Skip to Main content Skip to Navigation

Sécurité de la téléphonie sur IP

Abstract : This work focuses on the security of telephony networks deployed in the Internet. Without any doubt after the Web and messaging application, this service will impose IP (Internet Protocol) infrastructures like the standard for all types of information or media. This migration from traditional telephony to all-IP appears to be inevitable but it poses security problems. If the attacks existed with the traditional telephony, the use of an IP network makes them more feasible. Our analysis highlights the limits of usual solutions, mainly through interoperability issues. Moreover, given the heterogeneity of IP telephony infrastructure, protecting end-to-end calls is currently not considered, except by state services. Initially, we look for opportunities to strengthen the security of SIP (Session Initiation Protocol) IETF protocol currently massively adopted in the telephony infrastructure. We propose and validate innovative solutions to strengthen existing mechanisms in a completely transparent way for infrastructures. We choose to focus on authentication, because it is the first mechanism encountered by users or systems. The solutions presented below propose new security properties by defining a semantic field called "opaque". These contributions strengthen the security between the user and the server. In a second step, we are interested in security solutions for end-to-end calls. Analysis of application solutions as "Future Narrow Band Digital Terminal" and "Simple Secure Voice over IP protocol" allows us to formalize the specification of an architecture to protect conversations whatever the specificities and heterogeneity of networks ToIP are. This approach uses the media channel to implement a security warning, which makes this solution completely compatible with existing infrastructure. Furthermore, our study demonstrates the interest of establishing trusted entities dedicated to call security. Finally, the conclusion takes over and takes positions on the various contributions to this work in the context of IP telephony. Our will to be interoperable with the underlying or independent infrastructure can be considered as a value added service.
Complete list of metadata

Cited literature [43 references]  Display  Hide  Download
Contributor : Thomas Guillet Connect in order to contact the contributor
Submitted on : Monday, January 24, 2011 - 10:07:51 PM
Last modification on : Friday, July 31, 2020 - 10:44:09 AM
Long-term archiving on: : Friday, December 2, 2016 - 9:14:44 PM


  • HAL Id : pastel-00559130, version 1



Thomas Guillet. Sécurité de la téléphonie sur IP. Réseaux et télécommunications [cs.NI]. Télécom ParisTech, 2010. Français. ⟨pastel-00559130⟩



Record views


Files downloads