Abstract
When organizations need to exchange critical information they need to rely on dependable and resilient channels, which define a trusted overlay network over the underlying IP infrastructure. Today, secure information sharing in these scenarios has become a main concern for domain administrators. To solve this problem, current research initiatives are focused on the establishment of (usually static) trust relationships and security services among such organizations. This paper analyzes the usage of the standard Session Initiation Protocol (SIP) for performing a multidomain virtual negotiation, in order to dynamically protect the exchange of critical data from the security risks of the public networks. As an example of this proposal, a prototype is presented in the context of secure overlay networks. This prototype shows also the integration of the virtual negotiation process with a Policy Based Network Management infrastructure (PBNM), in order to provide the security policies required by each organization.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Andersen, D.G., Balakrishnan, H., Kaashoek, M.F., Morris, R.: Resilient Overlay Networks. In: Proceedings of the 18th Symposium on Operating Systems Principles (2001)
Arkko, J., Torvinen, V., Niemi, A., Haukka, T.: Security Mechanism Agreement for the Session Initiation Protocol (SIP). IETF RFC 3329 (January 2003)
Castro, M., Druschel, P., Ganesh, A., Rowstron, A., Wallach, D.S.: Security for structured peer-to-peer overlay networks. In: Proceedings of the 5th symposium on Operating Systems Design and Implementation OSDI 2002 (December 2002)
Dierks, T., Allen, C.: The TLS protocol version 1.0. IETF RFC 2246 (January 1999)
Durham, D., et al.: The COPS (Common Open Policy Service) protocol. IETF RFC 2748 (January 2000)
Rosenberg, J., et al.: SIP: Session Initiation Protocol. IETF RFC 3261 (June 2002)
ITU-T. ITU-T Recommendation H.323. Packet-based multimedia communications systems (July 2003)
Kay, M.: XSL Transformations (XSLT) Version 2.0. W3C Recommendation. World Wide Web Consortium (W3C) (November 2005)
Kent, S., Atkinson, R.: Security Architecture for the Internet Protocol. IETF RFC 2401 (November 1998)
Keromystis, A., Misra, V., Rubenstein, D.: SOS: Secure Overlay Services. In: Proceedings of ACM SIGCOMM (August 2002)
University of Murcia. Spain. UMU Policy Based Network Management (UMU-PBNM) (June 2006), http://pbnm.dif.um.es
Ratnasamy, S., Francis, P., Handley, M., Karp, R., Schenker, S.: A scalable content-addressable network. In: Proceedings of the 2001 conference on applications, technologies, architectures and protocols for computer communications (2001)
Rosenberg, J., Schulzrinne, H.: Session Initiation Protocol (SIP): Locating SIP servers. IETF RFC 3263 (June 2002)
Rosenberg, J., Schulzrinne, H., Kyzivat, P.: Caller Preferences for the Session Initiation Protocol (SIP). IETF RFC 3841 (August 2004)
Rosenberg, J., Shulzrinne, H., Kyzivat, P.: Indicating User Agent Capabilities in the Session Initiation Protocol (SIP). IETF RFC 3840 (August 2004)
Shi, S.: Design of Overlay Networks for Internet Multicast, PhD Thesis (August 2002)
Touch, J., Hotz, S.: The X-Bone. In: Third Global Internet Mini-Conference at Globecom 1998 (November 1998)
Touch, J., Wang, Y., Pingali, V., Eggert, L., Zhou, R.: A Global X-Bone for Network Experiments. In: Finn. Proc. IEEE Tridentcom 2005 (March 2005)
Verma, D.C.: Simplyfing network administrator using policy-based management. IEEE Network 20-6(16) (2002)
Yergau, F., Bray, T., Paoli, J., Sperberg-McQueen, C.M., Maler, E.: Extensible Markup Language (XML) 1.0, 3rd edn., W3C Recommendation. World Wide Web Consortium (W3C) (February 2004)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Martínez-Manzano, D.J., López, G., Gómez-Skarmeta, A.F. (2006). Multidomain Virtual Security Negotiation over the Session Initiation Protocol (SIP). In: Lopez, J. (eds) Critical Information Infrastructures Security. CRITIS 2006. Lecture Notes in Computer Science, vol 4347. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11962977_20
Download citation
DOI: https://doi.org/10.1007/11962977_20
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-69083-2
Online ISBN: 978-3-540-69084-9
eBook Packages: Computer ScienceComputer Science (R0)