A45 -- Telecom Services: Architecture, Protocols, and Security

Course description

Voice over Internet Protocol (VoIP) is recognized as one of the most representative telecommunication services that rely on Internet Protocol (IP) networks. This course will introduce the architectures and protocols of VoIP networks, as well as the fundamentals of network security. In addition, the security best practices deployed in VoIP networks will be discussed. More specifically, the course contains the following ingredients,

Signaling: This module covers the architectures and protocoles that are associated to the ''intelligence'' part of IP network (equivalent to ''SS'' in circuit switched networks). We particularly exemplify Session Initiation Protocol (SIP) for illustrating the establishment, control and maintenance of VoIP service. Its integration with security mechanisms will be addressed, as well as with other applications through different technologies or ''API'' (e.g. JAIN SIP).

Security: This part firstly introduces the fundamentals of network security, ranging from the basics of applied cryptography to security protocols such as IPsec, TLS/SSL, S/MIME and security mechanisms like firewall, IDS. The potential threats and attacks in VoIP networks, as well as their countermeasures will be also discussed.

A set of TP and TD will be conducted to help the students to understand the relevant concepts. 

Syllabus (duration: 28.5 hours)

 1. Signaling (instructor: Mr. Ahmed MEDDAHI@TELECOM Lille, 7.5 Hours) 

         1.1 Introduction on SS7 signaling in the circuit switched

         1.2 The principles and fundamentals of SIP signaling in the scenarios such as Voice call, IM, QoS, Security

         1.3 The comparison between SIP with SS7 and other signaling protocols (H323, Megaco)

     2.  Security (instructor: Mr. Zonghua ZHANG@TELECOM Lille, 10.5 Hours)

          2.1 Network protocols and vulnerabilities, namely TCP/IP, routing protocols, DNS.            

          2.2 Network defense mechanisms: basics of cryptography, cryptographic protocols, and security systems          

          2.3 SIP Vulnerabilities and security best practices in VoIP networks

    3.  TDs (6 Hours) 

          3.1 SIP

          3.2 Security    

    4.  TPs (4.5 Hours)： SIP traffic monitoring & anlaysis, http digest authentication, etc.

Please note: The security part will be given in English, and one of the TD and TP groups will be instructed in English as well.  

• References

1. Patrick Park, ''Voice over IP Security'', Published by Cisco Press.

2. Alan B. Johnson, ''Understanding the Session Initiation Protocol", Editions Artech House.

3. "VoIP Security Vulnerabilities," SANS Institute, 20007.

4. Ravi Jain et al., ''Call Control in Java, XML, and Parlay/OSA'', Edition John Wiley & Sons.

5. D. Sisalem, J. Floroiu, J. Kuthan, U. Abend, H. Schulzrinne,''SIP Security'', Edition John Wiley & Sons, 2009.

6. William Stallings, Network Security Essentials: Applications and Standards, 4/E, ISBN-10: 0136108059, ISBN-13: 9780136108054, Prentice Hall, 2010

   • Books by Willam Stallings

7. D. Sisalem, J. Floroiu, J. Kuthan, U. Abend, and H. Schulzrinne, “SIP Security”, Wiley, 2009.

• Quick Links

  • Cryptography basics by RSA 

  • Cryptographic Toolkits (NIST)

  • SIP Introduction

  • Voice over IP Security Alliance (VOIPSA)

  • VoIP security resources