Signing and validating session initiation protocol routing headers
First Claim
Patent Images
1. A method of processing a Session Initiation Protocol (SIP) message, the method comprising:
- receiving a SIP request at a SIP node, the SIP request including a message header including data indicative of network routing locations;
determining a RECORD-ROUTE header of the SIP request;
editing the data at the SIP node;
generating a signature based upon at least a portion of the message header including the edited data;
generating a SIP node header entry; and
inserting the signature into the SIP node header entry;
wherein generating the signature includes generating the signature based upon at least a portion of the RECORD-ROUTE header of the SIP request; and
wherein inserting the signature includes inserting the signature into a RECORD-ROUTE header of the SIP node.
2 Assignments
0 Petitions
Accused Products
Abstract
A method, computer readable medium having computer executable instructions, and a computer readable medium having stored thereon a data structure for signing and validating Session Initiation Protocol (“SIP”) routing headers are disclosed. A SIP node may receive a SIP request including a message header. A signature based upon at least a portion of the message header and a SIP node header entry may be generated. The signature may then be inserted into the SIP node header entry.
99 Citations
12 Claims
-
1. A method of processing a Session Initiation Protocol (SIP) message, the method comprising:
-
receiving a SIP request at a SIP node, the SIP request including a message header including data indicative of network routing locations; determining a RECORD-ROUTE header of the SIP request; editing the data at the SIP node; generating a signature based upon at least a portion of the message header including the edited data; generating a SIP node header entry; and inserting the signature into the SIP node header entry; wherein generating the signature includes generating the signature based upon at least a portion of the RECORD-ROUTE header of the SIP request; and wherein inserting the signature includes inserting the signature into a RECORD-ROUTE header of the SIP node. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A method of processing a Session Initiation Protocol (SIP) message, the method comprising:
-
receiving a SIP request at a SIP node, the SIP request including a message header; generating a signature based upon at least a portion of the message header; generating a SIP node header entry, wherein the SIP node header entry is a VIA header; inserting the signature into the SIP node header entry; receiving a SIP response at the SIP node in reply to the SIP request, the SIP response comprising the VIA header for the SIP node, the VIA header including a first received signature; verifying the first received signature; determining a next link to a next SIP node to receive the SIP request; and determining if the next link to the next SIP node is an untrusted link, wherein generating the first signature includes only generating the first signature if the next link is an untrusted link.
-
-
7. A method of processing a Session Initiation Protocol (SIP) message, the method comprising:
-
receiving a SIP request at a SIP node, the SIP request including a message header; generating a signature based upon at least a portion of the message header; generating a SIP node header entry; inserting the signature into the SIP node header entry; receiving a SIP response in reply to the SIP request, the SIP response including a response header; generating another signature based upon a RECORD-ROUTE header and a CONTACT header of the response header; inserting the other signature into a RECORD-ROUTE header of the SIP node of the response; and before generating the other signature, removing an existing signature from the SIP node header entry.
-
-
8. A computer storage medium having computer executable instructions for performing steps for processing messages in a pool of servers having a first server and a second server which are constructed and arranged to be interchangeably used to process messages in the same dialog, the steps comprising:
-
identifying, at the first server, a public key and a private key; receiving, at the first server, a first message including a first header; generating a session key; encrypting the session key with the private key; generating, with the public key, a key signature based on the encrypted session key; inserting the key signature into the first header; and identifying a time stamp containing data representing a date and time of creation for the session key and appending the time stamp to the session key, wherein encrypting the session key includes encrypting the session key and the time stamp. - View Dependent Claims (9, 10, 11, 12)
-
Specification