CFP last date
20 June 2024
Call for Paper
July Edition
IJCA solicits high quality original research papers for the upcoming July edition of the journal. The last date of research paper submission is 20 June 2024

Submit your paper
Know more
Reseach Article

Securing Session Initiation Protocol for VOIP Services

by Amina M. Elmahalwy, Osama S. Youness, Wail S. Elkilani
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 115 - Number 18
Year of Publication: 2015
Authors: Amina M. Elmahalwy, Osama S. Youness, Wail S. Elkilani
10.5120/20253-2622

Amina M. Elmahalwy, Osama S. Youness, Wail S. Elkilani . Securing Session Initiation Protocol for VOIP Services. International Journal of Computer Applications. 115, 18 ( April 2015), 30-36. DOI=10.5120/20253-2622

@article{ 10.5120/20253-2622,
author = { Amina M. Elmahalwy, Osama S. Youness, Wail S. Elkilani },
title = { Securing Session Initiation Protocol for VOIP Services },
journal = { International Journal of Computer Applications },
issue_date = { April 2015 },
volume = { 115 },
number = { 18 },
month = { April },
year = { 2015 },
issn = { 0975-8887 },
pages = { 30-36 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume115/number18/20253-2622/ },
doi = { 10.5120/20253-2622 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T22:55:14.658216+05:30
%A Amina M. Elmahalwy
%A Osama S. Youness
%A Wail S. Elkilani
%T Securing Session Initiation Protocol for VOIP Services
%J International Journal of Computer Applications
%@ 0975-8887
%V 115
%N 18
%P 30-36
%D 2015
%I Foundation of Computer Science (FCS), NY, USA
Abstract

VOIP (voice Over Internet Protocol) has many advantages but at the same time it has security threats not encountered in PSTN (Public Switched Telephone Networks). The paper deals with the security of the widely used protocol for signaling. The Session Initiation protocol (SIP) is considered the most used signaling protocol for calls over the internet. Securing SIP is becoming more and more important. This paper focusing on the SIP security mechanisms of authentication, and proposing an authentication model based on the Kerberos protocol to provide single sign-on, achieving two way authentications, to reduce the computation against authentication checks for each client, and prevent against Session Teardown Attack and Registration Hijacking attack. It acts as a trust third party to allow secure access to VOIP services. In this paper we implemented the SIP-Kerberos system and record the average time that the users need to authenticate at Kerberos and the average time needed to register at SIP server. The measured performance result of the solution is suitable for heavy loads in the SIP architecture.

References
  1. J. Rosenberg, H. Schulzrinne, G. Camarillo, A. Johnston, J. Peterson,R. Sparks, M. Handley, and E. Schooler, "SIP: Session Initiation Protocol," RFC 3261 (Proposed Standard), Internet Engineering Task Force, Jun. 2002, updated by RFCs 3265, 3853, 4320, 4916,5393, 5621, 5626, 5630, 5922, 5954, 6026. [Online].
  2. Chou-Chen Yanga, Ren-Chiun Wangb, Wei-Ting Liuc," Secure authentication scheme for session initiation protocol", Computer& Security (24) (2005) 381–386.
  3. Jared Ring, Kim-Kwang Raymond Choo, Ernest Foo, Mark Looi," A new authentication mechanism and key agreement protocol for SIP using identitybasedcryptography", Proceedings of AusCert R&D Stream (2006) 61–72
  4. A. Shamir, "Identity-based cryptosystem and signature schemes", in: Advance inCryptology-Crypto 1984, LNCS, vol. 196, Springer, Berlin, 1984, pp. 47–53.
  5. A. Dulanik and I. Sogukpinar, "SIP Authentication Scheme using ECDH", in: Proc. Enformatika, vol. 8 (2005) 350 - 353. M. Young, The Technical Writer's Handbook. Mill Valley, CA: University Science, 1989
  6. F. Wang, Y. Zhang, "A new provably secure authentication and key agreement mechanism for SIP using certificateless public-key cryptography", Computer Communication 31 (2008) 2142–2149.
  7. D. Geneiatakis, C. Lambrinoudakis, "A lightweight protection mechanism against signaling attacks in a SIP-Based VoIP environment", Telecommunication Systems Springer 36 (4) (2007) 153–159.
  8. L. Wu et al. ," A new provably secure authentication and key agreement protocol for SIP using ECC", Computer Standard & Interfaces 31 (2) (2009) 286–291.
  9. Jung-Shian Li, Chuan-Kai Kao and Shiou-Jing Lin, "A Kerberos based Single Sign-On System for VoIP SIP Servers and Clients with a Terminal Mobility Capability ", Computer Communication Control and. Automation (3CA), 2010 International Symposium on, 2010.
  10. Massachusetts Institute of Technology," Kerberos: The Network Authentication Protocol". http://web. mit. edu/kerberos/, Accessed: Apr, 2013.
  11. https://software. intel. com/sites/manageability/AMT_Implementation_and_Reference_Guide/default. htm?turl=WordDocuments%2Fintroductiontokerberosauthentication. htm.
  12. Yudi Prayudi, Tri K Priyambodo , "Study on Cryptography as a Service (CAAS)", International Journal of Advanced Research in Computer Science and Software Engineering 4(10), October - 2014, pp. 150-156
Index Terms

Computer Science
Information Sciences

Keywords

VOIP PSTN SIP Security Kerberos