ALEX: Improving SIP Support in Systems with Multiple Network Addresses

The successful and increasingly adopted session initiation protocol (SIP) does not adequately support hosts with multiple network addresses, such as dual-stack (IPv4-IPv6) or IPv6 multi-homed devices. This paper presents the Address List Extension (ALEX) to SIP that adds effective support to systems with multiple addresses, such as dual-stack hosts or multi-homed IPv6 hosts. ALEX enables IPv6 transport to be used for SIP messages, as well as for communication sessions between SIP user agents (UAs), whenever possible and without compromising compatibility with ALEX-unaware UAs and SIP servers

IMS signalling for multiparty services based on network level multicast

3rd EURO-NGI Conference on Next Generation Internet Networks. Norwegian University of Science and Technology, Trondheim, Norway, 21-23 may 2007.The standardization process of the UMTS technology has led to the development of the IP Multimedia Subsystem (IMS). IMS provides a framework that supports the negotiation of the next generation multimedia services with QoS requirements that are envisioned for 3G networks. But even though many of these services involve the participation of multiple users in a multiparty arrangement, the delivery technology at network level is still unicast based. This approach is not optimum, in terms of transmission efficiency. In this paper, a new approach is presented proposing to use a network level multicast delivery technology for the multiparty services that are signalled through IMS. The main advantages and drawbacks related with this new approach are analyzed in the article. Finally, as a starting point in the development of the presented solution, a new SIP signalling dialogue is proposed allowing the negotiation of a generic multiparty service, and supporting at the same time the configuration of the corresponding network level multicast delivery service with QoS requirements that will be used in the user plane.Publicad

Signalling in voice over IP Networks

Voice signalling protocols have evolved, keeping with the prevalent move from circuit to packet switched networks. Standardization bodies have provided solutions for carrying voice traffic over packet networks while the main manufacturers are already providing products in workgroup, enterprise, or operator portfolio. This trend will accrue in next years due to the evolution of UMTS mobile networks to an “all-IP” environment. In this paper we present the various architectures that are proposed for signalling in VoIP, mainly: H.323, SIP and MGCP. We also include a brief summary about signalling in classical telephone networks and, at the end, we give some ideas about the proposed “all-IP” architectures in UMTS 3G mobile networks.Publicad

A Survey on Handover Management in Mobility Architectures

This work presents a comprehensive and structured taxonomy of available techniques for managing the handover process in mobility architectures. Representative works from the existing literature have been divided into appropriate categories, based on their ability to support horizontal handovers, vertical handovers and multihoming. We describe approaches designed to work on the current Internet (i.e. IPv4-based networks), as well as those that have been devised for the "future" Internet (e.g. IPv6-based networks and extensions). Quantitative measures and qualitative indicators are also presented and used to evaluate and compare the examined approaches. This critical review provides some valuable guidelines and suggestions for designing and developing mobility architectures, including some practical expedients (e.g. those required in the current Internet environment), aimed to cope with the presence of NAT/firewalls and to provide support to legacy systems and several communication protocols working at the application layer

IPv6 Network Mobility

Network Authentication, Authorization, and Accounting has been used since before the days of the Internet as we know it today. Authentication asks the question, “Who or what are you?” Authorization asks, “What are you allowed to do?” And fi nally, accounting wants to know, “What did you do?” These fundamental security building blocks are being used in expanded ways today. The fi rst part of this two-part series focused on the overall concepts of AAA, the elements involved in AAA communications, and highlevel approaches to achieving specifi c AAA goals. It was published in IPJ Volume 10, No. 1[0]. This second part of the series discusses the protocols involved, specifi c applications of AAA, and considerations for the future of AAA

Investigation of Mobile IPv6 and SIP integrated architectures for IMS and VoIP applications

Mobile IPv6 and SIP are protocols designed to support different types of mobility. Mobile IPv6 has been used to support mobility in IP networks and SIP has been used for voice over IP applications. It is the signalling protocol of the IP multimedia subsystem (IMS). In this paper both protocols have been simulated and compared in order to observe their performance for voice over IP (VoIP) applications. In this paper the architectures proposed by researchers in order to combine mobile IPv6 and SIP have also been investigated and compared to analyse their advantages and disadvantages. A network scenario, running mobile IPv6 and SIP for IMS, has also been simulated in order to evaluate the performance offered by the two protocols and to compare them with the results from the simulation of the pure mobile IPv6 and SIP architectures. The comparison shows that the combined scenario offers better performance similar to the one obtained using only mobile IPv6 with route optimization. The scenario simulated was also compared with the integrated architectures for mobile IPv6 and SIP that were investigated

AUTOMATED PENETRATION TESTING

Penetration testing is used to search for vulnerabilities that might exist in a system. The testing usually involves simulating different types of attacks on the target system. This type of testing provides an organized and controlled way to identify security shortcomings. The resources and time required for comprehensive testing can make penetration testing cost intensive. Consequently, such tests are usually only performed during important milestones.In this project we have automated the penetration testing process for several protocol-based attacks. Our automated penetration testing application covers several attacks based on HTTP, SIP and TCP/IP. The objective of this work is to offer a fast, reliable and automated testing tool, which is also easier to use than existing tools

Toward the PSTN/Internet Inter-Networking--Pre-PINT Implementations

This document contains the information relevant to the development of the inter-networking interfaces underway in the Public Switched Telephone Network (PSTN)/Internet Inter-Networking (PINT) Working Group. It addresses technologies, architectures, and several (but by no means all) existing pre-PINT implementations of the arrangements through which Internet applications can request and enrich PSTN telecommunications services. The common denominator of the enriched services (a.k.a. PINT services) is that they combine the Internet and PSTN services in such a way that the Internet is used for non-voice interactions, while the voice (and fax) are carried entirely over the PSTN. One key observation is that the pre-PINT implementations, being developed independently, do not inter-operate. It is a task of the PINT Working Group to define the inter-networking interfaces that will support inter-operation of the future implementations of PINT services

Security aspects in voice over IP systems

Security has become a major concern with the rapid growth of interest in the internet. This project deals with the security aspects of VoIP systems. Various supporting protocols and technologies are considered to provide solutions to the security problems. This project stresses on the underlying VoIP protocols like Session Initiation Protocol (SIP), Secure Real-time Transport Procotol (SRTP), H.323 and Media Gateway Control Protocol (MGCP). The project further discusses the Network Address Translation (NAT) devices and firewalls that perform NAT. A firewall provides a point of defense between two networks. This project considers issues regarding the firewalls and the problems faced in using firewalls for VoIP; it further discusses the solutions about how firewalls can be used in a more secured way and how they provide security