Week 9 / Paper 3. VoCCN: Voice Over Content-Centric Networks



Similar documents
VoCCN: Voice Over Content-Centric Networks

VoCCN: Voice-over Content-Centric Networks

VoIP telephony over internet

Secured Communications using Linphone & Flexisip

Internet Security. Internet Security Voice over IP. Introduction. ETSF10 Internet Protocols ETSF10 Internet Protocols 2011

Computer Networks. Voice over IP (VoIP) Professor Richard Harris School of Engineering and Advanced Technology (SEAT)

A Brief Overview of VoIP Security. By John McCarron. Voice of Internet Protocol is the next generation telecommunications method.

Unit 23. RTP, VoIP. Shyam Parekh

Chapter 10 Session Initiation Protocol. Prof. Yuh-Shyan Chen Department of Computer Science and Information Engineering National Taipei University

Vesselin Tzvetkov, Holger Zuleger {vesselin.tzvetkov, Arcor AG&Co KG, Alfred-Herrhausen-Allee 1, Eschborn, Germany

TECHNICAL CHALLENGES OF VoIP BYPASS

Lehrstuhl für Informatik 4 Kommunikation und verteilte Systeme

Methods for Lawful Interception in IP Telephony Networks Based on H.323

Online course syllabus. MAB: Voice over IP

Implementing VoIP support in a VSAT network based on SoftSwitch integration

MyIC setup and configuration (with sample configuration for Alcatel Lucent test environment)

Voice-Over-IP. Daniel Zappala. CS 460 Computer Networking Brigham Young University

Why SSL is better than IPsec for Fully Transparent Mobile Network Access

Voice over IP Basics for IT Technicians

Session Initiation Protocol (SIP)

Application Note. Firewall Requirements for the Onsight Mobile Collaboration System and Hosted Librestream SIP Service v5.0

Encapsulating Voice in IP Packets

Connecting MPLS Voice VPNs Enabling the Secure Interconnection of Inter-Enterprise VoIP

Curso de Telefonía IP para el MTC. Sesión 1 Introducción. Mg. Antonio Ocampo Zúñiga

Application Note. Onsight Connect Network Requirements v6.3

Integrating Voice over IP services in IPv4 and IPv6 networks

Need for Signaling and Call Control

Configuring SIP Support for SRTP

Indepth Voice over IP and SIP Networking Course

Introduction to VoIP Technology

OfficeMaster Gate (Virtual) Enterprise Session Border Controller for Microsoft Lync Server. Quick Start Guide

Voice over IP (VoIP) Basics for IT Technicians

Asymetrical keys. Alices computer generates a key pair. A public key: XYZ (Used to encrypt) A secret key: ABC98765 (Used to decrypt)

Authentication and Authorisation for Integrated SIP Services in Heterogeneous Environments 1

AT&T IP Flex Reach/ IP Toll Free Configuration Guide IC 3.0 with Interaction SIP Proxy

VIDEOCONFERENCING. Video class

Application Note. Onsight Connect Network Requirements V6.1

A Comparative Study of Signalling Protocols Used In VoIP

Network Considerations for IP Video

NAT TCP SIP ALG Support

VegaStream Information Note Considerations for a VoIP installation

Review: Lecture 1 - Internet History

Session Initiation Protocol (SIP) The Emerging System in IP Telephony

CHAPTER 1 INTRODUCTION

VOICE OVER IP SECURITY

point to point and point to multi point calls over IP

An Introduction to VoIP Protocols

Project Code: SPBX. Project Advisor : Aftab Alam. Project Team: Umair Ashraf (Team Lead) Imran Bashir Khadija Akram

An outline of the security threats that face SIP based VoIP and other real-time applications

SIP Trunking with Microsoft Office Communication Server 2007 R2

Requirements of Voice in an IP Internetwork

Securing SIP Trunks APPLICATION NOTE.

SIP: NAT and FIREWALL TRAVERSAL Amit Bir Singh Department of Electrical Engineering George Washington University

Feature and Technical

How To Implement A Cisco Vip From Scratch

SIP Trunking Configuration with

VoIP Trunking with Session Border Controllers

Voice over IP. Overview. What is VoIP and how it works. Reduction of voice quality. Quality of Service for VoIP

Security & Encryption

Voice Over Internet Protocol (VOIP) SECURITY. Rick Kuhn Computer Security Division National Institute of Standards and Technology

Technical Configuration Notes

ACT: Audio Conference Tool Over Named Data Networking

RTP Performance Enhancing Proxy

Design, implementation and analysis of a large scale audio conferencing system using SIP

ENUM: Migrating to VoIP. P2P Voice Applications

Bridgit Conferencing Software: Security, Firewalls, Bandwidth and Scalability

Master Kurs Rechnernetze Computer Networks IN2097

Oracle s Tunneled Session Management Solution for Over-the-Top Services. Tap Into the Growing Demand for Secure, First-Class Services

NAT and Firewall Traversal with STUN / TURN / ICE

Research on P2P-SIP based VoIP system enhanced by UPnP technology

VOIP THE ULTIMATE GUIDE VERSION /23/2014 onevoiceinc.com

Connecting with Vonage

SIP Security Controllers. Product Overview

Virtual private network. Network security protocols VPN VPN. Instead of a dedicated data link Packets securely sent over a shared network Internet VPN

Basic Vulnerability Issues for SIP Security

How To Understand The Purpose Of A Sip Aware Firewall/Alg (Sip) With An Alg (Sip) And An Algen (S Ip) (Alg) (Siph) (Network) (Ip) (Lib

Customer Guide. BT Business - BT SIP Trunks. BT SIP Trunks: Firewall and LAN Guide. Issued by: BT Business Date Issue: v1.

QoS in VoIP. Rahul Singhai Parijat Garg

VoIP with SIP. Session Initiation Protocol RFC-3261/RFC

ETM System SIP Trunk Support Technical Discussion

Lawful Interception in P2Pbased

A Peer-to-peer Secure VoIP Architecture

Implementing SIP and H.323 Signalling as Web Services

Receiving the IP packets Decoding of the packets Digital-to-analog conversion which reproduces the original voice stream

Deploying Secure Enterprise Wide IP Videoconferencing Across Virtual Private Networks

Implementing VoIP monitoring solutions. Deployment note

An Analysis of the Skype Peer-to-Peer Internet Telephony Protocol

The use of IP networks, namely the LAN and WAN, to carry voice. Voice was originally carried over circuit switched networks

Internet Communications Using SIP

SIP Trunking and Voice over IP

Computer System Management: Hosting Servers, Miscellaneous

Internet Protocol: IP packet headers. vendredi 18 octobre 13

District of Columbia Courts Attachment 1 Video Conference Bridge Infrastructure Equipment Performance Specification

SIP Trunking The Provider s Perspective

A Model for Spam Prevention in IP Telephony Networks using Anonymous Verifying Authorities

Skype VoIP service- architecture and comparison

Mobile P2PSIP. Peer-to-Peer SIP Communication in Mobile Communities

Voice Over IP Per Call Bandwidth Consumption

Application Notes for BT Wholesale/HIPCOM SIP Trunk Service and Avaya IP Office 8.0 Issue 1.0

Transcription:

Week 9 / Paper 3 VoCCN: Voice Over Content-Centric Networks V. Jacobson, D. K. Smetters, N. H. Briggs, M. F. Plass, P. Stewart, J. D. Thornton, R. L. Braynard ACM ReArch 2009 Main point Content-centric targets fetching/downloading applications Can it work for other applications, too? E-mail, streaming and (especially) VoIP? VoCCN: Voice over CCN (instead of IP) Based on certain key properties of CCN Information-Centric Networks 09c-1

Introduction Most new architectures place content at the center Good fit for content exchange applications (WWW, P2P) What about conversational applications (VoIP, e-commerce)? VoCCN addresses the issue of CCN suitability Real-time, conversational, telephony over CCN Simpler, more secure and more scalable than VoIP Uses SIP and RTP to securely interoperate with VoIP Employs a stateless IP to CCN gateway Model for mapping conversational applications to CCN Information-Centric Networks 09c-2

VoIP background VoIP components Endpoints are represented by fixed proxies The endpoints can be mobile or have dynamic IP addresses Signaling established via SIP (Session Initiation Protocol) Caller to caller s proxy, to callee s proxy, to callee The proxies must know where the endpoints reside Data exchange directly between endpoints The caller s invite indicates its address for RTP data The callee s accept indicates address for RTP data Media can be secured via SRTP or tunneling inside DTLS Signaling can be secured via DTLS/PKI or MIKEY Authentication and encryption are tricky to setup Usually everything ends up unencrypted and unathenticated! Information-Centric Networks 09c-3

Architecture VoIP is harder than it needs to be The caller simply wants to talk to the callee The network requires finding the callee s phone IP address This is where the SIP proxies come into play In content-oriented networking this should be redundant VoCCN has to solve a different set of problems Service rendezvous: the callee must offer a contact point In IP this is the TCP/UDP port to which the application listens In CCN we must request content that has not been published The network must route the request to potential publishers The publishers should then create and publish the content Information-Centric Networks 09c-4

Architecture VoCCN has to solve a different set of problems The service rendezvous must transition to a conversation In IP the SIP packets contain information in an SDP payload In CCN we need dynamically constructible names Construct the name of a piece of content without being told Two requirements for content name construction Deterministic algorithm to produce names Names rely on information available to both endpoints Cannot use (say) content hashes as names Support for partial specification of names Constructing unique names requires prearrangement Partial names allow unique names to be used eventually Structured names can satisfy both requirements Information-Centric Networks 09c-5

Architecture In CCN content uses hierarchical naming Interest packets specify a name prefix and some rules The rules specify what matching content to return CCN routers use prefix matching to direct Interests Sent towards content sources that have registered availability Sources do not need to register the exact content, only prefixes Content can be generated on the fly Data packets reverse the path taken by interests VoCCN signaling Each VoCCN endpoint has an identity (e.g. alice@ccnx.org) The endpoint registers to offer data in a specific namespace Based on service and identity (e.g. /ccnx.org/sip/alice/invite) Information-Centric Networks 09c-6

VoCCN signaling Architecture A caller sends an Interest asking for content from the callee The well-known prefix is extended with unique data A session key encrypted with the callee s public key The SIP invite data encrypted with the session key The callee responds with a data packet generated on the fly Uses the name indicated by the caller Includes the SIP accept data encrypted with the session key VoCCN data exchange Uses a sequence of names based on rendezvous information Call-id+endpoint+sequence (e.g. /ccnx.org/alice/call-id/rtp/seqno) Each Interest is matched by a unique data packet Can issue many interests to pipeline data flow As data packets arrive, more interests are generated Information-Centric Networks 09c-7

Advantages Easy location of endpoints In IP the endpoint needs to register its IP address with a proxy With CCN a prefix can be registered at many areas The Interest will be routed to all of them The endpoint will respond from its current location Endpoints can prove their identity All the credentials needed are at the endpoint The private key needed to decrypt the session key No need to change identity to IP address mappings Advanced services are easy to build Exploits the built-in multipoint routing of CCN Follow call requests or copy and process call contents Information-Centric Networks 09c-8

VoCCN/VoIP interoperability Based on a stateless VoCCN/VoIP gateway SIP and SRTP are used to simplify the exchange The gateway acts as a SIP proxy that translates packets A SIP/SRTP packet is translated to a CCN data packet They match CCN interest packets from VoCCN endpoints The gateway also generates an Interest for the next packet This matches the next data packet from the VoCCN endpoint The VoCCN packet is translated to an IP packet The proxy does not maintain state on conversations Every action is based on received packets Signaling security is provided for the CCN part only The IP part may have its own SIP signaling security mechanism End-to-end data security does not involve the gateway Information-Centric Networks 09c-9

Implementation Implementation data VoCCN client based on Linphone Uses extensible SIP and RTP libraries Simple plugins for the CCN part CCN routers on all routers and endpoints Security CCN routers communicate over a UDP overlay Many ways to get public keys in CCN Ask for /ccnx.org/users/alice/key and accept on faith Publish key as CCN content signed by a trusted third party VoCCN used MIKEY to secure the data exchange MIKEY is initiated during the SIP signaling exchange The signaling exchange is protected with public keys Information-Centric Networks 09c-10

Implementation Performance Direct exchange between two machines in the same LAN Compared stock Linphone with VoCCN version No perceptible impact from packet signing with 1024 bit RSA keys No packet loss, but some delayed packets in the latter case Similar jitter for both versions Information-Centric Networks 09c-11

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information