Presentation is loading. Please wait.

Presentation is loading. Please wait.

IETF 64 SIP WG Spam for Internet Telephony Prevention using Security Assertion Markup Language Draft-schwartz-sipping-spit-saml-00.txt.

Published byJonas Palmer Modified over 9 years ago

Similar presentations

Presentation on theme: "IETF 64 SIP WG Spam for Internet Telephony Prevention using Security Assertion Markup Language Draft-schwartz-sipping-spit-saml-00.txt."— Presentation transcript:

1 IETF 64 SIP WG Spam for Internet Telephony Prevention using Security Assertion Markup Language Draft-schwartz-sipping-spit-saml-00.txt

2 Draft relies on … SIP Identity Framework Security Assertion Markup Language (SAML)

3 Basic idea is … warrant certain security relevant attributes from one administrative domain to another allow destination domain or user to make intelligent filtering decisions when receiving voice calls

4 Security Attributes are … Information pertaining to a given call Composed of ‘Static’ and ‘Dynamic’ info Static addresses nature of originating domain Dynamic relating to call specific information Encoded using SAML attributes

5 IdentityStrength CostOfCall AuthenticationOfUser IdentityAssertion AuthenticationOfAccountOpening SPITSuspect CallCenter AssertionStrength 0 – Unknown 1 – Free Service 2 – Paying service (e.g., billing address) 3 – Physical premises verified 4 – Cryptographic authentication of identity n calls per minute from one user Small % of dialed/answered calls Small % of repeat/distinct calls n calls of the same length Calls to sequential destination numbers value is 0-9 increasing in threat Sample Security Attributes

6 Using SAML to embed attributes <saml:Assertion xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" MajorVersion="1" MinorVersion="1" AssertionID="P1YaAz/tP6U/fsw/xA+jax5TPxQ=" Issuer="mediator.com" IssueInstant="2005-03-12T17:15:32.753Z"> <saml:Conditions NotBefore="2005-03-12T17:10:32.753Z" NotOnOrAfter="2005-03-12T17:20:32.753Z" /> … <saml:Attribute AttributeName=“IdentityStrength” AttributeNamespace=“http://OriginationDomain.com”> 1 …

7 Thank You David Schwartz david.schwartz@kayote.com

Download ppt "IETF 64 SIP WG Spam for Internet Telephony Prevention using Security Assertion Markup Language Draft-schwartz-sipping-spit-saml-00.txt."

Similar presentations

802.1AF - directions define requirements to find and create connections in terms of Discovery - Authentication - Enable 1.Discover of what can be done.

802.1AF - directions define requirements to find and create connections in terms of Discovery - Authentication - Enable 1.Discover of what can be done.
SAML CCOW Work Item: Task 2

SAML CCOW Work Item: Task 2
IETF 71 SIPPING WG meeting draft-ietf-sipping-pai-update-00.

IETF 71 SIPPING WG meeting draft-ietf-sipping-pai-update-00.
Authentication & Kerberos

Authentication & Kerberos
1 Security Assertion Markup Language (SAML). 2 SAML Goals Create trusted security statements –Example: Bill’s address is and he was authenticated.

1 Security Assertion Markup Language (SAML). 2 SAML Goals Create trusted security statements –Example: Bill’s address is and he was authenticated.
Access Control Patterns & Practices with WSO2 Middleware Prabath Siriwardena.

Access Control Patterns & Practices with WSO2 Middleware Prabath Siriwardena.
1 ARPA A regional infrastructure for secure role-based access to RTRT services Ing. Laura Castellani Tuscany Region.

1 ARPA A regional infrastructure for secure role-based access to RTRT services Ing. Laura Castellani Tuscany Region.
Authz work in GGF David Chadwick

Authz work in GGF David Chadwick
Dorian Grid Identity Management and Federation Dialogue Workshop II Edinburgh, Scotland February 9-10, 2006 Stephen Langella Department.

Dorian Grid Identity Management and Federation Dialogue Workshop II Edinburgh, Scotland February 9-10, 2006 Stephen Langella Department.
9,825,461,087,64 10,91 6,00 0,00 8,00 SIP Identity Usage in Enterprise Scenarios IETF #64 Vancouver, 11/2005 draft-fries-sipping-identity-enterprise-scenario-01.txt.

9,825,461,087,64 10,91 6,00 0,00 8,00 SIP Identity Usage in Enterprise Scenarios IETF #64 Vancouver, 11/2005 draft-fries-sipping-identity-enterprise-scenario-01.txt.
Will Darby 91.514 5 April 2010.  What is Federated Security  Example Implementations  Security Assertion Markup Language (SAML) Overview  Alternative.

Will Darby April  What is Federated Security  Example Implementations  Security Assertion Markup Language (SAML) Overview  Alternative.
SAML Overview Woosik Lee 2011. 1. 3 Ubiquitous Network System Laboratory Kyonggi University 신묘년 새해 복 많이 받으세요 ^^

SAML Overview Woosik Lee Ubiquitous Network System Laboratory Kyonggi University 신묘년 새해 복 많이 받으세요 ^^
95-804 Applied Cryptography Week 13 SAML 1 95-804 Applied Cryptography SAML and XACML Mike McCarthy Week 13.

Applied Cryptography Week 13 SAML Applied Cryptography SAML and XACML Mike McCarthy Week 13.
Shibboleth & IMPETUS 1.What are they? 2.Demo. Shibboleth - A system to support the sharing of Web resources among organisations IMPETUS - Infrastructure.

Shibboleth & IMPETUS 1.What are they? 2.Demo. Shibboleth - A system to support the sharing of Web resources among organisations IMPETUS - Infrastructure.
Copyright B. Wilkinson, 2008. This material is the property of Professor Barry Wilkinson (UNC-Charlotte) and is for the sole and exclusive use of the students.

Copyright B. Wilkinson, This material is the property of Professor Barry Wilkinson (UNC-Charlotte) and is for the sole and exclusive use of the students.
FI-WARE – Future Internet Core Platform FI-WARE Security July 2011 High-level Description.

FI-WARE – Future Internet Core Platform FI-WARE Security July 2011 High-level Description.
A Use Case for SAML Extensibility Ashish Patel, France Telecom Paul Madsen, NTT.

A Use Case for SAML Extensibility Ashish Patel, France Telecom Paul Madsen, NTT.
1 On Breaking SAML: Be Whoever You Want to Be Juraj Somorovsky, 21st USENIX Security Symposium On Breaking SAML: Be Whoever You Want to Be Juraj Somorovsky.

1 On Breaking SAML: Be Whoever You Want to Be Juraj Somorovsky, 21st USENIX Security Symposium On Breaking SAML: Be Whoever You Want to Be Juraj Somorovsky.
Credential Provider Operational Practices Statement CAMP Shibboleth June 29, 2004 David Wasley.

Credential Provider Operational Practices Statement CAMP Shibboleth June 29, 2004 David Wasley.
Authorization architecture sketches draft-selander-core-access-control-02 draft-gerdes-core-dcaf-authorize-02 draft-seitz-ace-design-considerations-00.

Authorization architecture sketches draft-selander-core-access-control-02 draft-gerdes-core-dcaf-authorize-02 draft-seitz-ace-design-considerations-00.

Similar presentations

Ads by Google