Pregled bibliografske jedinice broj: 202842
Real-time Management of Firewalls for Enabling SIP Communication
Real-time Management of Firewalls for Enabling SIP Communication // XXVII. International Convention MIPRO 2005 / Golubić, Stjepan ; Mikac, Branko ; Hudek, Vlasta (ur.).
Opatija: Hrvatska udruga za informacijsku i komunikacijsku tehnologiju, elektroniku i mikroelektroniku - MIPRO, 2005. str. 101-105 (predavanje, međunarodna recenzija, cjeloviti rad (in extenso), znanstveni)
CROSBI ID: 202842 Za ispravke kontaktirajte CROSBI podršku putem web obrasca
Naslov
Real-time Management of Firewalls for Enabling SIP Communication
Autori
Penco, Bruno ; Pilat, Goran ; Gracin, Josip
Vrsta, podvrsta i kategorija rada
Radovi u zbornicima skupova, cjeloviti rad (in extenso), znanstveni
Izvornik
XXVII. International Convention MIPRO 2005
/ Golubić, Stjepan ; Mikac, Branko ; Hudek, Vlasta - Opatija : Hrvatska udruga za informacijsku i komunikacijsku tehnologiju, elektroniku i mikroelektroniku - MIPRO, 2005, 101-105
Skup
XXVIII. International Convention, CTI
Mjesto i datum
Opatija, Hrvatska, 30.05.2005. - 03.06.2005
Vrsta sudjelovanja
Predavanje
Vrsta recenzije
Međunarodna recenzija
Ključne riječi
SIP; VoIP; firewall; MIDCOM
Sažetak
In the time of growing usage of IP-based technologies, protecting network resources from unauthorized access is of greater and greater importance. To control access to network resources the traffic between intranet and the Internet usually passes through a firewall device. Although very useful in controlling access to network resources, firewalls present a problem for applications that dynamically allocate TCP or UDP ports in their communication. In SIP protocol, during the establishment of a new session, User Agents negotiate ports through which audio and video RTP streams will flow. In order to enable these flows through firewall, the information about used ports must be communicated to the firewall. For this purpose, we have developed a "SIP firewall" and in this paper we present its architecture and implementation. This firewall is capable of dynamically opening and closing ports according to the requirements of SIP sessions. It consists of two parts: the SIP proxy and the firewall device (also called middlebox device). Both of these parts perform their usual duties, with the addition of opening and closing ports in a firewall to enable audio and video RTP streams, according to SIP signalization between end-points. The architecture is based on the MIDCOM architecture specified in [RFC3303] and uses SNMP protocol for communication between SIP proxy and firewall. The implementation is based on GNU/Linux operating system and Java programming language. The middlebox functionality is based on Linux IP tables subsystem.
Izvorni jezik
Engleski
Znanstvena područja
Informacijske i komunikacijske znanosti
POVEZANOST RADA
Projekti:
0036009
Ustanove:
Fakultet elektrotehnike i računarstva, Zagreb
Profili:
Josip Gracin
(autor)
