Emergency Services Chitra S VOIP Security Fall 2008.
-
Upload
keven-chivers -
Category
Documents
-
view
217 -
download
2
Transcript of Emergency Services Chitra S VOIP Security Fall 2008.
Emergency Services
Chitra S
VOIP Security
Fall 2008
2
Contents
Problem with existing emergency model ECRIT Terminology used in emergency context Location-URI mapping and emergency call flow Emergency service identifiers – URN Location to Service Translation and LCP Typical Implementation Security Threats References Demo
3
Challenges - Problems with Existing Mechanism
PSTN System IP based System
Supports voice and text Need to support real time multimedia: video, text, voice
Organized locally or nationally
Internet crosses national boundaries
Few regionally limited telecom providers
International standards for equipment and software needed
Approximate routing often works
(same switch, call number)
Approximation does not work:
Application/voice provider has no clue about location
Internet access provider knows about location but don’t know about emergency calls
Tunneling mechanisms mask underlying topology
4
Emergency Context Resolution with Internet Technologies
Internet technologies available to – describe location– manage call routing
WG shows how to use these to enable communication in emergency context
Solutions presented independent of – jurisdiction – central authority
Multiple delegations within a jurisdiction can be handled independently
5
Terminology
PSAP
Voice Service Provider (ASP/VSP)
Mapping server
Facility where emergency calls are received under the responsibility of a public authority
ESRP
Geographic identification attached to a region
Location
Routing support entity that maps a location to a PSAP URI
911112
String of digits used to reach the emergency service (0-9,*,#)
Emergencynumber
resolving a location to one or more PSAP URIMapping
Identifies an emergency service
urn:service:sos.police
Emergency service identifier/ URN
An organization that provides IP network-layer services to its customers or users.
Service provider that provides voice related services based on IP
IAPLocation info
6
Location Mapping and Call Routing
Application/ VoiceService Provider
Emergency caller
ESRP
MappingService
PSAP
Internet AccessProvider
Location Information
LocationInformation
(1) Might be available at the end host itself
(2)Can also be obtained from ISP
(3) Consult mapping service to determine appropriate PSAP +
dial string
(4) Might use aid of emergency call routing infrastructure elements that are call routing support entities
(5) Location information is used for subsequent mapping requests
(6) Consult mapping service to determine where to route call
(7) For infrastructure based routing support entity needs to forward call to PSAP
(8) May directly interact with PSAP where UE invokes mapping and initiates connection without relying on routing support entities
7
Emergency Call Flow
IdentifyEmergency
Call
DetermineLocation
Route to Correct PSAP
Present callto calltaker
Dialing sequence for a given location is provided by mapping server.
Location is central to operation of emergency services
Routing determines the most appropriate PSAP for the location
Call taker helps dispatch of an emergency responder
8
Identify Emergency Call - URN
URN helps define global well known service URN identifies services independent of the protocol that
is used to request or deliver the service The service URN is a protocol element and is generally
not expected to be visible to humanse.g. callers still dial 911
Hierarchical, case-insensitive labels separated by periode.g. URN:service:sos.police
URNs are not routable, Translate the service URN into a routable URI
9
Location-to-Service Translation
Protocol for mapping service identifier and location information to a service URI
Resolved recursively or iteratively. Supports caching Servers are identified using U-NAPTR/DDDS
e.g. lostserver.example.comQuery message: Location Information and service URN
LoST Client
LoST Server
Query response: UniformResource Identifier (URI)
AuthoritativeLoST Server
Forward Query
Get response
10
LoST Queries
<findService>, <getServiceBoundary>, <listServices>, <listServicesByLocation>
Common Triggers are when:– client initially starts up or attaches to a network– client detects it is outside bounds of service region– SIP message arrives at a proxy performing location based
call routing– Cached mapping information has expired– Invoking a particular service
11
End System Location Configuration
Location may be specified as civic or geospatial value UA can obtain this from access network using
Location Configuration Protocols (LCP) Mandatory to implement all LCPs established in I-
D.ietf-ecrit-phonebcp Location information should be refreshed when the
cache value expires Devices should get routing location immediately after
obtaining local network configuration information Location Validation is required by some jurisdictions
12
Location Configuration Protocol
DHCPDynamic Host Configuration Protocol
Civic/geospatial
UA uses via REQUEST/ INFORM messages
HELDHTTP Enabled
Location Delivery
Civic/geospatial
Uses caller IP as identifier
Returns location value or reference
LLDPLink Layer Discovery Protocol
Civic/Geospatial
Location information directly from L2 network infrastructure
LocationServer
LocationRecipient
Query with location info
LocationDereferencing
Client
LocationConfiguration
Protocol
LocationFormats
http://www.emergency-services-coordination.info/2008Oct/slides/esw5-geopriv.ppt
13
SIPRegistrar
LIS
LoSTServers
Placing an Emergency Call
Proxy ESRP PSAP1Caller
PSAP2
PSAP3
LIS
LoSTServers
SIPRegistrar
Calltaker
LCP RequestLCP Response
SIP Register200 OK
LoST QueryLoST Response
Caller-Proxy INVITEProxy ESRP INVITEESRP-PSAP INVITE
14
PSAPGateway
i3 PSAP
GovernmentServicesFunctions
EmergencyResponder
ServiceFunction(s)
EmergencyServicesRoutingProxy
i3 PSAP
SIP/H.323clients
Wirelessclient
SelectiveRouter
LegacyPSAP
i3 PSAP
LocationDetermination
/AcquisitionFunctions
LegacyNetworks
existing interconnection
InternetIP router
IM client
LocationValidationFunction
LIS(s)
Public AccessNetworks
Emergency ServicesIP network
DatabaseServices
LocationValidation/
Routing Data
LocationValidation/
RoutingDatabase(s)
EmergencyCall RoutingFunction(s)
ESNet(DatabaseServicesFunction)
DatabaseServices
SRGateway
Firewall
Public WebServices
PrivateWeb
Services
DNS
RootDiscoveryServices
MediaServices
LegacyNetworks
E911Gateway
LegacyPSAP
https://mentor.ieee.org/802.11/file/07/11-07-0794-00-000u-nena-i3-archr-overview.ppt
A Typical Implementation – NENA Architecture
15
Security Threats
Attackers attacking system try to: Deny system services to all users in a given area Gain fraudulent use of services by using an emergency
identifier to bypass normal authentication Divert emergency calls to non-emergency sitesAttackers attacking individuals try to: Prevent individual from receiving aid Gain information from an emergency that can be applied:
– against an individual involved or – to the profit of attacker
16
Security Threats
PSAP
Voice Service Provider (ASP/VSP)
Mapping server
ESRP
Location
Prevent individuals from receiving aid
911112
To bypass normal procedures in order to achieve fraudulent use of services
Emergencynumber
Denial of Service AttackImpersonation of ServerCorruption of DatabaseMapping
urn:service:sos.police
Emergency service identifier/ URN
LIS
To reduce effectiveness of ER system for caller(s) in an area
17
Security Threats – SuggestedSolutions
Attacks involving emergency identifier
Call routing entity to verify that the destination address is that of PSAP
Flooding Attack Mapping protocol must not create new opportunities for this
Insertion of interfering message
Mapping client should verify that response received is for the query it sent out
Man-in-middle modifi-cation of message
Mapping client should be able to authenticate source of response
Impersonation of mapping server
Mapping server discovery should prevent impersonation of mapping server
Corruption of mapping database
Information in response should allow correlation with internal logs on mapping server
18
References
Requirements for emergency context resolution with internet technologies (http://www.ietf.org/rfc/rfc5012.txt)
URN for emergency and other well know services (http://www.ietf.org/rfc/rfc5031.txt)
Security threats and requirements (http://www.ietf.org/rfc/rfc5069.txt)
LoST (http://www.ietf.org/rfc/rfc5222.txt) LoST servers using DHCP (http://www.ietf.org/rfc/rfc5223.txt) Framework for emergency calling using internet multimedia
(http://www.ietf.org/rfc/rfc5223.txt)
Backup Material
20
Mental Model
User Equipment
Emergency Response Context encloses individuals seeking help
There could be multiple, overlapping contexts Physical location of the individual is critical Emergency Response Context can change in response to
the load
Caller
Call TakerLocation Response
21
Emergency call using IP
22
Emergency call using VOIP
https://mentor.ieee.org/802.11/file/07/11-07-0794-00-000u-nena-i3-archr-overview.ppt
23
URN – IANA Considerations
Services and sub-services are maintained by IANA (rfc 2434)
The top level service labels are sos and counseling Sub services for sos include ambulance, fire etcService Reference Description--------------------------------------------------------------------counseling RFC 5031 Counseling servicescounseling.children RFC 5031 Counseling for childrencounseling.mental-health RFC 5031 Mental health counseling.suicide RFC 5031 Suicide prevention hotlinesos RFC 5031 Emergency servicessos.ambulance RFC 5031 Ambulance servicesos.animal-control RFC 5031 Animal controlsos.fire RFC 5031 Fire service
24
LoST Query
Sample LoST Query
Sample LoST Response