摘要
SIP安全是多媒体通信安全的重要组成部分。然而,采用标准的IPSec保障SIP的通信安全,却面临着许多具体困难,如安全防范范围广、媒体通道随时变化等。通过对SIP通信面临的安全威胁进行分析,结合IPSec的实现框架,从策略数据库和安全关联数据库入手,针对SIP通信过程中的信令通道与媒体通道,提出了一套基于IPSec的SIP通信安全模型。最后,对其中的关键要素SA的维护策略进行了探讨。
SIP security is an important part of multimedia communication security. However, the adoption of standard IPSec for protecting the communication security of SIP is usually faced with many specific difficulties, such as wide range of security protection and at-any-time change of the media channels. Based on analysis of the security threats faced by SIP communication in combination of the IPSec implementation framework, and starting from the security policy database (SPD) and the security association database (SADB), a set of SIP communication security model based on IPSec is proposed for the signaling channel and media channel in SIP communication process. Finally, the maintenance strategy for the key element SA is discussed.
作者
张鹤鸣
陈南洋
ZHANG He-ming;CHEN Nan-yang(No.30 Institute of CETC, Chengdu Sichuan 610041, China)
出处
《通信技术》
2018年第5期1175-1178,共4页
Communications Technology
