InnovationQ will be updated on Sunday, Oct. 22, from 10am ET - noon. You may experience brief service interruptions during that time.
Browse Prior Art Database

Session PEERing for Multimedia INTerconnect (SPEERMINT) Security Threats and Suggested Countermeasures (RFC6404)

IP.com Disclosure Number: IPCOM000213100D
Original Publication Date: 2011-Nov-01
Included in the Prior Art Database: 2011-Dec-04
Document File: 44 page(s) / 54K

Publishing Venue

Internet Society Requests For Comment (RFCs)

Related People

J. Seedorf: AUTHOR [+4]


With Voice over IP (VoIP), the need for security is compounded because there is the need to protect both the control plane and the data plane. In a legacy telephone system, security is a more valid assumption. Intercepting conversations requires either physical access to telephone lines or a compromise to the Public Switched Telephone Network (PSTN) nodes or the office Private Branch eXchanges (PBXs). Only particularly security-sensitive organizations bother to encrypt voice traffic over traditional telephone lines. In contrast, the risk of sending unencrypted data across the Internet is more significant (e.g., dual-tone multi-frequency (DTMF) tones corresponding to the credit card number). An additional security threat to Internet Telephony comes from the fact that the signaling devices may be addressed directly by attackers as they use the same underlying networking technology as the multimedia data; traditional telephone systems have the signaling network separated from the data network. This is an increased security threat since a hacker could attack the signaling network and its servers with increased damage potential (call hijacking, call drop, Denial-of-Service (DoS) attacks [RFC4732], etc.). Therefore, there is a need to investigate the different security threats, to extract security-related requirements, and to highlight potential solutions on how to protect against such threats.

This text was extracted from an ASCII text file.
This is the abbreviated version, containing approximately 5% of the total text.

Internet Engineering Task Force (IETF)                        J. Seedorf Request for Comments: 6404                                  S. Niccolini Category: Informational                                              NEC ISSN: 2070-1721                                                  E. Chen                                                                      NTT                                                                H. Scholz                                                               VOIPFUTURE                                                            November 2011

         Session PEERing for Multimedia INTerconnect (SPEERMINT)              Security Threats and Suggested Countermeasures


   The Session PEERing for Multimedia INTerconnect (SPEERMINT) working

   group (WG) provides a peering framework that leverages the building

   blocks of existing IETF-defined protocols such as SIP and ENUM for

   the interconnection between SIP Service Providers (SSPs).  The

   objective of this document is to identify and enumerate SPEERMINT-

   specific threat vectors and to give guidance for implementers on

   selecting appropriate countermeasures.  Security requirements for

   SPEERMINT that have been derived from the threats detailed in this

   document can be found in RFC 6271; this document provides concrete

   countermeasures to meet those SPEERMINT security requirements.  In

   this document, the different security threats related to SPEERMINT

   are classified into threats to the Lookup Function (LUF), the

   Location Routing Function (LRF), the Signaling Function (SF), and the

   Media Function (MF) of a specific SIP Service Provider.  Various

   instances of the threats are briefly introduced inside the

   classification.  Finally, existing security solutions for SIP and

   RTP/RTCP (Real-time Transport Control Protocol) are presented to

   describe countermeasures currently available for such threats.  Each

   SSP may have connections to one or more remote SSPs through peering

   or transit contracts.  A potentially compromised remote SSP that

   attacks other SSPs is out of the scope of this document; this

   document focuses on attacks on an SSP from outside the trust domain

   such an SSP may have with other SSPs.

Seedorf, et al.               Informational                     [Page 1]
 RFC 6404          SPEERMINT Threats and Countermeasures    November 2011

 Status of This Memo

   This document is not a...