一种基于能力的轻量级SIP安全机制研究

A lightweight Security Mechanism Research for SIP Based on Capabilities

导出

摘要本文先简要概述了SIP应用背景和重要概念,然后详细分析了SIP面临的安全威胁以及现有安全解决方案,主要为安全认证和加密,讨论了几种典型方案的原理和不足。随后仔细研究了一种先进的基于共享用户密码进行密钥协商的轻量级的SIP安全认证、加密机制,并加入一次口令机制加以改进。随后借鉴了一种基于能力的IP-DOS控制思想,结合SIP本身特点,提出了一种能更好地限制SIP-DoS安全威胁的SIP-TVA。 This article briefly outlines the application background and some important concepts of SIP at first, analyzing amply the common safety problems and existing solutions measures, with mainly the security authentication and encryption methods. And we also talk several typical solution discussing their principles and defects for each. Then, we made a detailed study for an advanced and lightweight security authentication and encryption scheme that is based on the shared user password for the key negotiation in the SIP network. After this, we join the one-time password mechanism to improve it. Subsequently, we anlehnung a thought that is for controlling the IP-DOS based on the capabilities, to propose one SIP-TVA for the better solutions and limiting for the SIP-DOS threat, combining with its own characteristics of the SiP.

作者陆万顺符云清

机构地区重庆大学计算机学院

出处《网络安全技术与应用》 2011年第3期64-67,共4页 Network Security Technology & Application

基金自然科学基金(60803027)部分资助

关键词 SIP 安全认证加密轻量级能力 SIP security authentication encryption lightweight capabilities

分类号 TP393.08 [自动化与计算机技术—计算机应用技术]

引文网络
相关文献

参考文献7

1Yang X,Wetherall David, Anderson Thomas. A DoS limiting network architecture. Computer Communication Review.2005.
2J.Rosenberg, Schulzrinne,H., Camadllo,G., Johnston, A..Peterson, J, Sparks, R..Handley, M., and E.Schooler, SIP: Session Initiation ProtocoI.RFC 3261.June 2002.
3Jaeduck Choi, Souhwan Jung, Kwangyong Bae, Hokun Moon, A Lightweight Authentication and Hop-by-Hop Security Mechanism for SIP Network, International Conference on Advanced Technologies for Communications.2008.
4N.Haller, Bellcore,C.Metz, ENesser, M,Straw, A..Bellcore.A One- Time Password System.RFC2289.Feb 1998.
5J.Franks,EBaker, J.Hostetler, S.Lawrence,P.keach,A.Luotonen, L.Stewart, HTTP Authentication:Basic and Digest Access A uthentication.RFC2617.IETF Network Working Group.June 99.
6J.Ring, K.Choo,E.Foo,M.Looi.A new authentication mechanism and key agreement protocol for SIP using Identity-based cryptography.Proc.AusCERT2006. May 2006.
7J.Arkko, V.Torvinen,G.Camarillo, A.Niemi, T.Haukka.Security Mechanism Agreement for the Session Initiation Protocol (SIP).RFC 3329.1ETF.January 2003.

1宗晓飞,万晓榆,樊自甫.SIP系统中DoS攻击及防范机制[J].微计算机信息,2008,24(6):83-84. 被引量：4
2顾萍,王飞鹏.SIP安全的分析与实现[J].中国电子商情（通信市场）,2005(04M):62-63.
3宗晓飞,万晓榆,樊自甫.SIP系统中DoS攻击及防范机制[J].山东通信技术,2007,27(1):23-26.
4吴劲,张凤荔,何兴高,陆庆.SIP安全机制研究[J].电子科技大学学报,2007,36(6):1211-1214. 被引量：10
5王春枝,唐皓.一种新型的一次口令机制与实现[J].科教文汇,2006(2X):187-188. 被引量：3
6储泰山,潘雪增.SIP安全模型研究及实现[J].计算机应用与软件,2004,21(12):101-104. 被引量：15
7韦振名,冯久超.SIP安全认证机制研究[J].计算机科学,2008,35(11):95-97. 被引量：5
8张琳琳,梁冰.SIP安全威胁及安全机制分析[J].现代电信科技,2008,38(9):37-40.
9马骥,周晓光,辛阳,杨义先.基于信任域的SIP认证机制[J].计算机工程,2009,35(12):131-133. 被引量：3
10韩平,唐清安,汪顶武.一种基于SIP的安全解决方案[J].中国科技博览,2008(22):137-138.

网络安全技术与应用

2011年第3期

浏览历史

内容加载中请稍等...

一种基于能力的轻量级SIP安全机制研究

参考文献7

相关作者

相关机构

相关主题

浏览历史