DRAPA-a flexible framework for evaluating the quality of VoIP components
- Clayton, Bradley, Terzoli, Alfredo, Irwin, Barry V W
- Authors: Clayton, Bradley , Terzoli, Alfredo , Irwin, Barry V W
- Date: 2006
- Language: English
- Type: text , article
- Identifier: http://hdl.handle.net/10962/428213 , vital:72494 , https://d1wqtxts1xzle7.cloudfront.net/3456214/No_268_-_Clayton-libre.pdf?1390832682=andresponse-content-disposi-tion=inline%3B+filename%3DDRAPA_a_flexible_framework_for_evaluatin.pdfandExpires=1714742712andSignature=FTQ3UMH7w9KMXeuld-NbnboBP9kqza7jDnVI2AJMFrhV6fkW56bPgPZKVAY-bKJFqJP-jq4h4JwRhWVuCA-oIIA4ckbhKHA4OoL4X5DYtlujkhkombcp-B5fVR02AioXBazDtfnTGvZLE21wluH0BnkBL9OAQSen7YJDzDsYtNH2pFIn06Nmg9-kDaJoRmW9KWlQs8BwyaXml4-pG~FrpiGCRclANXBSpmsxYSdJyZAnHq2ZZNqx9pEHigaYHUUgllDq64dp8C8R84xAbbbRcvt-XNhuQ~fU2AkJILms4FUkJSjGI0E-TOKhh7vQiVIh5KzZX8MOiS~rEuBH6ekx8g__andKey-Pair-Id=APKAJLOHF5GGSLRBV4ZA
- Description: When adding to or altering a VoIP system, the overall performance and quality of the system is at risk. For example, adding confidentiality, in-tegrity and authentication (CIA) would incur an overhead for each addi-tional security method. A method of measuring the performance of a VoIP system after a change or addition is needed. This paper describes a framework and testbed (DRAPA) which provides a flexible base from which VoIP performance analysis systems can be built. DRAPA gener-ates and collects data from any part of a VoIP system within a real do-main. This paper also discusses the flexibility of DRAPA. While security is our primary focus, DRAPA allows the user to configure the testbed and change the type and nature of data to be collected.
- Full Text:
- Date Issued: 2006
- Authors: Clayton, Bradley , Terzoli, Alfredo , Irwin, Barry V W
- Date: 2006
- Language: English
- Type: text , article
- Identifier: http://hdl.handle.net/10962/428213 , vital:72494 , https://d1wqtxts1xzle7.cloudfront.net/3456214/No_268_-_Clayton-libre.pdf?1390832682=andresponse-content-disposi-tion=inline%3B+filename%3DDRAPA_a_flexible_framework_for_evaluatin.pdfandExpires=1714742712andSignature=FTQ3UMH7w9KMXeuld-NbnboBP9kqza7jDnVI2AJMFrhV6fkW56bPgPZKVAY-bKJFqJP-jq4h4JwRhWVuCA-oIIA4ckbhKHA4OoL4X5DYtlujkhkombcp-B5fVR02AioXBazDtfnTGvZLE21wluH0BnkBL9OAQSen7YJDzDsYtNH2pFIn06Nmg9-kDaJoRmW9KWlQs8BwyaXml4-pG~FrpiGCRclANXBSpmsxYSdJyZAnHq2ZZNqx9pEHigaYHUUgllDq64dp8C8R84xAbbbRcvt-XNhuQ~fU2AkJILms4FUkJSjGI0E-TOKhh7vQiVIh5KzZX8MOiS~rEuBH6ekx8g__andKey-Pair-Id=APKAJLOHF5GGSLRBV4ZA
- Description: When adding to or altering a VoIP system, the overall performance and quality of the system is at risk. For example, adding confidentiality, in-tegrity and authentication (CIA) would incur an overhead for each addi-tional security method. A method of measuring the performance of a VoIP system after a change or addition is needed. This paper describes a framework and testbed (DRAPA) which provides a flexible base from which VoIP performance analysis systems can be built. DRAPA gener-ates and collects data from any part of a VoIP system within a real do-main. This paper also discusses the flexibility of DRAPA. While security is our primary focus, DRAPA allows the user to configure the testbed and change the type and nature of data to be collected.
- Full Text:
- Date Issued: 2006
Integrating Secure RTP into the Open Source VoIP PBX Asterisk
- Clayton, Bradley, Irwin, Barry V W, Terzoli, Alfredo
- Authors: Clayton, Bradley , Irwin, Barry V W , Terzoli, Alfredo
- Date: 2006
- Language: English
- Type: text , article
- Identifier: http://hdl.handle.net/10962/428735 , vital:72532 , https://d1wqtxts1xzle7.cloudfront.net/84872934/66_Paper-libre.pdf?1650920302=response-content-disposi-tion=inline%3B+filename%3DIntegrating_Secure_RTP_into_the_Open_Sou.pdfExpires=1714744382Signature=PijjCGW0qcvkqRe-2R55HocKLvz9Ljw8jmhQvRQEi9YqJl7eWSiYnvs9CogY4u4bmDTYTLpvkA-nlfbiszg-s7Cq2nbLn3PUdfJ5cA11ujboi~i7oSoem7smuN1YCVZlg7FnZRd6mOXdTry9UAh8TlWyndF6pY1RXtc7bgb5cWeK4ggJ7~bM0HUXEbUKKa-abCZnGNrAZ59JIdL6CNx1Sht3o5mZTcyRL3PNVSOz17lldXi4FsAOEUwsVV-uv04hzp6pe6Qv5WbAP6tqk7deyoLUwk58A9F-PaJlOLy2gDAVLnbKT8RrxYg8tqv8SuBhPWb32CefBxv486N3F6izZw__Key-Pair-Id=APKAJLOHF5GGSLRBV4ZA
- Description: Implementations of Voice over Internet Protocol (VoIP) have focused, up to now, mainly on the need to transport data in real-time, often at the expense of security. The neglect of secure VoIP is often intentional, as developers are striving to minimise overheads and delays. The Secure Real-Time Protocol (SRTP) has the potential to secure real-time streams without exacting too high a performance price. SRTP is the addition of security to the audio/video profile used in the Real-Time Transport Protocol (RTP). SRTP adds confidentiality, integrity and op-tionaly authenticity to RTP media streams. This paper focuses on the integration of SRTP into Asterisk, an open-source VoIP PBX. SRTP support has recently been added to Asterisk by Mikael Magnusson. This paper analyses Magnusson’s implementation, contrasting it to a proof-of-concept implementation developed independently at Rhodes University. The interoperability of SRTP implementations cannot be taken for granted, given the relatively recent standardization of the pro-tocol, and so Magnusson’s implementation is tested against another SRTP implementation. Finally, the paper highlights a major shortcoming in Magnusson’s implementation, namely that the exchange of encryp-tion keys is done in the clear. It concludes by proposing possible solu-tions, such as TLS, IPSec and MIkey.
- Full Text:
- Date Issued: 2006
- Authors: Clayton, Bradley , Irwin, Barry V W , Terzoli, Alfredo
- Date: 2006
- Language: English
- Type: text , article
- Identifier: http://hdl.handle.net/10962/428735 , vital:72532 , https://d1wqtxts1xzle7.cloudfront.net/84872934/66_Paper-libre.pdf?1650920302=response-content-disposi-tion=inline%3B+filename%3DIntegrating_Secure_RTP_into_the_Open_Sou.pdfExpires=1714744382Signature=PijjCGW0qcvkqRe-2R55HocKLvz9Ljw8jmhQvRQEi9YqJl7eWSiYnvs9CogY4u4bmDTYTLpvkA-nlfbiszg-s7Cq2nbLn3PUdfJ5cA11ujboi~i7oSoem7smuN1YCVZlg7FnZRd6mOXdTry9UAh8TlWyndF6pY1RXtc7bgb5cWeK4ggJ7~bM0HUXEbUKKa-abCZnGNrAZ59JIdL6CNx1Sht3o5mZTcyRL3PNVSOz17lldXi4FsAOEUwsVV-uv04hzp6pe6Qv5WbAP6tqk7deyoLUwk58A9F-PaJlOLy2gDAVLnbKT8RrxYg8tqv8SuBhPWb32CefBxv486N3F6izZw__Key-Pair-Id=APKAJLOHF5GGSLRBV4ZA
- Description: Implementations of Voice over Internet Protocol (VoIP) have focused, up to now, mainly on the need to transport data in real-time, often at the expense of security. The neglect of secure VoIP is often intentional, as developers are striving to minimise overheads and delays. The Secure Real-Time Protocol (SRTP) has the potential to secure real-time streams without exacting too high a performance price. SRTP is the addition of security to the audio/video profile used in the Real-Time Transport Protocol (RTP). SRTP adds confidentiality, integrity and op-tionaly authenticity to RTP media streams. This paper focuses on the integration of SRTP into Asterisk, an open-source VoIP PBX. SRTP support has recently been added to Asterisk by Mikael Magnusson. This paper analyses Magnusson’s implementation, contrasting it to a proof-of-concept implementation developed independently at Rhodes University. The interoperability of SRTP implementations cannot be taken for granted, given the relatively recent standardization of the pro-tocol, and so Magnusson’s implementation is tested against another SRTP implementation. Finally, the paper highlights a major shortcoming in Magnusson’s implementation, namely that the exchange of encryp-tion keys is done in the clear. It concludes by proposing possible solu-tions, such as TLS, IPSec and MIkey.
- Full Text:
- Date Issued: 2006
- «
- ‹
- 1
- ›
- »