Requirements for IPsec Negotiation in the SIP Framework draft-saito-mmusic-ipsec-negotiation-req-00.txt August 1, 2005 Makoto Saito (ma.saito@ntt.com) Shingo Fujimoto (shingo_fujimoto@jp.fujitsu.com) 1 Motivation • To secure communication between SIP- enabled home appliances . – Applicable to Proprietary Media Protocols – One Generic Security Protocol • Proposal: IPsec!! – But, no standard key-exchange mechanism for IPsec within SIP/SDP. RTP HTTP FTP SNMP ... ... ... Application L2TP Proprietary-1 SRTP HTTPS Security IPsec 2 1
Where and how can it be used? • Assumptions Use Cases – Trusted 3rd Party Model • ISPs ’ SIP proxies assure identification of UAs – Mutual Trust between Domains (ISPs?) Proxy-1 Proxy-2 (ISP1) (ISP2) Trust Trust Trust UA-1@ISP1 UA-2@ISP2 3 Use Case 1: Remote Device Control • Home Security Service Controlling Sensors, Cameras, etc. • Secure Access via the Internet Trust & Proxy Secure Channel (ISP) Trust & Secure Channel Security Devices, Control Device Home Appliances Sessions over IPsec 4 2
Use Case 2: Visual Communication • P2P Communication between Users Proprietary protocols are often used. (Not always RTP) • Secure Access via the Internet Trust & Trust & Proxy Secure Channel Secure Channel (ISP) Sessions over IPsec 5 Requirements for Security Protocol • Security • Reduction of Resources – Transaction Load – Implementation Cost • Connectivity – Protocol Interoperability, Scalability • Generic Use – Independent of Applications IPsec meets these requirements 6 3
Possible Key-Exchange Solutions Conformance Calculation Implementation Load with SDP IKE Full IKE No High needed (RFC2409) KINK External Kerberos No Low system needed (work in progress) MIKEY in SDP High Yes with kmgmt Low Security Yes in SDP *SDP must be Descriptions secured. 7 IPsec Negotiation in SIP UA-1 Proxy UA-2 INVITE INVITE Get Address & Get Address & Port of UA-1 Port of UA-2 200 OK 200 OK IPsec SA for UA-1 is configured ACK ACK IPsec SA for UA-2 is configured Media Session over IPsec 8 4
Summary • Home appliances need security with their resources reduced. ----- IPsec is proposed. • Standard mechanism to configure IPsec based on SDP information is needed. • Concept of Security Descriptions may be a better solution. 9 Discussions in MMUSIC ML • Why SIP to configure IPsec? – IP addresses of devices (necessary for IPsec configuration) are not static. They are determined during SDP negotiation. • Why not IKE for key-exchange? – It is still necessary to transmit the information from SDP to IKE. It ’ s efficient to exchange IPsec keys during SDP negotiation. 10 5
Next Steps • Suggestions? • Discussions? • MMUSIC WG item? 11 6
Recommend
More recommend