SlideShare ist ein Scribd-Unternehmen logo

Authentication Methods in Videoconferencing Systems

Als PPT, PDF herunterladen
V
Videoguy
1 von 20
Authentication Methods and Security in Videoconferencing Systems TERENA AA-Workshop Malaga, November 2003 Dimitris Daskopoulos GRNET
Contents  Videoconferencing practices  Problematic points  Security standards  Current techniques in H.323  Future developments in H.323
Video conferencing worlds  H.323  SIP  MBONE  other: VRVS, AG, proprietary VC s/w
The importance of videoconference security  identity  confidentiality  trust
Current practices  authentication assumed, but rarely examined  ad hoc authentication solutions  point-to-point vs. multi-party call practices
Requirements for videoconferencing security  endpoint authentication  call signaling security  media encryption
Problematic points  telephony-world preconceptions  people vs. endpoints  room-based systems  users vs. executives  multi-party conferences  multi-domain conferences
Conferencing: a three-step process  endpoint registration (authentication)  dialing (authorization)  media exchange
Protocols involved in H.323 conferencing  H.225 - RAS (UDP): Registration, Admission, Status  H.225 - Q.931 (TCP): Call Signaling (Setup & Termination)  H.245 (TCP): Call Control (Capabilities, Preferences, Channel Opening and Flow Control)  RTP (UDP): media streams
Security standards for videoconferencing:  H.323 - H.235  shared secret - symmetric (Annex D)  certificates - assymetric (Annex E)  secure media streams - S/RTP (Annex G)  SIP  SSL Digest Authentication  S/MIME media
Current security options in H.323 H.235 not widely supported by endpoints. What options are we left with?  Identification by IP and alias  IPSec  other tricks
Current authentication techniques in H.323  point-to-point conferences (registration)  IPand alias authentication  web enhanced methods  multi-party conferences (calling)  generated target number  central calling
Security in H.323: the Gatekeeper  H.235  Cisco MCM: user/password piggy-back  Radvision ECS: predefined endpoints  GNU GK: predefined endpoints, Q.931 signaling filters
Security in H.323: Gatekeeper backends  Gatekeeper APIs (SNMP or proprietary)  Cisco GKAPI  Radvision ECS API (SNMP-based H.348?)  Radius  Cisco MCM  GNU GK  DBMS  Radvision ECS  GNU GK  LDAP  Radvision ECS  GNU GK
Security in H.323: web integration of backends  web-based flexible custom interfaces  SSL enabled  allow user control of IP and aliases  allow scheduling and reservation of resources (an added benefit)
Current problems in H.323  securing registration of multiple aliases is difficult  ad-hoc authentication techniques do not accommodate all endpoints  mobility is hindered  firewall/NAT traversal is difficult  media stream protection is lacking
Future developments in H.323 security  H.350:  LDAP authentication  LDAP endpoint setup  H.235:  wider support in products  certificate support  media stream encryption
Links and References  Internet2 - 2003 fall MM: securing video  The TERENA IP Telephony Cookbook  The VIDE VideoConf CookBook  The VIDE Development Initiative  Internet2 - Video Middleware (VidMid)  Internet2 - VC SiteCoordinatorsTraining  Internet2 - VidMid H.350  Packetizer References
Questions ?
The END!

Empfohlen

Asterisk: the future is at REST
Asterisk: the future is at RESTAsterisk: the future is at REST
Asterisk: the future is at RESTPaloSanto Solutions
 
Building a new ecosystem for interoperable communications
Building a new ecosystem for interoperable communicationsBuilding a new ecosystem for interoperable communications
Building a new ecosystem for interoperable communicationsPaloSanto Solutions
 
02 asterisk - the future of telecommunications
02 asterisk - the future of telecommunications02 asterisk - the future of telecommunications
02 asterisk - the future of telecommunicationsTran Thanh
 
Telephony Service Development on Asterisk Platform
Telephony Service Development on Asterisk PlatformTelephony Service Development on Asterisk Platform
Telephony Service Development on Asterisk PlatformHamid Fadishei
 
HKG18-212 - Trusted Firmware M: Introduction
HKG18-212 - Trusted Firmware M: IntroductionHKG18-212 - Trusted Firmware M: Introduction
HKG18-212 - Trusted Firmware M: IntroductionLinaro
 
Día Neocenter | FreePBX The best & most complete open source & Commercial PBX...
Día Neocenter | FreePBX The best & most complete open source & Commercial PBX...Día Neocenter | FreePBX The best & most complete open source & Commercial PBX...
Día Neocenter | FreePBX The best & most complete open source & Commercial PBX...Neocenter SA de CV
 
Todo lo lo que necesita saber para implementar FreePBX
Todo lo lo que necesita saber para implementar FreePBXTodo lo lo que necesita saber para implementar FreePBX
Todo lo lo que necesita saber para implementar FreePBXPaloSanto Solutions
 
The 12 tasks of Asterisk
The 12 tasks of AsteriskThe 12 tasks of Asterisk
The 12 tasks of AsteriskElio Rojano
 

Empfohlen

Asterisk: the future is at REST
Asterisk: the future is at RESTAsterisk: the future is at REST
Asterisk: the future is at RESTPaloSanto Solutions
 
Building a new ecosystem for interoperable communications
Building a new ecosystem for interoperable communicationsBuilding a new ecosystem for interoperable communications
Building a new ecosystem for interoperable communicationsPaloSanto Solutions
 
02 asterisk - the future of telecommunications
02 asterisk - the future of telecommunications02 asterisk - the future of telecommunications
02 asterisk - the future of telecommunicationsTran Thanh
 
Telephony Service Development on Asterisk Platform
Telephony Service Development on Asterisk PlatformTelephony Service Development on Asterisk Platform
Telephony Service Development on Asterisk PlatformHamid Fadishei
 
HKG18-212 - Trusted Firmware M: Introduction
HKG18-212 - Trusted Firmware M: IntroductionHKG18-212 - Trusted Firmware M: Introduction
HKG18-212 - Trusted Firmware M: IntroductionLinaro
 
Día Neocenter | FreePBX The best & most complete open source & Commercial PBX...
Día Neocenter | FreePBX The best & most complete open source & Commercial PBX...Día Neocenter | FreePBX The best & most complete open source & Commercial PBX...
Día Neocenter | FreePBX The best & most complete open source & Commercial PBX...Neocenter SA de CV
 
Todo lo lo que necesita saber para implementar FreePBX
Todo lo lo que necesita saber para implementar FreePBXTodo lo lo que necesita saber para implementar FreePBX
Todo lo lo que necesita saber para implementar FreePBXPaloSanto Solutions
 
The 12 tasks of Asterisk
The 12 tasks of AsteriskThe 12 tasks of Asterisk
The 12 tasks of AsteriskElio Rojano
 
The structure is fundamental: IP PBX, telephony cards and tools for high avai...
The structure is fundamental: IP PBX, telephony cards and tools for high avai...The structure is fundamental: IP PBX, telephony cards and tools for high avai...
The structure is fundamental: IP PBX, telephony cards and tools for high avai...PaloSanto Solutions
 
SIP (Session Initiation Protocol)
SIP (Session Initiation Protocol)SIP (Session Initiation Protocol)
SIP (Session Initiation Protocol)KHNOG
 
OST Market - Hybrid Case Histories
OST Market - Hybrid Case HistoriesOST Market - Hybrid Case Histories
OST Market - Hybrid Case HistoriesRoberto Galoppini
 
VoIP Business Telephony Solutions Supporting 30-1500 Users
VoIP Business Telephony Solutions Supporting 30-1500 UsersVoIP Business Telephony Solutions Supporting 30-1500 Users
VoIP Business Telephony Solutions Supporting 30-1500 UsersXorcom
 
Develop Smart Solutions with Raspberry Pi and EnableX Live Video API
Develop Smart Solutions with Raspberry Pi and EnableX Live Video APIDevelop Smart Solutions with Raspberry Pi and EnableX Live Video API
Develop Smart Solutions with Raspberry Pi and EnableX Live Video APIEnablex io
 
Using Asterisk in a SIP softswitch
Using Asterisk in a SIP softswitchUsing Asterisk in a SIP softswitch
Using Asterisk in a SIP softswitchMonica McArthur
 
Developing with VoiceXML Building a Video Conference Application
Developing with VoiceXML Building a Video Conference ApplicationDeveloping with VoiceXML Building a Video Conference Application
Developing with VoiceXML Building a Video Conference ApplicationVideoguy
 
BlackHat Hacking - Hacking VoIP.
BlackHat Hacking - Hacking VoIP.BlackHat Hacking - Hacking VoIP.
BlackHat Hacking - Hacking VoIP.Sumutiu Marius
 
Jonny_Martin-Asterisk
Jonny_Martin-AsteriskJonny_Martin-Asterisk
Jonny_Martin-Asterisktutorialsruby
 
Introduction to SIP(Session Initiation Protocol)
Introduction to SIP(Session Initiation Protocol)Introduction to SIP(Session Initiation Protocol)
Introduction to SIP(Session Initiation Protocol)William Lee
 
No More Fraud, Astricon, Las Vegas 2014
No More Fraud, Astricon, Las Vegas 2014No More Fraud, Astricon, Las Vegas 2014
No More Fraud, Astricon, Las Vegas 2014Flavio Eduardo de Andrade Goncalves
 
Indroduction to SIP
Indroduction to SIPIndroduction to SIP
Indroduction to SIPChien Cheng Wu
 
Ip атс grand stream ucm6102 functional overview and testing-eng
Ip атс grand stream ucm6102 functional overview and testing-engIp атс grand stream ucm6102 functional overview and testing-eng
Ip атс grand stream ucm6102 functional overview and testing-engVladimir Dudchenko
 
Uptodate IP PBX System
Uptodate IP PBX System Uptodate IP PBX System
Uptodate IP PBX System Guisun Han
 
Asterisk Voip
Asterisk VoipAsterisk Voip
Asterisk VoipVipin Sahu
 
How to hack a telecommunication company and stay alive. Sergey Gordeychik
How to hack a telecommunication company and stay alive. Sergey GordeychikHow to hack a telecommunication company and stay alive. Sergey Gordeychik
How to hack a telecommunication company and stay alive. Sergey GordeychikPositive Hack Days
 
No More Fraud Cluecon2014
No More Fraud Cluecon2014No More Fraud Cluecon2014
No More Fraud Cluecon2014Flavio Eduardo de Andrade Goncalves
 
Sip
SipSip
SipAnirban Roy
 
Load test of ip pbx asterisk
Load test of ip pbx asteriskLoad test of ip pbx asterisk
Load test of ip pbx asteriskVladimir Dudchenko
 
SIP security in IP telephony
SIP security in IP telephonySIP security in IP telephony
SIP security in IP telephonyPaloSanto Solutions
 
Download
DownloadDownload
DownloadVideoguy
 
Download
DownloadDownload
DownloadVideoguy
 

Weitere ähnliche Inhalte

Was ist angesagt?

The structure is fundamental: IP PBX, telephony cards and tools for high avai...
The structure is fundamental: IP PBX, telephony cards and tools for high avai...The structure is fundamental: IP PBX, telephony cards and tools for high avai...
The structure is fundamental: IP PBX, telephony cards and tools for high avai...PaloSanto Solutions
 
SIP (Session Initiation Protocol)
SIP (Session Initiation Protocol)SIP (Session Initiation Protocol)
SIP (Session Initiation Protocol)KHNOG
 
OST Market - Hybrid Case Histories
OST Market - Hybrid Case HistoriesOST Market - Hybrid Case Histories
OST Market - Hybrid Case HistoriesRoberto Galoppini
 
VoIP Business Telephony Solutions Supporting 30-1500 Users
VoIP Business Telephony Solutions Supporting 30-1500 UsersVoIP Business Telephony Solutions Supporting 30-1500 Users
VoIP Business Telephony Solutions Supporting 30-1500 UsersXorcom
 
Develop Smart Solutions with Raspberry Pi and EnableX Live Video API
Develop Smart Solutions with Raspberry Pi and EnableX Live Video APIDevelop Smart Solutions with Raspberry Pi and EnableX Live Video API
Develop Smart Solutions with Raspberry Pi and EnableX Live Video APIEnablex io
 
Using Asterisk in a SIP softswitch
Using Asterisk in a SIP softswitchUsing Asterisk in a SIP softswitch
Using Asterisk in a SIP softswitchMonica McArthur
 
Developing with VoiceXML Building a Video Conference Application
Developing with VoiceXML Building a Video Conference ApplicationDeveloping with VoiceXML Building a Video Conference Application
Developing with VoiceXML Building a Video Conference ApplicationVideoguy
 
BlackHat Hacking - Hacking VoIP.
BlackHat Hacking - Hacking VoIP.BlackHat Hacking - Hacking VoIP.
BlackHat Hacking - Hacking VoIP.Sumutiu Marius
 
Jonny_Martin-Asterisk
Jonny_Martin-AsteriskJonny_Martin-Asterisk
Jonny_Martin-Asterisktutorialsruby
 
Introduction to SIP(Session Initiation Protocol)
Introduction to SIP(Session Initiation Protocol)Introduction to SIP(Session Initiation Protocol)
Introduction to SIP(Session Initiation Protocol)William Lee
 
Ip атс grand stream ucm6102 functional overview and testing-eng
Ip атс grand stream ucm6102 functional overview and testing-engIp атс grand stream ucm6102 functional overview and testing-eng
Ip атс grand stream ucm6102 functional overview and testing-engVladimir Dudchenko
 
Uptodate IP PBX System
Uptodate IP PBX System Uptodate IP PBX System
Uptodate IP PBX System Guisun Han
 
How to hack a telecommunication company and stay alive. Sergey Gordeychik
How to hack a telecommunication company and stay alive. Sergey GordeychikHow to hack a telecommunication company and stay alive. Sergey Gordeychik
How to hack a telecommunication company and stay alive. Sergey GordeychikPositive Hack Days
 

Was ist angesagt? (20)

The structure is fundamental: IP PBX, telephony cards and tools for high avai...
The structure is fundamental: IP PBX, telephony cards and tools for high avai...The structure is fundamental: IP PBX, telephony cards and tools for high avai...
The structure is fundamental: IP PBX, telephony cards and tools for high avai...
 
SIP (Session Initiation Protocol)
SIP (Session Initiation Protocol)SIP (Session Initiation Protocol)
SIP (Session Initiation Protocol)
 
OST Market - Hybrid Case Histories
OST Market - Hybrid Case HistoriesOST Market - Hybrid Case Histories
OST Market - Hybrid Case Histories
 
VoIP Business Telephony Solutions Supporting 30-1500 Users
VoIP Business Telephony Solutions Supporting 30-1500 UsersVoIP Business Telephony Solutions Supporting 30-1500 Users
VoIP Business Telephony Solutions Supporting 30-1500 Users
 
Develop Smart Solutions with Raspberry Pi and EnableX Live Video API
Develop Smart Solutions with Raspberry Pi and EnableX Live Video APIDevelop Smart Solutions with Raspberry Pi and EnableX Live Video API
Develop Smart Solutions with Raspberry Pi and EnableX Live Video API
 
Using Asterisk in a SIP softswitch
Using Asterisk in a SIP softswitchUsing Asterisk in a SIP softswitch
Using Asterisk in a SIP softswitch
 
Developing with VoiceXML Building a Video Conference Application
Developing with VoiceXML Building a Video Conference ApplicationDeveloping with VoiceXML Building a Video Conference Application
Developing with VoiceXML Building a Video Conference Application
 
BlackHat Hacking - Hacking VoIP.
BlackHat Hacking - Hacking VoIP.BlackHat Hacking - Hacking VoIP.
BlackHat Hacking - Hacking VoIP.
 
Jonny_Martin-Asterisk
Jonny_Martin-AsteriskJonny_Martin-Asterisk
Jonny_Martin-Asterisk
 
Introduction to SIP(Session Initiation Protocol)
Introduction to SIP(Session Initiation Protocol)Introduction to SIP(Session Initiation Protocol)
Introduction to SIP(Session Initiation Protocol)
 
No More Fraud, Astricon, Las Vegas 2014
No More Fraud, Astricon, Las Vegas 2014No More Fraud, Astricon, Las Vegas 2014
No More Fraud, Astricon, Las Vegas 2014
 
Indroduction to SIP
Indroduction to SIPIndroduction to SIP
Indroduction to SIP
 
Ip атс grand stream ucm6102 functional overview and testing-eng
Ip атс grand stream ucm6102 functional overview and testing-engIp атс grand stream ucm6102 functional overview and testing-eng
Ip атс grand stream ucm6102 functional overview and testing-eng
 
Uptodate IP PBX System
Uptodate IP PBX System Uptodate IP PBX System
Uptodate IP PBX System
 
Asterisk Voip
Asterisk VoipAsterisk Voip
Asterisk Voip
 
How to hack a telecommunication company and stay alive. Sergey Gordeychik
How to hack a telecommunication company and stay alive. Sergey GordeychikHow to hack a telecommunication company and stay alive. Sergey Gordeychik
How to hack a telecommunication company and stay alive. Sergey Gordeychik
 
No More Fraud Cluecon2014
No More Fraud Cluecon2014No More Fraud Cluecon2014
No More Fraud Cluecon2014
 
Sip
SipSip
Sip
 
Load test of ip pbx asterisk
Load test of ip pbx asteriskLoad test of ip pbx asterisk
Load test of ip pbx asterisk
 
SIP security in IP telephony
SIP security in IP telephonySIP security in IP telephony
SIP security in IP telephony
 

Ähnlich wie Authentication Methods in Videoconferencing Systems

/resources/presentations/200101-amiot1.ppt
/resources/presentations/200101-amiot1.ppt/resources/presentations/200101-amiot1.ppt
/resources/presentations/200101-amiot1.pptVideoguy
 
/resources/presentations/200101-amiot1.ppt
/resources/presentations/200101-amiot1.ppt/resources/presentations/200101-amiot1.ppt
/resources/presentations/200101-amiot1.pptVideoguy
 
/resources/presentations/200101-amiot1.ppt
/resources/presentations/200101-amiot1.ppt/resources/presentations/200101-amiot1.ppt
/resources/presentations/200101-amiot1.pptVideoguy
 
Mobile Device Security
Mobile Device SecurityMobile Device Security
Mobile Device SecurityJohn Rhoton
 
Conferencing over the Internet with Exchange Conferencing Server
Conferencing over the Internet with Exchange Conferencing Server Conferencing over the Internet with Exchange Conferencing Server
Conferencing over the Internet with Exchange Conferencing Server Videoguy
 
H.323 Liane Tarouco Leandro Bertholdo
H.323 Liane Tarouco Leandro BertholdoH.323 Liane Tarouco Leandro Bertholdo
H.323 Liane Tarouco Leandro BertholdoVideoguy
 
Videoconference
VideoconferenceVideoconference
Videoconferenceeonx_32
 
HEAnets' Video Conferencing Service
HEAnets' Video Conferencing ServiceHEAnets' Video Conferencing Service
HEAnets' Video Conferencing ServiceVideoguy
 
Workshop 16 october 2015 paris
Workshop 16 october 2015 parisWorkshop 16 october 2015 paris
Workshop 16 october 2015 parisMarcel Hartgerink
 
Demystifying Multimedia Conferencing Over the Internet Using ...
Demystifying Multimedia Conferencing Over the Internet Using ...Demystifying Multimedia Conferencing Over the Internet Using ...
Demystifying Multimedia Conferencing Over the Internet Using ...Videoguy
 
Squire Technologes: Session Border Controller
Squire Technologes: Session Border Controller Squire Technologes: Session Border Controller
Squire Technologes: Session Border Controller Squire Technologies
 
H.323 Network Components include H.323 Terminals, Gatekeepers ...
H.323 Network Components include H.323 Terminals, Gatekeepers ...H.323 Network Components include H.323 Terminals, Gatekeepers ...
H.323 Network Components include H.323 Terminals, Gatekeepers ...Videoguy
 
Polycom - Overview
Polycom - OverviewPolycom - Overview
Polycom - OverviewCXN-BE
 

Ähnlich wie Authentication Methods in Videoconferencing Systems (20)

Download
DownloadDownload
Download
 
Download
DownloadDownload
Download
 
ece h.323 ppt.pptx
ece h.323 ppt.pptxece h.323 ppt.pptx
ece h.323 ppt.pptx
 
/resources/presentations/200101-amiot1.ppt
/resources/presentations/200101-amiot1.ppt/resources/presentations/200101-amiot1.ppt
/resources/presentations/200101-amiot1.ppt
 
/resources/presentations/200101-amiot1.ppt
/resources/presentations/200101-amiot1.ppt/resources/presentations/200101-amiot1.ppt
/resources/presentations/200101-amiot1.ppt
 
/resources/presentations/200101-amiot1.ppt
/resources/presentations/200101-amiot1.ppt/resources/presentations/200101-amiot1.ppt
/resources/presentations/200101-amiot1.ppt
 
Download
DownloadDownload
Download
 
H.323 protocol
H.323 protocolH.323 protocol
H.323 protocol
 
Mobile Device Security
Mobile Device SecurityMobile Device Security
Mobile Device Security
 
Video QoS
Video QoSVideo QoS
Video QoS
 
Conferencing over the Internet with Exchange Conferencing Server
Conferencing over the Internet with Exchange Conferencing Server Conferencing over the Internet with Exchange Conferencing Server
Conferencing over the Internet with Exchange Conferencing Server
 
H.323 Liane Tarouco Leandro Bertholdo
H.323 Liane Tarouco Leandro BertholdoH.323 Liane Tarouco Leandro Bertholdo
H.323 Liane Tarouco Leandro Bertholdo
 
Videoconference
VideoconferenceVideoconference
Videoconference
 
HEAnets' Video Conferencing Service
HEAnets' Video Conferencing ServiceHEAnets' Video Conferencing Service
HEAnets' Video Conferencing Service
 
Workshop 16 october 2015 paris
Workshop 16 october 2015 parisWorkshop 16 october 2015 paris
Workshop 16 october 2015 paris
 
Demystifying Multimedia Conferencing Over the Internet Using ...
Demystifying Multimedia Conferencing Over the Internet Using ...Demystifying Multimedia Conferencing Over the Internet Using ...
Demystifying Multimedia Conferencing Over the Internet Using ...
 
H.323
H.323H.323
H.323
 
Squire Technologes: Session Border Controller
Squire Technologes: Session Border Controller Squire Technologes: Session Border Controller
Squire Technologes: Session Border Controller
 
H.323 Network Components include H.323 Terminals, Gatekeepers ...
H.323 Network Components include H.323 Terminals, Gatekeepers ...H.323 Network Components include H.323 Terminals, Gatekeepers ...
H.323 Network Components include H.323 Terminals, Gatekeepers ...
 
Polycom - Overview
Polycom - OverviewPolycom - Overview
Polycom - Overview
 

Mehr von Videoguy

Energy-Aware Wireless Video Streaming
Energy-Aware Wireless Video StreamingEnergy-Aware Wireless Video Streaming
Energy-Aware Wireless Video StreamingVideoguy
 
Microsoft PowerPoint - WirelessCluster_Pres
Microsoft PowerPoint - WirelessCluster_PresMicrosoft PowerPoint - WirelessCluster_Pres
Microsoft PowerPoint - WirelessCluster_PresVideoguy
 
Proxy Cache Management for Fine-Grained Scalable Video Streaming
Proxy Cache Management for Fine-Grained Scalable Video StreamingProxy Cache Management for Fine-Grained Scalable Video Streaming
Proxy Cache Management for Fine-Grained Scalable Video StreamingVideoguy
 
Free-riding Resilient Video Streaming in Peer-to-Peer Networks
Free-riding Resilient Video Streaming in Peer-to-Peer NetworksFree-riding Resilient Video Streaming in Peer-to-Peer Networks
Free-riding Resilient Video Streaming in Peer-to-Peer NetworksVideoguy
 
Instant video streaming
Instant video streamingInstant video streaming
Instant video streamingVideoguy
 
Video Streaming over Bluetooth: A Survey
Video Streaming over Bluetooth: A SurveyVideo Streaming over Bluetooth: A Survey
Video Streaming over Bluetooth: A SurveyVideoguy
 
Video Streaming
Video StreamingVideo Streaming
Video StreamingVideoguy
 
Reaching a Broader Audience
Reaching a Broader AudienceReaching a Broader Audience
Reaching a Broader AudienceVideoguy
 
Considerations for Creating Streamed Video Content over 3G ...
Considerations for Creating Streamed Video Content over 3G ...Considerations for Creating Streamed Video Content over 3G ...
Considerations for Creating Streamed Video Content over 3G ...Videoguy
 
ADVANCES IN CHANNEL-ADAPTIVE VIDEO STREAMING
ADVANCES IN CHANNEL-ADAPTIVE VIDEO STREAMINGADVANCES IN CHANNEL-ADAPTIVE VIDEO STREAMING
ADVANCES IN CHANNEL-ADAPTIVE VIDEO STREAMINGVideoguy
 
Impact of FEC Overhead on Scalable Video Streaming
Impact of FEC Overhead on Scalable Video StreamingImpact of FEC Overhead on Scalable Video Streaming
Impact of FEC Overhead on Scalable Video StreamingVideoguy
 
Application Brief
Application BriefApplication Brief
Application BriefVideoguy
 
Video Streaming Services – Stage 1
Video Streaming Services – Stage 1Video Streaming Services – Stage 1
Video Streaming Services – Stage 1Videoguy
 
Streaming Video into Second Life
Streaming Video into Second LifeStreaming Video into Second Life
Streaming Video into Second LifeVideoguy
 
Flash Live Video Streaming Software
Flash Live Video Streaming SoftwareFlash Live Video Streaming Software
Flash Live Video Streaming SoftwareVideoguy
 
Videoconference Streaming Solutions Cookbook
Videoconference Streaming Solutions CookbookVideoconference Streaming Solutions Cookbook
Videoconference Streaming Solutions CookbookVideoguy
 
Streaming Video Formaten
Streaming Video FormatenStreaming Video Formaten
Streaming Video FormatenVideoguy
 
iPhone Live Video Streaming Software
iPhone Live Video Streaming SoftwareiPhone Live Video Streaming Software
iPhone Live Video Streaming SoftwareVideoguy
 
Glow: Video streaming training guide - Firefox
Glow: Video streaming training guide - FirefoxGlow: Video streaming training guide - Firefox
Glow: Video streaming training guide - FirefoxVideoguy
 

Mehr von Videoguy (20)

Energy-Aware Wireless Video Streaming
Energy-Aware Wireless Video StreamingEnergy-Aware Wireless Video Streaming
Energy-Aware Wireless Video Streaming
 
Microsoft PowerPoint - WirelessCluster_Pres
Microsoft PowerPoint - WirelessCluster_PresMicrosoft PowerPoint - WirelessCluster_Pres
Microsoft PowerPoint - WirelessCluster_Pres
 
Proxy Cache Management for Fine-Grained Scalable Video Streaming
Proxy Cache Management for Fine-Grained Scalable Video StreamingProxy Cache Management for Fine-Grained Scalable Video Streaming
Proxy Cache Management for Fine-Grained Scalable Video Streaming
 
Adobe
AdobeAdobe
Adobe
 
Free-riding Resilient Video Streaming in Peer-to-Peer Networks
Free-riding Resilient Video Streaming in Peer-to-Peer NetworksFree-riding Resilient Video Streaming in Peer-to-Peer Networks
Free-riding Resilient Video Streaming in Peer-to-Peer Networks
 
Instant video streaming
Instant video streamingInstant video streaming
Instant video streaming
 
Video Streaming over Bluetooth: A Survey
Video Streaming over Bluetooth: A SurveyVideo Streaming over Bluetooth: A Survey
Video Streaming over Bluetooth: A Survey
 
Video Streaming
Video StreamingVideo Streaming
Video Streaming
 
Reaching a Broader Audience
Reaching a Broader AudienceReaching a Broader Audience
Reaching a Broader Audience
 
Considerations for Creating Streamed Video Content over 3G ...
Considerations for Creating Streamed Video Content over 3G ...Considerations for Creating Streamed Video Content over 3G ...
Considerations for Creating Streamed Video Content over 3G ...
 
ADVANCES IN CHANNEL-ADAPTIVE VIDEO STREAMING
ADVANCES IN CHANNEL-ADAPTIVE VIDEO STREAMINGADVANCES IN CHANNEL-ADAPTIVE VIDEO STREAMING
ADVANCES IN CHANNEL-ADAPTIVE VIDEO STREAMING
 
Impact of FEC Overhead on Scalable Video Streaming
Impact of FEC Overhead on Scalable Video StreamingImpact of FEC Overhead on Scalable Video Streaming
Impact of FEC Overhead on Scalable Video Streaming
 
Application Brief
Application BriefApplication Brief
Application Brief
 
Video Streaming Services – Stage 1
Video Streaming Services – Stage 1Video Streaming Services – Stage 1
Video Streaming Services – Stage 1
 
Streaming Video into Second Life
Streaming Video into Second LifeStreaming Video into Second Life
Streaming Video into Second Life
 
Flash Live Video Streaming Software
Flash Live Video Streaming SoftwareFlash Live Video Streaming Software
Flash Live Video Streaming Software
 
Videoconference Streaming Solutions Cookbook
Videoconference Streaming Solutions CookbookVideoconference Streaming Solutions Cookbook
Videoconference Streaming Solutions Cookbook
 
Streaming Video Formaten
Streaming Video FormatenStreaming Video Formaten
Streaming Video Formaten
 
iPhone Live Video Streaming Software
iPhone Live Video Streaming SoftwareiPhone Live Video Streaming Software
iPhone Live Video Streaming Software
 
Glow: Video streaming training guide - Firefox
Glow: Video streaming training guide - FirefoxGlow: Video streaming training guide - Firefox
Glow: Video streaming training guide - Firefox
 

Authentication Methods in Videoconferencing Systems

  • 1. Authentication Methods and Security in Videoconferencing Systems TERENA AA-Workshop Malaga, November 2003 Dimitris Daskopoulos GRNET
  • 2. Contents  Videoconferencing practices  Problematic points  Security standards  Current techniques in H.323  Future developments in H.323
  • 3. Video conferencing worlds  H.323  SIP  MBONE  other: VRVS, AG, proprietary VC s/w
  • 4. The importance of videoconference security  identity  confidentiality  trust
  • 5. Current practices  authentication assumed, but rarely examined  ad hoc authentication solutions  point-to-point vs. multi-party call practices
  • 6. Requirements for videoconferencing security  endpoint authentication  call signaling security  media encryption
  • 7. Problematic points  telephony-world preconceptions  people vs. endpoints  room-based systems  users vs. executives  multi-party conferences  multi-domain conferences
  • 8. Conferencing: a three-step process  endpoint registration (authentication)  dialing (authorization)  media exchange
  • 9. Protocols involved in H.323 conferencing  H.225 - RAS (UDP): Registration, Admission, Status  H.225 - Q.931 (TCP): Call Signaling (Setup & Termination)  H.245 (TCP): Call Control (Capabilities, Preferences, Channel Opening and Flow Control)  RTP (UDP): media streams
  • 10. Security standards for videoconferencing:  H.323 - H.235  shared secret - symmetric (Annex D)  certificates - assymetric (Annex E)  secure media streams - S/RTP (Annex G)  SIP  SSL Digest Authentication  S/MIME media
  • 11. Current security options in H.323 H.235 not widely supported by endpoints. What options are we left with?  Identification by IP and alias  IPSec  other tricks
  • 12. Current authentication techniques in H.323  point-to-point conferences (registration)  IPand alias authentication  web enhanced methods  multi-party conferences (calling)  generated target number  central calling
  • 13. Security in H.323: the Gatekeeper  H.235  Cisco MCM: user/password piggy-back  Radvision ECS: predefined endpoints  GNU GK: predefined endpoints, Q.931 signaling filters
  • 14. Security in H.323: Gatekeeper backends  Gatekeeper APIs (SNMP or proprietary)  Cisco GKAPI  Radvision ECS API (SNMP-based H.348?)  Radius  Cisco MCM  GNU GK  DBMS  Radvision ECS  GNU GK  LDAP  Radvision ECS  GNU GK
  • 15. Security in H.323: web integration of backends  web-based flexible custom interfaces  SSL enabled  allow user control of IP and aliases  allow scheduling and reservation of resources (an added benefit)
  • 16. Current problems in H.323  securing registration of multiple aliases is difficult  ad-hoc authentication techniques do not accommodate all endpoints  mobility is hindered  firewall/NAT traversal is difficult  media stream protection is lacking
  • 17. Future developments in H.323 security  H.350:  LDAP authentication  LDAP endpoint setup  H.235:  wider support in products  certificate support  media stream encryption
  • 18. Links and References  Internet2 - 2003 fall MM: securing video  The TERENA IP Telephony Cookbook  The VIDE VideoConf CookBook  The VIDE Development Initiative  Internet2 - Video Middleware (VidMid)  Internet2 - VC SiteCoordinatorsTraining  Internet2 - VidMid H.350  Packetizer References