Proxy Authentication of the Emergency Status of SIP Calls draft-barnes-ecrit-auth-00 Richard Barnes IETF 69, Chicago, IL, USA.

Slides:



Advertisements
Similar presentations
1 © 2001, Cisco Systems, Inc. All rights reserved. © 2004, Cisco Systems, Inc. All rights reserved. Location Conveyance in SIP draft-ietf-sipping-location-requirements-02.
Advertisements

Indication of support for keep- alive draft-holmberg-sip-keep-03 Christer Holmberg
Presence, Security and Privacy. VON The Current Environment Many Faces of Security Authentication Verify someone is who they.
Iptel IETF 51. Agenda Bashing Agenda Bashing5m CPL and TRIP Status5m Charter Review10m TRIP for GW10m.
IETF 71 SIPPING WG meeting draft-ietf-sipping-pai-update-00.
Colombo, Sri Lanka, 7-10 April 2009 Preferential Telecommunications Service Access Networks Lakshmi Raman, Senior Staff Engineer Intellectual Ventures.
Rfc4474bis-01 IETF 89 (London) STIR WG Jon & Cullen.
Early Media Authorization Under what conditions should negotiated media flow prior to 200 OK (INVITE)? Richard Ejzak.
Draft-lemonade-imap-submit-01.txt “Forward without Download” Allow IMAP client to include previously- received message (or parts) in or as new message.
STIR Secure Telephone Identity. Context and drivers STIR Working Group Charter Problem Statement Threats Status of work Related work and links Introduction.
Dorian Grid Identity Management and Federation Dialogue Workshop II Edinburgh, Scotland February 9-10, 2006 Stephen Langella Department.
From Extensibility to Evolvability Once upon a time, HTTP was simple – what happened?
SIP Greg Nelson Duc Pham. SIP Introduction Application-layer (signaling) control protocol for initiating a session among users Application-layer (signaling)
SDO Emergency Services Coordination Workshop (ESW06) 1 Emergency Service Identifiers Presented by Henning Schulzrinne Columbia University
An SAIC Company Telcordia View of NENA Progress on VoIP Migration Plan Telcordia Contacts: Nadine Abbott (732) An SAIC Company.
March 2006IETF65 - ECRIT1 Emergency Service Identifiers draft-ietf-ecrit-service-urn-01 Henning Schulzrinne Columbia University
Location Hiding: Problem Statement, Requirements, (and Solutions?) Richard Barnes IETF 71, Philadelphia, PA, USA.
A Use Case for SAML Extensibility Ashish Patel, France Telecom Paul Madsen, NTT.
Early Media in SIP: Problem Statement, Requirements, and Analysis of Solutions draft-barnes-sip-em-ps-req-sol Richard Barnes BBN Technologies IETF 68,
Pilot project proposal: AffiL Affiliated domain names for trust Dave Crocker Brandenburg InternetWorking bbiw.net
DTLS-SRTP Handling in SIP B2BUAs draft-ram-straw-b2bua-dtls-srtp IETF-91 Hawaii, Nov 12, 2014 Presenter: Tirumaleswar Reddy Authors: Ram Mohan, Tirumaleswar.
Architectural Considerations for GEOPRIV/ECRIT Presentation given by Hannes Tschofenig.
STIR Charter (discussion) STIR BoF Berlin, DE 7/30/2013.
Rome, Aug. 30,  Current status of vocabularies  Reorganization of CGI workgroups  Vocabulary resource management  Change URI scheme from URN.
Draft-rosen-ecrit-emergency- framework-00 Brian Rosen NeuStar CPa
1 Location Hiding Henning Schulzrinne Laura Liess Hannes Tschofenig.
Connect. Communicate. Collaborate Place organisation and project logos in this area Usage of SAML in eduGAIN Stefan Winter, RESTENA Foundation TERENA Networking.
November 2005IETF64 - ECRIT1 Emergency Service Identifiers draft-ietf-sipping-sos-01 draft-schulzrinne-sipping-service-01 Henning Schulzrinne Columbia.
PSAP Callback draft-ietf-ecrit-psap-callback Phone BCP Status Usage Scenarios.
SIP INFO Event Framework (draft-kaplan-sip-info-events-00) Hadriel Kaplan Christer Holmberg 70th IETF, Vancouver, Canada.
SIP working group IETF#70 Essential corrections Keith Drage.
Rfc4474bis-01 IETF 90 (Toronto) STIR WG Jon. First principles (yet again) Separating the work into two buckets: 1) Signaling – What fields are signed,
Interworking between SIP and QSIG for call transfer draft-rey-sipping-qsig2sip-transfer-00.txt Jean-Francois Rey Alcatel IETF59.
SIP Extensions for Network-Asserted Caller Identity and Privacy within Trusted Networks Flemming Andreasen W. Marshall, K. K. Ramakrishnan,
SAML for SIP Hannes Tschofenig, Jon Peterson, James Polk, Douglas Sicker, Marcus Tegnander.
Public Safety Answering Point (PSAP) Callbacks draft-ietf-ecrit-psap-callback-02.txt H. Schulzrinne, H. Tschofenig, M. Patel.
Protecting First-Level Responder Resources in an IP-based Emergency Services Architecture 13 th April 2007, THE FIRST INTERNATIONAL WORKSHOP ON RESEARCH.
SIP-Based or DHT-Based? November 12, 2005 Eunsoo Shim Panasonic Digital Networking Laboratory P2P SIP Ad-hoc Meeting IETF64, Vancouver.
GRUU Jonathan Rosenberg Cisco Systems. Changes in -06 Editorial as a result of RFC-ED early copy experiment.
August 2005IETF63 - SIMPLE1 Solving the identity crisis draft-ietf-geopriv-common-policy-05 Henning Schulzrinne Aki Niemi Hannes Tschofennig Jonathan Rosenberg.
Emergency Text Messaging using SIP MESSAGE draft-kim-ecrit-text-00
Location Conveyance in SIP draft-ietf-sip-location-conveyance-01 James M. Polk Brian Rosen 2 nd Aug 05.
March 20th, 2001 SIP WG meeting 50th IETF SIP WG meeting Overlap signalling handling
Extensions to the Emergency Services Architecture for dealing with Unauthenticated and Unauthorized Devices draft-ietf-ecrit-unauthenticated-access-03.txt.
7-May-02SIP/SIPPING Interim Meeting1 Application Interaction Requirements Draft-culpepper-app-interact-reqs-01.txt.
ECRIT - IETF 62 (March 2005) - Minneapolis 1 Requirements for Emergency Calling draft-schulzrinne-sipping-emergency-req-01 draft-ietf-sipping-sos-01 Henning.
End-to-middle Security in SIP
SIP for Grid networks Franco Callegati, Aldo Campi, Walter Cerroni
ECRIT Interim: SIP Location Conveyance
Kumiko Ono End-to-middle Security in SIP draft-ietf-sipping-e2m-sec-reqs-04 draft-ono-sipping-end2middle-security-03 Kumiko Ono.
draft-lemonade-imap-submit-01.txt “Forward without Download”
Request History Capability – Requirements & Solution
PSAP Callback Identifier
Request-URI Param Delivery
Chris Wendt, David Hancock (Comcast)
draft-ietf-ecrit-rough-loc
Emergency Service Identifiers draft-ietf-ecrit-service-urn-01
Proposed ATIS Standard for Signing of SIP RPH
Verstat Related Best Practices
Jean-François Mulé CableLabs
Flemming Andreasen SIP Extensions for Caller Identity and Privacy Flemming Andreasen
RFC PASSporT Construction 6.2 Verifier Behavior
RFC PASSporT Construction 6.2 Verifier Behavior
RFC PASSporT Construction 6.2 Verifier Behavior
Change Proposals for SHAKEN Documents
RFC Verifier Behavior Step 4: Check the Freshness of Date
IPNNI SHAKEN Enterprise Models: LEMON TWIST
SIP Session Timer Glare Handling
STIR / SHAKEN for 911 use of SHAKEN 8/7/2019
Rich Call Data Integrity Mechanism
Presentation transcript:

Proxy Authentication of the Emergency Status of SIP Calls draft-barnes-ecrit-auth-00 Richard Barnes IETF 69, Chicago, IL, USA

Problem: Two questions Location Hiding: How can a proxy tell that a call it’s processing is an emergency call, even if that call doesn’t have a location that the proxy can see? Emergency call marking: More generally, how can a proxy reliably distinguish emergency calls from non- emergency calls?

Authenticating to Proxies Goal: Enable a proxy in the signaling path that reliably distinguish between emergency and non-emergency calls –I.e., prevent fraudulent emergency calls Proxy will make a decision based on information taken from SIP messages Need to define: –An authenticator – the marking –An embedding into SIP messages

Concept prior to location hiding UAC embeds location and service URN in its INVITE message Proxy uses location and URN in a LoST lookup, verifies that returned URI is in the To: header Authenticator: location + service URN Embedding: INVITE message

Authenticators Authenticator: A data structure that a SIP proxy can use to verify that a call is an emergency call –MUST be bound to a particular call –MUST be non-forgeable –Each authenticator has a different model of what it means for a call to be an emergency call Three examples in this document –Location + service URN –Identity authenticators –Explicit emergency call indicators

Location + service URN Construction –Asserter is UAS / UAC / proxy –Insert a location object and a service URN into a SIP message Verification –Extract location object and URN –Perform LoST query –Compare mapped URI to To: header Trust model –Reliability of LoST infrastructure –LoST mapping = To:PSAP = emergency call

Location + service URN (cont’d) When the asserter is the UAC/Proxy, SIP message is INVITE, this is the current way Pros: –Simple to use in many use cases –Requires no additional authentication infrastructure (beyond LoST) Cons: –Fails when Asserter has no location –Fails if LoST information changes –Relies on trusted LoST infrastructure –Endpoint-centric definition of emergency call

Identity Authenticators Construction –Asserter is a PSAP (UAS / UAC) –Use SIP Identity or Connected-Identity to prove its identity as a PSAP Verification –Same Verifier behavior as SIP Identity Trust model –One or more PSAP credentialing authorities –Caller/callee = authenticated PSAP = emergency call

Identity Authenticators (cont’d) Pros –Uses existing SIP authentication mechanisms –Doesn’t rely on location in messages Cons –Requires credentialing PSAPs –For citizen-to-authority, requires postponing authentication until after INVITE –Still uses endpoint-centric definition of an emergency call

Explicit Indicators Construction –Asserter is authorized to assert emergency status of calls (UAC / UAS / proxy) E.g., PSAP, first responder, EMS gateway –Create a signed object that attests to the emergency status of the call Verification –Verify the signed object –Make comparisons to header fields Trust model –Trust in authorization credentialing authority –Call bearing signed object = emergency call

Explicit Indicators (cont’d) Pros –Most flexible definition of emergency calls –Doesn’t rely on location in messages –Allows delegation of authentication function, e.g. to gateway or authentication service Cons –Requires credentialing of emergency call marking authorities

SIP Embedding No specific solution here, just some requirements / desiderata –Explicit assertion / verification procedures –Minimal increase in complexity of message flows –Should allow for persisting authenticator across messages within a dialog –Should allow for all entities in the signaling path to receive authenticator

Embedding Examples Location + URN in INVITE message –Doesn’t work without client location Location + URN in INVITE OR 200 –Allows PSAP to assert based on location INVITE transaction or subsequent UPDATE (within a time period) –The Identity / Connected-Identity model Any message containing a given SIP header field –The RPH / explicit indicator model

Questions What approach do we want to take here? Can we agree on one of these authenticators, or do we need more options? –Signed LoST mappings? Do we have other requirements for a SIP embedding?