| Article ID | Journal | Published Year | Pages | File Type |
|---|---|---|---|---|
| 454777 | Computers & Security | 2013 | 13 Pages |
•We integrate a Usage Control (UCON) based authorization system in a SIP platform.•We provide security policies implementing the UCON model for the SIP scenario.•Our proposal provides continuous enforcement of policies in the SIP scenario.•We fully implement the proposed framework using IIT-CNR's UCON authorization system.•We performed some experiments showing that the overhead of our solution is low.
The Session Initiation Protocol (SIP) is an application layer signaling protocol for the creation, modification and termination of multimedia sessions and VoIP calls with one or more participants. While SIP operates in highly dynamic environments, in the current version its authorization support is based on traditional access control models. The main problem these models face is that they were designed many years ago, and under some circumstances they tend to be inadequate in modern highly dynamic environments. Usage Control (UCON), instead, is a model that supports the same operations as traditional access control models do, but it further enhances them with novel ones. In previous work, an architecture supporting continuous authorizations in SIP, based on the UCON model, was presented. In this article, an authorization support implementing the whole UCON model, including authorizations, obligations and conditions, has been integrated in a SIP system. Moreover, a testbed has been set up to experimentally evaluate the performance of the proposed security mechanism.
Graphical abstractFigure optionsDownload full-size imageDownload as PowerPoint slide
