| SIP (Session Initiation Protocol) is a signalling protocol put forward by IETF, and becomes one of the core protocols in Next Generation Network (NGN) and 3G in recent years. In this paper, secure mechanisms of SIP are discussed. Firstly, the basis of SIP is introduced, and then common security attack scenarias and a conclusion of SIP security research is presented. Security enhancement by buit-in extension of SIP is a hotspot, but the related works have deficiencies on each side, and verification and compatibility are neglected in most of them.Secondly, public-key cryptosystem is introduced into SIP, and Sec-SIP secure model is proposed based on SIP extension, Sec-SIP protects the security of SIP messages and compatibility is considered. Time-automata tool-UPPAAL is applied to do model verification with Sec-SIP and proves Sec-SIP model with non-deadlock, liveness and semantic requirements. After verification Sec-SIP is analyzed about compatibility and security under casual attack scenarias.Finally, Sec-SIP secure model is implemented in practical software based on an open source SIP stack and JCA, the architecture of Sec-SIP and design of modules are introduced, and in the end an example of secure analyzation is discussed with an applicaition which is based on the Sec-SIP. |
PDF Full Text Request