VoIP terminal security module, SIP stack with security manager, system and security methods
First Claim
1. A modular component for use in conjunction with a protocol stack of a voice over internet protocol (VoIP) terminal, comprising:
- a security manager;
a security stack interface (SSA) for interfacing between said security manager and a protocol manager of said protocol stack;
a security terminal interface (SST) for interfacing between said security manager and an application layer;
a security media interface (SSM) for interfacing between said security manager and a media controller; and
a security manager application interface (SMA) for interfacing between said security manager and a security application (PGP) outside said stack.
2 Assignments
0 Petitions
Accused Products
Abstract
A secure voice over internet protocol (VoIP) terminal includes a modular security manager for use in conjunction with a protocol stack thereof, wherein the security manager includes a plurality of interfaces to the stack. In an SIP embodiment, these may include a security stack interface (SSA) between an SIP manager of an SIP stack and the security manager, a security terminal interface (SST) between a telephony application and the security manager, a security media interface (SSM) between the security manager and a media controller, and a security manager application interface (SMA) between the security manager and a security application (PGP) outside the stack.
-
Citations
8 Claims
-
1. A modular component for use in conjunction with a protocol stack of a voice over internet protocol (VoIP) terminal, comprising:
-
a security manager;
a security stack interface (SSA) for interfacing between said security manager and a protocol manager of said protocol stack;
a security terminal interface (SST) for interfacing between said security manager and an application layer;
a security media interface (SSM) for interfacing between said security manager and a media controller; and
a security manager application interface (SMA) for interfacing between said security manager and a security application (PGP) outside said stack. - View Dependent Claims (2, 3)
-
-
4. A session initiation protocol (SIP) signaling stack for a voice over internet protocol (VoIP) terminal device, said stack having an application interface and a media interface to a telephony application and having a protocol interface to a network layer, said stack comprising:
-
an SIP manager having said application interface and a media controller having said media interface to said telephony application and said protocol interface between said network layer and both said SIP manager and said media controller; and
a security manager having a plurality of interfaces to said SIP manager, said telephony application, and to said network layer. - View Dependent Claims (5)
-
-
6. Method, comprising the steps of:
-
sending an invite signal from a session initiation protocol (SIP) stack of a sending terminal to a remote user agent (UA);
receiving an unauthorized signal (401_Unauthorized) at said SIP stack from said remote UA indicating authorization is required;
providing an indication signal (got—
401_unauthorized) from said SIP stack to a security manager module of said sending terminal indicative of receipt of said unauthorized signal;
providing an authenticate signal (send _www_authenticate) with required information and authorization header field from said security manager module to said SIP stack;
calling encryption and authorization function requests from said SIP stack to said security manager;
encrypting and authorizing said required information; and
sending an authorized invite signal from said SIP stack to said remote UA.
-
-
7. Method, comprising the steps of:
-
receiving an invite signal from a remote user agent (UA) at a session initiation protocol (SIP) stack of a receiving terminal;
providing a signal indicative of receipt of said invite signal from said SIP stack to a security manager module of said receiving terminal for checking security parameters of said invite signal;
providing an authenticate signal (send_www_authenticate) from said security manager to said SIP stack;
sending an unauthorized signal (401_unauthorized) from said SIP stack to said remote UA;
receiving an authorized invite signal from said remote UA to said SIP stack;
providing a request to authenticate said authorized invite signal to said security manager module;
checking parameters of said authorized invite signal by said security manager module; and
providing an authentication signal from said security manager module to said SIP stack indicative of said step of checking.
-
-
8. A telecommunications system, comprising:
-
a sending terminal for sending an invite signal from a session initiation protocol (SIP) stack of a sending terminal; and
a receiving terminal responsive to said invite signal for providing a signal indicative of receipt of said invite signal from said SIP stack to a security manager module of said receiving terminal for checking security parameters of said invite signal, wherein said security manager provides an authenticate signal to said SIP stack and said SIP then sends an unauthorize signal to said sending terminal in the presence of an unauthorized invite signal from said sending terminal, wherein said SIP stack of said sending terminal is responsive to said unauthorized signal from said receiving terminal indicating authorization is required, and wherein said sending terminal provides an indication signal from said SIP stack of said sending terminal to a security manager module of said sending terminal indicative of receipt of said unauthorize signal, wherein said security manager provides an authenticate signal with required information and authorization header field to said SIP stack of said sending terminal, wherein said SIP stack of said sending terminal sends an authorized invite signal to said receiving terminal, wherein said receiving terminal receives said authorized invite signal from said sending terminal at said SIP stack of said receiving terminal, wherein said SIP stack provides a request to authenticate said authorized invite signal to said security manager module of said receiving terminal, wherein said security manager checks parameters of said authorized invite signal and provides an authentication signal to said SIP stack of said receiving terminal indicative of said step of checking.
-
Specification