A method for obtaining digital signatures and public-key cryptosystems
Communications of the ACM
Application-layer mobility using SIP
ACM SIGMOBILE Mobile Computing and Communications Review
The Design of Rijndael
A framework for protecting a SIP-based infrastructure against malformed message attacks
Computer Networks: The International Journal of Computer and Telecommunications Networking
Empirical tests of anonymous voice over IP
Journal of Network and Computer Applications
PrivaSIP: Ad-hoc identity privacy in SIP
Computer Standards & Interfaces
Hidden VoIP calling records from networking intermediaries
Principles, Systems and Applications of IP Telecommunications
Review: A survey on solutions and main free tools for privacy enhancing Web communications
Journal of Network and Computer Applications
SIPA: generic and secure accounting for SIP
Security and Communication Networks
Hi-index | 0.00 |
Secure multimedia delivery in modern and future networks is one of the most challenging problems towards the system integration of fourth generation (4G) networks. This integration means that different service and network providers will have to interoperate in order to offer their services to end users. This multidomain environment poses serious threats to the end user who has contract with, and trusts only a limited number of operators and service providers. One such threat is end users' privacy on which we will focus in this paper. Probably the most promising protocol for multimedia session management is the Session Initiation Protocol (SIP), which is an application layer protocol and thus can operate on top of different lower layer technologies. SIP is quite popular and a lot of research has been conducted; however, it still has some security issues, one of which is related to privacy and more particularly the protection of user identities (IDs). In this paper we comment on the ID privacy issue of SIP and propose a framework called PrivaSIP that can protect either the caller's ID or both the caller's and the callee's IDs in multidomain environments. We present different implementations of our framework based on asymmetric and symmetric cryptography analyzing the pros and cons of each one of them. Furthermore, we provide performance measurements in order to estimate the performance penalty of our framework over standard SIP. The most significant advantage of our method is that it can assure user ID protection even when SIP messages are transmitted through untrusted SIP domains, while our results show that this can be achieved with no perceived delay by the end user.