153 research outputs found
Diseño e implementación de un Punto Neutro para VoIP
El objetivo de este proyecto consiste en el diseño e implementación de un
Punto neutro para VoIP (PNVoIP). El Punto Neutro es una plataforma para
ofrecer interoperabilidad entre proveedores de servicios de Telefonía IP
(ToIP).
Esta plataforma realiza el intercambio de tráfico de VoIP entre los diferentes
proveedores, evitando la salida de las comunicaciones hacia la Internet
pública, con mejoras de calidad de servicio (QoS) y seguridad para los clientes
de los proveedores.
Este proyecto se ha realizado conjuntamente con la fundación i2CAT y dos
operadores de ToIP. Cada uno de los operadores trabaja con protocolos
diferentes (uno con SIP y el otro H.323), por lo que nace la necesidad de
solucionar el intercambio de señalización entre operadores que empleen
protocolos diferentes
Recommended from our members
Measurement and Evaluation of ENUM Server Performance
ENUM is a protocol standard developed by the Internet Engineering Task Force (IETF) for translating the E.164 phone numbers into Internet Universal Resource Identifiers (URIs). It plays an increasingly important role as the bridge between Internet and traditional telecommunications services. ENUM is based on the Domain Name System (DNS), but places unique performance requirements on DNS server. In particular, ENUM server needs to host a huge number of records, provide high query throughput for both existing and non-existing records in the server, maintain high query performance under update load, and answer queries within a tight latency budget. In this report, we evaluate and compare performance of serving ENUM queries by three servers, namely BIND, PDNS and Navitas. Our objective is to answer whether and how these servers can meet the unique performance requirements of ENUM. Test results show that the ENUM query response time on our platform has always been on the order of a few milliseconds or less, so this is likely not a concern. Throughput then becomes the key. The throughput of BIND degrades linearly as the record set size grows, so BIND is not suitable for ENUM. PDNS delivers higher performance than BIND in most cases, while the commercial Navitas server presents even better ENUM performance than PDNS. Under our 5M-record set test, Navitas server with its default configuration consumes one tenth to one sixth the memory of PDNS, achieves six times higher throughput for existing records and an order of two magnitudes higher throughput for non-existing records than the bottom line PDNS server without caching. The throughput of Navitas is also the highest among the tested servers when the database is being updated in the background. We investigated ways to improve PDNS performance. For example, doubling CPU processing power by putting PDNS and its backend database in two separate machines can increase PDNS throughput for existing records by 45% and that for nonexisting records by 40%. Since PDNS is open source, we also instrumented the source code to obtain a detailed profile of contributions of various systems components to the overall latency. We found that when the server is within its normal load range, the main component of server processing latency is caused by backend database lookup operations. Excessive number of backend database lookups is the reason that makes PDNS throughput for non-existing records its key weakness. We studied using PDNS caching to reduce the number of database lookups. With a full packet cache and a modified cache maintenance mechanism, the PDNS throughput for existing records can be improved by 100%. This brings the value to one third of its Navitas counterpart. After enabling the PDNS negative query cache, we improved PDNS throughput for non-existing records to the level comparable to its throughput for existing records, but this result is still an order of magnitude lower than the corresponding value in Navitas. Further improvements of PDNS throughput for non-existing records will require optimization of related processing mechanism in its implementation
Infrastructure electronic numbering implementation in Australia
VoIP is becoming the dominant approach for telephony and this growth will continue with the upcoming introduction of 4G mobile wireless and fibre to the home networks. With the growing demand for VoIP and increased VoIP traffic, it is important to implement a system that provides interoperability between the existing telephony numbering system and the IP network device addresses. Infrastructure ENUM is one approach that may be used. This paper examines the Infrastructure ENUM implementation in Australia
Security of VoIP protocols
Předložená bakalářská práce je zaměřena na bezpečnost protokolu VoIP (Voice over Internet Protocol). Nejdříve jsou představeny nejpoužívanější transportní a signalizační protokoly, které jsou využity v této technologii. Práce je zaměřena na dva rozšířené protokoly SIP (Session Initiation Protocol), IAX (Inter-Asterisk eXchange Protocol) a open source Asterisk, který je úzce spjatý s užíváním těchto protokolů. V další části jsou popsány možné útoky, hrozby a metody, které jsou schopny zajistit bezpečný přenos při využívání VoIP mezi uživateli. Dále je popsána praktická část této práce, která je rozdělena na dvě části. V první je demonstrován pasivní útok formou odposlechu a ve druhé aktivní útok formou násilného ukončení a přesměrování hovoru mezi dvěma komunikujícími uživateli. U obou útoků jsou navržena bezpečnostní opatření, jež by účinně mohla předcházet jejich možnému napadení. V závěru je zhodnocena samotná bezpečnost VoIP s ohledem na zajištění kvalitního spojení mezi uživateli, kteří jej pro komunikaci využívají.This bachelor dissertation deals with the VoIP (Voice over Internet Protocol) safety. The most used transport and signal protocols employing this technology are presented first. Two extended protocols, SIP (Session Initiation Protocol) and IAX (Inter-Asterisk eXchange Protocol), as well as open source Asterisk, which is closely connected with these protocols, are shown in detail. After that, methods, attacks and threats able to assure secure transfer in the use of VoIP among users are described. Afterwards the practical part of this essay, divided into two parts, is presented. In the first part, a passive attack in the form of tapping is demonstrated, and in the second, active attacks are described which take the form of forced cancellations and forwarded calls between two communicating users. With both attacks, safety measures that could effectively prevent against their potential attacking are proposed. In the closing part, the VoIP safety is evaluated for securing a quality connection between users communicating through it.
Security in a Distributed Processing Environment
Distribution plays a key role in telecommunication and computing systems today. It
has become a necessity as a result of deregulation and anti-trust legislation, which has
forced businesses to move from centralised, monolithic systems to distributed systems
with the separation of applications and provisioning technologies, such as the service
and transportation layers in the Internet. The need for reliability and recovery requires
systems to use replication and secondary backup systems such as those used in ecommerce.
There are consequences to distribution. It results in systems being implemented in
heterogeneous environment; it requires systems to be scalable; it results in some loss
of control and so this contributes to the increased security issues that result from
distribution. Each of these issues has to be dealt with. A distributed processing
environment (DPE) is middleware that allows heterogeneous environments to operate
in a homogeneous manner. Scalability can be addressed by using object-oriented
technology to distribute functionality. Security is more difficult to address because it
requires the creation of a distributed trusted environment.
The problem with security in a DPE currently is that it is treated as an adjunct service,
i.e. and after-thought that is the last thing added to the system. As a result, it is not
pervasive and therefore is unable to fully support the other DPE services. DPE
security needs to provide the five basic security services, authentication, access
control, integrity, confidentiality and non-repudiation, in a distributed environment,
while ensuring simple and usable administration.
The research, detailed in this thesis, starts by highlighting the inadequacies of the
existing DPE and its services. It argues that a new management structure was
introduced that provides greater flexibility and configurability, while promoting
mechanism and service independence. A new secure interoperability framework was
introduced which provides the ability to negotiate common mechanism and service
level configurations. New facilities were added to the non-repudiation and audit
services.
The research has shown that all services should be security-aware, and therefore
would able to interact with the Enhanced Security Service in order to provide a more
secure environment within a DPE. As a proof of concept, the Trader service was
selected. Its security limitations were examined, new security behaviour policies
proposed and it was then implemented as a Security-aware Trader, which could
counteract the existing security limitations.IONA TECHNOLOGIES PLC & ORANG
Development of a 3G Authentication Based Mobile Access of Health Records: A Mobile Telemedicine Application
As our country progresses in its aim to be a developed country by the Year 2020, the
field of Information and Communications Technology or ICT is fast becoming the
forerunner for the vision. The Internet is used in almost all aspects of life. As for the
communications sector, according to Global Mobile Subscriber Database December
2002 report, there are 8,814,700 mobile subscribers in Malaysia with an Annual
Growth of 16.6%. Withthe adoption of 3G-communication technology in the coming
years, compelling high speed services, reaching up to 2 Mb/s together with improved
security features would soon be possible.
Through these years in the mobile industry, the health sector has always been
neglected. Reason being, the technology could not support the application and it is
not so much of a revenue generating business compared to mobile games or sports
news. With globalization where the society is always on the move across borders,
together with degrading environment conditions and the need for time, instant health
services are becoming crucial. Looking into these conditions of mobile adoption and
health status, the author intends to develop a solution for a mobile telemedicine
application. Kevin Hung (2003) defines telemedicine as the utilization of
telecommunication technology for medical diagnosis, treatment and patient care.
Thus, the main aim of this project was to develop an application that could be used
for medical purposes. This project integrates the latest mobile telecommunication
technologies together with medical services with the idea of providing a highly
secured personalize medical system and database query as mobile handsets are
becoming a necessity to individuals. This would make updating and retrieving
medical health records hassle free, anytime and anywhere. This project has also laid
the groundwork for future expansion by incorporating the basic audio and video
streaming features.
This report accounts for all the concepts, design works and results of the mobile
telemedicine application that has been developed successfully
- …