SIP.edu & VoIP Security 2nd Workshop on Securing VoIP June 1-2, Washington, DC Ben Teitelbaum 2nd Workshop on Securing.

Slides:



Advertisements
Similar presentations
Polycom Unified Collaboration for IBM Lotus Sametime and IBM Lotus Notes January 2010.
Advertisements

Computer Networks TCP/IP Protocol Suite.
1 UNIT I (Contd..) High-Speed LANs. 2 Introduction Fast Ethernet and Gigabit Ethernet Fast Ethernet and Gigabit Ethernet Fibre Channel Fibre Channel High-speed.
SIP, Presence and Instant Messaging
IM May 24, 2000 Introduction to SIP Jonathan Rosenberg Chief Scientist.
VON Europe /19/00 SIP and the Future of VON Protocols SIP and the Future of VON Protocols: Presence and IM Jonathan Rosenberg.
Network Monitoring System In CSTNET Long Chun China Science & Technology Network.
1 Optical network CERNET's experience and prospective Xing Li, Congxiao Bao
Lee, Seungjun ( ) Korea Advanced Institute of Science and Technology August 28, 2003 APAN Measurement WG meeting eTOP End-to-end.
E2E performance measurement
Security Issues In Mobile IP
S outheastern U niversities R esearch A ssociation SURA SURA & Internet2: Abouts & In Support Ofs Mary Fran Yafchak IT Program Coordinator, SURA Co-Chair,
Unleashing the Power of IP Communications Calling Across The Boundaries Mike Burkett, VP Products April 25, 2002.
Internet2 Infrastructure. An advanced networking consortium whose members include: – 221 U.S. universities – 45 leading corporations – 66 government agencies,
22 July 2003 Internet2, Connectivity, and Advanced Interpersonal Communications Ben Teitelbaum.
24 September 2003 Internet2, Connectivity, and Advanced Interpersonal Communications Ben Teitelbaum Dennis Baron Jeremy George.
Connectivity for Advanced VoIP and Integrated Communications National Internet2 Day March 18 th, 2004 Ben Teitelbaum, Internet2 For this and other talks...
29 September 2003 Internet2 VoIP and PIC in a Nutshell Ben Teitelbaum.
Ben Teitelbaum Dennis Baron Tyler Johnson Walt Magnussen Jeremy George Spring 2005 VON San Jose, CA Partnering with Internet2 to Develop Next-Generation.
ISN in a Nutshell Ben Teitelbaum
Advancing Real Time Communication on Campus Douglas E. Van Houweling President and CEO, Internet2 10 March 2004.
Partnering with Internet2 to Develop Next-Generation Campus Services Ben Teitelbaum Dennis Baron Tyler Johnson
SI-501 Mini-Talk, Ann Arbor, MI February 9 th, 2005 Internet2's Voice and Integrated Communications Initiatives SI-501 Mini-Talk Ann Arbor, MI February.
Protocol layers and Wireshark Rahul Hiran TDTS11:Computer Networks and Internet Protocols 1 Note: T he slides are adapted and modified based on slides.
Voice Security Interop 2009 Mark D. Collier SecureLogix Corporation
INTERNET PROTOCOLS Class 9 CSCI 6433 David C. Roberts Entire contents copyright 2011, David C. Roberts, all rights reserved.
1 IP Telephony (VoIP) CSI4118 Fall Introduction (1) A recent application of Internet technology – Voice over IP (VoIP): Transmission of voice.
Selecting an Advanced Energy Management System May 2007 Chris Greenwell – Director Energy Markets Scott Muench - Manager Technical Sales © 2007 Tridium,
Chapter 1: Introduction to Scaling Networks
1 The phone in the cloud Utilizing resources hosted anywhere Claes Nilsson.
Packetizer ® Copyright © 2007 A Concept for the Advanced Multimedia System (AMS) Paul E. Jones Rapporteur ITU-T Q12/16 July 30, 2007.
Discovering Computers Fundamentals, 2012 Edition
© 2006 Cisco Systems, Inc. All rights reserved. MPLS v MPLS VPN Technology Introducing MPLS VPN Architecture.
Mobile IP. 2 N+I_2k © 2000, Peter Tomsu 02_mobile_ip Evolution of Data Services Mobile IP GSM GPRS CDMA Other Cellular Circuit Switched Data Today Packet.
IPv4 to IPv6 transition ALS Capacity Building April 2014
© 2005 AT&T, All Rights Reserved. 11 July 2005 AT&T Enhanced VPN Services Performance Reporting and Web Tools Presenter : Sam Levine x111.
Emerging Technologies in Higher Education: Big School Solutions to Small School Problems John OKeefe Director, Academic Technology and Network Services.
Johan Garcia Karlstads Universitet Datavetenskap 1 Datakommunikation II Signaling/Voice over IP / SIP Based on material from Henning Schulzrinne, Columbia.
IP Multicast Information management 2 Groep T Leuven – Information department 2/14 Agenda •Why IP Multicast ? •Multicast fundamentals •Intradomain.
25 July, 2014 Hailiang Mei, TU/e Computer Science, System Architecture and Networking 1 Hailiang Mei Remote Terminal Management.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 EN0129 PC AND NETWORK TECHNOLOGY I IP ADDRESSING AND SUBNETS Derived From CCNA Network Fundamentals.
1 © 2004, Cisco Systems, Inc. All rights reserved. CCNA 1 v3.1 Module 10 Routing Fundamentals and Subnets.
1 Introduction to Network Layer Lesson 09 NETS2150/2850 School of Information Technologies.
1 © 2004, Cisco Systems, Inc. All rights reserved. CCNA 1 v3.1 Module 2 Networking Fundamentals.
The Internet–Illustrated Introductory, Fourth Edition
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Addressing the Network – IPv4 Network Fundamentals – Chapter 6.
What An Application Wants Glenn Ricart June 5, 2014.
1 © 2004, Cisco Systems, Inc. All rights reserved. CCNA 1 v3.1 Module 9 TCP/IP Protocol Suite and IP Addressing.
VPN AND REMOTE ACCESS Mohammad S. Hasan 1 VPN and Remote Access.
ONE PLANET ONE NETWORK A MILLION POSSIBILITIES Barry Joseph Director, Offer and Product Management.
WAN Technology Overview Lecture 3: Introduction to WAN.
Andmeside IRT 0030 loeng nov Avo Ots telekommunikatsiooni õppetool raadio- ja sidetehnika instituut
SIP.edu Speaker: Changyu Wu Adviser: Quincy Wu Date:2006/12/18.
13 September 2015 The Abilene Observatory and Network Research Rick Summerhill, Director Network Research, Architecture, and Technology, Internet2 Joint.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Identifying Application Impacts on Network Design Designing and Supporting Computer.
The Research and Education Network: Platform for Innovation Heather Boyles, Next Generation Network Symposium Malaysia 2007-March-15.
Np133 Dennis Baron, September 19, 2005 Page 1 SIP.edu Working Group Meeting Internet2 Fall Member Meeting Dennis Baron September 19, 2005.
The Future of the Internet and Internet2 IEC Executive 2001 Douglas E. Van Houweling President and CEO, UCAID IEC Executive
ASCR/ESnet Network Requirements an Internet2 Perspective 2009 ASCR/ESnet Network Requirements Workshop April 15/16, 2009 Richard Carlson -- Internet2.
Abilene Observatory Chris Robb Indiana University APAN Engineering Workshop 2004 Slides prepared by Chris Small, IU Global NOC Software Engineer.
Internet2 Network Observatory Update Matt Zekauskas, Measurement SIG 2006 Fall Member Meeting 4-Dec-2006.
March 31, 2003 Dennis Baron MIT SIP Presentation.
Advanced Networks: The Past and the Future – The Internet2 Perspective APAN 7 July 2004, Cairns, Australia Douglas Van Houweling, President & CEO Internet2.
What’s Happening at Internet2 Renee Woodten Frost Associate Director Middleware and Security 8 March 2005.
Advanced research and education networking in the United States: the Internet2 experience Heather Boyles Director, Member and Partner Relations Internet2.
05 October 2001 End-to-End Performance Initiative Network Measurement Matt Zekauskas, Fall 2001 Internet2 Member Meeting Network Measurement.
SOSIMPLE: A Serverless, Standards- based, P2P SIP Communication System David A. Bryan and Bruce B. Lowekamp College of William and Mary Cullen Jennings.
INDIANAUNIVERSITYINDIANAUNIVERSITY IRNC Measurement John Hicks HPCC Engineer Indiana University 18 th APAN Meeting – Cairns 4-July-2004.
Pfizer Internet2 Day Douglas E. Van Houweling President and CEO, UCAID
IPv6 in Internet2 This is a general overview presentation about Internet2. Internet2 is a consortium, led by US universities, which is recreating the partnership.
Presentation transcript:

SIP.edu & VoIP Security 2nd Workshop on Securing VoIP June 1-2, Washington, DC Ben Teitelbaum 2nd Workshop on Securing VoIP June 1-2, Washington, DC Ben Teitelbaum

SIP.edu and VoIP Security2 nd Workshop on Securing VoIPJune 1-2Washington, DC 2 Outline Internet2 SIP.edu Goal Architecture Status Security Concerns Abilene Observatory VoIP Observatory?

SIP.edu and VoIP Security2 nd Workshop on Securing VoIPJune 1-2Washington, DC 3 Internet2 Who? Elevator Explanation Internet2's mission is to develop and deploy advanced network applications and technologies, accelerating the creation of tomorrows Internet Who we really are Membership organization of 200+ US research universities Parent 501.3c (UCAID) has board of university presidents Project supported by numerous partnerships (government, industry, international) Goals Enable new generation of applications Re-create leading edge R&E network capability Transfer capability to global production internet

SIP.edu and VoIP Security2 nd Workshop on Securing VoIPJune 1-2Washington, DC 4 Internet2 Universities 206 University Members, March 2005

SIP.edu and VoIP Security2 nd Workshop on Securing VoIPJune 1-2Washington, DC 5 High Performance Networks

SIP.edu and VoIP Security2 nd Workshop on Securing VoIPJune 1-2Washington, DC 6 Internet2 Partnerships Internet2 universities are recreating the partnerships that fostered the Internet in its infancy Industry Government International Additional Participation Over 60 Internet2 Corporate Members Over 40 Affiliate Members New Association Member Category Over 30 International Partners

SIP.edu and VoIP Security2 nd Workshop on Securing VoIPJune 1-2Washington, DC 7 Sponsored Education Group Participants

SIP.edu and VoIP Security2 nd Workshop on Securing VoIPJune 1-2Washington, DC 8 Internet2 Focus Areas Advanced Network Infrastructure 10 GB Abilene backbone Advanced regional networks 100 MB to the desktop National fiber-optic facility Middleware Directories Authentication Authorization Engineering Multicast IPv6 Measurement New Arch Advanced Applications Gigabit+ file transfer High-end video Remote instrumentation Distributed computation Virtual co- laboratories Distance learning Integrated Communications

SIP.edu and VoIP Security2 nd Workshop on Securing VoIPJune 1-2Washington, DC 9 Advanced Applications (high-end, few users)

SIP.edu and VoIP Security2 nd Workshop on Securing VoIPJune 1-2Washington, DC 10 Many ways VoIP can be better… Multi-media integration Integration with campus IT assets Use of IPv6 and Multicast Fidelity Addressing Mobility Privacy Survivability Emergency services Advanced Communications (less high-end, many users) * Drawings by VoIP user, Louis Teitelbaum (age 6)

SIP.edu and VoIP Security2 nd Workshop on Securing VoIPJune 1-2Washington, DC 11 Internet2s Secret Sauce Demographics ~3.8 million students (tech-savvy, talk a lot, adapt easily) And, by the way, they graduate (tech-transfer à la ) Institutional Commitments Internet2 members have committed to advance IP communications and promote collaborative apps Commitment to advance communication way beyond POTS Connectivity Great networking connectivity and campus middleware High-bandwidth, low-loss, low-jitter End-to-end transparency (few NATs) Emerging middleware infrastructure for authentication & authorization IPv6 and multicast too! Strong commitment to open standards

SIP.edu and VoIP Security2 nd Workshop on Securing VoIPJune 1-2Washington, DC 12 SIP.edu Working Group Fearless Leader Dennis Baron, MIT (Chair) Web Site

SIP.edu and VoIP Security2 nd Workshop on Securing VoIPJune 1-2Washington, DC 13 Ends and Means Ends Grow SIP connectivity in Internet2 Increase value proposition for end-user SIP adoption Promote SIP and converged identity Provide a useful service, while supporting R&D Means Cookbook with various recipes Corporate sponsorship and promotional pricing Cisco, Avaya, Pulver.com so far Build community

SIP.edu and VoIP Security2 nd Workshop on Securing VoIPJune 1-2Washington, DC 14 Users should not be burdened with device addresses, when its people they care about Addresses should be mnemonic and empower enterprises to manage the identities of their users Its time to put E.164 numbers behind us! A.G. Bell did not say: , come here. I need you! Why Phone NUMBERS?

SIP.edu and VoIP Security2 nd Workshop on Securing VoIPJune 1-2Washington, DC 15 SIP.edu Architecture v0.1 SIP Proxy SIP-PBX Gateway PBX INVITE INVITE DNS SRV query sip.udp.bigu.edu telephoneNumber where mail=bob PRI / CAS bigu.edu Campus Directory Bob's Phone DNS SRV SIP User Agent

SIP.edu and VoIP Security2 nd Workshop on Securing VoIPJune 1-2Washington, DC 16 INVITE DNS SRV query sip.udp.bigu.edu bigu.edu SIP User Agent location DB REGISTER (Contact: ) INVITE SIP Proxy Bob's SIP Phones SIP Registrar IP Voice, Video, IM,... If Bob has registered, ring his SIP UAs; Else, call his extension through the PBX. SIP.edu Architecture v0.2 DNS SRV

SIP.edu and VoIP Security2 nd Workshop on Securing VoIPJune 1-2Washington, DC 17 Campus Deployments

SIP.edu and VoIP Security2 nd Workshop on Securing VoIPJune 1-2Washington, DC 18 SIP.edu Security Considerations VoIP is wonderful, but returns us to the bad old days of in-band signaling DoS, SPIT, SPIM, Spideo, all concerns Toll fraud - not so much SIP.edu community looking seriously at draft-ietf-sip-identity-05 (Peterson & Jennings) to deter spoofing Possible leverage of Shibboleth / InCommon PKI

SIP.edu and VoIP Security2 nd Workshop on Securing VoIPJune 1-2Washington, DC 19 Security Should Not Compromise Security CALEA Tapping boxes could introduce fragility Tapping boxes could be hacked 911 Short-term solutions could delay the deployment of much better long-term solutions IP-enabled PSAPs Better 911: multimedia, testability, low-cost, robustness Columbia/Texas A&M/Internet2/NENA NG911 project Priority and preemption systems Open new opportunities for DoS attacks Best-effort is often what you want in a crisis

SIP.edu and VoIP Security2 nd Workshop on Securing VoIPJune 1-2Washington, DC 20 SIP.edu Goals Revisted Provide a useful service… User-to-user connectivity to support mass- use of new collaborative applications Eventual evolution of testbed deployments into production services …while supporting R&D Experimental deployment of new solutions Access to statistics & measurement data

SIP.edu and VoIP Security2 nd Workshop on Securing VoIPJune 1-2Washington, DC 21 Abilene Observatory - Summary History and Motivation What is the Observatory? Collocation Projects Internet2 and NOC Measurements Data Collections Examples of Research Results Participation in Research Proposals Future Directions Issues

SIP.edu and VoIP Security2 nd Workshop on Securing VoIPJune 1-2Washington, DC 22 History and Motivation Original Abilene racks included measurement devices Included a single PC Early OWAMP, surveyor measurements Optical splitters at some locations Motivation was primarily operational Data collections Collected and maintained by the NOC How is the network performing? Available to other network operators Data also proved valuable for research purposes

SIP.edu and VoIP Security2 nd Workshop on Securing VoIPJune 1-2Washington, DC 23 History and Motivation An important decision was made during the last upgrade process (Juniper T-640 routers and OC-192c) Two racks, one dedicated to measurement platform Potential for research community to collocate Created two components to the Observatory Collocation - research groups are able to collocate equipment in the Abilene router nodes Measurement - data is collected by the NOC, the Ohio ITEC, and Internet2, and made available to the research community

SIP.edu and VoIP Security2 nd Workshop on Securing VoIPJune 1-2Washington, DC 24 Abilene router node Power Out-of-band Eth. Switch T-640 (M-5) Power (48VDC) Measurement Machines (nms) Space! Measurement (Observatory) Rack

SIP.edu and VoIP Security2 nd Workshop on Securing VoIPJune 1-2Washington, DC 25 Dedicated servers at each node Houston Router Node NMS machines PlanetLab machines

SIP.edu and VoIP Security2 nd Workshop on Securing VoIPJune 1-2Washington, DC 26 Collocation Research Projects PlanetLab – Nodes installed in all Abilene Router Nodes PlanetLab is a global overlay network for developing and accessing new network services Goal is deploy 1000 nodes in a variety of networks Designed to support both short-term experiments and long-running services Larry Peterson, Princeton University is Research Lead Potential new direction using MPLS L2VPNs

SIP.edu and VoIP Security2 nd Workshop on Securing VoIPJune 1-2Washington, DC 27 Collocation Projects The AMP Project – Active Measurement Platform, Deployed in all Abilene Router Nodes More than 150 nodes deployed worldwide Measurements include path, round-trip-time, packet loss and on demand throughput tests Project of NLANR/MNA Tony McGregor NLANR/MNA, Waikato University is Research Lead

SIP.edu and VoIP Security2 nd Workshop on Securing VoIPJune 1-2Washington, DC 28 Collocation Projects The PMA Project – Passive Measurement and Analysis, Deployed at Abilene Indianapolis Router Node Analysis of header traces from over 20 sites, including OC-192 circuits in Abilene Header traces of all packets in and out of the Indianapolis Abilene router – A router clamp Joerg Micheel, NLANR/MNA, San Diego Supercomputer Center, UCSD, is research lead

SIP.edu and VoIP Security2 nd Workshop on Securing VoIPJune 1-2Washington, DC 29 Measurement Capabilities One way latency, jitter, loss IPv4 and IPv6 Regular TCP/UDP throughput tests – ~1 Gbps IPv4 and IPv6; On-demand available (see pipes) SNMP (NOC) Octets, packets, errors; collected frequently Netflow (ITEC Ohio) Addresses anonymized by 0-ing the low order 11 bits Multicast beacon with historical data Routing data Both IGP and BGP - Measurement device participates in both Japanese research techniques on routing research were implemented

SIP.edu and VoIP Security2 nd Workshop on Securing VoIPJune 1-2Washington, DC 30 Databases – Date Types Data is collected locally and stored in a distributed databases Databases Usage Data Netflow Data Routing Data Latency Data Throughput Data Router Data Syslog Data

SIP.edu and VoIP Security2 nd Workshop on Securing VoIPJune 1-2Washington, DC 31 Databases - Interface Variety of Interfaces to data Simple web based for usage data Rsync for netflow Simple web based for routing data SOAP interface for latency data SOAP interface for throughput data SOAP interface for Router data Syslog data still under development

SIP.edu and VoIP Security2 nd Workshop on Securing VoIPJune 1-2Washington, DC 32 SIP.edu Observatory? Could the Abilene Observatory be leveraged to support VoIP security research? Are additional data (e.g. anonymized proxy logs) needed to support VoIP security research?

SIP.edu and VoIP Security2 nd Workshop on Securing VoIPJune 1-2Washington, DC 33

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.