SIP SecurityISBN: 978-0-470-51636-2
Hardcover
350 pages
April 2009
|
About the Authors.
Acknowledgment.
1 Introduction.
2 Introduction to Cryptographic Mechanisms.
2.1 Cryptographic Algorithms.
2.2 Secure Channel Establishment.
2.3 Authentication in 3GPP Networks.
2.4 Security Mechanisms Threats and Vulnerabilities.
3 Introduction to SIP.
3.1 What is SIP, Why Should we Bother About it and What are Competing Technologies?
3.2 SIP: the Common Scenarios.
3.3 Introduction to SIP Operation: the SIP Trapezoid.
3.4 SIP Components.
3.5 Addressing in SIP.
3.6 SIP Message Elements.
3.7 SIP Dialogs and Transactions.
3.8 SIP Request Routing.
3.9 Authentication, Authorization, Accounting.
3.10 SIP and Middleboxes.
3.11 Other Parts of the SIP Eco-system.
3.12 SIP Protocol Design and Lessons Learned.
4 Introduction to IMS.
4.1 SIP in IMS.
4.2 General Architecture.
4.3 Session Control and Establishment in IMS.
5 Secure Access and Interworking in IMS.
5.1 Access Security in IMS.
5.2 Network Security in IMS.
6 User Identity in SIP.
6.1 Identity Theft.
6.2 Identity Authentication using S/MIME.
6.3 Identity Authentication in Trusted Environments.
6.4 Strong Authenticated Identity.
6.5 Identity Theft Despite Strong Identity.
6.6 User Privacy and Anonymity.
6.7 Subscription Theft.
6.8 Fraud and SIP.
7 Media Security.
7.1 The Real-time Transport Protocol.
7.2 Secure RTP.
7.3 Key Exchange.
8 Denial-of-service Attacks on VoIP and IMS Services.
8.1 Introduction.
8.2 General Classification of Denial-of-service Attacks.
8.3 Bandwidth Consumption and Denial-of-service Attacks on SIP Services.
8.4 Bandwidth Depletion Attacks.
8.5 Memory Depletion Attacks.
8.6 CPU Depletion Attacks.
8.7 Misuse Attacks.
8.8 Distributed Denial-of-service Attacks.
8.9 Unintentional Attacks.
8.10 Address Resolution-related Attacks.
8.11 Attacking the VoIP Subscriber Database.
8.12 Denial-of-service Attacks in IMS Networks.
8.13 DoS Detection and Protection Mechanisms.
8.14 Detection of DoS Attacks.
8.15 Reacting to DoS Attacks.
8.16 Preventing DoS Attacks.
8.17 DDoS Signature Specification.
9 SPAM over IP Telephony.
9.1 Introduction.
9.2 Spam Over SIP: Types and Applicability.
9.3 Why is SIP Good for Spam?
9.4 Legal Side of Unsolicited Communication.
9.5 Fighting Unsolicited Communication.
9.6 General Antispam Framework.
Bibliography.
Index.