Title :
STEM: Secure Telephony Enabled Middlebox
Author :
Reynolds, Brennen ; Ghosal, Dipak
Author_Institution :
California Univ., Davis, CA, USA
fDate :
10/1/2002 12:00:00 AM
Abstract :
Dynamic applications, including IP telephony, have not seen wide acceptance within enterprises because of problems caused by the existing network infrastructure. Static elements, including firewalls and network address translation devices, are not capable of allowing dynamic applications to operate properly. The Secure Telephony Enabled Middlebox (STEM) architecture is an enhancement of the existing network design to remove the issues surrounding static devices. The architecture incorporates an improved firewall that can interpret and utilize information in the application layer of packets to ensure proper functionality. In addition to allowing dynamic applications to function normally, the STEM architecture also incorporates several detection and response mechanisms for well-known network-based vulnerabilities. This article describes the key components of the architecture with respect to the SIP protocol.
Keywords :
Internet telephony; authorisation; protocols; telecommunication security; IP telephony; SIP protocol; STEM; STEM architecture; Secure Telephony Enabled Middlebox; application layer; detection mechanisms; dynamic applications; firewalls; network address translation devices; network design; network infrastructure; network-based vulnerabilities; response mechanisms; static devices; Communication system control; Computer crime; Internet telephony; Matched filters; Middleboxes; Network address translation; Protocols; Security; Telecommunication traffic; Teleconferencing;
Journal_Title :
Communications Magazine, IEEE
DOI :
10.1109/MCOM.2002.1039857
