SIP Security

This book gives a detailed overview of SIP specific security issues and how to solve them. While the standards and products for VoIP and SIP services have reached market maturity, security and regulatory aspects of such services are still being discussed. SIP itself specifies only a basic set of security mechanisms that cover a subset of possible security issues. In this book, the authors survey important aspects of securing SIP-based services. This encompasses a description of the problems themselves and the standards-based solutions for such problems. Where a standards-based solution has not been defined, the alternatives are discussed and the benefits and constraints of the different solutions are highlighted. This work helps understand the actual problems of using and developing VoIP services, and to distinguish between real problems and the general hype of VoIP security. This work: discusses key aspects of SIP security including authentication, integrity, confidentiality, non-repudiation and signalling; assesses the real security issues facing users of SIP, and details the latest theoretical and practical solutions to SIP Security issues; and, covers secure SIP access, inter-provider secure communication, media security, security of the IMS infrastructures as well as VoIP services vulnerabilities and counter-measures against Denial-of-Service attacks and VoIP spam. This book will be of interest to IT staff involved in deploying and developing VoIP, service users of SIP, network engineers, designers and managers. Advanced undergraduate and graduate students studying data/voice/multimedia communications as well as researchers in academia and industry will also find this book valuable.