Generic Security Services API authentication support for the Session Initiation Protocol

Strand, Lars; Noll, Josef; Leister, Wolfgang

Home // AICT 2011, The Seventh Advanced International Conference on Telecommunications // View article

Generic Security Services API authentication support for the Session Initiation Protocol

Authors:
Lars Strand
Josef Noll
Wolfgang Leister

Keywords: VoIP, SIP, authentication, GSS-API, SPNEGO

Abstract:
The mandatory and most deployed authentication method used in the Session Initiaton Protocol, the Digest Access Authentication method, is weak. Other, more secure authentication methods have emerged, but have seen little adoption yet. In this paper, support for using a generic authentication method, the Generic Security Services API, is added to the Session Initiaton Protocol. When using this method, the Session Initation Protocol does not need to support nor implement other authentication methods, only use the provided API library. This enables the Session Initiation Protocol to transparently support and use more secure authentication methods in a unified and generic way. As the suggested method includes a modification of the Session Initiation Protocol, an initial deployment strategy towards the Generic Security Services API authentication methods is added. To negotiate an authentication service, we use the pseudo security mechanism Simple and Protected GSS-API Negotiation Mechanism.

Pages: 117 to 122

Copyright: Copyright (c) IARIA, 2011

Publication date: March 20, 2011

Published in: conference

ISSN: 2308-4030

ISBN: 978-1-61208-123-6

Location: St. Maarten, The Netherlands Antilles

Dates: from March 20, 2011 to March 25, 2011