SeCReT: A Security Framework for Enhancing Chain of Response Trust in Session Initiation Protocol

With the introduction of voice over IP (VoIP) for replacing the traditional circuit switched infrastructure for telephony services, many relevant security concerns have been raised for integrating IP telephony into the existent applications and system infrastructure. One of the critical concerns is how to enhance authentication and authorization among the propagation parties per call session for blocking identity spoofing and preventing various attacks in the convergent communication systems. In this study, we outline one security framework, SeCReT, with some new mechanisms for providing per-hop response authentication in session initiation protocol (SIP). SIP has been selected by the major standard committees as the premier protocol for VoIP and other value-added services. SeCReT is lightweight and efficient, which can fill the security gap when other secure schemes are absent or difficult in deployment. The weak hops can be greatly secured against some common attacks by using SeCRet. Furthermore, this new security framework is fully complementary with the existent schemes (such as TLS). With the combination of SeCReT and the other schemes, we demonstrate that secure chain of response trust can be built in various scenarios, which provides better defense against a set of threats, such as identity spoofing, man-in-the-middle attacks, SPIT, and denial-of-service (DoS) attacks