Using end-to-end data encryption to secure SIP device configuration

Security between the endpoints is an important requirement for network transmission. One existing solution of End-to-End security is based on the certificate of the third-party enterprise such as the authorization from ISP. And the other methods usually established a virtual private tunnel between the two endpoints. Considering the SIP device configuration basically used tftp protocol to transmit the configuration file, we proposed a free End-to-End security scheme using Application Gateway and data encryption to secure this transmission process. In this paper, Application Gateway used FastCGI programming to protect the HTTP server from attacking. On the other hand, the file encryption approach applied symmetrical encryption to ensure that only the authentic client could share the data from the server