基于数字证书认证的SIP安全机制

With the development of computer network technology, the IP data network based on packet switching gradually replaces the core status of traditional telephone network based on circuit exchange in the field of communication. Although the convenience and efficiency of IP network have brought benefits to the rapid development of multimedia services, the security problems caused by its openness cannot be ignored. This paper introduces the network entities of VOIP mainstream signaling exchange protocol-SIP, and various attack and threat models that the SIP protocol could face have been analyzed in detail. Aiming at improving the security of SIP protocol, this essay gives a possible way to decrease the vulnerabilities or reduce limitations of the existing SIP protocol security mechanism. Furthermore,in the application layer,a SIP protocol security mechanism based on digital certificate authentication is proposed in this paper to further enhance the security and reliability of SIP protocol.