VoIP secure session assistance and call monitoring via building security gateway

Recent evolutions in high-performance computing and high speed broadband Internet access have paved a way to enterprise-wide multimedia applications, which require stern QoS from the underlying networks. In this paper, we have explored threefold studies on existing enterprise network, whereby we proposed an analytical approach to evaluate the performance of the existing network; we have examined the feasibility of existing enterprise networks to accommodate voice over Internet protocol (VoIP) services with acceptable QoS, and we have redesigned the enterprise network to accommodate VoIP services to comply with the user defined QoS. The network performance is evaluated by number of VoIP calls sustained by the network, bandwidth utilization, loss rate and latency through Network Simulation (NS-2) tool. We have derived a cost model to show the cost-effectiveness of VoIP services over telephonic network. For a medium-size enterprise network of 200 clients and 9 servers, our simulation results show that the redesign improves the network performance by increasing the number of VoIP calls by 57% and decreasing bandwidth utilization and packet loss rate by 20% and 7%, respectively. Moreover, the proposed network redesign demonstrates that the network can be scalable and it can handle up to 4% increased voice calls in the future maintaining QoS standards. INTRODUCTIONMultimedia applications combine various types of media such as audio, data, and video, where these media place high demand over stringent QoS to satisfy the users' community. Most of the data networks are Ethernet based and the network administrators find it extremely advantageous and cost effective to deploy multimedia applications over existing networks. However, the multimedia applications are sensitive to timely packet delivery with minimal delay, minimum jitter and packet loss, whereas traditional data networks are characterized by their burst traffic and high bandwidth demand at burst time. Moreover, the data networks are designed for nonreal time applications [1]. Therefore, the network administrators face real challenges in attaining high quality calls while implementing services like voice over Internet protocol (VoIP), which imposes to explore the capacity of the network prior to multimedia application deployment.Poor predeployment analysis and lack of preplanning tools may cause unsuccessful implementation of VoIP over the underlying data network. It is advisable to evaluate the number of VoIP calls that a network can handle before upgrading prematurely any part of the existing network. Furthermore, the existing data network with low quality has to be improved before deploying the multimedia applications. COMPUTER NETWORK REDESIGN 431Network simulation is one of the most predominant assessment methodologies in the area of computer networks. Even though network simulators can be divided into several categories (by protocol, technology or processing method), most general categorization is their method of simulation: discrete event or analytical simul...

Section: Related Workmentioning

confidence: 99%

Supporting multimedia applications through network redesign

Hussain

Marimuthu

Habib

2012

“…SIP is an application layer control protocol for creating, modifying, and terminating multimedia sessions between participants . As a request–response protocol, SIP authentication is inherited from HTTP digest authentication , which makes SIP vulnerable to several types of security threats and attacks such as impersonation, eavesdropping, message modification, and so on. An authentication key agreement is one of the most crucial technologies for achieving acceptable security level when SIP is used to protect the communications among the users.…”

Section: Introductionmentioning

confidence: 99%

Efficient and flexible password authenticated key agreement for Voice over Internet Protocol Session Initiation Protocol using smart card

Zhang

Tang

Cai

2013

SUMMARY Providing a suitable key agreement protocol for session initiation protocol is crucial to protecting the communication among the users over the open channel. This paper presents an efficient and flexible password authenticated key agreement protocol for session initiation protocol associated with Voice over Internet Protocol. The proposed protocol has many unique properties, such as session key agreement, mutual authentication, password updating function and the server not needing to maintain a password or verification table, and so on. In addition, our protocol is secure against the replay attack, the impersonation attack, the stolen‐verifier attack, the man‐in‐the‐middle attack, the Denning–Sacco attack, and the offline dictionary attack with or without the smart card. Copyright © 2013 John Wiley & Sons, Ltd.

“…The SIP was developed by the Internet Engineering Task Force [23] in 1996. SIP is an application layer signaling protocol for creating, modifying, and terminating multimedia sessions among one or more participants (e.g., [24][25][26][27][28][29][30]). Various authentication schemes especially using password have been proposed to provide security for SIP (e.g., [31][32][33][34][35][36][37][38][39][40][41][42][43]).…”

Section: Introductionmentioning

confidence: 99%

An improved password‐based authentication scheme for session initiation protocol using smart cards without verification table

Farash

2014

Authentication schemes have been widely deployed access control and mobility management in various communication networks. Especially, the schemes that are based on multifactor authentication such as on password and smart card come to be more practical. One of the standard authentication schemes that have been widely used for secure communication over the Internet is session initiation protocol (SIP). The original authentication scheme proposed for SIP was vulnerable to some crucial security weaknesses. To overcome the security problems, various improved authentication schemes have been developed, especially based on elliptic curve cryptography (ECC). Very recently, Zhang et al. proposed an improved authentication scheme for SIP based on ECC using smart cards to overcome the security flaws of the related protocols. Zhang et al. claimed that their protocol is secure against all known security attacks. However, this paper indicates that Zhang et al. protocol is still insecure against impersonation attack. We show that an active attacker can easily masquerade as a legal server to fool users. As a remedy, we also improve Zhang et al. protocol by imposing a little extra computation cost.