An IP and Switched Telephony Networkįigure 2-1 shows two different types of networks. Section 8 describes a reference implementation for SRTP.įigure 2-1. Section 7 considers intermediate systems, such as firewalls and network address translators (NATs), that have a confounding effect on security and on the operation of voice over IP (VoIP) and other telephony services. Gateways and intermediate systems complicate security, however, and Section 6 covers recent work on security signaling and media handling in these devices. SRTP keys may be used in SRTP intermediate systems as well as in end systems. Section 5 summarizes SRTP and SDP policies for IP telephony applications.
Section 4 uses Session Data Protocol (SDP) security descriptions to describe the SRTP keys for SRTP streams. Section 3 describes how to protect telephony media using Secure Real-Time Transport Protocol (SRTP) for encryption of the RTP packet payload, for authentication of the entire RTP packet, and for packet replay protection. Section 2 defines the terms and states the security requirements for telephony media and keys. Many customers want these services to be confidential and integrity-protected on IP networks. The STN does not necessarily run IP and the gateway usually must allow IP telephony networks to match the services of STNs. This gateway signals a telephone call between an STN and IP network. Figure 2-1 shows a call gateway connecting an IP network to an STN. More complex than IP networks alone, Internet telephony networks carry voice, fax, modem, and other media over both IP and switched telephone networks (STNs), such as public switched telephone networks. These networks support electronic mail, web browsing, and other Internet Protocol (IP) applications. "Should" is a practice that is highly recommended by this document, and "may" indicates an option that is at the discretion of the administrator or application designer.Īn "internet" is a network of networks, possibly consisting of many different link types such as Ethernet and Wi-Fi. This document uses "must" to indicate a requirement for compliance, interoperability, or secure operation. Non-engineers may find this technical white paper useful for its high-level treatment of the telephony-security problem, and a general technical introduction to the needed security services. Network administrators can use this paper to learn how to configure SRTP and SDP security services for various purposes. It is intended for engineers and gives an overview of IP telephony security and technical fundamentals of SRTP. This technical white paper is a practical guide for applying SRTP to voice, fax, and other IP telephony media. SRTP Sessions Mixers, Translators, and Source-Specific Multicastįirewalls and Network Address Translation Key Derivation, Key Assignment, and Rekey Summary of the Requirements for Secure RTP Bearer
0 kommentar(er)
