Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Introduction to SIP
Original Slides by Alan Johnston and Henry Sinnreich, MCI (at VON03)
Contents
SIP Overview
SIP in detail
SIP Call Flow Scenarios
SIP Security
SIP Programming
Some Related Works
2
SIP Overview
100
90
80
70
60 electromech
50 analog
40 digital
30
20
10
0
1980 1985 1987 1990 1995 2000 2001
4
Session Initiation Protocol Overview
Application Layer Signaling Protocol
Used to establish, modify, and terminate
multimedia sessions
Part of Internet Multimedia Architecture
Can use UDP, TCP, TLS, SCTP, etc.
Based on HTTP (Web)
Similar text-based structure
Uses URIs (Uniform Resource Indicators)
Applications include (but not limited to):
Voice, video, gaming, instant messaging,
presence, call control, etc.
5
Security & Privacy
SIP Authentication
Challenge/Response based on shared secret - SIP Digest
Mechanism also used by HTTP
Used for client devices
Encryption using private/public keys
Used between servers
Privacy and security
SIP signaling can be encrypted
S/MIME (Secure/Multipurpose Internet Mail Extensions)
Defined in RFC 2633
SIP can be transported over
IPSec
Defined in RFC 2401
TLS (Transport Layer Security)
Defined in RFC 2246
6
Internet Multimedia Protocols
RTSP
7
A Short History of SIP
Internet Engineering Task Force (IETF) protocol
Inventors: M. Handley, H. Schulzrinne, E. Schooler,
and J. Rosenberg
Became Proposed Standard and RFC 2543 in March
1999 in MMUSIC WG.
Separate SIP WG established in September 1999.
Now new SIPPING (applications) and SIMPLE
(presence and instant messaging) WGs using SIP.
RFC2543bis-09 I-D became RFC 3261 in June 2002
Added four new authors: G. Camarillo, A. Johnston, J.
Peterson, and R. Sparks.
Entire spec rewritten for clarity, but some new features
Mostly backwards compatible with RFC 2543
8
SIP Requests and Responses
9
Related Protocols: SDP
SIP carries (encapsulates) SDP messages
SDP specifies codecs and media termination
points
Only one of many possible MIME attachments
carried by SIP
SDP Session Description Protocol
Used to describe media session.
Carried as a message body in SIP messages.
Is a text-based protocol
Uses RTP/AVP Profiles for common media types
Defined by RFC 2327
E.g. RFC 3551 RTP Profile for Audio and Video Conferences
with Minimal Control
10
Related Protocol: RTP
11
SIP Uniform Resource Indicators (URIs)
Same form as email addresses: user@domain
Two URI schemes:
sip:henry@siptest.mci.com is a SIP URI
Most common form introduced in RFC 2543
sips:henry@siptest.mci.com is a Secure SIP URI
New scheme introduced in RFC 3261
Requires TLS over TCP as transport for security
DNS
SIP
Outbound Inbound
Proxy Server Proxy Server
SIP
SIP
SIP
Media (RTP)
13
SIP Elements User Agents
DNS Server Location
Capable of sending
Server and receiving SIP
requests.
DNS UAC User Agent Client
UAS User Agent Server
End Devices
SIP
Outbound Inbound SIP phone
Proxy Server Proxy Server
PC/laptop with
SIP Client
SIP
PDA
SIP
mobile phone
SIP PSTN Gateways
Media (RTP) are a type of User
Agent
User Agent A
User Agent B
14
SIP Elements Proxy Servers
DNS Server Location
Server Forward or proxy
requests on behalf of
DNS User Agents
Consult databases:
SIP DNS
Outbound Inbound
Proxy Server Proxy Server Location Server
Types:
SIP Stateless
Transaction Stateful
SIP
Call Stateful
SIP
No media capabilities
Media (RTP)
Ignore SDP.
User Agent A User Agent B Normally bypassed once
dialog established, but
can Record-Route to
stay in path.
15
SIP Elements Other Servers
DNS Server Location
Server
Location Server
DNS
Database of locations of
SIP User Agents
SIP Queried by Proxies in
Outbound Inbound
Proxy Server Proxy Server routing
Updated by User Agents
SIP by Registration
SIP
17
SIP Registrar, 1
SIP server that can receive and process REGISTER requests
A user has an account created which allows them to REGISTER
contacts with a particular server
The account specifies a SIP Address of Record (AOR)
18
SIP Registrar, 2
SIP Registrars store the location of SIP
endpoints
Each SIP endpoint Registers
with a Registrar using its Address of Record and Contact
address
Address of Record for John Smith in From: header
From: John Smith <sip:jsmith@zultys.com
Contact: header tells Registrar where to send messages
Contact: John Smith <sip:jsmith@192.168.1.100>
SIP Proxies
query SIP Registrars for routing information
Incoming calls addressed to sip:jsmith@zultys.com
now routed by the Proxy to the Contact: header URL
sip:jsmith@192.168.1.100
19
Proxy Server
20
SIP Proxy Server
SIP Server which acts on behalf of User Agents
Receives a SIP request
Adds some headers
Modifies some of the headers
Forwards request to next hop server or client
21
Stateless vs. Stateful Proxy
Stateless Proxy
Forwards every request downstream and response upstream
Keeps no state (does not have any notion of a transaction)
Never performs message retransmissions
Stateless proxies scale very well
can be very fast
good for network cores
Stateful Proxy
Maintains state information for the duration of either the:
Transaction (request)
Transaction Stateful
Dialogue (from INVITE to BYE)
Dialogue Stateful
Performs message retransmission
22
SIP Redirect Server
Receives a request and returns a redirection response
(3xx)
Contact header in response indicates where request
should be retried
Similar to database query
All Server types are logical NOT Physical
23
Locating SIP Servers
Manual provisioning
DHCP SIP Option 120
RFC 3361
Multicast (deprecated)
DNS SRV method
Get local domain name automatically from DHCP server
Perform SRV record query through DNS on that domain for
_sip._udp.<domain name>
Send SIP REGISTER message to resolved server
phone is up and running without user intervention
24
SIP in detail
26
SIP Request Methods, 2
REGISTER
Register contact with Registrar
INVITE/ACK/BYE/CANCEL/UPDATE
Creates, negotiates and tears down a call (dialogue)
MESSAGE
Creates an Instant Messaging session
SUBSCRIBE
Subscribe to a service (like message waiting indication)
NOTIFY
Notify a change in service state (new Voicemail)
27
SIP Methods - INVITE, 1
INVITE requests the establishment of a
session
Carried in Message Body (SDP)
Type of session
IP Address
Port
Codec
28
SIP Methods - INVITE, 2
An INVITE during an existing session
(dialogue) is called a re-INVITE
re-INVITEs can be used to
Place calls on or remove calls from hold
Change session parameters and codecs
The SIP UPDATE method is the proposed
replacement for this technique
29
SIP Methods - ACK
30
SIP Methods - OPTIONS
31
SIP Methods BYE and CANCEL
BYE terminates an established session
User Agents stop sending media packets (RTP)
CANCEL terminates a pending session.
INVITE sent but no final response (non-1xx) yet
received.
User Agents and Proxies stop processing INVITE
Can be sent by a proxy or User Agent
Useful for forking proxy
Parallel search using multiple registration Contacts.
First successful wins, rest are cancelled.
32
SIP Methods - REGISTER
Registration allows a User Agent to upload
current location and URLs to a Registrar
Registrar can upload into Location Service
Incoming requests can then be proxied or
redirected to that location
Built in SIP support of mobility
UAs do not need static IP addresses
Obtain IP address via DHCP, REGISTER indicating
new IP Address as contact
33
SIP Request URI
The Request-URI indicates the destination address of the
request
Proxies and other servers route requests based on
Request-URI.
The Request-URI is modified by proxies as the address is
resolved. Request-URI
34
SIP From and To Tags
Tags are pseudo-random numbers inserted in
To or From headers to uniquely identify a call
leg
INVITE request From header contains a tag
Any User Agent or Server generating a
response adds a tag to the To header in the
response
To: sip:john@company.com;tag=123456
35
SIP Method - INFO
Used to transport mid-call signaling
information
Only one pending INFO at a time
Typical use - PSTN signaling message carried
as MIME attachment
E.g. ISDN User-to-User information
Defined in RFC 2976
36
SIP Method - REFER
Indicates that recipient (identified by the
Request-URI) should contact a third party using
the contact information provided in the request
Typical Use: Call Transfer features
Allowed outside an established dialogue
37
SIP Method - PRACK
Provisional Response ACKnowlegement
Used to acknowledge receipt of provisional
response
183 Session Progress
Does not apply to 100 Trying responses
Only provisional responses 101-199 may be sent
reliably and acknowledged with PRACK
If no PRACK sent, response retransmitted
Defined in RFC 3262
38
SIP Methods SUBSCRIBE and NOTIFY
39
SIP Method - MESSAGE
40
SIP Responses
SIP Requests generate Responses with codes
borrowed from HTTP
Classes:
1xx Informational
2xx Final
3xx Redirection
4xx Client Error
5xx Server Error
6xx Global Failure
Response example 404 Not Found
41
SIP Responses: 1xx-3xx
42
SIP Responses: 4xx
SIP Response Code Brief Description
400 Bad Request Request not understood due to malformed syntax
401 Unauthorized Request requires user authentication
402 Payment Required Reserved for future use
403 Forbidden UAS understood request and refuses to fulfill it
404 Not Found UAS finds that user doesn't exist in the domain
405 Method Not Allowed Method is understood but not allowed
406 Not Acceptable Response content not allowed by Accept header
407 Proxy Authentication Required Client must first authenticate itself with proxy
408 Request Timeout UAS could not produce response in time
410 Gone UAS resource unavailable; no forwarding addr.
413 Request Entity Too Large Request contains body longer than UAS accepts
414 Request-URI Too Long Req-URI longer than server is willing to interpret
415 Unsupported Media Type Format of the body not supported by UAS
416 Unsupported URI Scheme Scheme of URI unknown to server
420 Bad Extension UAS not understand protocol extension
421 Extension Required UAS needs particular extension process request
423 Registration Too Brief Contact header field expiration time too small
480 Temporarily Unavailable UAS contacted successfully but user unavailable
481 Call/Transaction Does Not Exist UAS Rx request not matching any existing dialog
482 Loop Detected UAS has detected a loop
483 Too Many Hops UAS received request containing Max-Forwards=0
484 Address Incomplete UAS Rx request with incomplete Request-URI
485 Ambiguous The Request-URI was ambiguous
486 Busy Here UAS contacted successfully but user busy
487 Request Terminated Request terminated by a BYE or CANCEL request
488 Not Acceptable Here Same as 606 but only applies to addressed entity
491 Request Pending UAS Rx req. & have pending req. for same dialog
493 Undecipherable UAS Rx request with encrypted MIME body & not have decryption key
43
SIP Responses: 5xx-6xx
44
SIP Message Details
INVITE sip:wh@200.201.202.203 SIP/2.0
Via: SIP/2.0/UDP proxy.munich.de:5060;branch=z9hG4bK8542.1
Via: SIP/2.0/UDP 100.101.102.103:5060;branch=z9hG4bK45a35h76
Max-Forwards: 69
To: Heisenberg <sip:w.heisenberg@munich.de>
From: E. Schroedinger <sip:schroed5244@aol.com>;tag=312345
Call-ID: 105637921@100.101.102.103
CSeq: 1 INVITE
Contact: sip:schroed5244@100.101.102.103
Content-Type: application/sdp
Content-Length: 159
46
SIP Message Details
INVITE sip:w.h@200.201.202.203 SIP/2.0
Via: SIP/2.0/UDP proxy.munich.de:5060;branch=z9hG4bK8542.1
Via: SIP/2.0/UDP 100.101.102.103:5060;branch=z9hG4bK45a35h76
Max-Forwards: 69
To: Heisenberg <sip:w.heisenberg@munich.de>
From: E. Schroedinger <sip:schroed5244@aol.com>;tag=312345
Call-ID: 105637921@100.101.102.103
CSeq: 1 INVITE
Contact: sip:schroed5244@100.101.102.103
Content-Type: application/sdp
Content-Length: 159
48
SIP Message Details
INVITE sip:w.h@200.201.202.203 SIP/2.0
Via: SIP/2.0/UDP proxy.munich.de:5060;branch=z9hG4bK8542.1
Via: SIP/2.0/UDP 100.101.102.103:5060;branch=z9hG4bK45a35h76
Max-Forwards: 69
To: Heisenberg <sip:w.heisenberg@munich.de>
From: E. Schroedinger <sip:schroed5244@aol.com>;tag=312345
Call-ID: 105637921@100.101.102.103
CSeq: 1 INVITE
Contact: sip:schroed5244@100.101.102.103
Content-Type: application/sdp
Content-Length: 159
50
SIP Message Details
INVITE sip:w.h@200.201.202.203 SIP/2.0
Via: SIP/2.0/UDP proxy.munich.de:5060;branch=z9hG4bK8542.1
Via: SIP/2.0/UDP 100.101.102.103:5060;branch=z9hG4bK45a35h76
Max-Forwards: 69
To: Heisenberg <sip:w.heisenberg@munich.de>
From: E. Schroedinger <sip:schroed5244@aol.com>;tag=312345
Call-ID: 105637921@100.101.102.103
CSeq: 1 INVITE
Contact: sip:schroed5244@100.101.102.103
Content-Type: application/sdp
Content-Length: 159
51
SIP Message Details
INVITE sip:w.h@200.201.202.203 SIP/2.0
Via: SIP/2.0/UDP proxy.munich.de:5060;branch=z9hG4bK8542.1
Via: SIP/2.0/UDP 100.101.102.103:5060;branch=z9hG4bK45a35h76
Max-Forwards: 69
To: Heisenberg <sip:w.heisenberg@munich.de>
From: E. Schroedinger <sip:schroed5244@aol.com>;tag=312345
Call-ID: 105637921@100.101.102.103
CSeq: 1 INVITE
Contact: sip:schroed5244@100.101.102.103
Content-Type: application/sdp
Content-Length: 159
53
SIP Response Details
SIP/2.0 200 OK
Via: SIP/2.0/UDP proxy.munich.de:5060;branch=z9hG4bK8542.1
Via: SIP/2.0/UDP 100.101.102.103:5060;branch=z9hG4bK45a35h76
To: Heisenberg <sip:w.heisenberg@munich.de>;tag=24019385
From: E. Schroedinger <sip:schroed5244@aol.com>;tag=312345
Call-ID: 105637921@100.101.102.103
CSeq: 1 INVITE
Contact: sip:wh@200.201.202.203
Content-Type: application/sdp
Content-Length: 173
v=0
o=Heisenberg 2452772446 2452772446 IN IP4 200.201.202.203
s=SIP Call
c=IN IP4 200.201.202.203
t=0 0
m=audio 56321 RTP/AVP 0
a=rtpmap:0 PCMU/8000
Via, To, From, Call-ID, & CSeq are all copied from request.
To now has a tag inserted by UAS
Contact and Message Body contain UAS information.
54
SIP Call Flow Scenarios
As followings
SIP Call Flow Scenarios
Call Attempt - Unsuccessful
Presence Subscription
Registration
Presence Notification
Instant Message Exchange
Call Setup Successful
Call Hold
Call Transfer
56
SIP Call Setup Attempt Scenario
DNS Server Location
Server
57
SIP Call Setup Attempt Scenario
DNS Server Location
Server
1. INVITE
4. DNS responds with
Contact: A 2. 100 Trying IP address of
SDP A
mci.com Proxy
Server
58
SIP Call Setup Attempt Scenario
DNS Server Location
Server
59
SIP Call Setup Attempt Scenario
DNS Server Location
Server
60
SIP Call Setup Attempt Scenario
DNS Server Location
Server
61
SIP Call Setup Attempt Scenario
DNS Server Location
Server
62
SIP Presence Example
DNS Server
Presence
Server
3. SUBSCRIBE
1. A wants to be informed
when B signs on, so
Outbound
2. SUBSCRIBE Inbound sends a SUBSCRIBE
Proxy Server Proxy Server
2. Outbound Proxy
forwards to Inbound
1. SUBSCRIBE
Proxy
3. Inbound Proxy forwards
to Bs Presence Server
63
SIP Presence Example
DNS Server
Presence
Server
3. SUBSCRIBE 4. 200 OK
4. Presence Server
Outbound
2. SUBSCRIBE Inbound authorizes subscription
Proxy Server
Proxy Server 5. 200 OK by sending a 200 OK.
5. & 6. 200 OK proxied
1. SUBSCRIBE 6. 200 OK
back to A.
64
SIP Presence Example
DNS Server
Presence
Server
65
SIP Registration Example
DNS Server
Location
Server
2. Update database:
B = B@2.3.4.5
1. B signs on to his SIP
Phone which sends a
Outbound Outbound REGISTER message
Proxy Server
Proxy Server containing the FQDN
URI of Bs User Agent.
2. Database update is sent
1. REGISTER
Contact: B@2.3.4.5 to the Location Server
66
SIP Registration Example
DNS Server
Location
Server
2. Update database:
B = B@2.3.4.5 3. OK
3. Location Server
database update is
confirmed.
Outbound Outbound
Proxy Server Proxy Server 4. Registration is confirmed
with a 200 OK
response.
1. REGISTER 4. 200 OK
Contact: B@2.3.4.5 Contact: B@2.3.4.5
67
SIP Presence Example
DNS Server
Presence
Server
68
SIP Instant Message Scenario
DNS Server
1. A sends an Instant
Location
Server Message to B saying
Can you talk now?
3. LS Query: B? 4. Response: in a MESSAGE
sip:B@2.3.4.5
request.
2. MESSAGE
<Can you
2., 3. & 4. MESSAGE
Outbound
talk now?> Inbound request is proxied,
Proxy Server
Proxy Server Location Server
7. 200 OK
queried.
1. MESSAGE
<Can you 5. MESSAGE 5. Inbound Proxy
talk now?> 8. 200 OK <Can you 6. 200 OK forwards MESSAGE to
talk now?>
B.
6. User Agent B responds
with 200 OK.
7. & 8. 200 OK is proxied
User Agent A User Agent B
back to A.
69
SIP Instant Message Scenario
Location
1. B sends an Instant
DNS Server
Server Message to A saying
Sure. in a
5. LS Query: A? 6. Response: 2. DNS Query:
sip:A@4.5.3.2 globalipcom.com?
3. Response: 5.6.7.8 MESSAGE sent to As
AOR URI.
4. MESSAGE
2. & 3. DNS Server is
Inbound
<Sure.> Outbound queried.
Proxy Server Proxy Server
4. Outbound Proxy
9. 200 OK
forwards MESSAGE to
7. MESSAGE
<Sure.> 8. 200 OK Inbound Server.
1. MESSAGE
<Sure.>
10. 200 OK 5. & 6. Location Server is
queried.
7. Inbound Proxy
forwards to A.
User Agent A User Agent B
8. User Agent A responds
with 200 OK.
9. & 10. 200 OK is proxied
back to B.
70
SIP Call Setup Attempt Scenario
DNS Server Location
Server
1. to 5. A retries
5. LS Query: B 6. Response:
sip:B@2.3.4.5
INVITE to B which
routes through two
3. INVITE
Contact: A Proxy Servers.
SDP A Inbound
Outbound
Proxy Server 6. Location Server
Proxy Server
4. 100 Trying
responds with the
1. INVITE
FQDN SIP URI of Bs
Contact: A 2. 100 Trying 7. INVITE SIP Phone.
SDP A
Contact: A
SDP A 7. Inbound Proxy Server
forwards INVITE to
Bs SIP Phone.
71
SIP Call Setup Scenario
DNS Server Location
Server
72
SIP Call Setup Scenario
DNS Server Location
Server
73
SIP Call Setup Scenario
DNS Server Location
Server
Media (RTP)
74
SIP Call Hold (re-INVITE)
DNS Server Location
Server
15. B places A on hold
by sending a re-
INVITE.
16. A accepts with a
Outbound Inbound 200 OK.
Proxy Server
Proxy Server
17. B sends ACK to A.
No media between A
15. INVITE
SDP a=sendonly and B.
16. 200 OK
SDP A
17. ACK
User Agent A User Agent B
75
SIP Call Transfer Scenario
DNS Server Location
Server
18. B transfers A to C
Outbound Inbound
Proxy Server
using REFER.
Proxy Server
19. Transfer is accepted
by A with 202
Accepted response.
20. Notification of
18 REFER Refer-To: sip:C@mci.com
trying transfer is
19. 202 Accepted
sent to B in NOTIFY.
20. NOTIFY <100 Trying>
User Agent A
21. B sends 200 OK
21. 200 OK User Agent B
response to NOTIFY
76
SIP Call Transfer Scenario
DNS Server Location
Server
1. to 5. A sends new
5. LS Query: C? 6. Response: INVITE to C which
sip:C@6.7.8.9
3. INVITE routes through two
Contact: A
Ref-By: B Proxy Servers.
SDP A Inbound
Outbound
Proxy Server Proxy Server 6. Location Server
4. 100 Trying responds with the
1. INVITE
7. INVITE FQDN SIP URI of Cs
Contact: A
Contact: A 2. 100 Trying Ref-By: B SIP Phone.
Ref-By: B SDP A
SDP A 7. Inbound Proxy Server
User Agent C forwards INVITE to
Cs SIP Phone.
77
SIP Call Transfer Scenario
DNS Server Location
Server
8. User Agent C alerts C
and sends 180
Ringing response.
9. & 10. 180 Ringing
9. 180 Ringing
Inbound
is proxied back to A.
Outbound
Proxy Server Proxy Server
11. C accepts call and
12. 200 OK
Contact: C 11. 200 OK sends 200 OK
SDP C Contact: C
10. 180 Ringing
13. 200 OK SDP C response.
Contact: C 8. 180 Ringing
SDP C 12. & 13. 200 OK is
14. ACK
proxied back to A.
User Agent C
Media (RTP) 14. ACK is sent by A to
confirm setup call.
User Agent A
User Agent B
Media session between
A and C begins.
78
SIP Call Transfer Scenario
DNS Server Location
Server
20. Notification of
successful transfer is
sent to B in NOTIFY.
Outbound Inbound 21. B sends 200 OK
Proxy Server
Proxy Server
response to NOTIFY
22. B hangs up by
sending a BYE.
23. 200 OK response to
20. NOTIFY <200 OK> BYE is sent.
21. 200 OK
22. BYE
User Agent A User Agent B
23. 200 OK
79
SIP Security
Authorization
SIP uses standard HTTP Digest Authentication with minor revisions
Simple Challenge/Response scheme
REGISTER ->
<- 407 Challenge + nonce
REGISTER + MD-5 hash (pw + nonce) ->
<- 200 OK
Password is never sent in the clear, just the MD-5 hash generated
with the password and nonce
Defeats Man-in-the-middle attacks since source address cant be
spoofed or second REGISTER will never arrive
Required by many Internet Telephony Service Providers
(ITSPs)
Service Provider supplies Username and password
SIP leverages Digest Authentication features to do this
81
TLS and sips:
82
S/MIME
Provides end-to-end security of message body and/or headers.
Certificate identified by end user address
Public key can be transported in SIP
Entire message can be protected by tunneling the message in
an S/MIME body
Header Fields
Header Fields
Body
Signature
83
Attacks
IPhreakers
IP knowledge
Known weaknesses
Evolution 2600Hz -> voicemail/intl GWs -> IP telephony
Internal or external threat ?
Targets: home user, enterprise, government, etc ?
Protocol implementations
PROTOS
84
Attacks : denial of service
Denial of service
Network
Protocol (SIP INVITE)
Systems / Applications
Phone
Availability (BC/DR)
Requires: power
Alternatives (Business Continuity/Disaster Recovery) ?
E911 (laws and technical aspect)
GSM
PSTN-to-GSM
85
Attacks : fraud
Call-ID spoofing
Effects
Access to voicemail
Value added numbers
Social engineering
Replay
86
Attacks: interception
Interception
Who talks with who (Network sniffing, Servers (SIP, CDR, etc)
LAN
Physical access to the LAN
ARP attacks
Unauthenticated devices (phones and servers)
Different layers (MAC address, user, physical port, etc)
Where to intercept ?
Where is the user located ?
Networks crossed ?
Lawful Intercept
CALEA
ETSI standard
Architecture and risks
87
Attacks : systems
Systems
Mostly none is hardened by default
Worms, exploits, Trojan horses
Attacks : phone
(S)IP phone
Startup
DHCP, TFTP, etc.
Physical access
Hidden configuration tabs
TCP/IP stacks
Firmware/configuration
Trojan horse/rootkit
88
Defense
Signaling: SIP
Secure SIP vs SS7 (physical security)
Transport: Secure RTP (with MiKEY)
Network: QoS [LLQ] (and rate-limit)
Firewall: application level filtering
Phone: signed firmware
Identification: TLS
Clients by the server
Servers by the client
3P: project, security processes and policies
89
SIP Programming
SIP based Application Interfaces
These include :
JAIN SIP
Low level and very complex API
CNRSIP API is one of available reference implementations.
SIP Servlets
proposed within JAIN
SIP API for J2ME
intermediate level API (minimal SIP knowledge required)
SIP CGI
CPL ( Call Processing Language)
XML based
91
HTTP Servlets
HTTP Java Servlets Widely Used in Web
HTTP Servlets
Application Development War File
92
SIP Servlet API
Java extension API for SIP servers
Similar in spirit to HTTP servlet API
Server matches incoming messages against local rules in order to
decide which servlet to pass message to
The API gives full control to servlets to handle SIP messages, e.g.
has full access to headers and body
proxy or redirect requests
respond to or reject requests
forward responses upstream
initiate requests
Servers may choose to provide constrained environment to
selected servlets (e.g. using sandbox security model)
93
Basic SIP Servlet Model
servlet servlet
Servlet Engine
requests requests
SIP Server
responses responses
RTP
servlet
UAC UAS
Server
SIP SIP
95
Example: Servlet as UAS
RTP
servlet
UAC
Server
SIP
96
Benefits of Servlet Model
Powerful:
Full access to SIP signaling
Performance:
No need to fork new process for each request
The same servlet can handle many requests simultaneously
Safety: type checked; no pointers; exception handling
Convenience:
high level abstractions.
Tight integration with server: logging, security, location database
Lifecycle model allows servlets to
maintain state, e.g. database connections
manage timers
Access to wide range of APIs
97
An Example: RejectServlet
import org.ietf.sip.*;
98
Relationship to JAIN SIP
JAIN SIP is a generic, low-level
interface for accessing SIP
Servlet
Servlet
services
Can be used in
Clients SIP Servlet API
Servers
Gateways
SIP Servlet
Focuses purely on the protocol
Container
JAIN SIP
Complete access to SIP
capabilities
SIP Protocol
Supports transactions only
SIP Servlet Container is a
particular application of JAIN
SIP
99
Relationship to JAIN SIP
Servlets focus on high Hide many parts of JAIN SIP
volume carrier grade servers Direct access to many
Add significant, non-SIP headers is not provided
protocol functions Write access to most
Lifecycle management everything is often
Domain objects restricted
Context and configuration Servlets should be defined to
Deployment descriptors allow a SIP container to be
Archive files built using JAIN SIP
Synchronization primitives SIP Objects in Servlet API
Security defined with interfaces that
Add significant SIP protocol match JAIN SIP signatures
functions Cannot directly expose JAIN
Construction of requests SIP objects, though
and responses from domain
objects
100
SIP CGI
101
Call Processing Language (CPL)
102
CPL Example
103
Some Related Works
Parlay
IMS
IPv6
Why Parlay is Important to Galaxy
Open standard
Range of services
Many levels of sophistication and complexity
Secure framework for discovery of and access to
services by third party applications
Registration of non-Parlay service APIs
Independent of specific network and software
environment
105
Why Unified Communications?
Calls Messages
Private Job Job Private
Fixed Fax
E-mail
Mobile
SMS
VoIP
V-mail
MPEG
IM
106
Architecture I:
Parlay as a Unifying Technology
Application
Parlay
INAP
ISUP
MAP
SIP
107
Architecture II:
SIP as a Unifying Technology
Application
Servlet/CGI/CPL Script
SIP
Other Networks
Gateway to
IP network
108
Key Questions
Which of these two models is correct, or are there
opportunities for both approaches to co-exist?
How well can a generic network API sit on top of
SIP? For example, would it severely limit a developer,
and what advantages would it offer?
Which aspects of network functionality will actually
be useful in practice to developers?
109
Parlay within Galaxy
BT C++ BT VB PSTN
3rd Party Apps Apps Platform
Applications CORBA DCOM
Appium
Unified Parlay Gateway
Comms
Application
SIP clients
110
Feasibility: A proof of concept prototype ...
Game server
Parlay
Game events
XML over JXTA MRFC MRFP
SIP RTP
Player 1
Player 2 Player 3
111
Some Challenges for Parlay
Which technologies should Parlay support?
How can interoperability testing be encouraged?
How can Parlay get feedback from developers?
Sizeable specifications with complex interfaces and data types
give long learning curve for developers?
Although specifications are maturing, still few Parlay products
commercially available. Why?
How does Parlay keep pace with new protocols?
112
Parlay on a SIP Network ?
Parlay adds security to SIP
Parlay provides many features not available in SIP APIs
Parlay provides a network independent model
BUT...
SIP APIs can make some simpler solutions for some applications
envisaged by Parlay group
Parlay could support SIP better
SO...
SIP will have a significant impact on the future of Parlay
SIP and Parlay can already work well together and are a
powerful combination
113
Global SIP/IMS deployment needs IPv6
Introduction of SIP-based peer-to-peer services is an important
step after current client-server based services.
IP Multimedia Subsystem (IMS) is a service infrastructure based
on the use of Session Initiation Protocol (SIP).
3GPP Release 5 and 6 specifications
3GPP2 specifications
In order to make peer-to-peer services work between different
operators' networks, IPv6 is needed - peer-to-peer services work
well only with public IP addresses.
Small scale IMS deployment / piloting can be started with IPv4.
IPv6 is vital for wider scale, global IMS deployment.
114
Example of peer-to-peer IP connectivity
UMS CSCF Thomas
challenges
you to a
game of
checkers!
Peter: 00:00:00
Accept
Thomas:Decline
00:00:00
SIP IPv6
Game data
IP Connection
Thomas
Peter
Peter accepted Invite
the challenge! player
Chat
Push to
Stream
Quit
115
Example of peer-to-peer IP connectivity
UMS CSCF > Peter: I am
going to win
this time!
>Thomas:
Yeah right, in
your dreams!
Peter: 00:00:00
Thomas: 00:00:00
SIP IPv6
Game data
Chat IP Connection
Thomas
Peter
Peter: 00:00:00 Invite
Thomas: 00:00:00 player
116
Example of peer-to-peer IP connectivity
UMS CSCF
Peter chooses to
add a streaming
component to share
what he is seeing
SIP IPv6
Game data
Streami IP Connection
Thomas ng video Peter
Streaming video from
Peter: Peter:
00:00:00 Invite
Thomas: 00:00:00 player
Quit
117
Future mobile services = serverless media
UMS CSCF
Peter: 00:00:00
Thomas: 00:00:00
SIP IPv6
Game data
Chat IP Connection
Thomas
Peter
118
Standardized technology enablers for
new mobile services are here today
IPv6 Color
SIP
displays XHTML and
MMS
TCP/IP
Imaging
GPRS
Multimode
and camera
integration EDGE
WCDMA
CDMA2000
Video Bluetooth
WLAN
Multimedia
Streaming Positioning
Symbian MIDI
Java Presence
DRM
119
Technology and Application Trends
multimedia Gaming
Sharing
Etc.
120
Multi-access IMS
S-CSCF
IMS
P-CSCF (IPv6)
3GPP GGSN
access P-CSCF
nw P-CSCF
PDSN 3GPP2
access
WLAN nw
access nw
Common IP
version (=IPv6)
makes the multi- SIP
access case
much easier SIP Signaling for building up the session
User IP data
121
References
122