Requirements for prioritized access to PSTN resources - PowerPoint PPT Presentation

1 / 15
About This Presentation
Title:

Requirements for prioritized access to PSTN resources

Description:

SIP endpoint wants to access restricted (prioritized) ... from any black phone with dial pad to smartcard- and biometrics-equipped. Security requirements ... – PowerPoint PPT presentation

Number of Views:51
Avg rating:3.0/5.0
Slides: 16
Provided by: csCol9
Category:

less

Transcript and Presenter's Notes

Title: Requirements for prioritized access to PSTN resources


1
Requirements for prioritized access to PSTN
resources
  • Henning Schulzrinne
  • Columbia University

superset of draft-schulzrinne-ieprep-resource-req-
00
2
Assumptions/Scope
  • SIP endpoint wants to access restricted
    (prioritized) resources on a circuit-switched
    network
  • Does not indicate request of IP resource priority
  • may not be available
  • may not be necessary
  • Examples GETS, MLPP, eMLPP, ...
  • Nothing to do with 112/911
  • Also, possibly call from PSTN into SIP network

3
Scenarios
RP-capable gateway
SIP
PSTN w/MLPP GETS, ...
INVITE sip1-212-..._at_gets.ncs.gov INVITE
tel1-212-... INVITE sipcommand_at_navy.mil
SIP
ISUP
GSM
does not know destination network (type)
4
Assumptions
  • Call resource priority vs. call human priority
  • resource priority ? indicated by caller (callee
    can't see)
  • priority of call to caller indication
    ("Priority", content labeling) callee call
    handling policy ? out of scope
  • Resources
  • IP-to-PSTN gateway channels
  • end-to-end PSTN circuits (PSTN network
    congestion, not access congestion)

5
Assumptions
  • Call destination network type may be unknown to
    caller
  • Call destination does not identify PSTN resource
    priority
  • May want to reach "any of IEPREP type 1, type 2,
    ..."
  • May have several orthogonal indications of
    resource priority (eMLPP GETS?)

6
System assumptions
  • What do we assume about the IP side?
  • purpose-built require certain capabilities
    (signaling, resource reservation, security, ...)
  • any network use SIP application on standard
    platform or plug in own SIP phone
  • no network changes
  • firewalls ? may not allow protocols beyond SIP
    and RTP
  • any SIP (pay) phone
  • no modifications to SIP phone
  • not much beyond two-stage dialing possible?

7
General requirements
  • Not specific to one domain (e.g., GETS)
  • Not tied to existing PSTN authentication
    mechanisms
  • Use existing namespaces ? different authorities
    that manage
  • Allow for default behavior
  • Separation of indication and policy
  • by reference (policy "flash"), not by value
    ("preempt all except class 'immediate', queue in
    relationship to GETS calls, but cut off after 3
    minutes and only allow low-bit rate audio")

8
Requirement Discovery and negotiation
  • Caller must be able to discover PSTN resource
    priority capabilities
  • determines authentication "hat"
  • gateway needs for challenge
  • "Resource priority FOO level 7 requires use of
    BAR authentication"
  • Network may disallow discovery administratively ?
    importance of call routing

9
Requirement Testing
  • Must be able to test largest possible part of the
    system without ringing actual destination
  • Systems only used during emergencies are less
    likely to work
  • Exercise authentication and authorization
  • Exercise call routing

10
Requirement Call routing
  • Combine with call routing
  • req specify logical destination, not physical
    gateway
  • resource priority requirement may enlarge or
    constrain set of destinations
  • e.g., additional special GETS-only gateway
  • only certain gateways (carriers) are capable of
    particular calls
  • note ?TRIP property?
  • note cf. SIP caller preferences

11
Security requirements
  • End-to-end strong authentication and
    authorization of caller
  • not just theft of service, but system
    stability/performance issue
  • Intermediate (proxy?) authentication
  • delegate responsibility
  • not all VoIP gateways may be authentication-capabl
    e (many aren't)
  • harden authentication ?? DOS attacks

12
Security requirements
  • Support authentication and authorization beyond
    existing PIN schemes
  • Authentication must be DOS-resistant
  • Allow "early" authentication ? cannot wait until
    inside PSTN!
  • authentication consumes packets vs. circuits
  • minimize pre-authentication resource use
  • authenticate call signaling, not just resource
    signaling

13
Security requirements
  • Do not tie resource priority namespace to one
    authentication scheme
  • different hardware types
  • hard/soft SIP phone
  • SIM-equipped cell phone
  • from any black phone with dial pad to smartcard-
    and biometrics-equipped

14
Security requirements
  • Cross-domain
  • IP endpoint may be in different admin. domain
    than gateway
  • Require secrets not to be pre-installed
  • useability from any device
  • Authentication of PSTN gateway
  • desirable required?

15
Privacy requirements
  • Call content
  • very likely ? separate docs
  • Signaling (resource and/or call setup)
  • reveals communication relationships
  • cannot rely on hop-by-hop
  • Fact of IEPREP call
  • sensitivity likely same (or lower) as call
    signaling
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Requirements for prioritized access to PSTN resources" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!