Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
REALTIMECOMMUNICATION   SECURITY Olle E. Johansson * oej@edvina.net * Twitter oej     Copyright Edvina AB, Sollentuna, Swe...
From this...
to this
Talk            Video             Chat      Application sharing3D holographic 7.1 conferences
COMMUNICATION BETWEEN  TWO OR MORE PEOPLE
OUT OF SCOPE TODAY.     Tommy the system intruder     Christina the network sniffer   Adrian the BOT network manager
IN SCOPEYou              Me
WHAT IS THE PROBLEM?     The usual security issues...
WHO’S TALKING?You                Me                       Identity
WHO IS LISTENING?You                   Me          3rd party                      Confidentiality
DID YOU REALLY WRITE THAT?   You               Me                    Integrity
YOU CAN’T DO THAT.You              Me                 Authorization
WHO AM I?     IP Phone         Pad     Softphone     Set-top-box     Chat client     LaptopMe        Car        Cell phone
THE SIP WORLDDATACOM   TELECOM
NETWORK SECURITYYou             Me             Our problem
TELECOM SECURITY MODEL  You                  Me               In the telco we trust.
END2END OR THROUGH   PROXY SERVER?         Do you wantsomeone else to handle your keys? You                               ...
THIS APPLIES TO MANY     PROTOCOLS SIP              RTCWEB       XMPP                  ?
SIP SECURITY    TLS        DTLS/SRTPSIGNALLING       MEDIA                 S/MIMESIP IDENTITY               INTEGRITYHTTP ...
ASTERISK 1.8  TLS        ACLsSRTP SDES   TLS very, very            experimental
KAMAILIO SIP SERVER 3.1       TLS        ACLs       DOS    prevention   TLS very, very                     good!
WHAT’S THE ISSUEWITH REAL TIME SECURITY? No one asks for it.                   Therefore no one                    impleme...
WHAT I DO NOT UNDERSTAND.  Why does nobody    care, really?
FINAL QUESTION:   What’s a secure   session for you?
H E L P.THANK YOU.
Upcoming SlideShare
Loading in …5
×

Realtime communication security - SIP, XMPP and others

4,761 views

Published on

A short presentation on issues we face with realtime security - too many solutions and too few customer requirements and a lack of demand on the market.

Published in: Technology, News & Politics
  • Be the first to comment

Realtime communication security - SIP, XMPP and others

  1. 1. REALTIMECOMMUNICATION SECURITY Olle E. Johansson * oej@edvina.net * Twitter oej Copyright Edvina AB, Sollentuna, Sweden 2011. All rights reserved.
  2. 2. From this...
  3. 3. to this
  4. 4. Talk Video Chat Application sharing3D holographic 7.1 conferences
  5. 5. COMMUNICATION BETWEEN TWO OR MORE PEOPLE
  6. 6. OUT OF SCOPE TODAY. Tommy the system intruder Christina the network sniffer Adrian the BOT network manager
  7. 7. IN SCOPEYou Me
  8. 8. WHAT IS THE PROBLEM? The usual security issues...
  9. 9. WHO’S TALKING?You Me Identity
  10. 10. WHO IS LISTENING?You Me 3rd party Confidentiality
  11. 11. DID YOU REALLY WRITE THAT? You Me Integrity
  12. 12. YOU CAN’T DO THAT.You Me Authorization
  13. 13. WHO AM I? IP Phone Pad Softphone Set-top-box Chat client LaptopMe Car Cell phone
  14. 14. THE SIP WORLDDATACOM TELECOM
  15. 15. NETWORK SECURITYYou Me Our problem
  16. 16. TELECOM SECURITY MODEL You Me In the telco we trust.
  17. 17. END2END OR THROUGH PROXY SERVER? Do you wantsomeone else to handle your keys? You Me Do you want to set up a secure session between you and me? If so, how?
  18. 18. THIS APPLIES TO MANY PROTOCOLS SIP RTCWEB XMPP ?
  19. 19. SIP SECURITY TLS DTLS/SRTPSIGNALLING MEDIA S/MIMESIP IDENTITY INTEGRITYHTTP DIGEST MSRP/TLS AUTH CHAT
  20. 20. ASTERISK 1.8 TLS ACLsSRTP SDES TLS very, very experimental
  21. 21. KAMAILIO SIP SERVER 3.1 TLS ACLs DOS prevention TLS very, very good!
  22. 22. WHAT’S THE ISSUEWITH REAL TIME SECURITY? No one asks for it. Therefore no one implements it. Which means lack of experience.
  23. 23. WHAT I DO NOT UNDERSTAND. Why does nobody care, really?
  24. 24. FINAL QUESTION: What’s a secure session for you?
  25. 25. H E L P.THANK YOU.

×