Design and Implementation of a New Authentication Mechanism Based on SIP
|Course||Computer System Architecture|
|Keywords||SIP User Agent Authentication mechanism One-time password Digital envelope|
Commercialized as the Internet the Revolution and network convergence technology continues to evolve , based on circuit-switched public switched telephone network (PSTN) is gradually being replaced over packet-based next-generation network (NGN) . Softswitch as the core unit of the NGN network , which integrates voice, data and video communications , and protocol conversion between independent networks . Session Initiation Protocol (SIP) with its flexible , scalable , easy programming , etc. become the the core softswitch system control agreement . But with many of the Internet Protocol , SIP is based on the idea of a simplified , but not based on the idea of safe design , there are many security vulnerabilities in the actual use of the SIP security mechanisms become one of the current research focus . This paper studies the authentication mechanism of SIP communication system before the communication , in order to safeguard the reliability of the communication . Around the goal of this study , the first SIP communications network architecture , message structure and registration process . With open source protocol stack oSIP, User Agent (User Agent ) on the Windows platform , the the registration server program ( RegistrarServer ) Linux platform . Then current attack a server : registration hijacking . RFC3261 recommended server to use digest authentication mechanism , use this authentication mechanism , the server's throughput will decline , and will bring new security issues . In this paper, a one-time password (one-time password) and digital envelopes thought , a new authentication mechanism . Finally, the system made ??an experimental simulation and testing to verify the safety and efficiency in the implementation of the new authentication mechanism proposed in this paper . In this paper, a new type of authentication mechanism based on the analysis of the test results shows that , not only can effectively resist the registration hijacking , and has a higher level of security , and thus has certain advantages and prospects .