs for delay-sensitive SIP applications over wireless IPv4/IPv6 network environment, based on the IEEE 802.11x platform. In contemporary disaster relief operations, the role of real-time communications has been strongly escalating over the recent years. The communication systems used for these ends have been conventionally very expensive. The rapid evolution of wireless technologies has brought the focus of interest to the affordable Common-Off-the-Shelf civilian applications. Long latencies during hand-offs for real-time traffic are a very important problem. As the studies have pointed out, the VoIP-based voice traffic can withstand maximum approximate disruption times of 100 ms, without too high degradation in the quality of service. Along with the link-layer hand-off, the duplicate address detection procedure during DHCP address acquisition and the SIP connection re-establishment both have a major impact on the hand-off latency. The group mobility has gained high attention in the research of ad-hoc networks. The work studies the benefits that this scheme could possibly bring over the conventional hand-offs in hierarchical infrastructured SIP networks. Different approaches to application-level mobility and the signaling efficiency are examined from the viewpoint of bandwidth usage and network security. In the experimental part, group hand-offs are modeled in a simple, simulated environment. In addition, a numerical analysis is used to assess the hand-off performance to support the made conclusions

Privacy in Voice-over-IP mitigating the risks at SIP intermediaries

Telephony plays a fundamental role in our society. It enables remote parties to interact and express themselves over great distances. The telephone as a means of communicating has become part of every day life. Organisations and industry are now looking at Voice over IP (VoIP) technologies. They want to take advantage of new and previously unavailable voice services. Various interested parties are seeking to leverage the emerging VoIP technology for more flexible and efficient communication between staff, clients and partners. VoIP is a recent innovation enabled by Next Generation Network (NGN). It provides and enables means of communication over a digital network, specifically the Internet. VoIP is gaining wide spread adoption and will ultimately replace traditional telephony. The result of this trend is a ubiquitous, global and digital communication infrastructure. VoIP, however, still faces many challenges. It is not yet as reliable and dependable as the current Public Switched Telephone Network (PSTN). The employed communication protocols are immature with many security flaws and weaknesses. Session Initiation Protocol (SIP), a popular VoIP protocol does not sufficiently protect a users privacy. A user’s information is neither encrypted nor secured when calling a remote party. There is a lack of control over the information included in the SIP messages. Our specific concern is that private and sensitive information is exchanged over the public internet. This dissertation concerns itself with the communication path chosen by SIP when establishing a session with a remote party. In SIP, VoIP calls are established over unknown and untrusted intermediaries to reach the desired party. We analyse the SIP headers to determine the information leakage at each chosen intermediary. Our concerns for possible breach of privacy when using SIP were confirmed by the findings. A user’s privacy can be compromised through the extraction of explicit private details reflected in SIP headers. It is further possible to profile the user and determine communication habits from implicit time, location and device information. Our research proposes enhancements to SIP. Each intermediary must digitally sign over the SIP headers ensuring the communication path was not be altered. These signatures are added sequentially creating a chain of certified intermediaries. Our enhancements to SIP do not seek to encrypt the headers, but to use these intermediary signatures to reduce the risk of information leakage. We created a model of our proposed enhancements for attaching signatures at each intermediary. The model also provides a means of identifying unknown or malicious intermediaries prior to establishing a SIP session. Finally, the model was specified in Z notation. The Z specification language was well suited to accurately and precisely represent our model. This formal notation was adopted to specify the types, states and model behaviour. The specification was validated using the Z type-checker ZTC. CopyrightDissertation (MSc)--University of Pretoria, 2010.Computer Scienceunrestricte

Media Processing in Video Conferences for Cooperating Over the Top and Operator Based Networks

Telecom operators have dominated the communication industry for a long time by providing services with guaranteed quality of service. Such services are provided by the operator at the cost of maintaining a high grade network. With the introduction of broadband and internet, many over the top (OTT) services have emerged. These services use the underlying operator networks as a mere bit pipe while all service intelligence resides in the application running on the client device. Introduction of OTT services has seen a good response from general users who are no longer bound to services provided by the network operator. This in turn has caused operators and telecom companies to loose the ownership of their customers. This thesis takes media processing in video conferencing as a case study to compare the two competing domains of operator networks and OTT networks. Both domains offer video conferencing to end users, but they follow different architectures. The study shows that OTT services can perform much better if they utilize support of the underlying network. This will also bring the user base back to the network operator. The proposal is to turn the competition into cooperation between both parties. Assessments are done from both technical as well as business perspectives to assert that such cooperative agreements are possible and should be experimented in real life