SlideShare una empresa de Scribd logo

Real-Time-Communications Security-How to Deploy Presence and Instant Messaging Services

Oliver Pfaff
Oliver Pfaff

Presence- und Instant-Messaging-Programme wie AOL Instant Messenger sowie ICQ, Microsoft Messenger und Yahoo Messenger erfreuen sich einer stark steigenden Nutzung – insbesondere auch am Arbeitsplatz. Deren Nutzung führt jedoch zu erheblichen Bedro-hungsszenarien für die Unternehmenssicherheit. Richtig eingesetzt können IT-basierte Echt-zeitkommunikationssysteme jedoch signifikante Effizienzpotenziale für Unternehmen er-schließen. Daher ist die Realisierung geeigneter Lösungsarchitekturen von zentraler Bedeutung bei der Einführung von IT-basierten Echtzeitkommunikationsdiensten in Unternehmensnetzen. Die-ser Vortrag erörtert die gegebenen Bedrohungen, untersucht Gegenmaßnahmen und skiz-ziert Architekturen für die sichere Nutzung solcher Dienste.

Tecnología
1 de 22
Dr. Oliver Pfaff Real-Time-Communications Security How to Deploy Presence and Instant Messaging Services? Siemens Security Forum March 2-5 , 2004; Munich
Introduction What Are Real-Time-Communications? ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],File sharing Application sharing Voice conversation Instant messaging ... Presence ,[object Object]
Introduction What Do Presence Services Provide? ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Introduction What is the Current Status? ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Consumer-Grade Solutions Basic Architecture [email_address] [email_address] Presence and instant messaging service ‘rtc.com‘ Presence and instant messaging user agents 1 2 4 3 4 3 1. Register at presence service (authenticate) 1 2 2. Process incoming / request subscriptions 3. Supply / receive presence information 3 4. Supply / receive instant messages 4
Consumer-Grade Solutions ...in Relation to Enterprises Corporate network ‘acme.com‘ Presence and instant messaging user agents Presence and instant messaging service ‘rtc.com‘ [email_address] [email_address] sue@ acme.com bob@ acme.com Proxy ,[object Object],[object Object],[object Object]
Consumer-Grade Solutions IT-Security Status Quo ( Benchmark: Enterprise E-Mail Services ) ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Consumer-Grade Solutions IT-Security Status Quo ( Benchmark: Enterprise E-Mail Services) ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Consumer-Grade Solutions How to Prohibit Such Services? ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Consumer-Grade Solutions Does Communication Blocking Work? ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Consumer-Grade Solutions How to React? ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Enterprise-Grade Solutions Fundamental Properties ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Enterprise-Grade Solutions Basic Architecture on Base of SIP/SIMPLE 1.1 SIP REGISTER... 1.3 SIP REGISTER...Authorization... Sue signs in to RTC services [email_address] Presence and instant messaging service ‘rtc.acme.com‘ [email_address] SIP UAC SIP UAS SIP UAS SIP UAC SIP UAC SIP UAS 1.2 SIP 401 Unauthorized...WWW-Authenticate.... 1.4 SIP 200 OK.... Corporate network ‘acme.com‘
Enterprise-Grade Solutions Basic Architecture on Base of SIP/SIMPLE [email_address] Presence and instant messaging service ‘rtc.acme.com‘ [email_address] Corporate network ‘acme.com‘ Sue obtains her roaming data (e.g. contact list) SIP UAC SIP UAS SIP UAS SIP UAC SIP UAC SIP UAS 2.1 SIP SUBSCRIBE... 2.2 SIP 200 OK.... 2.3 SIP NOTIFY... Roaming data 2.4 SIP 200 OK....
Enterprise-Grade Solutions Basic Architecture on Base of SIP/SIMPLE [email_address] Presence and instant messaging service ‘rtc.acme.com‘ [email_address] Corporate network ‘acme.com‘ Bob wants to subscribe to the presence of Sue SIP UAC SIP UAS SIP UAS SIP UAC SIP UAC SIP UAS 3.1 SIP SUBSCRIBE... 3.2 SIP 200 OK.... 3.3 SIP NOTIFY... 3.4 SIP 200 OK....
Enterprise-Grade Solutions Basic Architecture on Base of SIP/SIMPLE [email_address] Presence and instant messaging service ‘rtc.acme.com‘ [email_address] Corporate network ‘acme.com‘ SIP UAC SIP UAS SIP UAS SIP UAC SIP UAC SIP UAS 4.3 SIP NOTIFY...Presence data 4.4 SIP 200 OK.... Sue grants Bob ‘s subscription 4.1 SIP SERVICE... Authorization data 4.2 SIP 200 OK.... Bob obtains Sue ‘s presence information
Enterprise-Grade Solutions Basic Architecture on Base of SIP/SIMPLE [email_address] Presence and instant messaging service ‘rtc.acme.com‘ [email_address] Corporate network ‘acme.com‘ Bob says ‚hello‘ SIP UAC SIP UAS SIP UAS SIP UAC SIP UAC SIP UAS 4.1 SIP MESSAGE...Data 4. 3 SIP 200 OK.... 4.2 SIP MESSAGE...Data 4. 4 SIP 200 OK....
Enterprise-Grade Solutions Inter-Enterprise Communications Corporate network ‘acme.com‘ bob@ acme.com Presence and instant messaging user agents Presence and instant messaging service ‘rtc.acme.com‘ sue@ acme.com Proxy Presence and instant messaging user agents Presence and instant messaging service ‘rtc.foo.com‘ Proxy ann@ foo.com tom@ foo.com Corporate network ‘foo.com‘
Enterprise-Grade Solutions IT-Security Status Quo ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Conclusions ,[object Object],[object Object],[object Object],[object Object],[object Object]
Abbreviations ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Author Information ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Recomendados

Ch12(revised 20071226)
Ch12(revised 20071226)Ch12(revised 20071226)
Ch12(revised 20071226)華穗 徐
 
Intranet Pdf
Intranet PdfIntranet Pdf
Intranet Pdfkhammett
 
M A M C H A R O
M A M C H A R OM A M C H A R O
M A M C H A R Olime17
 
Communicate Easily with Others in Different Locations with Microsoft Office C...
Communicate Easily with Others in Different Locations with Microsoft Office C...Communicate Easily with Others in Different Locations with Microsoft Office C...
Communicate Easily with Others in Different Locations with Microsoft Office C...Microsoft Private Cloud
 
Distributed Systems
Distributed SystemsDistributed Systems
Distributed Systemsmitali.ray
 
What is E-business?
What is E-business?What is E-business?
What is E-business?vikas
 
Business Data Communications and Networking 12th Edition FitzGerald Solutions...
Business Data Communications and Networking 12th Edition FitzGerald Solutions...Business Data Communications and Networking 12th Edition FitzGerald Solutions...
Business Data Communications and Networking 12th Edition FitzGerald Solutions...TylerYuli
 
Report on intranet
Report on intranetReport on intranet
Report on intranetAmandeep Kaur
 

Recomendados

Ch12(revised 20071226)
Ch12(revised 20071226)Ch12(revised 20071226)
Ch12(revised 20071226)華穗 徐
 
Intranet Pdf
Intranet PdfIntranet Pdf
Intranet Pdfkhammett
 
M A M C H A R O
M A M C H A R OM A M C H A R O
M A M C H A R Olime17
 
Communicate Easily with Others in Different Locations with Microsoft Office C...
Communicate Easily with Others in Different Locations with Microsoft Office C...Communicate Easily with Others in Different Locations with Microsoft Office C...
Communicate Easily with Others in Different Locations with Microsoft Office C...Microsoft Private Cloud
 
Distributed Systems
Distributed SystemsDistributed Systems
Distributed Systemsmitali.ray
 
What is E-business?
What is E-business?What is E-business?
What is E-business?vikas
 
Business Data Communications and Networking 12th Edition FitzGerald Solutions...
Business Data Communications and Networking 12th Edition FitzGerald Solutions...Business Data Communications and Networking 12th Edition FitzGerald Solutions...
Business Data Communications and Networking 12th Edition FitzGerald Solutions...TylerYuli
 
Report on intranet
Report on intranetReport on intranet
Report on intranetAmandeep Kaur
 
ESB Overview
ESB OverviewESB Overview
ESB OverviewHamid Ghorbani
 
Topic no. 8 unified communication
Topic no. 8 unified communicationTopic no. 8 unified communication
Topic no. 8 unified communicationjapsabs
 
M A M C H A R O 2003
M A M C H A R O 2003M A M C H A R O 2003
M A M C H A R O 2003lime17
 
Cloud Apps Part II: Improving Insurance Agency Communications
Cloud Apps Part II: Improving Insurance Agency CommunicationsCloud Apps Part II: Improving Insurance Agency Communications
Cloud Apps Part II: Improving Insurance Agency CommunicationsStrategic Insurance Software
 
India’s Largest Municipal Corporation improves citizen service using a zero d...
India’s Largest Municipal Corporation improves citizen service using a zero d...India’s Largest Municipal Corporation improves citizen service using a zero d...
India’s Largest Municipal Corporation improves citizen service using a zero d...Mithi SkyConnect
 
PROJECT ARRANGED (FINAL)
PROJECT ARRANGED (FINAL)PROJECT ARRANGED (FINAL)
PROJECT ARRANGED (FINAL)Joseph Olumide
 
Web-services
Web-services Web-services
Web-services webhostingguy
 
Intranet mailing system
Intranet mailing systemIntranet mailing system
Intranet mailing systemsaili mane
 
INTRANET MAILING SYSTEM BY SAIKIRAN PANJALA
INTRANET MAILING SYSTEM BY SAIKIRAN PANJALAINTRANET MAILING SYSTEM BY SAIKIRAN PANJALA
INTRANET MAILING SYSTEM BY SAIKIRAN PANJALASaikiran Panjala
 
Security for Future Networks: A Prospective Study of AAIs
Security for Future Networks: A Prospective Study of AAIsSecurity for Future Networks: A Prospective Study of AAIs
Security for Future Networks: A Prospective Study of AAIsidescitation
 
Presentation 3 for Students of professordkinney.com
Presentation 3 for Students of professordkinney.comPresentation 3 for Students of professordkinney.com
Presentation 3 for Students of professordkinney.comArnold Derrick Kinney
 
Network concepts and wi fi
Network concepts and wi fiNetwork concepts and wi fi
Network concepts and wi fiDeepak John
 
A Comparative Study Of Remote Access Technologies and Implementation of a Sma...
A Comparative Study Of Remote Access Technologies and Implementation of a Sma...A Comparative Study Of Remote Access Technologies and Implementation of a Sma...
A Comparative Study Of Remote Access Technologies and Implementation of a Sma...Editor IJCATR
 
SOA for Telecom | Torry Harris Whitepaper
SOA for Telecom | Torry Harris WhitepaperSOA for Telecom | Torry Harris Whitepaper
SOA for Telecom | Torry Harris WhitepaperTorry Harris Business Solutions
 
Middleware Technologies ppt
Middleware Technologies pptMiddleware Technologies ppt
Middleware Technologies pptOECLIB Odisha Electronics Control Library
 
Internship report ppt
Internship report pptInternship report ppt
Internship report pptabdikissi
 
Raspberry Pi Based Client-Server Synchronization Using GPRS
Raspberry Pi Based Client-Server Synchronization Using GPRSRaspberry Pi Based Client-Server Synchronization Using GPRS
Raspberry Pi Based Client-Server Synchronization Using GPRSIJTET Journal
 
Chat application android app ppt
Chat application android app pptChat application android app ppt
Chat application android app pptZreena
 
Indigo Product And Technology Overivew 2005
Indigo Product And Technology Overivew 2005 Indigo Product And Technology Overivew 2005
Indigo Product And Technology Overivew 2005 ir. Carmelo Zaccone
 
202160902-Internet-Intranet-Extranet.ppt
202160902-Internet-Intranet-Extranet.ppt202160902-Internet-Intranet-Extranet.ppt
202160902-Internet-Intranet-Extranet.pptDizzi1
 
A Deep Dive in the World of IT Networking (Part 2)
A Deep Dive in the World of IT Networking (Part 2)A Deep Dive in the World of IT Networking (Part 2)
A Deep Dive in the World of IT Networking (Part 2)Tuan Yang
 
IP Multimedia Subsystems Overview - My Training on IMS
IP Multimedia Subsystems Overview - My Training on IMSIP Multimedia Subsystems Overview - My Training on IMS
IP Multimedia Subsystems Overview - My Training on IMSInam Khosa
 

Más contenido relacionado

La actualidad más candente

Topic no. 8 unified communication
Topic no. 8 unified communicationTopic no. 8 unified communication
Topic no. 8 unified communicationjapsabs
 
M A M C H A R O 2003
M A M C H A R O 2003M A M C H A R O 2003
M A M C H A R O 2003lime17
 
Cloud Apps Part II: Improving Insurance Agency Communications
Cloud Apps Part II: Improving Insurance Agency CommunicationsCloud Apps Part II: Improving Insurance Agency Communications
Cloud Apps Part II: Improving Insurance Agency CommunicationsStrategic Insurance Software
 
India’s Largest Municipal Corporation improves citizen service using a zero d...
India’s Largest Municipal Corporation improves citizen service using a zero d...India’s Largest Municipal Corporation improves citizen service using a zero d...
India’s Largest Municipal Corporation improves citizen service using a zero d...Mithi SkyConnect
 
PROJECT ARRANGED (FINAL)
PROJECT ARRANGED (FINAL)PROJECT ARRANGED (FINAL)
PROJECT ARRANGED (FINAL)Joseph Olumide
 
Intranet mailing system
Intranet mailing systemIntranet mailing system
Intranet mailing systemsaili mane
 
INTRANET MAILING SYSTEM BY SAIKIRAN PANJALA
INTRANET MAILING SYSTEM BY SAIKIRAN PANJALAINTRANET MAILING SYSTEM BY SAIKIRAN PANJALA
INTRANET MAILING SYSTEM BY SAIKIRAN PANJALASaikiran Panjala
 
Security for Future Networks: A Prospective Study of AAIs
Security for Future Networks: A Prospective Study of AAIsSecurity for Future Networks: A Prospective Study of AAIs
Security for Future Networks: A Prospective Study of AAIsidescitation
 
Presentation 3 for Students of professordkinney.com
Presentation 3 for Students of professordkinney.comPresentation 3 for Students of professordkinney.com
Presentation 3 for Students of professordkinney.comArnold Derrick Kinney
 
Network concepts and wi fi
Network concepts and wi fiNetwork concepts and wi fi
Network concepts and wi fiDeepak John
 
A Comparative Study Of Remote Access Technologies and Implementation of a Sma...
A Comparative Study Of Remote Access Technologies and Implementation of a Sma...A Comparative Study Of Remote Access Technologies and Implementation of a Sma...
A Comparative Study Of Remote Access Technologies and Implementation of a Sma...Editor IJCATR
 
Internship report ppt
Internship report pptInternship report ppt
Internship report pptabdikissi
 
Raspberry Pi Based Client-Server Synchronization Using GPRS
Raspberry Pi Based Client-Server Synchronization Using GPRSRaspberry Pi Based Client-Server Synchronization Using GPRS
Raspberry Pi Based Client-Server Synchronization Using GPRSIJTET Journal
 
Chat application android app ppt
Chat application android app pptChat application android app ppt
Chat application android app pptZreena
 

La actualidad más candente (18)

ESB Overview
ESB OverviewESB Overview
ESB Overview
 
Topic no. 8 unified communication
Topic no. 8 unified communicationTopic no. 8 unified communication
Topic no. 8 unified communication
 
M A M C H A R O 2003
M A M C H A R O 2003M A M C H A R O 2003
M A M C H A R O 2003
 
Cloud Apps Part II: Improving Insurance Agency Communications
Cloud Apps Part II: Improving Insurance Agency CommunicationsCloud Apps Part II: Improving Insurance Agency Communications
Cloud Apps Part II: Improving Insurance Agency Communications
 
India’s Largest Municipal Corporation improves citizen service using a zero d...
India’s Largest Municipal Corporation improves citizen service using a zero d...India’s Largest Municipal Corporation improves citizen service using a zero d...
India’s Largest Municipal Corporation improves citizen service using a zero d...
 
PROJECT ARRANGED (FINAL)
PROJECT ARRANGED (FINAL)PROJECT ARRANGED (FINAL)
PROJECT ARRANGED (FINAL)
 
Web-services
Web-services Web-services
Web-services
 
Intranet mailing system
Intranet mailing systemIntranet mailing system
Intranet mailing system
 
INTRANET MAILING SYSTEM BY SAIKIRAN PANJALA
INTRANET MAILING SYSTEM BY SAIKIRAN PANJALAINTRANET MAILING SYSTEM BY SAIKIRAN PANJALA
INTRANET MAILING SYSTEM BY SAIKIRAN PANJALA
 
Security for Future Networks: A Prospective Study of AAIs
Security for Future Networks: A Prospective Study of AAIsSecurity for Future Networks: A Prospective Study of AAIs
Security for Future Networks: A Prospective Study of AAIs
 
Presentation 3 for Students of professordkinney.com
Presentation 3 for Students of professordkinney.comPresentation 3 for Students of professordkinney.com
Presentation 3 for Students of professordkinney.com
 
Network concepts and wi fi
Network concepts and wi fiNetwork concepts and wi fi
Network concepts and wi fi
 
A Comparative Study Of Remote Access Technologies and Implementation of a Sma...
A Comparative Study Of Remote Access Technologies and Implementation of a Sma...A Comparative Study Of Remote Access Technologies and Implementation of a Sma...
A Comparative Study Of Remote Access Technologies and Implementation of a Sma...
 
SOA for Telecom | Torry Harris Whitepaper
SOA for Telecom | Torry Harris WhitepaperSOA for Telecom | Torry Harris Whitepaper
SOA for Telecom | Torry Harris Whitepaper
 
Middleware Technologies ppt
Middleware Technologies pptMiddleware Technologies ppt
Middleware Technologies ppt
 
Internship report ppt
Internship report pptInternship report ppt
Internship report ppt
 
Raspberry Pi Based Client-Server Synchronization Using GPRS
Raspberry Pi Based Client-Server Synchronization Using GPRSRaspberry Pi Based Client-Server Synchronization Using GPRS
Raspberry Pi Based Client-Server Synchronization Using GPRS
 
Chat application android app ppt
Chat application android app pptChat application android app ppt
Chat application android app ppt
 

Similar a Real-Time-Communications Security-How to Deploy Presence and Instant Messaging Services

Indigo Product And Technology Overivew 2005
Indigo Product And Technology Overivew 2005 Indigo Product And Technology Overivew 2005
Indigo Product And Technology Overivew 2005 ir. Carmelo Zaccone
 
202160902-Internet-Intranet-Extranet.ppt
202160902-Internet-Intranet-Extranet.ppt202160902-Internet-Intranet-Extranet.ppt
202160902-Internet-Intranet-Extranet.pptDizzi1
 
A Deep Dive in the World of IT Networking (Part 2)
A Deep Dive in the World of IT Networking (Part 2)A Deep Dive in the World of IT Networking (Part 2)
A Deep Dive in the World of IT Networking (Part 2)Tuan Yang
 
IP Multimedia Subsystems Overview - My Training on IMS
IP Multimedia Subsystems Overview - My Training on IMSIP Multimedia Subsystems Overview - My Training on IMS
IP Multimedia Subsystems Overview - My Training on IMSInam Khosa
 
Case study about voip
Case study about voipCase study about voip
Case study about voipelmudthir
 
A novel way of integrating voice recognition and one time passwords to preven...
A novel way of integrating voice recognition and one time passwords to preven...A novel way of integrating voice recognition and one time passwords to preven...
A novel way of integrating voice recognition and one time passwords to preven...ijdpsjournal
 
imsipmultimediasubsystempresent-101117110625-phpapp01.ppt
imsipmultimediasubsystempresent-101117110625-phpapp01.pptimsipmultimediasubsystempresent-101117110625-phpapp01.ppt
imsipmultimediasubsystempresent-101117110625-phpapp01.pptakimor
 
TECHNOLOGY IN COMMUNICATION
TECHNOLOGY IN COMMUNICATION TECHNOLOGY IN COMMUNICATION
TECHNOLOGY IN COMMUNICATION Abhishek Pachisia
 
Communications Technologies
Communications TechnologiesCommunications Technologies
Communications TechnologiesSarah Jimenez
 
Chapter 10 - Application Layer
Chapter 10 - Application LayerChapter 10 - Application Layer
Chapter 10 - Application LayerYaser Rahmati
 
CCNAv5 - S1: Chapter 10 Application Layer
CCNAv5 - S1: Chapter 10 Application LayerCCNAv5 - S1: Chapter 10 Application Layer
CCNAv5 - S1: Chapter 10 Application LayerVuz Dở Hơi
 
Chapter 10 : Application layer
Chapter 10 : Application layerChapter 10 : Application layer
Chapter 10 : Application layerteknetir
 
IMS IP multimedia subsystem presentation
IMS IP multimedia subsystem presentationIMS IP multimedia subsystem presentation
IMS IP multimedia subsystem presentationWaldir R. Pires Jr
 
The Future of Identity in the Cloud: Requirements, Risks and Opportunities - ...
The Future of Identity in the Cloud: Requirements, Risks and Opportunities - ...The Future of Identity in the Cloud: Requirements, Risks and Opportunities - ...
The Future of Identity in the Cloud: Requirements, Risks and Opportunities - ...gueste4e93e3
 
Session initiation protocol security considerations
Session initiation protocol security considerationsSession initiation protocol security considerations
Session initiation protocol security considerationsSami Knuutinen
 
Corporate Security Issues and countering them using Unified Threat Management...
Corporate Security Issues and countering them using Unified Threat Management...Corporate Security Issues and countering them using Unified Threat Management...
Corporate Security Issues and countering them using Unified Threat Management...Rishabh Dangwal
 

Similar a Real-Time-Communications Security-How to Deploy Presence and Instant Messaging Services (20)

Indigo Product And Technology Overivew 2005
Indigo Product And Technology Overivew 2005 Indigo Product And Technology Overivew 2005
Indigo Product And Technology Overivew 2005
 
202160902-Internet-Intranet-Extranet.ppt
202160902-Internet-Intranet-Extranet.ppt202160902-Internet-Intranet-Extranet.ppt
202160902-Internet-Intranet-Extranet.ppt
 
A Deep Dive in the World of IT Networking (Part 2)
A Deep Dive in the World of IT Networking (Part 2)A Deep Dive in the World of IT Networking (Part 2)
A Deep Dive in the World of IT Networking (Part 2)
 
IP Multimedia Subsystems Overview - My Training on IMS
IP Multimedia Subsystems Overview - My Training on IMSIP Multimedia Subsystems Overview - My Training on IMS
IP Multimedia Subsystems Overview - My Training on IMS
 
Overview of Microsoft Exchange Online
Overview of Microsoft Exchange OnlineOverview of Microsoft Exchange Online
Overview of Microsoft Exchange Online
 
Case study about voip
Case study about voipCase study about voip
Case study about voip
 
A novel way of integrating voice recognition and one time passwords to preven...
A novel way of integrating voice recognition and one time passwords to preven...A novel way of integrating voice recognition and one time passwords to preven...
A novel way of integrating voice recognition and one time passwords to preven...
 
imsipmultimediasubsystempresent-101117110625-phpapp01.ppt
imsipmultimediasubsystempresent-101117110625-phpapp01.pptimsipmultimediasubsystempresent-101117110625-phpapp01.ppt
imsipmultimediasubsystempresent-101117110625-phpapp01.ppt
 
TECHNOLOGY IN COMMUNICATION
TECHNOLOGY IN COMMUNICATION TECHNOLOGY IN COMMUNICATION
TECHNOLOGY IN COMMUNICATION
 
Why Do I Need an SBC
Why Do I Need an SBCWhy Do I Need an SBC
Why Do I Need an SBC
 
Communications Technologies
Communications TechnologiesCommunications Technologies
Communications Technologies
 
Chapter 10 - Application Layer
Chapter 10 - Application LayerChapter 10 - Application Layer
Chapter 10 - Application Layer
 
CCNAv5 - S1: Chapter 10 Application Layer
CCNAv5 - S1: Chapter 10 Application LayerCCNAv5 - S1: Chapter 10 Application Layer
CCNAv5 - S1: Chapter 10 Application Layer
 
Chapter 10 : Application layer
Chapter 10 : Application layerChapter 10 : Application layer
Chapter 10 : Application layer
 
IMS IP multimedia subsystem presentation
IMS IP multimedia subsystem presentationIMS IP multimedia subsystem presentation
IMS IP multimedia subsystem presentation
 
The Future of Identity in the Cloud: Requirements, Risks and Opportunities - ...
The Future of Identity in the Cloud: Requirements, Risks and Opportunities - ...The Future of Identity in the Cloud: Requirements, Risks and Opportunities - ...
The Future of Identity in the Cloud: Requirements, Risks and Opportunities - ...
 
Craft2.ppt
Craft2.pptCraft2.ppt
Craft2.ppt
 
Craft2.ppt
Craft2.pptCraft2.ppt
Craft2.ppt
 
Session initiation protocol security considerations
Session initiation protocol security considerationsSession initiation protocol security considerations
Session initiation protocol security considerations
 
Corporate Security Issues and countering them using Unified Threat Management...
Corporate Security Issues and countering them using Unified Threat Management...Corporate Security Issues and countering them using Unified Threat Management...
Corporate Security Issues and countering them using Unified Threat Management...
 

Más de Oliver Pfaff

Trends in IIoT and OT Security
Trends in IIoT and OT SecurityTrends in IIoT and OT Security
Trends in IIoT and OT SecurityOliver Pfaff
 
Web-of-Things and Services Security
Web-of-Things and Services SecurityWeb-of-Things and Services Security
Web-of-Things and Services SecurityOliver Pfaff
 
Deciphering 'Claims-based Identity'
Deciphering 'Claims-based Identity'Deciphering 'Claims-based Identity'
Deciphering 'Claims-based Identity'Oliver Pfaff
 
IT-Security@Contemporary Life
IT-Security@Contemporary LifeIT-Security@Contemporary Life
IT-Security@Contemporary LifeOliver Pfaff
 
New Trends in Web Security
New Trends in Web SecurityNew Trends in Web Security
New Trends in Web SecurityOliver Pfaff
 
OpenID Connect - An Emperor or Just New Cloths?
OpenID Connect - An Emperor or Just New Cloths?OpenID Connect - An Emperor or Just New Cloths?
OpenID Connect - An Emperor or Just New Cloths?Oliver Pfaff
 
Does REST Change the Game for IAM?
Does REST Change the Game for IAM?Does REST Change the Game for IAM?
Does REST Change the Game for IAM?Oliver Pfaff
 
Trust in E- and M-Business - Advances Through IT-Security
Trust in E- and M-Business - Advances Through IT-SecurityTrust in E- and M-Business - Advances Through IT-Security
Trust in E- and M-Business - Advances Through IT-SecurityOliver Pfaff
 
Identifying How WAP Can Be Used For Secure mBusiness
Identifying How WAP Can Be Used For Secure mBusinessIdentifying How WAP Can Be Used For Secure mBusiness
Identifying How WAP Can Be Used For Secure mBusinessOliver Pfaff
 
Early Adopting Java WSIT-Experiences with Windows CardSpace
Early Adopting Java WSIT-Experiences with Windows CardSpaceEarly Adopting Java WSIT-Experiences with Windows CardSpace
Early Adopting Java WSIT-Experiences with Windows CardSpaceOliver Pfaff
 
Implementing Public-Key-Infrastructures
Implementing Public-Key-InfrastructuresImplementing Public-Key-Infrastructures
Implementing Public-Key-InfrastructuresOliver Pfaff
 
Identity 2.0 and User-Centric Identity
Identity 2.0 and User-Centric IdentityIdentity 2.0 and User-Centric Identity
Identity 2.0 and User-Centric IdentityOliver Pfaff
 
State-of-the-Art in Web Services Federation
State-of-the-Art in Web Services FederationState-of-the-Art in Web Services Federation
State-of-the-Art in Web Services FederationOliver Pfaff
 
Unified Security Architectures for Web and WAP
Unified Security Architectures for Web and WAPUnified Security Architectures for Web and WAP
Unified Security Architectures for Web and WAPOliver Pfaff
 
Identity 2.0, Web services and SOA in Health Care
Identity 2.0, Web services and SOA in Health CareIdentity 2.0, Web services and SOA in Health Care
Identity 2.0, Web services and SOA in Health CareOliver Pfaff
 
SOA Security - So What?
SOA Security - So What?SOA Security - So What?
SOA Security - So What?Oliver Pfaff
 

Más de Oliver Pfaff (18)

Trends in IIoT and OT Security
Trends in IIoT and OT SecurityTrends in IIoT and OT Security
Trends in IIoT and OT Security
 
Web-of-Things and Services Security
Web-of-Things and Services SecurityWeb-of-Things and Services Security
Web-of-Things and Services Security
 
Deciphering 'Claims-based Identity'
Deciphering 'Claims-based Identity'Deciphering 'Claims-based Identity'
Deciphering 'Claims-based Identity'
 
IT-Security@Contemporary Life
IT-Security@Contemporary LifeIT-Security@Contemporary Life
IT-Security@Contemporary Life
 
OAuth Base Camp
OAuth Base CampOAuth Base Camp
OAuth Base Camp
 
New Trends in Web Security
New Trends in Web SecurityNew Trends in Web Security
New Trends in Web Security
 
OpenID Connect - An Emperor or Just New Cloths?
OpenID Connect - An Emperor or Just New Cloths?OpenID Connect - An Emperor or Just New Cloths?
OpenID Connect - An Emperor or Just New Cloths?
 
Does REST Change the Game for IAM?
Does REST Change the Game for IAM?Does REST Change the Game for IAM?
Does REST Change the Game for IAM?
 
Analyzing OAuth
Analyzing OAuthAnalyzing OAuth
Analyzing OAuth
 
Trust in E- and M-Business - Advances Through IT-Security
Trust in E- and M-Business - Advances Through IT-SecurityTrust in E- and M-Business - Advances Through IT-Security
Trust in E- and M-Business - Advances Through IT-Security
 
Identifying How WAP Can Be Used For Secure mBusiness
Identifying How WAP Can Be Used For Secure mBusinessIdentifying How WAP Can Be Used For Secure mBusiness
Identifying How WAP Can Be Used For Secure mBusiness
 
Early Adopting Java WSIT-Experiences with Windows CardSpace
Early Adopting Java WSIT-Experiences with Windows CardSpaceEarly Adopting Java WSIT-Experiences with Windows CardSpace
Early Adopting Java WSIT-Experiences with Windows CardSpace
 
Implementing Public-Key-Infrastructures
Implementing Public-Key-InfrastructuresImplementing Public-Key-Infrastructures
Implementing Public-Key-Infrastructures
 
Identity 2.0 and User-Centric Identity
Identity 2.0 and User-Centric IdentityIdentity 2.0 and User-Centric Identity
Identity 2.0 and User-Centric Identity
 
State-of-the-Art in Web Services Federation
State-of-the-Art in Web Services FederationState-of-the-Art in Web Services Federation
State-of-the-Art in Web Services Federation
 
Unified Security Architectures for Web and WAP
Unified Security Architectures for Web and WAPUnified Security Architectures for Web and WAP
Unified Security Architectures for Web and WAP
 
Identity 2.0, Web services and SOA in Health Care
Identity 2.0, Web services and SOA in Health CareIdentity 2.0, Web services and SOA in Health Care
Identity 2.0, Web services and SOA in Health Care
 
SOA Security - So What?
SOA Security - So What?SOA Security - So What?
SOA Security - So What?
 

Último

[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 

Último (20)

[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 

Real-Time-Communications Security-How to Deploy Presence and Instant Messaging Services

  • 1. Dr. Oliver Pfaff Real-Time-Communications Security How to Deploy Presence and Instant Messaging Services? Siemens Security Forum March 2-5 , 2004; Munich
  • 2.
  • 3.
  • 4.
  • 5. Consumer-Grade Solutions Basic Architecture [email_address] [email_address] Presence and instant messaging service ‘rtc.com‘ Presence and instant messaging user agents 1 2 4 3 4 3 1. Register at presence service (authenticate) 1 2 2. Process incoming / request subscriptions 3. Supply / receive presence information 3 4. Supply / receive instant messages 4
  • 6.
  • 7.
  • 8.
  • 9.
  • 10.
  • 11.
  • 12.
  • 13. Enterprise-Grade Solutions Basic Architecture on Base of SIP/SIMPLE 1.1 SIP REGISTER... 1.3 SIP REGISTER...Authorization... Sue signs in to RTC services [email_address] Presence and instant messaging service ‘rtc.acme.com‘ [email_address] SIP UAC SIP UAS SIP UAS SIP UAC SIP UAC SIP UAS 1.2 SIP 401 Unauthorized...WWW-Authenticate.... 1.4 SIP 200 OK.... Corporate network ‘acme.com‘
  • 14. Enterprise-Grade Solutions Basic Architecture on Base of SIP/SIMPLE [email_address] Presence and instant messaging service ‘rtc.acme.com‘ [email_address] Corporate network ‘acme.com‘ Sue obtains her roaming data (e.g. contact list) SIP UAC SIP UAS SIP UAS SIP UAC SIP UAC SIP UAS 2.1 SIP SUBSCRIBE... 2.2 SIP 200 OK.... 2.3 SIP NOTIFY... Roaming data 2.4 SIP 200 OK....
  • 15. Enterprise-Grade Solutions Basic Architecture on Base of SIP/SIMPLE [email_address] Presence and instant messaging service ‘rtc.acme.com‘ [email_address] Corporate network ‘acme.com‘ Bob wants to subscribe to the presence of Sue SIP UAC SIP UAS SIP UAS SIP UAC SIP UAC SIP UAS 3.1 SIP SUBSCRIBE... 3.2 SIP 200 OK.... 3.3 SIP NOTIFY... 3.4 SIP 200 OK....
  • 16. Enterprise-Grade Solutions Basic Architecture on Base of SIP/SIMPLE [email_address] Presence and instant messaging service ‘rtc.acme.com‘ [email_address] Corporate network ‘acme.com‘ SIP UAC SIP UAS SIP UAS SIP UAC SIP UAC SIP UAS 4.3 SIP NOTIFY...Presence data 4.4 SIP 200 OK.... Sue grants Bob ‘s subscription 4.1 SIP SERVICE... Authorization data 4.2 SIP 200 OK.... Bob obtains Sue ‘s presence information
  • 17. Enterprise-Grade Solutions Basic Architecture on Base of SIP/SIMPLE [email_address] Presence and instant messaging service ‘rtc.acme.com‘ [email_address] Corporate network ‘acme.com‘ Bob says ‚hello‘ SIP UAC SIP UAS SIP UAS SIP UAC SIP UAC SIP UAS 4.1 SIP MESSAGE...Data 4. 3 SIP 200 OK.... 4.2 SIP MESSAGE...Data 4. 4 SIP 200 OK....
  • 18. Enterprise-Grade Solutions Inter-Enterprise Communications Corporate network ‘acme.com‘ bob@ acme.com Presence and instant messaging user agents Presence and instant messaging service ‘rtc.acme.com‘ sue@ acme.com Proxy Presence and instant messaging user agents Presence and instant messaging service ‘rtc.foo.com‘ Proxy ann@ foo.com tom@ foo.com Corporate network ‘foo.com‘
  • 19.
  • 20.
  • 21.
  • 22.