Transcript A Cooperative SIP Infrastructure for Highly Reliable

Overview




Introduction
Properties of server-based SIP networks
Properties of P2P-based SIP networks
Cooperative SIP (CoSIP)
• CoSIP Overview
• Sample Applications
• Implementation

Evaluation:
•
reliability
• security with CoSIP
 Summary
INTRODUCTION

Some open issues with VoIP still need to be solved
 reliability, security, QoS, SPIT, etc.

Users are used to the nearly 100% reliable PSTN
Properties of Server-based SIP
Networks

Sufficient security mechanisms
• UA authentication
• Integrity and confidentiality

High lookup performance of SIP URI
• O(1) messages

Complex service infrastructure
• SIP proxies, registrars, AAA servers, location database, DNS
server, routers, etc.


Network and service failures may propagate quickly
Server infrastructures are vulnerable to DoS attacks.
Properties of P2P-SIP Networks

Self-organization
 Recoverability from local failures



Robustness against DoS attacks
P2P network can also survive under difficult conditions
Scalability
 Lookup performance of the Contact URI in a DHT in the avg case:
 O( log ( N ) ) messages; N is the number of peers

Several security issues can not be solved in pure P2P network
 Attacks on the routing of lookup requests
 Attacks on the content of the P2P network
 Sybil attacks, partitioning attacks, etc.

Open P2P-SIP networks are an invitation for SPIT!
Cooperative SIP (CoSIP)
 Overview
 Design a hybrid architecture that benefits from the
advantages of both server-based and P2P-based SIP
networks
 SIP User Agents organize themselves into a P2P network
 SIP infrastructure and SIP User Agents cooperate in order
to provide the best service
Cooperative SIP architecture: CoSIP
 Improve reliability, survivability, security and lookup
performance
CoSIP Sample Application


Large enterprise/ academic SIP networks with e.g. 20-30 k-users
CoSIP can be used to bridge
 network and service failures
 maintenance downtimes
SIP Infrastructure
CoSIP-enabled SIP Network
EVALUATION OF CoSIP

Improving reliability with CoSIP
 P2P network provide high reliability and self-organization

Local failures can be recovered automatically by neighboring peers
 Data is replicated on a set of nodes (replica set)
 Even large failures affect only a part of the network
 In the ideal case (uncorrelated failures), the probability of a service failure with CoSIP
would be:

Failure CoSIP = Failure Server  Failure DHT

replicanodes
node
 CoSIP provides even better reliability and survivability than

P2P-SIP networks
 server-based SIP networks
EVALUATION

Improving security with CoSIP
 Managing security in large P2P-SIP networks is not possible without
central severs
 However, PKI / CA is not enough
 A CA is not able to detect an attack in the P2P network and shut down
the attacker
 A security solution for P2PSIP requires
•

more SIP specific knowledge
knowledge about the P2P network
 CoSIP servers can provide Identity Management for the P2P-SIP
network
 CoSIP servers can make sure that peers in the P2P-SIP network behave
well
SUMMARY

CoSIP provides a low-cost solution for significantly improving
the reliability of SIP networks

Implementation
 CoSIP as an external proxy application
compatible to existing SIP
networks
 Cooperative (server + DHT) as well as DHT-only mode possible

CoSIP is a hybrid architecture which provides better reliability,
survivability, security and performance simultaneously
FUTURE WORK
 Integration of security mechanisms to CoSIP
Improve security of
P2P-SIP
 CoSIP is still a single domain concept
Peering of several domains
with CoSIP
 Improving geometry and routing in the DHT for higher connectivity in
case of network failures