SIP Security Research at Georgetown

Invited talk at SIPNOC, June 26, 2012 (Dulles, Virginia)

SIPconnect™ is an important step for connecting enterprises to the SIP-enabled voice-over-IP network. One advance of SIPconnect is it requires secure signaling, out of the box. However, there is no provision for secure media. Many enterprise applications for SIP require secure communications. This is more especially so for regulated industries such as financial services, health care, and any public company. As well, there are obvious needs for secure communications in the defense, intelligence, and public safety arena.

Unlike the technical issues addressed by SIPconnect 1.1, many of the barriers to interconnecting secure networks are in the policy, regulatory, and legal realms. This session will describe the issues and current research underway to address them. This area is of specific interest to service providers as most secure communications offerings are over-the-top. That leaves the service provider with only raw-IP or possibly MPLS service to offer. Solving the issues around secure network interoperability offers service providers the chance to provide true value-added services, with the revenue opportunities this can bring.