218 research outputs found
Secure Communication Using Electronic Identity Cards for Voice over IP Communication, Home Energy Management, and eMobility
Using communication services is a common part of everyday life in a personal
or business context. Communication services include Internet services like
voice services, chat service, and web 2.0 technologies (wikis, blogs, etc), but
other usage areas like home energy management and eMobility are will be
increasingly tackled. Such communication services typically authenticate
participants. For this identities of some kind are used to identify the
communication peer to the user of a service or to the service itself. Calling
line identification used in the Session Initiation Protocol (SIP) used for
Voice over IP (VoIP) is just one example. Authentication and identification of
eCar users for accounting during charging of the eCar is another example. Also,
further mechanisms rely on identities, e.g., whitelists defining allowed
communication peers. Trusted identities prevent identity spoofing, hence are a
basic building block for the protection of communication. However, providing
trusted identities in a practical way is still a difficult problem and too
often application specific identities are used, making identity handling a
hassle. Nowadays, many countries introduced electronic identity cards, e.g.,
the German "Elektronischer Personalausweis" (ePA). As many German citizens will
possess an ePA soon, it can be used as security token to provide trusted
identities. Especially new usage areas (like eMobility) should from the start
be based on the ubiquitous availability of trusted identities. This paper
describes how identity cards can be integrated within three domains: home
energy management, vehicle-2-grid communication, and SIP-based voice over IP
telephony. In all three domains, identity cards are used to reliably identify
users and authenticate participants. As an example for an electronic identity
card, this paper focuses on the German ePA
A novel mechanism for anonymizing Global System for Mobile Communications calls using a resource-based Session Initiation Protocol community network
Considering the widespread adoption of smartphones in mobile communications and the well-established resource sharing use in the networking community, we present a novel mechanism to achieve anonymity in the Global System for Mobile Communications (GSM). We propose a Voice over Internet Protocol infrastructure using the Session Initiation Protocol (SIP) where a smartphone registers on a SIP registrar and can start GSM conversation through another smartphone acting as a GSM gateway, by using a SIP intermediate without an extra cost. The testbed that we developed for empirical evaluation revealed no significant quality of service degradation
On the development of Voice over IP
This record of study documents the experience acquired during my internship at Sonus
Networks, Inc. for the Doctor of Engineering Program.
In this record of study, I have surveyed and analyzed the current standardization
status of Voice over Internet Protocol (VoIP) security and proposed an Internet draft on
secure retargeting and response identity. The draft provides a simple and comprehensive
solution to the response identity, call recipient identity and intermediate server
retargeting problems in the Session Initiation Protocol (SIP) call setup process.
To support product line development and enable product evolution in the quickly
growing VoIP market, I have proposed a generic development framework for SIP
application servers. The common and open architecture of the framework supports
multiple products development and facilitates integration of new service modules. The
systematical reuse of proven software design and implementation enables companies to
reduce the development cost and shorten the time-to-market.
As the development and diffusion of VoIP can never be isolated from the social
sphere, I have investigated the current status, influence and interaction of three most important factors: standardization, market forces and government regulation on the
development and diffusion of VoIP. The worldwide deregulation and market
privatization have caused the transition of the standards development model. This
transition in turn influences the market diffusion. Other than standardization, market
forces including customer needs, the revenue pressure on carriers and vendors,
competitive and economic environment, social culture and regulation uncertainties
create both threats and opportunities. I have examined market drivers and obstacles in
the current VoIP adoption stage, analyzed current VoIP market players and their
strategies, and predicted the direction of VoIP business. The regulation creates the macro
environment in which VoIP develops and diffuses. I have explored modern
telecommunications regulation principles based on which government makes decisions
on most current issues, including 911 support, mergers and acquisitions, interconnection
obligation and leasing rights, rate structure and universal service fees
Recommended from our members
A VoIP Privacy Mechanism and its Application in VoIP Peering for Voice Service Provider Topology and Identity Hiding
Voice Service Providers (VSPs) participating in VoIP peering frequently want to withhold their identity and related privacy-sensitive information from other parties during the VoIP communication. A number of existing documents on VoIP privacy exist, but most of them focus on end user privacy. By summarizing and extending existing work, we present a unified privacy mechanism for both VoIP users and service providers. We also show a case study on how VSPs can use this mechanism for identity and topology hiding in VoIP peering
CallRank: Combating SPIT using call duration, social networks and global reputation
The growing popularity of IP telephony systems has made them attractive targets for spammers. Voice call spam, also known as Spam over Internet Telephony (SPIT), is potentially a more serious problem than email spam because of the real time processing requirements of voice packets. We explore a novel mechanism that uses duration of calls between users to combat SPIT. CallRank, the scheme proposed by us, uses call duration to establish social network linkages and global reputations for callers, based on which call recipients can decide whether the caller is legitimate or not. CallRank has been implemented within a VoIP system simulation and our results show that we are able to achieve a false negative rate of 10 % and a false positive rate of 3% even in the presence of a significant fraction of spammers
Designing and prototyping WebRTC and IMS integration using open source tools
WebRTC, or Web Real-time Communications, is a collection of web standards that detail the mechanisms, architectures and protocols that work together to deliver real-time multimedia services to the web browser. It represents a significant shift from the historical approach of using browser plugins, which over time, have proven cumbersome and problematic. Furthermore, it adopts various Internet standards in areas such as identity management, peer-to-peer connectivity, data exchange and media encoding, to provide a system that is truly open and interoperable. Given that WebRTC enables the delivery of multimedia content to any Internet Protocol (IP)-enabled device capable of hosting a web browser, this technology could potentially be used and deployed over millions of smartphones, tablets and personal computers worldwide. This service and device convergence remains an important goal of telecommunication network operators who seek to enable it through a converged network that is based on the IP Multimedia Subsystem (IMS). IMS is an IP-based subsystem that sits at the core of a modern telecommunication network and acts as the main routing substrate for media services and applications such as those that WebRTC realises. The combination of WebRTC and IMS represents an attractive coupling, and as such, a protracted investigation could help to answer important questions around the technical challenges that are involved in their integration, and the merits of various design alternatives that present themselves. This thesis is the result of such an investigation and culminates in the presentation of a detailed architectural model that is validated with a prototypical implementation in an open source testbed. The model is built on six requirements which emerge from an analysis of the literature, including previous interventions in IMS networks and a key technical report on design alternatives. Furthermore, this thesis argues that the client architecture requires support for web-oriented signalling, identity and call handling techniques leading to a potential for IMS networks to natively support these techniques as operator networks continue to grow and develop. The proposed model advocates the use of SIP over WebSockets for signalling and DTLS-SRTP for media to enable one-to-one communication and can be extended through additional functions resulting in a modular architecture. The model was implemented using open source tools which were assembled to create an experimental network testbed, and tests were conducted demonstrating successful cross domain communications under various conditions. The thesis has a strong focus on enabling ordinary software developers to assemble a prototypical network such as the one that was assembled and aims to enable experimentation in application use cases for integrated environments
- …