Realtime communication security - SIP, XMPP and others

4,472 views

Published on

A short presentation on issues we face with realtime security - too many solutions and too few customer requirements and a lack of demand on the market.

Published in: Technology, News & Politics
0 Comments
6 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
4,472
On SlideShare
0
From Embeds
0
Number of Embeds
1,556
Actions
Shares
0
Downloads
0
Comments
0
Likes
6
Embeds 0
No embeds

No notes for slide
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • Realtime communication security - SIP, XMPP and others

    1. 1. REALTIMECOMMUNICATION SECURITY Olle E. Johansson * oej@edvina.net * Twitter oej Copyright Edvina AB, Sollentuna, Sweden 2011. All rights reserved.
    2. 2. From this...
    3. 3. to this
    4. 4. Talk Video Chat Application sharing3D holographic 7.1 conferences
    5. 5. COMMUNICATION BETWEEN TWO OR MORE PEOPLE
    6. 6. OUT OF SCOPE TODAY. Tommy the system intruder Christina the network sniffer Adrian the BOT network manager
    7. 7. IN SCOPEYou Me
    8. 8. WHAT IS THE PROBLEM? The usual security issues...
    9. 9. WHO’S TALKING?You Me Identity
    10. 10. WHO IS LISTENING?You Me 3rd party Confidentiality
    11. 11. DID YOU REALLY WRITE THAT? You Me Integrity
    12. 12. YOU CAN’T DO THAT.You Me Authorization
    13. 13. WHO AM I? IP Phone Pad Softphone Set-top-box Chat client LaptopMe Car Cell phone
    14. 14. THE SIP WORLDDATACOM TELECOM
    15. 15. NETWORK SECURITYYou Me Our problem
    16. 16. TELECOM SECURITY MODEL You Me In the telco we trust.
    17. 17. END2END OR THROUGH PROXY SERVER? Do you wantsomeone else to handle your keys? You Me Do you want to set up a secure session between you and me? If so, how?
    18. 18. THIS APPLIES TO MANY PROTOCOLS SIP RTCWEB XMPP ?
    19. 19. SIP SECURITY TLS DTLS/SRTPSIGNALLING MEDIA S/MIMESIP IDENTITY INTEGRITYHTTP DIGEST MSRP/TLS AUTH CHAT
    20. 20. ASTERISK 1.8 TLS ACLsSRTP SDES TLS very, very experimental
    21. 21. KAMAILIO SIP SERVER 3.1 TLS ACLs DOS prevention TLS very, very good!
    22. 22. WHAT’S THE ISSUEWITH REAL TIME SECURITY? No one asks for it. Therefore no one implements it. Which means lack of experience.
    23. 23. WHAT I DO NOT UNDERSTAND. Why does nobody care, really?
    24. 24. FINAL QUESTION: What’s a secure session for you?
    25. 25. H E L P.THANK YOU.

    ×