Integrating usage control with SIP-based communications

Authors:
E. Barka;A. Lakas
Affiliations:
Information Security Track, College of Information Technology, United Arab Emirates University, United Arab Emirates;Networking Track, College of Information Technology, United Arab Emirates University, United Arab Emirates
Venue:
Journal of Computer Systems, Networks, and Communications
Year:
2008

Citing 6
Cited 1

Role-Based Access Control Models

Computer
Towards usage control models: beyond traditional access control

SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
Network Security Essentials: Applications and Standards

Network Security Essentials: Applications and Standards
Task-Based Authorization Controls (TBAC): A Family of Models for Active and Enterprise-Oriented Autorization Management

Proceedings of the IFIP TC11 WG11.3 Eleventh International Conference on Database Securty XI: Status and Prospects
The UCONABC usage control model

ACM Transactions on Information and System Security (TISSEC)
Formal model and policy specification of usage control

ACM Transactions on Information and System Security (TISSEC)

Survey: Usage control in computer security: A survey

Computer Science Review

Quantified Score

Hi-index	0.00

Visualization

Abstract

The Session Initiation Protocol (SIP) is a signaling protocol used for establishing and maintaining communication sessions involving two or more participants. SIP was initially designed for voice over IP and multimedia conferencing, and then was extended to support other services such as instant messaging and presence management. Today, SIP is also adopted to be used with 3G wireless networks, thus it becomes an integral protocol for ubiquitous environment. SIP has various methods that support a variety of applications such as subscribing to a service, notification of an event, status update, and location and presence services. However, when it comes to security, the use of wireless and mobile communication technologies and the pervasive nature of this environment introduce higher risks to security than that of the old simple environment. In this paper, we introduce new architecture that implements a new type of access control called usage access control (UCON) to control the access to the SIP-based communication at preconnection, during connection, and postconnection. This will enable prescribers of SIP services to control who can identify their locations to approve or disapprove their subsequent connections, and to also set some parameters to determine whether a certain communication can continue or should terminate.