Presence- und Instant-Messaging-Programme wie AOL Instant Messenger sowie ICQ, Microsoft Messenger und Yahoo Messenger erfreuen sich einer stark steigenden Nutzung – insbesondere auch am Arbeitsplatz. Deren Nutzung führt jedoch zu erheblichen Bedro-hungsszenarien für die Unternehmenssicherheit. Richtig eingesetzt können IT-basierte Echt-zeitkommunikationssysteme jedoch signifikante Effizienzpotenziale für Unternehmen er-schließen.
Daher ist die Realisierung geeigneter Lösungsarchitekturen von zentraler Bedeutung bei der Einführung von IT-basierten Echtzeitkommunikationsdiensten in Unternehmensnetzen. Die-ser Vortrag erörtert die gegebenen Bedrohungen, untersucht Gegenmaßnahmen und skiz-ziert Architekturen für die sichere Nutzung solcher Dienste.
Automating Google Workspace (GWS) & more with Apps Script
Real-Time-Communications Security-How to Deploy Presence and Instant Messaging Services
1. Dr. Oliver Pfaff Real-Time-Communications Security How to Deploy Presence and Instant Messaging Services? Siemens Security Forum March 2-5 , 2004; Munich
2.
3.
4.
5. Consumer-Grade Solutions Basic Architecture [email_address] [email_address] Presence and instant messaging service ‘rtc.com‘ Presence and instant messaging user agents 1 2 4 3 4 3 1. Register at presence service (authenticate) 1 2 2. Process incoming / request subscriptions 3. Supply / receive presence information 3 4. Supply / receive instant messages 4
6.
7.
8.
9.
10.
11.
12.
13. Enterprise-Grade Solutions Basic Architecture on Base of SIP/SIMPLE 1.1 SIP REGISTER... 1.3 SIP REGISTER...Authorization... Sue signs in to RTC services [email_address] Presence and instant messaging service ‘rtc.acme.com‘ [email_address] SIP UAC SIP UAS SIP UAS SIP UAC SIP UAC SIP UAS 1.2 SIP 401 Unauthorized...WWW-Authenticate.... 1.4 SIP 200 OK.... Corporate network ‘acme.com‘
14. Enterprise-Grade Solutions Basic Architecture on Base of SIP/SIMPLE [email_address] Presence and instant messaging service ‘rtc.acme.com‘ [email_address] Corporate network ‘acme.com‘ Sue obtains her roaming data (e.g. contact list) SIP UAC SIP UAS SIP UAS SIP UAC SIP UAC SIP UAS 2.1 SIP SUBSCRIBE... 2.2 SIP 200 OK.... 2.3 SIP NOTIFY... Roaming data 2.4 SIP 200 OK....
15. Enterprise-Grade Solutions Basic Architecture on Base of SIP/SIMPLE [email_address] Presence and instant messaging service ‘rtc.acme.com‘ [email_address] Corporate network ‘acme.com‘ Bob wants to subscribe to the presence of Sue SIP UAC SIP UAS SIP UAS SIP UAC SIP UAC SIP UAS 3.1 SIP SUBSCRIBE... 3.2 SIP 200 OK.... 3.3 SIP NOTIFY... 3.4 SIP 200 OK....
16. Enterprise-Grade Solutions Basic Architecture on Base of SIP/SIMPLE [email_address] Presence and instant messaging service ‘rtc.acme.com‘ [email_address] Corporate network ‘acme.com‘ SIP UAC SIP UAS SIP UAS SIP UAC SIP UAC SIP UAS 4.3 SIP NOTIFY...Presence data 4.4 SIP 200 OK.... Sue grants Bob ‘s subscription 4.1 SIP SERVICE... Authorization data 4.2 SIP 200 OK.... Bob obtains Sue ‘s presence information
17. Enterprise-Grade Solutions Basic Architecture on Base of SIP/SIMPLE [email_address] Presence and instant messaging service ‘rtc.acme.com‘ [email_address] Corporate network ‘acme.com‘ Bob says ‚hello‘ SIP UAC SIP UAS SIP UAS SIP UAC SIP UAC SIP UAS 4.1 SIP MESSAGE...Data 4. 3 SIP 200 OK.... 4.2 SIP MESSAGE...Data 4. 4 SIP 200 OK....
18. Enterprise-Grade Solutions Inter-Enterprise Communications Corporate network ‘acme.com‘ bob@ acme.com Presence and instant messaging user agents Presence and instant messaging service ‘rtc.acme.com‘ sue@ acme.com Proxy Presence and instant messaging user agents Presence and instant messaging service ‘rtc.foo.com‘ Proxy ann@ foo.com tom@ foo.com Corporate network ‘foo.com‘