Application-layer mobility using SIP
ACM SIGMOBILE Mobile Computing and Communications Review
A framework for protecting a SIP-based infrastructure against malformed message attacks
Computer Networks: The International Journal of Computer and Telecommunications Networking
SSIP: Split a SIP session over multiple devices
Computer Standards & Interfaces
A new provably secure authentication and key agreement protocol for SIP using ECC
Computer Standards & Interfaces
A framework for identity privacy in SIP
Journal of Network and Computer Applications
| Hi-index | 0.00 |
In modern and future networks that belong to different providers, multimedia protocols will have to operate through multiple domains. In such an environment security is considered a crucial parameter; this is true especially for privacy since not all domains can be considered trusted beforehand in terms of personal data protection. Probably the most promising protocol for multimedia session management is SIP. While SIP is popular and a lot of research has been conducted, it still has some security issues, one of which is related to privacy and more particularly the protection of user identities (IDs). In the general case everybody can reveal the communicating parties IDs by simply eavesdropping on the exchanged SIP messages. In this paper we analyze the lack of user ID protection in SIP and propose two solutions; in the first the ID of the caller is protected while in the second both IDs of the caller and the callee are protected. Our work also includes performance results and extensive comparison with similar methods. The most significant advantage of our method is that it can assure user ID protection even when SIP messages are transmitted through untrusted SIP domains before reaching the Home Domain of the user or another trusted domain. Moreover, it does not require from the SIP Proxy server to maintain state information for exchanged SIP requests and respective responses.