Dorgham Sisalem, John Floroiu, Jiri Kuthan, Ulrich Abend, Henning Schulzrinne
Sip Security
By Dorgham Sisalem, Jiri Kuthan, Ulrich Abend et al.
Dorgham Sisalem, John Floroiu, Jiri Kuthan, Ulrich Abend, Henning Schulzrinne
Sip Security
By Dorgham Sisalem, Jiri Kuthan, Ulrich Abend et al.
- Gebundenes Buch
- Merkliste
- Auf die Merkliste
- Bewerten Bewerten
- Teilen
- Produkt teilen
- Produkterinnerung
- Produkterinnerung
Internet Telephony is one of the most important and fastest growing technologies for emerging mobile networks, as it provides a viable technical and economical alternative to current telecommunication networks. SIP is a standard protocol that has become the de-facto standard for VoIP and multimedia services. SIP Security is the the first book to give a detailed overview of SIP-specific security issues that will be of great interest to technicians, service users of SIP, network engineers, designers, managers, advanced undergraduate and graduate students, and researchers in academia and…mehr
Andere Kunden interessierten sich auch für
- Man Young RheeWireless Mobile Internet Security127,99 €
- Andrei GurtovHost Identity Protocol (Hip)117,99 €
- Abhijit BelapurkarDistributed Systems Security112,99 €
- Stuart JacobsEngineering Information Security: The Application of Systems Engineering Concepts to Achieve Information Assurance150,99 €
- Kazuo SakiyamaSecurity of Block Ciphers125,99 €
- Xiaodong LinVehicular AD Hoc Network Security and Privacy141,99 €
- Stuart JacobsSecurity Management of Next Generation Telecommunications Networks and Services150,99 €
-
-
-
Internet Telephony is one of the most important and fastest growing technologies for emerging mobile networks, as it provides a viable technical and economical alternative to current telecommunication networks. SIP is a standard protocol that has become the de-facto standard for VoIP and multimedia services. SIP Security is the the first book to give a detailed overview of SIP-specific security issues that will be of great interest to technicians, service users of SIP, network engineers, designers, managers, advanced undergraduate and graduate students, and researchers in academia and industry.
Obwohl es inzwischen einen ausgereiften Industriestandard zu SIP gibt, sind die grundlegenden Sicherheitsfragen dazu noch immer nicht ausreichend geklärt. Die gegenwärtige Lage, die Anstrengungen in der Forschung sowie mögliche Lösungsansätze werden ausführlich behandelt.
Obwohl es inzwischen einen ausgereiften Industriestandard zu SIP gibt, sind die grundlegenden Sicherheitsfragen dazu noch immer nicht ausreichend geklärt. Die gegenwärtige Lage, die Anstrengungen in der Forschung sowie mögliche Lösungsansätze werden ausführlich behandelt.
Produktdetails
- Produktdetails
- Verlag: Wiley & Sons
- Artikelnr. des Verlages: 14551636000
- 1. Auflage
- Seitenzahl: 350
- Erscheinungstermin: 1. Mai 2009
- Englisch
- Abmessung: 254mm x 177mm x 25mm
- Gewicht: 732g
- ISBN-13: 9780470516362
- ISBN-10: 0470516364
- Artikelnr.: 23421098
- Verlag: Wiley & Sons
- Artikelnr. des Verlages: 14551636000
- 1. Auflage
- Seitenzahl: 350
- Erscheinungstermin: 1. Mai 2009
- Englisch
- Abmessung: 254mm x 177mm x 25mm
- Gewicht: 732g
- ISBN-13: 9780470516362
- ISBN-10: 0470516364
- Artikelnr.: 23421098
Dr Dorgham Sisalem worked with FhG Fokus between 1995 and 2004 and was involved in the development of the first SIP-based video conferencing application in 1997 and the most widely used open-source SIP proxy known as the SIP Express Router. In 2004, Dr. Sisalem co-founded iptelorg which provided the VoIP infrastructure for various large ISPs such as T-Online, Earthlink and Tiscali. Since the acquisition of iptelorg by Tekelec in 2005 Dr. Sisalem is responsible for the aspects of security in IMS at Tekelec. Besides the experience gained through deploying VoIP in large environments, Dr. Sisalem was one of the first to publish a paper on SIP security issues and is the organizer of the VoIP security workshop. Jiri Kuthan was the driving force behind the development of the widely used SIP Express Router, which is an open source implementation of a SIP proxy that is currently used by a large number of VoIP service providers. In 2004 Mr. Kuthan co-founded iptelorg and acted as its CEO. Besides his detailed experience in developing and deploying VoIP solutions, Mr. Kuthan has contributed to various security related IETF drafts and RFCs and acted as the working group chair of the BEHAVE group which was concentrating on the deploying of VoIP in NAT and firewall protected environments. Ulrich Abend works as the VoIP technical product manager at iptelorg. In his job he was mainly responsible for the deployment of VoIP solutions in large ISP environments and ensuring the security of these deployments. In 2006 he co-founded iptego, which is a start-up, dedicated to providing security solutions to VoIP service providers. As the CTO of iptego he is responsible for designing and architecting security solutions required by VoIP service providers.
Foreword. About the Authors. Acknowledgment. 1 Introduction. 2 Introduction
to Cryptographic Mechanisms. 2.1 Cryptographic Algorithms. 2.2 Secure
Channel Establishment. 2.3 Authentication in 3GPP Networks. 2.4 Security
Mechanisms Threats and Vulnerabilities. 3 Introduction to SIP. 3.1 What is
SIP, Why Should we Bother About it and What are Competing Technologies? 3.2
SIP: the Common Scenarios. 3.3 Introduction to SIP Operation: the SIP
Trapezoid. 3.4 SIP Components. 3.5 Addressing in SIP. 3.6 SIP Message
Elements. 3.7 SIP Dialogs and Transactions. 3.8 SIP Request Routing. 3.9
Authentication, Authorization, Accounting. 3.10 SIP and Middleboxes. 3.11
Other Parts of the SIP Eco-system. 3.12 SIP Protocol Design and Lessons
Learned. 4 Introduction to IMS. 4.1 SIP in IMS. 4.2 General Architecture.
4.3 Session Control and Establishment in IMS. 5 Secure Access and
Interworking in IMS. 5.1 Access Security in IMS. 5.2 Network Security in
IMS. 6 User Identity in SIP. 6.1 Identity Theft. 6.2 Identity
Authentication using S/MIME. 6.3 Identity Authentication in Trusted
Environments. 6.4 Strong Authenticated Identity. 6.5 Identity Theft Despite
Strong Identity. 6.6 User Privacy and Anonymity. 6.7 Subscription Theft.
6.8 Fraud and SIP. 7 Media Security. 7.1 The Real-time Transport Protocol.
7.2 Secure RTP. 7.3 Key Exchange. 8 Denial-of-service Attacks on VoIP and
IMS Services. 8.1 Introduction. 8.2 General Classification of
Denial-of-service Attacks. 8.3 Bandwidth Consumption and Denial-of-service
Attacks on SIP Services. 8.4 Bandwidth Depletion Attacks. 8.5 Memory
Depletion Attacks. 8.6 CPU Depletion Attacks. 8.7 Misuse Attacks. 8.8
Distributed Denial-of-service Attacks. 8.9 Unintentional Attacks. 8.10
Address Resolution-related Attacks. 8.11 Attacking the VoIP Subscriber
Database. 8.12 Denial-of-service Attacks in IMS Networks. 8.13 DoS
Detection and Protection Mechanisms. 8.14 Detection of DoS Attacks. 8.15
Reacting to DoS Attacks. 8.16 Preventing DoS Attacks. 8.17 DDoS Signature
Specification. 9 SPAM over IP Telephony. 9.1 Introduction. 9.2 Spam Over
SIP: Types and Applicability. 9.3 Why is SIP Good for Spam? 9.4 Legal Side
of Unsolicited Communication. 9.5 Fighting Unsolicited Communication. 9.6
General Antispam Framework. Bibliography. Index.
to Cryptographic Mechanisms. 2.1 Cryptographic Algorithms. 2.2 Secure
Channel Establishment. 2.3 Authentication in 3GPP Networks. 2.4 Security
Mechanisms Threats and Vulnerabilities. 3 Introduction to SIP. 3.1 What is
SIP, Why Should we Bother About it and What are Competing Technologies? 3.2
SIP: the Common Scenarios. 3.3 Introduction to SIP Operation: the SIP
Trapezoid. 3.4 SIP Components. 3.5 Addressing in SIP. 3.6 SIP Message
Elements. 3.7 SIP Dialogs and Transactions. 3.8 SIP Request Routing. 3.9
Authentication, Authorization, Accounting. 3.10 SIP and Middleboxes. 3.11
Other Parts of the SIP Eco-system. 3.12 SIP Protocol Design and Lessons
Learned. 4 Introduction to IMS. 4.1 SIP in IMS. 4.2 General Architecture.
4.3 Session Control and Establishment in IMS. 5 Secure Access and
Interworking in IMS. 5.1 Access Security in IMS. 5.2 Network Security in
IMS. 6 User Identity in SIP. 6.1 Identity Theft. 6.2 Identity
Authentication using S/MIME. 6.3 Identity Authentication in Trusted
Environments. 6.4 Strong Authenticated Identity. 6.5 Identity Theft Despite
Strong Identity. 6.6 User Privacy and Anonymity. 6.7 Subscription Theft.
6.8 Fraud and SIP. 7 Media Security. 7.1 The Real-time Transport Protocol.
7.2 Secure RTP. 7.3 Key Exchange. 8 Denial-of-service Attacks on VoIP and
IMS Services. 8.1 Introduction. 8.2 General Classification of
Denial-of-service Attacks. 8.3 Bandwidth Consumption and Denial-of-service
Attacks on SIP Services. 8.4 Bandwidth Depletion Attacks. 8.5 Memory
Depletion Attacks. 8.6 CPU Depletion Attacks. 8.7 Misuse Attacks. 8.8
Distributed Denial-of-service Attacks. 8.9 Unintentional Attacks. 8.10
Address Resolution-related Attacks. 8.11 Attacking the VoIP Subscriber
Database. 8.12 Denial-of-service Attacks in IMS Networks. 8.13 DoS
Detection and Protection Mechanisms. 8.14 Detection of DoS Attacks. 8.15
Reacting to DoS Attacks. 8.16 Preventing DoS Attacks. 8.17 DDoS Signature
Specification. 9 SPAM over IP Telephony. 9.1 Introduction. 9.2 Spam Over
SIP: Types and Applicability. 9.3 Why is SIP Good for Spam? 9.4 Legal Side
of Unsolicited Communication. 9.5 Fighting Unsolicited Communication. 9.6
General Antispam Framework. Bibliography. Index.
Foreword. About the Authors. Acknowledgment. 1 Introduction. 2 Introduction
to Cryptographic Mechanisms. 2.1 Cryptographic Algorithms. 2.2 Secure
Channel Establishment. 2.3 Authentication in 3GPP Networks. 2.4 Security
Mechanisms Threats and Vulnerabilities. 3 Introduction to SIP. 3.1 What is
SIP, Why Should we Bother About it and What are Competing Technologies? 3.2
SIP: the Common Scenarios. 3.3 Introduction to SIP Operation: the SIP
Trapezoid. 3.4 SIP Components. 3.5 Addressing in SIP. 3.6 SIP Message
Elements. 3.7 SIP Dialogs and Transactions. 3.8 SIP Request Routing. 3.9
Authentication, Authorization, Accounting. 3.10 SIP and Middleboxes. 3.11
Other Parts of the SIP Eco-system. 3.12 SIP Protocol Design and Lessons
Learned. 4 Introduction to IMS. 4.1 SIP in IMS. 4.2 General Architecture.
4.3 Session Control and Establishment in IMS. 5 Secure Access and
Interworking in IMS. 5.1 Access Security in IMS. 5.2 Network Security in
IMS. 6 User Identity in SIP. 6.1 Identity Theft. 6.2 Identity
Authentication using S/MIME. 6.3 Identity Authentication in Trusted
Environments. 6.4 Strong Authenticated Identity. 6.5 Identity Theft Despite
Strong Identity. 6.6 User Privacy and Anonymity. 6.7 Subscription Theft.
6.8 Fraud and SIP. 7 Media Security. 7.1 The Real-time Transport Protocol.
7.2 Secure RTP. 7.3 Key Exchange. 8 Denial-of-service Attacks on VoIP and
IMS Services. 8.1 Introduction. 8.2 General Classification of
Denial-of-service Attacks. 8.3 Bandwidth Consumption and Denial-of-service
Attacks on SIP Services. 8.4 Bandwidth Depletion Attacks. 8.5 Memory
Depletion Attacks. 8.6 CPU Depletion Attacks. 8.7 Misuse Attacks. 8.8
Distributed Denial-of-service Attacks. 8.9 Unintentional Attacks. 8.10
Address Resolution-related Attacks. 8.11 Attacking the VoIP Subscriber
Database. 8.12 Denial-of-service Attacks in IMS Networks. 8.13 DoS
Detection and Protection Mechanisms. 8.14 Detection of DoS Attacks. 8.15
Reacting to DoS Attacks. 8.16 Preventing DoS Attacks. 8.17 DDoS Signature
Specification. 9 SPAM over IP Telephony. 9.1 Introduction. 9.2 Spam Over
SIP: Types and Applicability. 9.3 Why is SIP Good for Spam? 9.4 Legal Side
of Unsolicited Communication. 9.5 Fighting Unsolicited Communication. 9.6
General Antispam Framework. Bibliography. Index.
to Cryptographic Mechanisms. 2.1 Cryptographic Algorithms. 2.2 Secure
Channel Establishment. 2.3 Authentication in 3GPP Networks. 2.4 Security
Mechanisms Threats and Vulnerabilities. 3 Introduction to SIP. 3.1 What is
SIP, Why Should we Bother About it and What are Competing Technologies? 3.2
SIP: the Common Scenarios. 3.3 Introduction to SIP Operation: the SIP
Trapezoid. 3.4 SIP Components. 3.5 Addressing in SIP. 3.6 SIP Message
Elements. 3.7 SIP Dialogs and Transactions. 3.8 SIP Request Routing. 3.9
Authentication, Authorization, Accounting. 3.10 SIP and Middleboxes. 3.11
Other Parts of the SIP Eco-system. 3.12 SIP Protocol Design and Lessons
Learned. 4 Introduction to IMS. 4.1 SIP in IMS. 4.2 General Architecture.
4.3 Session Control and Establishment in IMS. 5 Secure Access and
Interworking in IMS. 5.1 Access Security in IMS. 5.2 Network Security in
IMS. 6 User Identity in SIP. 6.1 Identity Theft. 6.2 Identity
Authentication using S/MIME. 6.3 Identity Authentication in Trusted
Environments. 6.4 Strong Authenticated Identity. 6.5 Identity Theft Despite
Strong Identity. 6.6 User Privacy and Anonymity. 6.7 Subscription Theft.
6.8 Fraud and SIP. 7 Media Security. 7.1 The Real-time Transport Protocol.
7.2 Secure RTP. 7.3 Key Exchange. 8 Denial-of-service Attacks on VoIP and
IMS Services. 8.1 Introduction. 8.2 General Classification of
Denial-of-service Attacks. 8.3 Bandwidth Consumption and Denial-of-service
Attacks on SIP Services. 8.4 Bandwidth Depletion Attacks. 8.5 Memory
Depletion Attacks. 8.6 CPU Depletion Attacks. 8.7 Misuse Attacks. 8.8
Distributed Denial-of-service Attacks. 8.9 Unintentional Attacks. 8.10
Address Resolution-related Attacks. 8.11 Attacking the VoIP Subscriber
Database. 8.12 Denial-of-service Attacks in IMS Networks. 8.13 DoS
Detection and Protection Mechanisms. 8.14 Detection of DoS Attacks. 8.15
Reacting to DoS Attacks. 8.16 Preventing DoS Attacks. 8.17 DDoS Signature
Specification. 9 SPAM over IP Telephony. 9.1 Introduction. 9.2 Spam Over
SIP: Types and Applicability. 9.3 Why is SIP Good for Spam? 9.4 Legal Side
of Unsolicited Communication. 9.5 Fighting Unsolicited Communication. 9.6
General Antispam Framework. Bibliography. Index.