Reflections on security options for the real-time transport protocol framework

The Real-time Transport Protocol (RTP) supports a range of video conferencing, telephony, and streaming video ap- plications, but offers few native security features. We discuss the problem of securing RTP, considering the range of applications. We outline why this makes RTP a difficult protocol to secure, and describe the approach we have recently proposed in the IETF to provide security for RTP applications. This approach treats RTP as a framework with a set of extensible security building blocks, and prescribes mandatory-to-implement security at the level of different application classes, rather than at the level of the media transport protocol

MIB for the UDP-Lite Protocol

Publisher PD

On the standardisation of Web service management operations

Given the current interest in TCP/IP network management research towards Web services, it is important to recognise how standardisation can be achieved. This paper mainly focuses on the standardisation of operations and not management information. We state that standardisation should be done by standardising the abstract parts of a WSDL document, i.e. the interfaces and the messages. Operations can vary in granularity and parameter transparency, creating four extreme operation signatures, all of which have advantages and disadvantages

IETF standardization in the field of the Internet of Things (IoT): a survey

Smart embedded objects will become an important part of what is called the Internet of Things. However, the integration of embedded devices into the Internet introduces several challenges, since many of the existing Internet technologies and protocols were not designed for this class of devices. In the past few years, there have been many efforts to enable the extension of Internet technologies to constrained devices. Initially, this resulted in proprietary protocols and architectures. Later, the integration of constrained devices into the Internet was embraced by IETF, moving towards standardized IP-based protocols. In this paper, we will briefly review the history of integrating constrained devices into the Internet, followed by an extensive overview of IETF standardization work in the 6LoWPAN, ROLL and CoRE working groups. This is complemented with a broad overview of related research results that illustrate how this work can be extended or used to tackle other problems and with a discussion on open issues and challenges. As such the aim of this paper is twofold: apart from giving readers solid insights in IETF standardization work on the Internet of Things, it also aims to encourage readers to further explore the world of Internet-connected objects, pointing to future research opportunities

Mobile IP: state of the art report

Due to roaming, a mobile device may change its network attachment each time it moves to a new link. This might cause a disruption for the Internet data packets that have to reach the mobile node. Mobile IP is a protocol, developed by the Mobile IP Internet Engineering Task Force (IETF) working group, that is able to inform the network about this change in network attachment such that the Internet data packets will be delivered in a seamless way to the new point of attachment. This document presents current developments and research activities in the Mobile IP area

Options for Securing RTP Sessions

The Real-time Transport Protocol (RTP) is used in a large number of different application domains and environments. This heterogeneity implies that different security mechanisms are needed to provide services such as confidentiality, integrity, and source authentication of RTP and RTP Control Protocol (RTCP) packets suitable for the various environments. The range of solutions makes it difficult for RTP-based application developers to pick the most suitable mechanism. This document provides an overview of a number of security solutions for RTP and gives guidance for developers on how to choose the appropriate security mechanism

DiffServ resource management in IP-based radio access networks

The increasing popularity of the Internet, the flexibility of IP, and the wide deployment of IP technologies, as well as the growth of mobile communications have driven the development of IP-based solutions for wireless networking. The introduction of IP-based transport in Radio Access Networks (RANs) is one of these networking solutions. When compared to traditional IP networks, an IP-based RAN has specific characteristics, due to which, for satisfactory transport functionality, it imposes strict requirements on resource management schemes. In this paper we present the Resource Management in DiffServ (RMD) framework, which extends the DiffServ architecture with new admission control and resource reservation concepts, such that the resource management requirements of an IP-based RAN are met. This framework aims at simplicity, low-cost, and easy implementation, along with good scaling properties. The RMD framework defines two architectural concepts: the Per Hop Reservation (PHR) and the Per Domain Reservation (PDR). As part of the RMD framework a new protocol, the RMD On DemAnd (RODA) Per Hop Reservation (PHR) protocol will be introduced. A key characteristic of the RODA PHR is that it maintains only a single reservation state per PHB in the interior routers of a DiffServ domain, regardless of the number of flows passing through

The future of Internet governance: should the U.S. relinquish Its authority over ICANN?

How ICANN and the Internet domain name system are ultimately governed may set an important precedent in future policy debates over how the Internet should be governed, and what role governments and intergovernmental organizations should play. Overview Currently, the U.S. government retains limited authority over the Internet’s domain name system, primarily through the Internet Assigned Numbers Authority (IANA) functions contract between the National Telecommunications and Information Administration (NTIA) and the Internet Corporation for Assigned Names and Numbers (ICANN). By virtue of the IANA functions contract, the NTIA exerts a legacy authority and stewardship over ICANN, and arguably has more influence over ICANN and the domain name system (DNS) than other national governments. On March 14, 2014, NTIA announced the intention to transition its stewardship role and procedural authority over key Internet domain name functions to the global Internet multistakeholder community. To accomplish this transition, NTIA has asked ICANN to convene interested global Internet stakeholders to develop a transition proposal. NTIA has stated that it will not accept any transition proposal that would replace the NTIA role with a government-led or an intergovernmental organization solution. Currently, Internet stakeholders are engaged in a series of working groups to develop a transition proposal. Their goal is to submit a final proposal to NTIA by summer 2015. NTIA must approve the proposal in order for it to relinquish its authority over the IANA functions contract. While the IANA functions contract expires on September 30, 2015, NTIA has the flexibility to extend the contract for any period through September 2019. Concerns have risen in Congress over the proposed transition. Critics worry that relinquishing U.S. authority over Internet domain names may offer opportunities for either hostile foreign governments or intergovernmental organizations, such as the United Nations, to gain undue influence over the Internet. On the other hand, supporters argue that this transition completes the necessary evolution of Internet domain name governance towards the private sector, and will ultimately support and strengthen the multistakeholder model of Internet governance. Legislation has been introduced in the 113th and 114th Congresses which would prevent, delay, or impose conditions or additional scrutiny on the transition. In the 113th Congress, a provision in the Consolidated and Further Continuing Appropriations Act, 2015 (P.L. 113-235) provides that during FY2015, NTIA may not use any appropriated funds to relinquish its responsibility with respect to Internet domain name system functions. In the 114th Congress, H.R. 805 (the DOTCOM Act of 2015) would prohibit NTIA from relinquishing its authority over the Internet domain name system until the Government Accountability Office (GAO) submits a report to Congress examining the implications of the proposed transfer. The proposed transition could have a significant impact on the future of Internet governance. National governments are recognizing an increasing stake in ICANN and DNS policy decisions, especially in cases where Internet DNS policy intersects with national laws and interests related to issues such as intellectual property, cybersecurity, privacy, and Internet freedom. How ICANN and the Internet domain name system are ultimately governed may set an important precedent in future policy debates—both domestically and internationally—over how the Internet should be governed, and what role governments and intergovernmental organizations should play