Presentation is loading. Please wait.

Presentation is loading. Please wait.

VoIP Meeting Authentication/Authorization 19/04/2006 Bea Huber, Fabio Vena.

Published byDorcas Simpson Modified over 9 years ago

Similar presentations

Presentation on theme: "VoIP Meeting Authentication/Authorization 19/04/2006 Bea Huber, Fabio Vena."— Presentation transcript:

1 VoIP Meeting Authentication/Authorization 19/04/2006 Bea Huber, Fabio Vena

2 Roll Call Jan Ruzicka (CESNET) Erik Dobbelsteijn (SURFNET) Joao Pereira (FCCN) Antonio Pinizzotto, Marco Sommani (CNR) Bea Huber, Fabio Vena (SWITCH)

3 Meeting Objectives In this meeting we talked about the different AA mechanisms used in SIP deployments and discuss how existing AA Infrastructures (Radius/Eduroam, LDAP, SAML/Shibboleth/A-Select...) can be used also for SIP AA. In relation with the last Meeting (Architectures) we also discussed if it makes sense to have a centralized or a decentralized AA mechanism.

4 Enduser - Server Auth I FCCN: prefers decentralized architecture and authentication mechanism start with a centralized solution, slowly implement the sip domains in the university putting gateways in the legacy pbx, IP based auth. in the central services, central proxy CNR: Deploys 2 infrastructures, auth is important only when calls are routet to telco Architectures is decentralized, organisation is responsible for auth.

5 Enduser - Server Auth II CESNET: H.323 centralized - Central gatekeepers for pbx gateways and on demand accounts for IP clients at cesnet gk.SIP hybrid. Start point - multidomain proxy, serving the domains of institutions to show the service (on demand, need for SRV records in the name servers of the institution, 4 at this time). Local SIP accounts are created after succesful eduroam authentication (in the home domain). Centralized Call-in possibility - calls to connected institution pbxs could be routed trough @cesnet.cz domain.SIP final state - decentralized as much as possible - better integration into institutional environment, decentralized (home)AA for intra domain and sort of federated AA for interdomain and shared resources like MCU and so on.

6 Enduser - Server Auth III SURFNET: A-Select......, concentrating in webbased clients, radius based auth for other clients. SWITCH: Wants to use existing Auth mechanisms such as Shibboleth or Radius. But hard to implement especially in centralized architecture. As an alternative implement decentralized architecture. Each institution choose auth mechanisms according to their existing infrastructure. Radius login are already in wide use in conjunction with eduroam and can be reused for SIP auth.

7 Enduser - Enduser Auth FCCN already tested EE Auth with certificates, used self-signed or free certificates? SWITCH mentioned that there are activities to establish Terena Certificates and this CA could also be used for SIP AA. EE Auth not tested with SBC‘s which acts as Back-to-back UA.

8 Conclusion Distributed architecture to avoid auth problems, local attached databases, currently yes, nut no happy solution

9 AOB Discussion about TNC SIP Workshop We should hold a BOF for take some conclusion of this meetings and decide how to go on, TF? Fabio will contact Catalin for organizing it Flip ENUM / Billing Meeting next week

Download ppt "VoIP Meeting Authentication/Authorization 19/04/2006 Bea Huber, Fabio Vena."

Similar presentations

Lousy Introduction into SWITCHaai

Lousy Introduction into SWITCHaai
High-quality Internet for higher education and research Plaats en datum …and possible roles of the NRN VoIP scenarios within NRN networks Erik Dobbelsteijn.

High-quality Internet for higher education and research Plaats en datum …and possible roles of the NRN VoIP scenarios within NRN networks Erik Dobbelsteijn.
OhioNET EZProxy Service

OhioNET EZProxy Service
Terena Mobility Taskforce update Klaas Wierenga SURFnet.

Terena Mobility Taskforce update Klaas Wierenga SURFnet.
Licia Florio EUNIS05, Manchester 1 Eduroam EUNIS Conference, June 22 2005 Licia Florio.

Licia Florio EUNIS05, Manchester 1 Eduroam EUNIS Conference, June Licia Florio.
ELAG Trondheim 2004 1 Distributed Access Control - BIBSYS and the FEIDE solution Sigbjørn Holmslet, BIBSYS, Norway Ingrid Melve, UNINET, Norway.

ELAG Trondheim Distributed Access Control - BIBSYS and the FEIDE solution Sigbjørn Holmslet, BIBSYS, Norway Ingrid Melve, UNINET, Norway.
Connect communicate collaborate Eduroam debugging Gurvinder Singh and Gunnar Bøe, Campus Networks and Systems, UNINETT AMRES Wireless workshop Belgrade,

Connect communicate collaborate Eduroam debugging Gurvinder Singh and Gunnar Bøe, Campus Networks and Systems, UNINETT AMRES Wireless workshop Belgrade,
Voxiplus.

Voxiplus.
Access management for repositories: challenges and approaches for MAMS James Dalziel Professor of Learning Technology and Director, Macquarie E-Learning.

Access management for repositories: challenges and approaches for MAMS James Dalziel Professor of Learning Technology and Director, Macquarie E-Learning.
SIP and IMS Enabled Residential Gateway Sergio Romero Telefónica I+D Jan Önnegren Ericsson AB Alex De Smedt Thomson Telecom.

SIP and IMS Enabled Residential Gateway Sergio Romero Telefónica I+D Jan Önnegren Ericsson AB Alex De Smedt Thomson Telecom.
Agenda Introduction Requirements Architecture Issues Implementation Q/A Kundan Singh and Henning Schulzrinne, Columbia University.

Agenda Introduction Requirements Architecture Issues Implementation Q/A Kundan Singh and Henning Schulzrinne, Columbia University.
SIP.edu : OpenSER in an academic environment OpenSER SUMMIT - VON – Berlin 2006.

SIP.edu : OpenSER in an academic environment OpenSER SUMMIT - VON – Berlin 2006.
TF Mobility Group 22nd September 20031 A comparison of each national solution was made against Del C – “requirements”, the following solutions were assessed.

TF Mobility Group 22nd September A comparison of each national solution was made against Del C – “requirements”, the following solutions were assessed.
Connect. Communicate. Collaborate Proposed SA Videoconference Plans for Year 4 plus 6 Months (M37 to M54) János Mohácsi, András Kovács (NIIF/HUNGARNET)

Connect. Communicate. Collaborate Proposed SA Videoconference Plans for Year 4 plus 6 Months (M37 to M54) János Mohácsi, András Kovács (NIIF/HUNGARNET)
EduRoam ESA workshop 17 December 2004 Utrecht.

EduRoam ESA workshop 17 December 2004 Utrecht.
EduRoam: movilidad por Europa... y España Toledo, 29 de octubre de 2004

EduRoam: movilidad por Europa... y España Toledo, 29 de octubre de 2004
Deliverable H: the interoperability testbed design Klaas Wierenga SURFnet.

Deliverable H: the interoperability testbed design Klaas Wierenga SURFnet.
VoIP with the Asterisk PBX Mike Gerschefske Justin Gray James Yoo.

VoIP with the Asterisk PBX Mike Gerschefske Justin Gray James Yoo.
7/14/2000TWIST 2000 ClearNet: Centralized Control in a Decentralized Architecture for Online Financial Services Nasser Barghouti ONEWORLD Software Solutions.

7/14/2000TWIST 2000 ClearNet: Centralized Control in a Decentralized Architecture for Online Financial Services Nasser Barghouti ONEWORLD Software Solutions.
1 Intertex Demo at Spring VON 2004 Booth 809 Did you think VoIP was just old telephony somewhat cheaper? Not with the IX66! Live IP communication is much.

1 Intertex Demo at Spring VON 2004 Booth 809 Did you think VoIP was just old telephony somewhat cheaper? Not with the IX66! Live IP communication is much.

Similar presentations

Ads by Google