Your SlideShare is downloading. ×
Realtime communication security - SIP, XMPP and others
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Realtime communication security - SIP, XMPP and others

3,732
views

Published on

A short presentation on issues we face with realtime security - too many solutions and too few customer requirements and a lack of demand on the market.

A short presentation on issues we face with realtime security - too many solutions and too few customer requirements and a lack of demand on the market.

Published in: Technology, News & Politics

0 Comments
4 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
3,732
On Slideshare
0
From Embeds
0
Number of Embeds
5
Actions
Shares
0
Downloads
0
Comments
0
Likes
4
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • Transcript

    • 1. REALTIMECOMMUNICATION SECURITY Olle E. Johansson * oej@edvina.net * Twitter oej Copyright Edvina AB, Sollentuna, Sweden 2011. All rights reserved.
    • 2. From this...
    • 3. to this
    • 4. Talk Video Chat Application sharing3D holographic 7.1 conferences
    • 5. COMMUNICATION BETWEEN TWO OR MORE PEOPLE
    • 6. OUT OF SCOPE TODAY. Tommy the system intruder Christina the network sniffer Adrian the BOT network manager
    • 7. IN SCOPEYou Me
    • 8. WHAT IS THE PROBLEM? The usual security issues...
    • 9. WHO’S TALKING?You Me Identity
    • 10. WHO IS LISTENING?You Me 3rd party Confidentiality
    • 11. DID YOU REALLY WRITE THAT? You Me Integrity
    • 12. YOU CAN’T DO THAT.You Me Authorization
    • 13. WHO AM I? IP Phone Pad Softphone Set-top-box Chat client LaptopMe Car Cell phone
    • 14. THE SIP WORLDDATACOM TELECOM
    • 15. NETWORK SECURITYYou Me Our problem
    • 16. TELECOM SECURITY MODEL You Me In the telco we trust.
    • 17. END2END OR THROUGH PROXY SERVER? Do you wantsomeone else to handle your keys? You Me Do you want to set up a secure session between you and me? If so, how?
    • 18. THIS APPLIES TO MANY PROTOCOLS SIP RTCWEB XMPP ?
    • 19. SIP SECURITY TLS DTLS/SRTPSIGNALLING MEDIA S/MIMESIP IDENTITY INTEGRITYHTTP DIGEST MSRP/TLS AUTH CHAT
    • 20. ASTERISK 1.8 TLS ACLsSRTP SDES TLS very, very experimental
    • 21. KAMAILIO SIP SERVER 3.1 TLS ACLs DOS prevention TLS very, very good!
    • 22. WHAT’S THE ISSUEWITH REAL TIME SECURITY? No one asks for it. Therefore no one implements it. Which means lack of experience.
    • 23. WHAT I DO NOT UNDERSTAND. Why does nobody care, really?
    • 24. FINAL QUESTION: What’s a secure session for you?
    • 25. H E L P.THANK YOU.