1、 Reference number ISO/IEC TR 16166:2010(E) ISO/IEC 2010TECHNICAL REPORT ISO/IEC TR 16166 First edition 2010-08-01Information technology Telecommunications and information exchange between systems Next Generation Corporate Networks (NGCN) Security of session-based communications Technologies de linfo
2、rmation Tlinformatique Rseaux dentreprise de prochaine gnration (NGCN) Scurit des communications sur la base de sessions ISO/IEC TR 16166:2010(E) PDF disclaimer This PDF file may contain embedded typefaces. In accordance with Adobes licensing policy, this file may be printed or viewed but shall not
3、be edited unless the typefaces which are embedded are licensed to and installed on the computer performing the editing. In downloading this file, parties accept therein the responsibility of not infringing Adobes licensing policy. The ISO Central Secretariat accepts no liability in this area. Adobe
4、is a trademark of Adobe Systems Incorporated. Details of the software products used to create this PDF file can be found in the General Info relative to the file; the PDF-creation parameters were optimized for printing. Every care has been taken to ensure that the file is suitable for use by ISO mem
5、ber bodies. In the unlikely event that a problem relating to it is found, please inform the Central Secretariat at the address given below. COPYRIGHT PROTECTED DOCUMENT ISO/IEC 2010 All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form
6、 or by any means, electronic or mechanical, including photocopying and microfilm, without permission in writing from either ISO at the address below or ISOs member body in the country of the requester. ISO copyright office Case postale 56 CH-1211 Geneva 20 Tel. + 41 22 749 01 11 Fax + 41 22 749 09 4
7、7 E-mail copyrightiso.org Web www.iso.org Published in Switzerland ii ISO/IEC 2010 All rights reservedISO/IEC TR 16166:2010(E) ISO/IEC 2010 All rights reserved iiiContents Page Foreword . v Introduction vi 1 Scope 1 2 References . 1 3 Terms and definitions . 3 3.1 External definitions . 3 3.2 Other
8、definitions 4 4 Abbreviations . 4 5 Background 5 6 General principles . 5 6.1 Threats and counter-measures 5 6.2 Threats to session level security . 6 6.3 Authorisation . 7 6.4 Security and mobile users 8 6.5 Security and NGN 8 6.6 Security and software status . 8 6.7 Call recording and audit . 8 7
9、Signalling security . 8 7.1 Security of access to session level services . 9 7.2 Securing a SIP signalling hop 9 7.2.1 TLS for securing SIP signalling . 10 7.2.2 IPsec for security SIP signalling 10 7.2.3 The role of SIP digest authentication 10 7.3 Ensuring that all SIP signalling hops are secured
10、. 11 7.4 End-to-end signalling security . 12 7.4.1 End-to-end security using S/MIME 12 7.4.2 Near end-to-end security using SIP Identity . 13 7.5 Authenticated identity delivery 13 7.5.1 P-Asserted-Identity (PAI) 14 7.5.2 Authenticated Identity Body (AIB) . 14 7.5.3 SIP Identity . 14 7.5.4 Authentic
11、ated response identity 15 7.6 NGN considerations 16 7.7 Public Switched Telephony Network (PSTN) interworking . 17 8 Media security 18 8.1 SRTP . 18 8.2 Key management for SRTP 18 8.2.1 Key management on the signalling path 18 8.2.2 Key management on the media path . 20 8.3 Authentication . 21 8.3.1
12、 Authentication with key management on the signalling path 21 8.3.2 Authentication with DTLS-SRTP 22 8.3.3 Authentication with ZRTP . 22 8.4 Media recording . 22 8.5 NGN considerations 23 9 Use of certificates 24 10 User interface considerations 24 ISO/IEC TR 16166:2010(E) iv ISO/IEC 2010 All rights
13、 reserved11 Summary of requirements, recommendations and standardisation gaps 25 11.1 Requirements on NGNs 25 11.2 Recommendations on enterprise networks 25 11.3 Standardisation gaps 26 ISO/IEC TR 16166:2010(E) ISO/IEC 2010 All rights reserved vForeword ISO (the International Organization for Standa
14、rdization) and IEC (the International Electrotechnical Commission) form the specialized system for worldwide standardization. National bodies that are members of ISO or IEC participate in the development of International Standards through technical committees established by the respective organizati
15、on to deal with particular fields of technical activity. ISO and IEC technical committees collaborate in fields of mutual interest. Other international organizations, governmental and non-governmental, in liaison with ISO and IEC, also take part in the work. In the field of information technology, I
16、SO and IEC have established a joint technical committee, ISO/IEC JTC 1. International Standards are drafted in accordance with the rules given in the ISO/IEC Directives, Part 2. The main task of the joint technical committee is to prepare International Standards. Draft International Standards adopte
17、d by the joint technical committee are circulated to national bodies for voting. Publication as an International Standard requires approval by at least 75 % of the national bodies casting a vote. Attention is drawn to the possibility that some of the elements of this document may be the subject of p
18、atent rights. ISO and IEC shall not be held responsible for identifying any or all such patent rights. ISO/IEC TR 16166 was prepared by Ecma International (as ECMA TR/100) and was adopted, under a special “fast-track procedure”, by Joint Technical Committee ISO/IEC JTC 1, Information technology, in
19、parallel with its approval by national bodies of ISO and IEC. ISO/IEC TR 16166:2010(E) vi ISO/IEC 2010 All rights reservedIntroduction This Technical Report is one of a series of Ecma publications that explore IP-based enterprise communication involving Corporate telecommunication Networks (CNs) (al
20、so known as enterprise networks) and in particular Next Generation Corporate Networks (NGCN). The series particularly focuses on inter-domain communication, including communication between parts of the same enterprise, between enterprises and between enterprises and carriers. This particular Technic
21、al Report discusses issues related to the security of session-based communications and builds upon concepts introduced in ISO/IEC TR 12860. This Technical Report is based upon the practical experience of Ecma member companies and the results of their active and continuous participation in the work o
22、f ISO/IEC JTC1, ITU-T, ETSI, IETF and other international and national standardization bodies. It represents a pragmatic and widely based consensus. In particular, Ecma acknowledges valuable input from experts in ETSI TISPAN. TECHNICAL REPORT ISO/IEC TR 16166:2010 (E) ISO/IEC 2010 All rights reserve
23、d 1Information technology Telecommunications and information exchange between systems Next Generation Corporate Networks (NGCN) Security of session-based communications 1 Scope This Technical Report is one of a series of publications that provides an overview of IP-based enterprise communication inv
24、olving Corporate telecommunication Networks (CNs) (also known as enterprise networks) and in particular Next Generation Corporate Networks (NGCN). The series particularly focuses on session level communication based on the Session Initiation Protocol (SIP) 4, with an emphasis on inter-domain communi
25、cation. This includes communication between parts of the same enterprise (on dedicated infrastructures and/or hosted), between enterprises and between enterprises and public networks. Particular consideration is given to Next Generation Networks (NGN) as public networks and as providers of hosted en
26、terprise capabilities. Key technical issues are investigated, current standardisation work and gaps in this area are identified, and a number of requirements and recommendations are stated. Among other uses, this series of publications can act as a reference for other standardisation bodies working
27、in this field, including ETSI TISPAN, 3GPP, IETF and ITU-T. This particular Technical Report discusses security of session-based communications. It uses terminology and concepts developed in ISO/IEC TR 12860 1. It identifies a number of requirements impacting NGN standardisation and makes a number o
28、f recommendations concerning deployment of enterprise networks. Also a number of standardisation gaps are identified. Both signalling security and media security are considered. The scope of this Technical Report is limited to communications with a real-time element, including but not limited to voi
29、ce, video, real-time text, instant messaging and combinations of these (multi-media). The non- real-time streaming of media is not considered. For media, only security of transport (e.g., securing the Real- time Transport Protocol, RTP 6) is considered, and higher level security measures (e.g., digi
30、tal rights management) are not considered. Peer-to-peer signalling between SIP user agents (without involving SIP intermediaries) is not considered. Detailed considerations for lawful interception are outside the scope of this Technical Report, although general considerations for call recording and
31、audit are discussed. 2 References The following referenced documents are indispensable for the application of this document. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies. 1 ISO/IEC TR 12
32、860, Information technology Telecommunications and information exchange between systems Next Generation Corporate Networks (NGCN) General 2 ISO/IEC TR 12861, Information technology Telecommunications and information exchange between systems Next Generation Corporate Networks (NGCN) Identification an
33、d routing 3 ISO/IEC TR 16167, Information technology Telecommunications and information exchange between systems Next Generation Corporate Networks (NGCN) Emergency calls 4 IETF RFC 3261, SIP: Session Initiation Protocol 5 IETF RFC 3325, Private Extensions to the Session Initiation Protocol (SIP) fo
34、r Asserted Identity within Trusted Networks ISO/IEC TR 16166:2010(E) 2 ISO/IEC 2010 All rights reserved6 IETF RFC 3550, RTP: A Transport Protocol for Real-Time Applications 7 IETF RFC 3711, The Secure Real-time Transport Protocol (SRTP) 8 IETF RFC 3830, MIKEY: Multimedia Internet KEYing 9 IETF RFC 3
35、893, Session Initiation Protocol (SIP) Authenticated Identity Body (AIB) Format 10 IETF RFC 4119, A Presence-based GEOPRIV Location Object Format 11 IETF RFC 4301, Security Architecture for the Internet Protocol 12 IETF RFC 4346, The Transport Layer Security (TLS) Protocol Version 1.1 13 IETF RFC 43
36、47, Datagram Transport Layer Security 14 IETF RFC 4474, Enhancements for Authenticated Identity Management in the Session Initiation Protocol (SIP) 15 IETF RFC 4567, Key Management Extensions for Session Description Protocol (SDP) and Real Time Streaming Protocol (RTSP) 16 IETF RFC 4568, Session Des
37、cription Protocol (SDP) Security Descriptions for Media Streams 17 IETF RFC 4650, HMAC-Authenticated Diffie-Hellman for Multimedia Internet KEYing (MIKEY) 18 IETF RFC 4738, MIKEY-RSA-R: An Additional Mode of Key Distribution in Multimedia Internet KEYing (MIKEY) 19 IETF RFC 4916, Connected Identity
38、in the Session Initiation Protocol (SIP) 20 IETF RFC 4961, Symmetric RTP / RTP Control Protocol (RTCP) 21 IETF RFC 5626, Managing Client-Initiated Connections in the Session Initiation Protocol (SIP) 22 IETF RFC 5630, The Use of the SIPS URI Scheme in the Session Initiation Protocol (SIP) 23 IETF RF
39、C 5761, Multiplexing RTP Data and Control Packets on a Single Port 24 IETF RFC 5763, Framework for Establishing a Secure Real-time Transport Protocol (SRTP) Security Context Using Datagram Transport Layer Security (DTLS) 25 IETF RFC 5764, Datagram Transport Layer Security (DTLS) Extension to Establi
40、sh Keys for the Secure Real-time Transport Protocol (SRTP) 26 IETF draft-ietf-sip-connect-reuse-14, Connection Reuse in the Session Initiation Protocol (SIP) NOTE At the time of publication of this Technical Report, the IETF had approved this draft as a standards track RFC but had not published the
41、RFC and had not allocated an RFC number. If the draft is no longer available, readers should look for the RFC with the same title. 27 IETF draft-ietf-sipcore-location-conveyance-02, Location Conveyance for the Session Initiation Protocol NOTE At the time of publication of this Technical Report, the
42、IETF had not completed the approval process for this draft and had not allocated an RFC number. If the draft (or a later version) is no longer available, readers should look for the RFC with the same title. ISO/IEC TR 16166:2010(E) ISO/IEC 2010 All rights reserved 33.1 28 IETF draft-zimmermann-avt-z
43、rtp-16, ZRTP: Media Path Key Agreement for Secure RTP NOTE At the time of publication of this Technical Report, the IETF had not published this as an informational RFC. If the draft (or a later version) is no longer available, readers should look for the RFC with the same title. 29 ITU-T Recommendat
44、ion E.164, The international public telecommunication numbering plan 30 X.509, Information technology - Open Systems Interconnection - The Directory: Public-key and attribute certificate frameworks 31 3GPP TS 33.203, 3rd Generation Partnership Project; Technical Specification Group Services and Syst
45、em Aspects; 3G security; Access security for IP-based services (Release 8) 32 3GPP TS 33.210, 3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; 3G security; Network domain security; IP network layer security (Release 8) 33 3GPP TS 33.310, 3rd Generation P
46、artnership Project; Technical Specification Group Services and System Aspects; Network domain security; Authentication Framework (AF) (Release 8) 34 ETSI TS 187 003, Telecommunications and Internet converged Services and Protocols for Advanced Networking (TISPAN); NGN Security; Security Architecture
47、 35 IEEE 802.1x, IEEE Standard for Local and metropolitan area networks - Port-Based Network Access Control (2004) 36 IEEE 802.11, IEEE Standard for Information Technology - Telecommunications and information exchange between systems - Local and metropolitan area networks - Specific Requirements - P
48、art 11: Wireless LAN Media Access Control (MAC) and Physical Layer (PHY) Specifications (2007) 37 OASIS, Assertions and Protocols for the OASIS Security Assertion Markup Language (SAML) V2.0 (March 2005) 38 ISO/IEC 27001, Information technology - Security techniques - Information security management
49、 systems - Requirements 3 Terms and definitions For the purposes of this document, the following terms and definitions apply. External definitions This Technical Report uses the following terms defined in ISO/IEC TR 12860 1: Domain Enterprise network Next Generation Corporate Network (NGCN) Next Generation Network (NGN) Private network traffic Public network traffic Session Service Provider (SSP) ISO/IEC 9594-8
