H.323 security: Framework for security in ITU-T H-series (ITU-T H.323 and other ITU-T H.245-based) multimedia systems
|Publication Date:||1 January 2014|
The primary purpose of Recommendation ITU-T H.235.0 is to provide a security framework for authentication, privacy and integrity within the current ITU-T H-series protocol framework. The current text of this Recommendation provides details on implementation with [ITU-T H.323]. This framework is expected to operate in conjunction with other ITU-T H-series protocols that utilize [ITU-T H.245] as their control protocol and/or use the ITU-T H.225.0 RAS and/or call signalling protocol.
Additional goals in this Recommendation include:
1) Security architecture should be developed as an extensible and flexible framework for implementing a security system for ITU-T H-series terminals and other ITU-T H.323-based systems. This should be provided through flexible and independent services and the functionality that they supply. This includes the ability to negotiate and to be selective concerning the cryptographic techniques utilized and the manner in which they are used.
2) Provide security for all communications occurring as a result of ITU-T H.3xx protocol usage. This includes aspects of connection establishment, call control and media exchange between all entities. This requirement includes the use of confidential communication (privacy) and may exploit functions for peer authentication, as well as protection of the user's environment from attacks.
3) This Recommendation should not preclude integration of other security functions in ITU-T H.3xx entities which may protect them against attacks from the network.
4) This Recommendation should not limit the ability for any ITU-T H.3xx-series Recommendation to scale as appropriate. This may include both the number of secured users and the levels of security provided.
5) Where appropriate, all mechanisms and facilities should be provided independent of any underlying transport or topologies. Other means that are outside the scope of this Recommendation may be required to counter such threats.
6) Provisions are made for operation in a mixed environment (secured and unsecured entities).
7) This Recommendation should provide facilities for distributing session keys associated with the cryptography utilized. (This does not imply that public-key-based certificate management must be part of this Recommendation.)
8) This Recommendation provides two security profiles that facilitate interoperability. [ITU-T H.235.1] describes a simple, yet secure password-based security profile while [ITU-T H.235.2] is a signature security profile deploying digital signatures, certificates and a public-key infrastructure that overcomes the limitations of [ITU-T H.235.1].
The security architecture described in this Recommendation, does not assume that the participants are familiar with each other. It does, however, assume that appropriate precautions have been taken to physically secure the ITU-T H-series end points. The principal security threat to communications therefore is assumed to be eavesdropping on the network, or some other method of diverting media streams.
[ITU-T H.323] provides the means to conduct an audio, video and data conference between two or more parties, but does not provide the mechanism to allow each participant to authenticate the identity of the other participants, nor provide the means to make the communications private (i.e., encrypt the streams).
[ITU-T H.323], [ITU-T H.324] and [ITU-T H.310] make use of the logical channel signalling procedures of [ITU-T H.245], in which the content of each logical channel is described when the channel is opened. Procedures are provided for expression of receiver and transmitter capabilities, transmissions are limited to what receivers can decode and receivers may request a particular desired mode from transmitters. The security capabilities of each end point are communicated in the same manner as any other communication capability.
Some ITU-T H-series [ITU-T H.323] terminals may be used in multipoint configurations. The security mechanism described in this Recommendation will allow for secure operation in these environments, including both centralized and decentralized MCU operation.