SlideShare a Scribd company logo

Authentication Methods in Videoconferencing Systems

Download as PPT, PDF
V
Videoguy

This document discusses authentication methods and security in videoconferencing systems. It covers current practices, standards, and techniques used in H.323 systems, as well as problems and future developments. The document outlines authentication requirements and the three-step conferencing process of endpoint registration, dialing, and media exchange. It also describes security protocols and options in H.323, including the role of gatekeepers, and discusses problems and future standards that could improve authentication and security.

1 of 20
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
Authentication Methods and Security in Videoconferencing Systems TERENA AA-Workshop Malaga, November 2003 Dimitris Daskopoulos GRNET
Contents  Videoconferencing practices  Problematic points  Security standards  Current techniques in H.323  Future developments in H.323
Video conferencing worlds  H.323  SIP  MBONE  other: VRVS, AG, proprietary VC s/w
The importance of videoconference security  identity  confidentiality  trust
Current practices  authentication assumed, but rarely examined  ad hoc authentication solutions  point-to-point vs. multi-party call practices
Requirements for videoconferencing security  endpoint authentication  call signaling security  media encryption
Problematic points  telephony-world preconceptions  people vs. endpoints  room-based systems  users vs. executives  multi-party conferences  multi-domain conferences
Conferencing: a three-step process  endpoint registration (authentication)  dialing (authorization)  media exchange
Protocols involved in H.323 conferencing  H.225 - RAS (UDP): Registration, Admission, Status  H.225 - Q.931 (TCP): Call Signaling (Setup & Termination)  H.245 (TCP): Call Control (Capabilities, Preferences, Channel Opening and Flow Control)  RTP (UDP): media streams
Security standards for videoconferencing:  H.323 - H.235  shared secret - symmetric (Annex D)  certificates - assymetric (Annex E)  secure media streams - S/RTP (Annex G)  SIP  SSL Digest Authentication  S/MIME media
Current security options in H.323 H.235 not widely supported by endpoints. What options are we left with?  Identification by IP and alias  IPSec  other tricks
Current authentication techniques in H.323  point-to-point conferences (registration)  IPand alias authentication  web enhanced methods  multi-party conferences (calling)  generated target number  central calling
Security in H.323: the Gatekeeper  H.235  Cisco MCM: user/password piggy-back  Radvision ECS: predefined endpoints  GNU GK: predefined endpoints, Q.931 signaling filters
Security in H.323: Gatekeeper backends  Gatekeeper APIs (SNMP or proprietary)  Cisco GKAPI  Radvision ECS API (SNMP-based H.348?)  Radius  Cisco MCM  GNU GK  DBMS  Radvision ECS  GNU GK  LDAP  Radvision ECS  GNU GK
Security in H.323: web integration of backends  web-based flexible custom interfaces  SSL enabled  allow user control of IP and aliases  allow scheduling and reservation of resources (an added benefit)
Current problems in H.323  securing registration of multiple aliases is difficult  ad-hoc authentication techniques do not accommodate all endpoints  mobility is hindered  firewall/NAT traversal is difficult  media stream protection is lacking
Future developments in H.323 security  H.350:  LDAP authentication  LDAP endpoint setup  H.235:  wider support in products  certificate support  media stream encryption
Links and References  Internet2 - 2003 fall MM: securing video  The TERENA IP Telephony Cookbook  The VIDE VideoConf CookBook  The VIDE Development Initiative  Internet2 - Video Middleware (VidMid)  Internet2 - VC SiteCoordinatorsTraining  Internet2 - VidMid H.350  Packetizer References
Questions ?
The END!

More Related Content

PDF
Asterisk: the future is at REST
PaloSanto Solutions
 
PPTX
Building a new ecosystem for interoperable communications
PaloSanto Solutions
 
PPT
02 asterisk - the future of telecommunications
Tran Thanh
 
PDF
Telephony Service Development on Asterisk Platform
Hamid Fadishei
 
PDF
HKG18-212 - Trusted Firmware M: Introduction
Linaro
 
PPTX
Día Neocenter | FreePBX The best & most complete open source & Commercial PBX...
Neocenter SA de CV
 
PPTX
Todo lo lo que necesita saber para implementar FreePBX
PaloSanto Solutions
 
PDF
The 12 tasks of Asterisk
Elio Rojano
 
Asterisk: the future is at REST
PaloSanto Solutions
 
Building a new ecosystem for interoperable communications
PaloSanto Solutions
 
02 asterisk - the future of telecommunications
Tran Thanh
 
Telephony Service Development on Asterisk Platform
Hamid Fadishei
 
HKG18-212 - Trusted Firmware M: Introduction
Linaro
 
Día Neocenter | FreePBX The best & most complete open source & Commercial PBX...
Neocenter SA de CV
 
Todo lo lo que necesita saber para implementar FreePBX
PaloSanto Solutions
 
The 12 tasks of Asterisk
Elio Rojano
 

What's hot (20)

PPTX
The structure is fundamental: IP PBX, telephony cards and tools for high avai...
PaloSanto Solutions
 
PDF
SIP (Session Initiation Protocol)
KHNOG
 
PPT
OST Market - Hybrid Case Histories
Roberto Galoppini
 
PDF
VoIP Business Telephony Solutions Supporting 30-1500 Users
Xorcom
 
PDF
Develop Smart Solutions with Raspberry Pi and EnableX Live Video API
Enablex io
 
PDF
Using Asterisk in a SIP softswitch
Monica McArthur
 
PPT
Developing with VoiceXML Building a Video Conference Application
Videoguy
 
PDF
BlackHat Hacking - Hacking VoIP.
Sumutiu Marius
 
PDF
Jonny_Martin-Asterisk
tutorialsruby
 
PDF
Introduction to SIP(Session Initiation Protocol)
William Lee
 
PPTX
No More Fraud, Astricon, Las Vegas 2014
Flavio Eduardo de Andrade Goncalves
 
PDF
Indroduction to SIP
Chien Cheng Wu
 
PDF
Ip атс grand stream ucm6102 functional overview and testing-eng
Vladimir Dudchenko
 
PDF
Uptodate IP PBX System
Guisun Han
 
PPT
Asterisk Voip
Vipin Sahu
 
PPTX
How to hack a telecommunication company and stay alive. Sergey Gordeychik
Positive Hack Days
 
PPTX
No More Fraud Cluecon2014
Flavio Eduardo de Andrade Goncalves
 
PPT
Sip
Anirban Roy
 
PDF
Load test of ip pbx asterisk
Vladimir Dudchenko
 
PPTX
SIP security in IP telephony
PaloSanto Solutions
 
The structure is fundamental: IP PBX, telephony cards and tools for high avai...
PaloSanto Solutions
 
SIP (Session Initiation Protocol)
KHNOG
 
OST Market - Hybrid Case Histories
Roberto Galoppini
 
VoIP Business Telephony Solutions Supporting 30-1500 Users
Xorcom
 
Develop Smart Solutions with Raspberry Pi and EnableX Live Video API
Enablex io
 
Using Asterisk in a SIP softswitch
Monica McArthur
 
Developing with VoiceXML Building a Video Conference Application
Videoguy
 
BlackHat Hacking - Hacking VoIP.
Sumutiu Marius
 
Jonny_Martin-Asterisk
tutorialsruby
 
Introduction to SIP(Session Initiation Protocol)
William Lee
 
No More Fraud, Astricon, Las Vegas 2014
Flavio Eduardo de Andrade Goncalves
 
Indroduction to SIP
Chien Cheng Wu
 
Ip атс grand stream ucm6102 functional overview and testing-eng
Vladimir Dudchenko
 
Uptodate IP PBX System
Guisun Han
 
Asterisk Voip
Vipin Sahu
 
How to hack a telecommunication company and stay alive. Sergey Gordeychik
Positive Hack Days
 
No More Fraud Cluecon2014
Flavio Eduardo de Andrade Goncalves
 
Sip
Anirban Roy
 
Load test of ip pbx asterisk
Vladimir Dudchenko
 
SIP security in IP telephony
PaloSanto Solutions
 
Ad

Similar to Authentication Methods in Videoconferencing Systems (20)

PPT
Download
Videoguy
 
PPT
Download
Videoguy
 
PPT
/resources/presentations/200101-amiot1.ppt
Videoguy
 
PPT
/resources/presentations/200101-amiot1.ppt
Videoguy
 
PPT
/resources/presentations/200101-amiot1.ppt
Videoguy
 
PPT
H.323
Videoguy
 
PPTX
Voip security
Shethwala Ridhvesh
 
PPT
Download
Videoguy
 
PPT
H.323 protocol
Habibur Rahman
 
PPT
ppt
Videoguy
 
PPTX
Videoconference
eonx_32
 
PPT
H.323: Packet Network Protocol
Yatish Bathla
 
PDF
Raisul Haq Rajib (063435056)
mashiur
 
PPT
Lec40 45 video conferencing
Dom Mike
 
PPT
Lec40 41 42_43_44_45 video conferencing
Shona Hira
 
PPT
Lec40 41 42_43_44_45 video conferencing
Dom Mike
 
PPT
H323 Video PPT
Videoguy
 
PDF
VoIP
adil raja
 
PPTX
Presentation of H323 protocol
Md. Taiseen Azam
 
PPT
Global Multimedia Collaboration System
Videoguy
 
Download
Videoguy
 
Download
Videoguy
 
/resources/presentations/200101-amiot1.ppt
Videoguy
 
/resources/presentations/200101-amiot1.ppt
Videoguy
 
/resources/presentations/200101-amiot1.ppt
Videoguy
 
H.323
Videoguy
 
Voip security
Shethwala Ridhvesh
 
Download
Videoguy
 
H.323 protocol
Habibur Rahman
 
ppt
Videoguy
 
Videoconference
eonx_32
 
H.323: Packet Network Protocol
Yatish Bathla
 
Raisul Haq Rajib (063435056)
mashiur
 
Lec40 45 video conferencing
Dom Mike
 
Lec40 41 42_43_44_45 video conferencing
Shona Hira
 
Lec40 41 42_43_44_45 video conferencing
Dom Mike
 
H323 Video PPT
Videoguy
 
VoIP
adil raja
 
Presentation of H323 protocol
Md. Taiseen Azam
 
Global Multimedia Collaboration System
Videoguy
 
Ad

More from Videoguy (20)

PDF
Energy-Aware Wireless Video Streaming
Videoguy
 
PDF
Microsoft PowerPoint - WirelessCluster_Pres
Videoguy
 
PDF
Proxy Cache Management for Fine-Grained Scalable Video Streaming
Videoguy
 
PDF
Adobe
Videoguy
 
PDF
Free-riding Resilient Video Streaming in Peer-to-Peer Networks
Videoguy
 
PDF
Instant video streaming
Videoguy
 
PDF
Video Streaming over Bluetooth: A Survey
Videoguy
 
PDF
Video Streaming
Videoguy
 
PDF
Reaching a Broader Audience
Videoguy
 
PDF
Considerations for Creating Streamed Video Content over 3G ...
Videoguy
 
PDF
ADVANCES IN CHANNEL-ADAPTIVE VIDEO STREAMING
Videoguy
 
PDF
Impact of FEC Overhead on Scalable Video Streaming
Videoguy
 
PDF
Application Brief
Videoguy
 
PDF
Video Streaming Services – Stage 1
Videoguy
 
PDF
Streaming Video into Second Life
Videoguy
 
PDF
Flash Live Video Streaming Software
Videoguy
 
PDF
Videoconference Streaming Solutions Cookbook
Videoguy
 
PDF
Streaming Video Formaten
Videoguy
 
PDF
iPhone Live Video Streaming Software
Videoguy
 
PDF
Glow: Video streaming training guide - Firefox
Videoguy
 
Energy-Aware Wireless Video Streaming
Videoguy
 
Microsoft PowerPoint - WirelessCluster_Pres
Videoguy
 
Proxy Cache Management for Fine-Grained Scalable Video Streaming
Videoguy
 
Adobe
Videoguy
 
Free-riding Resilient Video Streaming in Peer-to-Peer Networks
Videoguy
 
Instant video streaming
Videoguy
 
Video Streaming over Bluetooth: A Survey
Videoguy
 
Video Streaming
Videoguy
 
Reaching a Broader Audience
Videoguy
 
Considerations for Creating Streamed Video Content over 3G ...
Videoguy
 
ADVANCES IN CHANNEL-ADAPTIVE VIDEO STREAMING
Videoguy
 
Impact of FEC Overhead on Scalable Video Streaming
Videoguy
 
Application Brief
Videoguy
 
Video Streaming Services – Stage 1
Videoguy
 
Streaming Video into Second Life
Videoguy
 
Flash Live Video Streaming Software
Videoguy
 
Videoconference Streaming Solutions Cookbook
Videoguy
 
Streaming Video Formaten
Videoguy
 
iPhone Live Video Streaming Software
Videoguy
 
Glow: Video streaming training guide - Firefox
Videoguy
 

Authentication Methods in Videoconferencing Systems

  • 1. Authentication Methods and Security in Videoconferencing Systems TERENA AA-Workshop Malaga, November 2003 Dimitris Daskopoulos GRNET
  • 2. Contents  Videoconferencing practices  Problematic points  Security standards  Current techniques in H.323  Future developments in H.323
  • 3. Video conferencing worlds  H.323  SIP  MBONE  other: VRVS, AG, proprietary VC s/w
  • 4. The importance of videoconference security  identity  confidentiality  trust
  • 5. Current practices  authentication assumed, but rarely examined  ad hoc authentication solutions  point-to-point vs. multi-party call practices
  • 6. Requirements for videoconferencing security  endpoint authentication  call signaling security  media encryption
  • 7. Problematic points  telephony-world preconceptions  people vs. endpoints  room-based systems  users vs. executives  multi-party conferences  multi-domain conferences
  • 8. Conferencing: a three-step process  endpoint registration (authentication)  dialing (authorization)  media exchange
  • 9. Protocols involved in H.323 conferencing  H.225 - RAS (UDP): Registration, Admission, Status  H.225 - Q.931 (TCP): Call Signaling (Setup & Termination)  H.245 (TCP): Call Control (Capabilities, Preferences, Channel Opening and Flow Control)  RTP (UDP): media streams
  • 10. Security standards for videoconferencing:  H.323 - H.235  shared secret - symmetric (Annex D)  certificates - assymetric (Annex E)  secure media streams - S/RTP (Annex G)  SIP  SSL Digest Authentication  S/MIME media
  • 11. Current security options in H.323 H.235 not widely supported by endpoints. What options are we left with?  Identification by IP and alias  IPSec  other tricks
  • 12. Current authentication techniques in H.323  point-to-point conferences (registration)  IPand alias authentication  web enhanced methods  multi-party conferences (calling)  generated target number  central calling
  • 13. Security in H.323: the Gatekeeper  H.235  Cisco MCM: user/password piggy-back  Radvision ECS: predefined endpoints  GNU GK: predefined endpoints, Q.931 signaling filters
  • 14. Security in H.323: Gatekeeper backends  Gatekeeper APIs (SNMP or proprietary)  Cisco GKAPI  Radvision ECS API (SNMP-based H.348?)  Radius  Cisco MCM  GNU GK  DBMS  Radvision ECS  GNU GK  LDAP  Radvision ECS  GNU GK
  • 15. Security in H.323: web integration of backends  web-based flexible custom interfaces  SSL enabled  allow user control of IP and aliases  allow scheduling and reservation of resources (an added benefit)
  • 16. Current problems in H.323  securing registration of multiple aliases is difficult  ad-hoc authentication techniques do not accommodate all endpoints  mobility is hindered  firewall/NAT traversal is difficult  media stream protection is lacking
  • 17. Future developments in H.323 security  H.350:  LDAP authentication  LDAP endpoint setup  H.235:  wider support in products  certificate support  media stream encryption
  • 18. Links and References  Internet2 - 2003 fall MM: securing video  The TERENA IP Telephony Cookbook  The VIDE VideoConf CookBook  The VIDE Development Initiative  Internet2 - Video Middleware (VidMid)  Internet2 - VC SiteCoordinatorsTraining  Internet2 - VidMid H.350  Packetizer References