UNLIMITED FREE
ACCESS TO THE WORLD'S BEST IDEAS

SUBMIT
Already a GlobalSpec user? Log in.

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

Customize Your GlobalSpec Experience

Select Your Free Newsletters

Industry Newsletters

Select Your Free Product Alerts

Finish!
Privacy Policy

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

ATIS 1000074

Joint ATIS/SIP Forum STandard - Signature-based Handling of Asserted information using toKENs (SHAKEN)

active, Most Current
Buy Now
Organization: ATIS
Publication Date: 1 January 2017
Status: active
Page Count: 16
scope:

This document is intended to provide telephone service providers with a framework and guidance on how to utilize Secure Telephone Identity (STI) technologies toward the validation of legitimate calls and the mitigation of illegitimate spoofing of telephone identities on IP-based service provider voice networks (also to be referred to as Voice over Internet Protocol [VoIP] networks). The primary focus of this document is on the format of STI claims, the mapping of these claims to SIP (RFC 3261), and the authentication and verification functions.

Purpose

Using the protocols defined in draft-ietf-stir-rfc4474bis and draft-ietf-stir-passport, this document defines the Signature-based Handling of Asserted information using toKENs (SHAKEN) framework. This framework is targeted at telephone service providers delivering phone calls over VoIP, and addresses the implementation and usage of the IETF STIR Working Group protocols and the architecture and use of STI-related X.509-based certificates (RFC 5280). It also discusses the general architecture of service provider authentication and verification services. Finally, it provides high level guidance on the use of positive or negative verification of the signature to mitigate illegitimate telephone identity in general.

Illegitimate Caller ID spoofing is a growing concern for North American telephone service providers and their customers. There are many Caller ID spoofing mechanisms, and illegitimate spoofing can evolve to evade mitigation techniques. Service provider solutions must therefore be flexible to respond to evolving threats in much the same way as cybersecurity solutions. In addition, the integration of new technologies into established VoIP networks imposes many interoperability and interworking challenges. As a result, this document is a baseline document on the implementation of the protocol-related requirements for STI. The objective is to provide a baseline that can evolve over time, incorporating more comprehensive functionality and a broader scope in a backward compatible and forward looking manner.

Document History

1000074
August 1, 2022
Signature-based Handling of Asserted information using toKENs (SHAKEN)
This document is intended to provide telephone service providers with a framework and guidance on how to utilize Secure Telephone Identity (STI) technologies for the validation of legitimate calls...
1000074
July 1, 2021
Signature-based handling of Asserted information using toKENs (SHAKEN)
This document is intended to provide telephone service providers with a framework and guidance on how to utilize Secure Telephone Identity (STI) technologies toward the validation of legitimate calls...
ATIS 1000074
January 1, 2017
Joint ATIS/SIP Forum STandard - Signature-based Handling of Asserted information using toKENs (SHAKEN)
This document is intended to provide telephone service providers with a framework and guidance on how to utilize Secure Telephone Identity (STI) technologies toward the validation of legitimate calls...

References

This document references:
RFC 3261 - SIP: Session Initiation Protocol
Published by IETF on June 1, 2002
A description is not available for this item.
This document references:
IETF RFC 3326 - The Reason Header Field for the Session Initiation Protocol (SIP)
Published by IETF on December 1, 2002
For creating services, it is often useful to know why a Session Initiation Protocol (SIP) request was issued. This document defines a header field, Reason, that provides this information. The Reason...
This document is referenced by:
ATIS 0300116 - Interoperability Standards between Next Generation Networks (NGN) for Signature-Based Handling of Asserted information Using Tokens (SHAKEN)
Published by ATIS on December 1, 2016
This document is intended to provide Next Generation Network (NGN) telephone service providers (SPs) with a framework and guidance for interoperability as calls process through their networks...
This document is referenced by:
1000080 - Signature-based Handling of Asserted information using toKENs (SHAKEN): Governance Model and Certificate Management
Published by ATIS on October 1, 2021
This document expands the ATIS-1000074, Signature-based Handling of Asserted Information using Tokens (SHAKEN) [Ref 1], framework, introducing a governance model and defining certificate management...
This document is referenced by:
ATIS 1000082 - Technical Report on SHAKEN APIs for a Centralized Signing and Signature Validation Server
Published by ATIS on May 1, 2018
Introduction This technical report defines a Representational State Transfer (REST)ful interface that can be used in the Signature based Handling of Asserted information using toKENs (SHAKEN)...
This document is referenced by:
ATIS 1000081 - ATIS Technical Report on a Framework for Display of Verified Caller ID
Published by ATIS on May 1, 2018
This technical report provides a framework for signaling verified Caller ID information from the network to a User Equipment (UE) and displaying the information on the UE in a uniform manner,...
This document is referenced by:
ATIS 1000084 - Technical Report on Operational and Management Considerations for SHAKEN STI Certification Authorities and Policy Administrators
Published by ATIS on August 1, 2018
This technical report introduces operational and management considerations for STI Certification Authorities (STICAs) within the context of the SHAKEN framework (ATIS-1000074) and the SHAKEN:...
View Less
View All
Advertisement