CN107342970A - Cipher mode determines method, caller device, called equipment and VoIP system - Google Patents

Cipher mode determines method, caller device, called equipment and VoIP system Download PDF

Info

Publication number
CN107342970A
CN107342970A CN201610286865.8A CN201610286865A CN107342970A CN 107342970 A CN107342970 A CN 107342970A CN 201610286865 A CN201610286865 A CN 201610286865A CN 107342970 A CN107342970 A CN 107342970A
Authority
CN
China
Prior art keywords
cipher mode
sip
node
section point
caller device
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201610286865.8A
Other languages
Chinese (zh)
Other versions
CN107342970B (en
Inventor
朱毅泉
杨海东
周园平
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huawei Technologies Co Ltd
Original Assignee
Huawei Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co Ltd filed Critical Huawei Technologies Co Ltd
Priority to CN201610286865.8A priority Critical patent/CN107342970B/en
Publication of CN107342970A publication Critical patent/CN107342970A/en
Application granted granted Critical
Publication of CN107342970B publication Critical patent/CN107342970B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1433Vulnerability analysis
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L65/00Network arrangements, protocols or services for supporting real-time applications in data packet communication
    • H04L65/1066Session management
    • H04L65/1101Session protocols
    • H04L65/1104Session initiation protocol [SIP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M7/00Arrangements for interconnection between switching centres
    • H04M7/006Networks other than PSTN/ISDN providing telephone service, e.g. Voice over Internet Protocol (VoIP), including next generation networks with a packet-switched transport layer
    • H04M7/0078Security; Fraud detection; Fraud prevention

Abstract

This application discloses cipher mode to determine method, caller device, called equipment and VoIP system.Methods described includes:Caller device sends cipher mode probe requests thereby, the next-hop node of section point caller device in data transfer path between caller device and called equipment to section point;Caller device receives the cipher mode probe response that section point is sent, and cipher mode probe response carries the configured information for indicating the cipher mode in data transfer path between each node;Caller device determines the cipher mode in data transfer path between each node according to configured information.Using method provided herein, caller device, called equipment and VoIP system, caller device can obtain cipher mode probe response by way of sending cipher mode probe requests thereby, and the configured information for indicating the cipher mode between each node is obtained from cipher mode probe response, so that it is determined that the cipher mode between each node.

Description

Cipher mode determines method, caller device, called equipment and VoIP system
Technical field
The present invention relates to communication field, more particularly to cipher mode determines method, caller device, called equipment and VoIP systems System.
Background technology
Ip voice (voice over IP, abbreviation VoIP) is based on Internet protocol (internet protocol, abbreviation IP) the voice call technology of network.For realizing ip voice in voip systems, caller device and called equipment are not It is analog station again, but IP phones or terminal, and network side equipment can then include sip agent network element, SIP The node such as proxy server and SIP gateways.
Because the caller device in VoIP system, the called node such as equipment and network side equipment are the network element in IP network, Therefore the SIP signalings of required transmission or voice medium data etc. are required for passing through IP between caller device and called equipment Network transmission, so that the data are in the presence of the risk for being ravesdropping or being tampered during being transmitted.To avoid VoIP Data in system are tampered or are ravesdropping in transmitting procedure, and SIP signalings are being carried out between each node in VoIP During transmission, it is necessary to according to Session initiation Protocol (the session initiation protocol based on safe transmission layer protocol Over transport layer security, abbreviation SIP TLS) regulation SIP signalings are encrypted, it is and each When carrying out voice medium data, it is necessary to according to Security Real Time Protocol (Secure realtime between node Transport protocol, abbreviation SRTP) regulation voice medium data are encrypted.
In voip systems, the type of each node is different, between each network element when carrying out data forwarding, if logarithm According to being encrypted and the cipher mode of data is also different.For example, enter line number between caller device and sip agent network element According to used cipher mode during transmission, used when carrying out data transmission between sip agent network element add is typically different Close mode.Therefore need a kind of method that data are encrypted with used cipher mode between can determine each network element, In order to because data be not encrypted or Cipher Strength it is relatively low and when causing security breaches, user can be allowed to find in time And security breaches are repaired, ensure the security of VoIP system.
The content of the invention
Cipher mode is provided in the embodiment of the present invention and determines method, caller device, called equipment and VoIP system, can Determine data to be encrypted used cipher mode between each network element.In order to solve the above-mentioned technical problem, it is of the invention Embodiment discloses following technical scheme:
In a first aspect, this application provides a kind of cipher mode to determine method, this method includes:Caller device saves to second Point sends cipher mode probe requests thereby, and the cipher mode probe requests thereby is used to ask each section in the data transfer path Cipher mode between point;After the cipher mode probe requests thereby has been sent, the caller device receives the section point The cipher mode probe response of transmission, the cipher mode probe response carry each in the data transfer path for indicating The configured information of cipher mode between individual node;After cipher mode probe response is received, the caller device is according to institute State configured information and determine cipher mode in the data transfer path between each node.The method provided using present aspect, Caller device can obtain cipher mode probe response by way of sending cipher mode probe requests thereby, and from cipher mode The configured information for indicating the cipher mode between each node is obtained in probe response, so that it is determined that between each node Cipher mode.
With reference in a first aspect, in first aspect in the first possible implementation, caller device is sent to section point to be added The specific implementation of close mode probe requests thereby can be:The caller device sends conversation initial association to the section point Information SIP INFO signalings are discussed, route trace command safe to carry in the message body of the SIP INFO signalings sec-tracert.Using this implementation, caller device can utilize signaling bear cipher mode detection as defined in SIP to ask Ask, so as to realize the transmission of cipher mode probe requests thereby in the case where not increasing SIP signaling types.
With reference to first aspect or first aspect the first possible implementation, in second of possible realization side of first aspect In formula, the specific implementation that the caller device receives the cipher mode probe response that the section point is sent can be: The caller device receives the affairs that section point is sent and terminates the OK signalings of responds SIP 200, the OK of SIP 200 letters The configured information for indicating the cipher mode in the data transfer path between each node is carried in the message body of order.Adopt With this implementation, called equipment can utilize signaling bear cipher mode probe requests thereby as defined in SIP, so as to The transmission of cipher mode probe response is realized in the case of not increasing SIP signaling types.
Second aspect, present invention also provides another cipher mode to determine method, and methods described includes:Called equipment connects The cipher mode probe requests thereby that section point is sent is received, section point data between caller device and called equipment pass The upper hop node of equipment is called described in defeated path, the cipher mode probe requests thereby is used to ask the data transmission route Cipher mode in footpath between each node;The called equipment sends cipher mode probe response, institute to the section point State cipher mode probe response and carry instruction for indicating the cipher mode between the called equipment and the section point Information.Using this implementation, called equipment can generate and send cipher mode probe response to caller device, so as to Caller device is set to determine the cipher mode between each node by the content of cipher mode probe response.
With reference to second aspect, in second aspect in the first possible implementation, the called equipment receives section point The specific implementation of the cipher mode probe requests thereby of transmission can include:The called equipment receives what section point was sent Initiation protocol information SIP INFO signalings, route trace command safe to carry in the message body of the SIP INFO signalings sec-tracert。
With reference to second aspect or second aspect the first possible implementation, the called equipment is to the called equipment Upper hop node send cipher mode probe response concrete mode can be:The called equipment is sent out to the section point Send affairs to terminate the OK signalings of responds SIP 200, carried in the message body of the OK signalings of SIP 200 described for indicating Called cipher mode between equipment and the section point.
The third aspect, present invention also provides another cipher mode to determine method, and this method includes:Section point receives The cipher mode probe requests thereby that first node is sent, first node data transfer between caller device and called equipment The upper hop node of section point described in path, the cipher mode probe requests thereby are used to ask the data transfer path In cipher mode between each node;The cipher mode probe requests thereby is forwarded to the 3rd node, institute by the section point State next-hop node of the 3rd node for section point described in the data transfer path;The section point receives the 3rd The cipher mode probe response that node is sent, the development examination mode, which responds, carries the first configured information, and described first refers to Show that information is used to indicate the cipher mode in first path segmentation between each node, the first path is segmented into the data Section point described in transmission path is to the part of called equipment;The section point sends to the first node and carried The cipher mode probe response of first configured information and second configured information, second configured information are used to refer to Show the cipher mode between the first node and the section point.Wherein, the first node can be caller device, Sip agent network element, sip server or SIP gateway any of which;The section point can be sip agent network element, Sip server or SIP gateway any of which;3rd node can be sip agent network element, sip server, SIP Gateway or called equipment any of which.
Fourth aspect, present invention also provides a kind of caller device, the caller device can include processor and communication connects Mouthful.The processor, for generating cipher mode probe requests thereby, the cipher mode probe requests thereby is used to ask the number According to the cipher mode between each node in transmission path;The communication interface, visited for sending cipher mode to section point Survey request, the section point between caller device and called equipment caller device described in data transfer path it is next Hop node;The communication interface, it is additionally operable to receive the cipher mode probe response that the section point is sent, the encryption Mode probe response carries the configured information for indicating the cipher mode in the data transfer path between each node;Institute Processor is stated, is additionally operable to determine the cipher mode in the data transfer path between each node according to the configured information.
5th aspect, present invention also provides a kind of caller device, the caller device can include being used to perform first party Face and the unit of each implementation of first aspect.
6th aspect, present invention also provides a kind of called equipment, the called equipment can include processor and communication connects Mouthful, the communication interface, for receiving the cipher mode probe requests thereby of section point transmission, the section point is caller The upper hop node of equipment is called between equipment and called equipment described in data transfer path, the cipher mode detection please Ask for asking the cipher mode in the data transfer path between each node;The processor, in the communication Interface generates cipher mode probe response, the cipher mode probe response to after the cipher mode probe requests thereby Carry the configured information for indicating the cipher mode between the called equipment and the section point;The communication interface, It is additionally operable to send cipher mode probe response to the section point.
7th aspect, present invention also provides a kind of called equipment, the caller device can include being used to perform second party Face and the unit of each implementation of second aspect.
Eighth aspect, present invention also provides another network side equipment, the network side equipment can include processor and Communication interface, the communication interface, for receiving the cipher mode probe requests thereby of first node transmission, and described it will add Close mode probe requests thereby is forwarded to the 3rd node;Wherein, first node data between caller device and called equipment The upper hop node of section point described in transmission path, the cipher mode probe requests thereby are used to ask the data transfer Cipher mode in path between each node, the 3rd node is under section point described in the data transfer path One hop node;The communication interface, it is additionally operable to receive the cipher mode probe response that the 3rd node is sent, the encryption is visited Survey mode, which responds, carries the first configured information, and first configured information is used to indicate in first path segmentation between each node Cipher mode, the first path is segmented into section point described in the data transfer path to the part of called equipment; The processor, it is additionally operable to the second configured information being added into the cipher mode probe response;The communication interface, also The cipher mode that first configured information and second configured information are carried for being sent to the first node detects Response, second configured information are used to indicate the cipher mode between the first node and the section point.
9th aspect, present invention also provides a kind of network side equipment, the network side equipment can include being used for third party The unit of each method and step in face.
Tenth aspect, present invention also provides a kind of VoIP system, the system can include caller device, called equipment and At least one network side equipment for being used to realize data transfer between caller device and called equipment;The caller device, use In sending cipher mode probe requests thereby to called equipment by the network side equipment, the cipher mode probe requests thereby is used for Ask the cipher mode in data transfer path between each node between the caller device and called equipment;Described be called sets It is standby, for after the cipher mode probe requests thereby that the network side equipment is sent is received, generating cipher mode probe response, And cipher mode probe response is sent to the caller device by the network side equipment;The network side equipment, is used for Sent out receiving network side equipment upper hop node described in data transfer path between the caller device and called equipment After the cipher mode probe requests thereby sent, the cipher mode probe requests thereby is sent to net described in the data transfer path The next-hop node of network side apparatus;The network side equipment, it is additionally operable to be sent and write by the next-hop node receiving To after the first configured information cipher mode probe response, sent to the upper hop node and carry first configured information And the cipher mode probe response of second configured information, wherein, first configured information is used to indicate first path Cipher mode in segmentation between each node, the first path are segmented into network side described in the data transfer path and set The part of equipment called to the utmost;Second configured information be used to indicating the network side equipment and the upper hop node it Between cipher mode.
Determine that method, caller device, called equipment and VoIP system, caller are set using cipher mode provided herein Standby to send cipher mode probe requests thereby, called equipment can then respond the cipher mode probe requests thereby and send encryption Mode probe response, so that caller device can be obtained from cipher mode probe response for indicating between each node Cipher mode configured information so that caller device can determine the encryption between each node according to the configured information Mode.So as to because data be not encrypted or Cipher Strength it is relatively low and when causing security breaches, caller can be allowed to set Standby user has found and repairs security breaches in time, ensures the security of VoIP system.
Brief description of the drawings
Technical scheme in order to illustrate the embodiments of the present invention more clearly, below by embodiment it is required use it is attached Figure is briefly described, it should be apparent that, drawings in the following description are only some embodiments of the present invention, for this For the those of ordinary skill of field, on the premise of not paying creative work, other can also be obtained according to these accompanying drawings Accompanying drawing.
Fig. 1 is the structural representation of the application VoIP system one embodiment;
Fig. 2 is the schematic flow sheet that the application cipher mode determines method one embodiment;
Fig. 3 is the schematic flow sheet that the application cipher mode determines another embodiment of method;
Fig. 4 is the structural representation of the application caller device one embodiment;
Fig. 5 is the structural representation that the application is called equipment one embodiment.
Embodiment
Referring to Fig. 1, for a schematic diagram of the application voip network system architecture.
Session initiation Protocol (session initiation protocol, the letter that caller device 101 passes through caller device side Claiming SIP) agent network element 102 accesses the sip server 103 of caller device side;And called equipment 107 is by being called equipment The sip server 105 of the called equipment side of the access of sip agent network element 106 of side;The sip server 103 of caller device side It can then be communicated with the sip server 105 of called equipment side by SIP gateways 104.
When caller device 101 needs to carry out voice call with called equipment 107, caller device 101 is sent first to be used for The SIP signalings of calling are established, sip agent network element, sip server and SIP gateways set the SIP signallings to called Standby 107;After called equipment receives the calling SIP signaling, it can be sent to caller device 101 and agree to establish calling SIP signalings, sip agent network element, sip server and SIP gateways by the SIP signallings to caller device 101, So that calling is established between caller device 101 and called equipment 107.
, can between caller device 101 and called equipment 107 after caller device 101 and called equipment 107 establish calling According to RTP (realtime transport protocol, abbreviation RTP) regulation, to pass through SIP generations The transmission that network element carries out voice medium data is managed, so as to realize that the voice between caller device 101 and called equipment 107 leads to Words.
At this it should be noted that in the VoIP system of each embodiment of the application, caller device and caller device side Sip agent network element between sip server can be that one-level can also be more stages, be called equipment and called equipment side SIP Sip agent network element between server can also be one-level also can or more level.When caller device side sip server and quilt When to be equipment side sip server be different sip servers, there can be the SIP gateways of one-level or more level therebetween. , can in VoIP system when caller device side sip server and called equipment side sip server are same sip server With in the absence of SIP gateways.
Caller device side sip agent network element, caller device side sip server, called equipment side sip agent network element, quilt Equipment side sip server and SIP gateways is made to may be collectively termed as network side equipment.Network side equipment and caller device and by Equipment is made to may be collectively termed as network element.
The network element can include processor, communication interface and memory.The processor, the memory and described Communication interface is connected with each other by bus;Bus can be Peripheral Component Interconnect standard (peripheral component Interconnect, referred to as:PCI) bus or EISA (extended industry standard Architecture, referred to as:EISA) bus etc..The bus can be divided into address bus, data/address bus, control always Line etc..
Wherein, the processor can be central processing unit (central processing unit, abbreviation:CPU), net Network processor (network processor, referred to as:NP) or CPU and NP combination.Processor can also enter one Step includes hardware chip.Above-mentioned hardware chip can be application specific integrated circuit (application-specific Integrated circuit, referred to as:ASIC), PLD (programmable logic device, Referred to as:PLD) or it is combined.Above-mentioned PLD can be CPLD (complex programmable logic Device, referred to as:CPLD), field programmable gate array (field-programmable gate array, letter Claim:FPGA), GAL (generic array logic, abbreviation:GAL) or it is combined.In this Shen Please be in each embodiment, the processor can be used for generating cipher mode probe requests thereby or cipher mode probe response, or It person, can be used for that information is deleted or extracted from the cipher mode probe response or cipher mode probe response.
The memory can include volatile memory (volatile memory), such as random access memory (random Access memory, referred to as:RAM);Nonvolatile memory (non-volatile memory), example can also be included Such as flash memory (flash memory), hard disk (hard disk drive, abbreviation:) or solid state hard disc HDD (solid-state drive, referred to as:SSD);Memory can also include the combination of the memory of mentioned kind.
The communication interface is used to be communicated with other equipment.The communication interface can be wire communication access port, nothing Line communication interface or its combination, wherein, wired communication interface for example can be Ethernet interface.Ethernet interface can be Optical interface, electrical interface or its combination.Wireless communication interface can be WLAN (wireless local area Networks, referred to as:WLAN) interface, cellular network communication interface or its combination etc..
In addition, the network element can also include display module (for example, display screen), audio playing module etc., these Module can also be connected by the bus and described processor etc..
In each embodiment of the application, data transfer path can refer to transmit SIP between caller device and called equipment Transmission path during signaling.The data transfer path can generally include multiple nodes, and the node can include caller Equipment, caller device side sip server, called equipment side sip server, called equipment, caller device and caller are set At least one caller device side sip agent network element, called equipment and called equipment side SIP between the sip server of standby side At least one called equipment side sip agent network element and caller device side sip server and called equipment side between server At least one SIP gateways between sip server.Under normal circumstances, the data transfer path can refer to invite The transmission path of signaling.
In each embodiment of the application, the cipher mode between node refers to that two nodes are carrying out SIP signalings and voice During the data transfer of the types such as media data, data are encrypted with used cipher mode.For example, between node Cipher mode can refer to that the cipher mode between caller device and caller device side sip agent network element can be set including caller It is standby between the sip agent network element of caller device carry out SIP signallings when, to the cipher mode of SIP signalings;Or When may also mean that progress voice medium data transfer between caller device and caller device sip agent unit, to voice matchmaker The cipher mode of volume data.
Fig. 2 is the schematic flow sheet that the application cipher mode determines method one embodiment.With reference to Fig. 2 to the application Illustrate.
Wherein, first node can be that caller device, sip agent network element, sip server or SIP gateways are therein any Kind;Section point can be sip agent network element, sip server or SIP gateway any of which;3rd node can be with For sip agent network element, sip server, SIP gateways or called equipment any of which.Section point can be transmission road The next-hop node of first node described in footpath;3rd node can be then described in data transfer path under section point One hop node.
Step 201, section point receives the cipher mode probe requests thereby that first node is sent.
When the first node is caller device, the caller device can firstly generate development examination mode and ask, so Afterwards the development examination mode is asked to send to the next-hop node of the caller device.Under normal circumstances, the caller The next-hop node of equipment can be sip agent network element or sip server.
For example, when the data transfer path is the SIP signaling paths in Fig. 1, caller device 101 can incite somebody to action oneself The cipher mode probe requests thereby of body generation is sent to caller device side sip agent network element 102.
It is described to add when the first node is sip agent network element, sip server or therein any SIP gateways Close mode probe requests thereby can be sent to the first node by the upper hop node of the first node.
For example, when section point is caller device side sip agent network element 102, the first node can be the master Equipment 101 is, the cipher mode probe requests thereby can be sent to the caller device side SIP by the caller device 101 Agent network element 102.
And for example, when section point is called equipment side sip agent network element 106, the first node can be called sets Standby side sip server 105, the called equipment side sip server 105 can send out the cipher mode probe requests thereby Give the called equipment side sip agent network element 106.
The cipher mode probe requests thereby is used to ask the cipher mode in the data transfer path between each node.It is described Cipher mode probe requests thereby can be with an independent SIP signaling, can also be by the SIP signaling bears of SIP defineds.
For example, the cipher mode probe requests thereby can be SIP INFO signalings, and the SIP INFO signalings disappear Route trace command sec-tracert, the sec-tracert safe to carry are then used to ask the data to pass in breath body Cipher mode in defeated path between each node.
Step 202, the cipher mode probe requests thereby is forwarded to the 3rd node by the section point.
The section point is after the cipher mode probe requests thereby of first node transmission is received, by the cipher mode Probe requests thereby is sent to the 3rd node, and the 3rd node is under section point described in the data transfer path One hop node.
Section point to the 3rd node forward the cipher mode probe requests thereby when, can by the way of transparent transmission, It can also need to be to add necessary content in the cipher mode probe requests thereby, or to the cipher mode probe requests thereby Content modify.
For example, when caller device side sip agent network element 102 receives the SIP INFO of the transmission of caller device 101 After signaling, the SIP INFO signalings can be forwarded to caller device side sip server 103.
And for example, sent when called equipment side sip agent network element 106 receives the called equipment side sip server 105 The SIP INFO signalings after, the SIP INFO signalings can be forwarded to called equipment 107.
Step 203, the section point receives the cipher mode probe response that the 3rd node is sent.
The cipher mode probe response can carry the first configured information, and first configured information is used to indicate first Cipher mode in path segments between each node, the first path are segmented into second described in the data transfer path Node is to the part of called equipment.
When the 3rd node is called equipment, the called equipment can generate and to the upper hop of the 3rd node Route send cipher mode probe response, the cipher mode probe response carry for indicate the called equipment with it is described The configured information of cipher mode between section point.
Visited for example, the called equipment 107 receives the cipher mode that the called equipment side sip agent network element 106 is sent After surveying request, it can generate and send cipher mode probe response, institute to the called equipment side sip agent network element 106 State and carried in cipher mode probe response for indicating the called equipment 107 and the called equipment side sip agent net When carrying out data transmission between member 106 data are encrypted with the first configured information of the cipher mode of the use.
May include multiple nodes in being segmented due to first path, and may need to transmit between different nodes it is a variety of not The data of same type, and cipher mode may also be different used by different types of data are encrypted, therefore, When needing to transmit a variety of different types of data between the section point and the 3rd node, first configured information can Different cipher modes used by different types of data are encrypted for instruction.
For example, the data transmitted between the called equipment 107 and the called equipment side sip agent network element 106 can be with Including SIP signalings and voice medium data.When called equipment side sip agent network element 106 and called equipment 107 is not using When SIP signalings and voice medium data are encrypted same cipher mode, first configured information can serve to indicate that SIP signalings are encrypted used cipher mode and for encryption side used by voice medium data are encrypted Formula.
Step 204, the section point sends to the first node and carries first configured information and described second The cipher mode probe response of configured information.
The section point is added to the encryption after the cipher mode probe response is received, by the second configured information In mode probe response, obtain carrying the cipher mode probe response of the second configured information and the first configured information, then The cipher mode probe response is sent to the first node again.Wherein, second configured information is used to indicate institute State the cipher mode between first node and the section point.
Due to that may need to transmit a variety of different types of data between first node and section point, not only different type number According to data transfer path may also be different, and cipher mode also may be used used by different types of data are encrypted Can be different, therefore when needing to transmit a variety of different types of data between the first node and section point, described the Two configured informations can be used for different cipher modes used by different types of data are encrypted for instruction.
For example, the data transmitted between the caller device 101 and the caller device side sip agent network element 102 can be with Including SIP signalings and voice medium data.When caller device 101 and caller device side sip agent network element 102 be not using When SIP signalings and voice medium data are encrypted same cipher mode, second configured information can serve to indicate that Used cipher mode is encrypted to SIP signalings and used cipher mode is encrypted to voice medium data.
And for example, when the called equipment side sip agent network element 106 is used to transmit SIP signalings, the called equipment side The upper hop node of sip agent network element 106 is called equipment side sip server 105;And work as the called equipment side SIP When agent network element 106 transmits voice medium data, the upper hop node of the called equipment side sip agent network element 106 is then For caller device side sip agent network element 102.The called equipment side sip agent network element 106 is receiving described be called During the cipher mode probe response that equipment 107 is sent, second configured information can serve to indicate that called equipment side SIP Institute is encrypted to SIP signalings when carrying out SIP signallings with called equipment side sip server 105 in agent network element 106 Language is carried out with caller device side sip server 105 using cipher mode, and called equipment side sip agent network element 106 Used cipher mode is encrypted to voice medium data during sound media data transmission.
If the first node is caller device, then the caller device can ring receiving cipher mode detection Ying Hou, the cipher mode in the data transfer path between each node is determined according to the configured information.
For example, after caller device 101 receives the OK signalings of SIP 200 of the transmission of caller device side sip agent network element 102, Caller device can extract the first configured information and the second configured information from the message body of the OK signalings of SIP 200. The cipher mode in the data transfer path between each node is determined according to the first configured information and the second instruction.
If the first node is caller device, then the caller device each node in the data transfer path Between cipher mode after, the cipher mode each node can also be shown.
For example, when the caller device 101 has display screen, the caller device can also show on the display screen Show the cipher mode between each node, in order to which user can intuitively see the cipher mode between each node.
If the first node is not caller device, then the first node will can be used to indicate the first node The configured information of cipher mode between a upper node for the first node is added to the cipher mode probe response In, and the cipher mode probe response is sent to the upper hop node of the first node.Detailed process may refer to This implementation, just repeat no more herein.
Below using caller device side sip server and called equipment side sip server as distinct device, and caller device with Caller device side sip agent network element, called equipment between the sip server of caller device side take with called equipment side SIP Called equipment side sip agent network element and caller device side sip server and called equipment side sip server between business device Between SIP gateways be exemplified by 1 grade, the application is described further.
It is the schematic flow sheet that the application cipher mode determines another embodiment of method referring to Fig. 3.
Step 301, caller device generates SIP INFO signalings, is carried in the message body of the SIP INFO signalings sec-tracert。
The structure of SIP INFO signalings and comprising content can be as seen in the following example.
INFO sip:900372368@IP1 SIP/2.0 (signaling type)
To:sip:900372368@IP1 (called device identification)
From:<sip:800501511@IP1>;Tag=f25cab16 (caller device mark)
Via:SIP/2.0/TCP
.......
Content-Type:Application/sdp (SIP signaling messages body)
……
Sec-tracert=Request (carries sec-tracert requests) in message body
S=SRTP
M=audio
A=crypto:1AES_CM_256_HMAC_SHA2_256 (cipher mode that caller device is supported)
A=crypto:2AES_CM_128_HMAC_SHA1_80
Step 302, caller device sends the SIP INFO signalings to caller device side sip agent network element.
Step 303, the SIP INFO signalings are sent to caller device side SIP and taken by caller device side sip agent network element Business device.
Step 304, caller device side sip server sends the SIP INFO signalings to SIP gateways.
Step 305, SIP gateways send the SIP INFO signalings to called equipment side sip server.
Step 306, equipment side sip server is called to send the SIP INFO signalings to called equipment side sip agent Network element.
Step 307, equipment side sip agent network element is called to send the SIP INFO signalings to called equipment.
Step 308, it is called equipment and responds the SIP INFO signalings, generates the OK signalings of SIP 200.
It can be carried between called equipment and called equipment side sip agent network element in the message body of the OK signalings of SIP 200 The configured information of cipher mode.Due to the data of the transmission between the called equipment and called equipment side sip agent network element Including SIP signalings and voice medium data, therefore, the configured information can serve to indicate that the called equipment with being called SIP signalings and the cipher mode to voice medium data between the sip agent network element of equipment side.
The structure and content of the OK signalings of SIP 200 can be as shown in following examples.
The OK of SIP/2.0 200 (signaling type)
From:<sip:900372368@IP5>;Tag=f25cab16 (called device identification)
To:sip:<800501511@IP1>(caller device mark)
Via:SIP/2.0/TCP
……
Content-Type:Application/sdp (SIP signaling messages body)
……
Sec-tracert=Reply
M=audio
Tracert-sip=IP5-CalledID:Crypto, AES-256 (are used to indicate called equipment side SIP generations Manage the configured information of SIP signaling cipher modes between network element and called equipment)
Tracert-rtp=IP5-CalledID:Crypto, AES-256 (are used to indicate called equipment side SIP generations Manage the configured information of voice medium data encryption mode between network element and called equipment)
Step 309, equipment is called to send the OK signalings of SIP 200 to called equipment side sip agent network element.
Step 310, being called equipment side sip agent network element will be used to indicate that called equipment side sip agent network element is set with called The configured information of cipher mode between the sip server of standby side is added into the OK signalings of SIP 200.
Due to being called between equipment side sip agent network element and called equipment side sip server not only, important document carries out SIP signalings Transmission, and also need to carry out voice medium data transmission, therefore, the called equipment side sip agent network element can With respectively by for indicating the configured information of SIP signaling cipher modes and finger for indicating voice media data cipher mode Show that information is added into the OK signalings of SIP 200.
After the configured information is added, the structure and content of the OK signalings of SIP 200 can be as shown in following examples.
SIP/2.0 200 OK
From:<sip:900372368@IP5>;Tag=f25cab16
To:sip:<800501511@IP1>
Via:SIP/2.0/TCP
……
Content-Type:application/sdp
……
Sec-tracert=Reply
M=audio
Tracert-sip=IP5-CalledID:Crypto, AES-256 (are used to indicate called equipment and called equipment The configured information of SIP signaling cipher modes between the sip agent network element of side)
Tracert-sip=IP4-IP5:Crypto, AES-128 (be used to indicating called equipment side sip agent network element with The configured information of SIP signaling cipher modes between called equipment side sip server)
Tracert-rtp=IP5-CalledID:Crypto, AES-256 (are used to indicate called equipment and called equipment The configured information of voice medium data encryption mode between the sip agent network element of side)
Tracert-rtp=IP1-IP5:Crypto, AES-128 (be used to indicating called equipment side sip agent network element with The configured information of voice medium data encryption mode between the sip agent network element of caller device side)
Step 311, equipment side sip agent network element is called to send the SIP signalings to the called equipment side SIP clothes Business device.
Step 312, be called equipment side sip server will be used to indicating called equipment side sip server and SIP gateways it Between the configured information of cipher mode be added into the OK signalings of SIP 200.
It can be served only for transmitting SIP signalings between equipment side sip server and SIP gateways due to called, therefore can be only By for indicating that the called configured information of SIP signalings cipher mode between equipment side sip server and SIP gateways is added into In the OK signalings of SIP 200.
Step 313, equipment side sip server is called to send the OK signalings of SIP 200 to the main SIP gateways.
Step 314, SIP gateways will be used to indicate data encryption mode between SIP gateways and caller device side sip server Configured information be added into the OK signalings of SIP 200.
Step 315, SIP gateways send the OK signalings of SIP 200 to caller device side sip server.
Step 316, caller device side sip server will be used for equipment for indication status of calling side sip server and caller device side The configured information of data encryption mode is added into the OK signalings of SIP 200 between sip agent network element.
Step 317, caller device side sip server sends the OK signalings of SIP 200 to caller device side SIP generations Manage network element.
Step 318, sip agent network element in caller device side will be used for equipment for indication status of calling side sip agent network element and be set with caller The configured information of data encryption mode is added in the OK signalings of SIP 200 between standby.
Step 319, sip agent network element in caller device side sends the OK signalings of SIP 200 to caller device.
The structure and content for the OK signalings of SIP 200 that caller device side sip agent network element is sent to caller device can be as follows State shown in example.
SIP/2.0 200 OK
From:<sip:900372368@IP5>;Tag=f25cab16
To:sip:<800501511@IP1>
Via:SIP/2.0/TCP
……
Content-Type:application/sdp
……
Sec-tracert=Reply
M=audio
Tracert-sip=IP5-CalledID:Crypto, AES-256 (are used to indicate called equipment side sip agent The configured information of SIP signalings cipher mode between network element and called equipment)
Tracert-sip=IP4-IP5:Crypto, AES-128 (are used to indicate called equipment side sip server and quilt It is the configured information of SIP signaling cipher modes between the sip agent network element of equipment side)
Tracert-sip=IP3-IP4:Crypto, AES-128 (are used to indicate SIP gateways and called equipment side SIP The configured information of SIP signalings cipher mode between server)
Tracert-sip=IP2-IP3:Crypto, AES-128 (be used for equipment for indication status of calling side sip server with The configured information of SIP signalings cipher mode between SIP gateways)
Tracert-sip=IP1-IP2:Plaintext (is set for equipment for indication status of calling side sip agent network element with caller The configured information of SIP signaling cipher modes between the sip proxy server of standby side)
Tracert-sip=CallerID-IP1:Crypto, AES-256 (are used for equipment for indication status of calling and caller device The configured information of SIP signaling cipher modes between the sip agent network element of side)
Tracert-rtp=IP5-CalledID:Crypto, AES-256 (are used to indicate called equipment side sip agent The configured information of voice medium data encryption mode between network element and called equipment)
Tracert-rtp=IP1-IP5:Crypto, AES-128 (be used for equipment for indication status of calling side sip agent network element with The configured information of voice medium data encryption mode between called equipment side sip agent network element)
Tracert-rtp=CallerID-IP1:Crypto, AES-256 (are used for equipment for indication status of calling and caller device The configured information of voice medium data encryption mode between the sip agent network element of side)
Step 320, the configured information that caller device carries according to the OK signalings of SIP 200 determines the data Cipher mode in transmission path between each node.
After the OK signalings of SIP 200 are received, caller device can extract from the OK signalings of SIP 200 All configured informations, the encryption in the data transfer path between each node is then determined according to the configured information Mode.
After cipher mode determination, the caller device can also be carried out using display module to the cipher mode Displaying.
By the way of the present embodiment is provided, caller device can be obtained in the data transfer path between each node Cipher mode.
Determine that method is corresponding with the cipher mode of the application, present invention also provides the end for being determined for cipher mode End equipment.
Referring to Fig. 4, for the structural representation of the application caller device one embodiment.
As shown in figure 4, the caller device can include:Transmitting element 401, receiving unit 402 and acquiring unit 403.
Wherein, transmitting element 401, for sending cipher mode probe requests thereby to section point, based on the section point Cry the next-hop node of caller device described in data transfer path between equipment and called equipment, the cipher mode detection Ask for asking the cipher mode in the data transfer path between each node.
Receiving unit 402, the cipher mode probe response sent for receiving the section point, the cipher mode are visited Survey response and carry the configured information for being used for indicating the cipher mode in the data transfer path between each node.
Acquiring unit 403, for determining the encryption in the data transfer path between each node according to the configured information Mode.
Optionally, the transmitting element 401, can be used for sending session initiation protocol information SIP to the section point INFO signalings, route trace command sec-tracert safe to carry, described in the message body of the SIP INFO signalings Sec-tracert is used to ask the cipher mode in the data transfer path between each node.Accordingly, the reception Unit 402, the affairs that can be used for receiving section point transmission terminate the OK signalings of responds SIP 200, the OK of SIP 200 The configured information for indicating the cipher mode in the data transfer path between each node is carried in the message body of signaling.
Referring to Fig. 5, for the structural representation of the called equipment one embodiment of the application.
As shown in figure 5, the called equipment can include receiving unit 501 and transmitting element 502.
Wherein, receiving unit 501, for receiving the cipher mode probe requests thereby of section point transmission, the section point The upper hop node of equipment, the cipher mode are called described in data transfer path between caller device and called equipment Probe requests thereby is used to ask the cipher mode in the data transfer path between each node;Transmitting element 502, for The section point sends cipher mode probe response, and the cipher mode probe response is carried for indicating that described be called sets The configured information of the standby cipher mode between the section point.
Optionally, the receiving unit 501, can be used for receiving the initiation protocol information SIP INFO that section point is sent Signaling, route trace command sec-tracert safe to carry, described in the message body of the SIP INFO signalings Sec-tracert is used to ask the cipher mode in the data transfer path between each node.Accordingly, the transmission Unit 502, it can be used for terminating the OK signalings of responds SIP 200, the OK of SIP 200 to section point transmission affairs Carried in the message body of signaling for indicating the cipher mode between the called equipment and the section point.
In the specific implementation, the present invention also provides a kind of computer-readable storage medium, wherein, the computer-readable storage medium can store There is program, the program may include the part or all of step in each embodiment of method of calling provided by the invention when performing. Described storage medium can be magnetic disc, CD, read-only memory (read-only memory, abbreviation:ROM) or Random access memory (random access memory, referred to as:RAM) etc..
It is required logical that those skilled in the art can be understood that the technology in the embodiment of the present invention can add by software Realized with the mode of hardware platform.Based on such understanding, the technical scheme in the embodiment of the present invention is substantially in other words The part to be contributed to prior art can be embodied in the form of software product, and the computer software product can be deposited Storage is in storage medium, such as ROM/RAM, magnetic disc, CD, including some instructions are causing a computer equipment (can be personal computer, server, either network equipment etc.) performs each embodiment of the present invention or embodiment Method described in some parts.
In this specification between each embodiment identical similar part mutually referring to.Especially for equipment and system For embodiment, because it is substantially similar to embodiment of the method, so description is fairly simple, related part is referring to method Explanation in embodiment.
Invention described above embodiment is not intended to limit the scope of the present invention..

Claims (15)

1. a kind of cipher mode determines method, it is characterised in that including:
Caller device sends cipher mode probe requests thereby to section point, and the section point is caller device and called equipment Between caller device described in data transfer path next-hop node, the cipher mode probe requests thereby is used to asking described Cipher mode in data transfer path between each node;
The caller device receives the cipher mode probe response that the section point is sent, the cipher mode probe response Carry the configured information for indicating the cipher mode in the data transfer path between each node;
The caller device determines the cipher mode in the data transfer path between each node according to the configured information.
2. the method as described in claim 1, it is characterised in that caller device sends cipher mode detection to section point Request includes:
The caller device sends session initiation protocol information SIP INFO signalings, the SIP INFO to the section point Route trace command sec-tracert, the sec-tracert safe to carry are described for asking in the message body of signaling Cipher mode in data transfer path between each node.
3. method as claimed in claim 1 or 2, it is characterised in that the caller device receives the section point hair The cipher mode probe response sent includes:
The caller device receives the affairs that section point is sent and terminates the OK signalings of responds SIP 200, the OK of SIP 200 The configured information for indicating the cipher mode in the data transfer path between each node is carried in the message body of signaling.
4. a kind of cipher mode determines method, it is characterised in that including:
It is called equipment and receives the cipher mode probe requests thereby that section point is sent, the section point is caller device with being called The upper hop node of equipment is called between equipment described in data transfer path, the cipher mode probe requests thereby is used to ask Cipher mode in the data transfer path between each node;
The called equipment sends cipher mode probe response to the section point, and the cipher mode probe response carries For indicating the configured information of the cipher mode between the called equipment and the section point.
5. method as claimed in claim 4, it is characterised in that the called equipment receives the encryption that section point is sent Mode probe requests thereby includes:
The called equipment receives the initiation protocol information SIP INFO signalings that section point is sent, the SIP INFO letters Route trace command sec-tracert safe to carry, the sec-tracert are used to ask the number in the message body of order According to the cipher mode between each node in transmission path.
6. the method described in claim 4 or 5, it is characterised in that the called equipment to the called equipment upper one Hop node, which sends cipher mode probe response, to be included:
The called equipment sends affairs to the section point and terminates the OK signalings of responds SIP 200, the OK of SIP 200 Carried in the message body of signaling for indicating the cipher mode between the called equipment and the section point.
A kind of 7. caller device, it is characterised in that including:
Transmitting element, for sending cipher mode probe requests thereby to section point, the section point is caller device and quilt The next-hop node of caller device described in data transfer path between equipment is, the cipher mode probe requests thereby is used for please Seek the cipher mode between each node in the data transfer path;
Receiving unit, the cipher mode probe response sent for receiving the section point, the cipher mode detection ring The configured information for indicating the cipher mode in the data transfer path between each node should be carried;
Acquiring unit, for determining the cipher mode in the data transfer path between each node according to the configured information.
8. caller device as claimed in claim 7, it is characterised in that
The transmitting element, specifically for sending session initiation protocol information SIP INFO signalings, institute to the section point Route trace command sec-tracert safe to carry, the sec-tracert in the message body of SIP INFO signalings is stated to use Cipher mode in the request data transfer path between each node.
9. caller device as claimed in claim 7 or 8, it is characterised in that
The receiving unit, the affairs sent specifically for receiving section point terminate the OK signalings of responds SIP 200, described Carried in the message body of the OK signalings of SIP 200 for indicating the cipher mode in the data transfer path between each node Configured information.
A kind of 10. called equipment, it is characterised in that including:
Receiving unit, for receiving the cipher mode probe requests thereby of section point transmission, the section point is caller device The upper hop node of equipment is called described in data transfer path between called equipment, the cipher mode probe requests thereby is used Cipher mode in the request data transfer path between each node;
Transmitting element, for sending cipher mode probe response to the section point, the cipher mode probe response is taken Band is used for the configured information for indicating the cipher mode between the called equipment and the section point.
11. called equipment as claimed in claim 10, it is characterised in that
The receiving unit, the initiation protocol information SIP INFO signalings sent specifically for receiving section point are described Route trace command sec-tracert safe to carry, the sec-tracert are used in the message body of SIP INFO signalings Ask the cipher mode between each node in the data transfer path.
12. the called equipment as described in claim 10 or 11, it is characterised in that
The transmitting element, terminate the OK signalings of responds SIP 200 specifically for sending affairs to the section point, it is described Carried in the message body of the OK signalings of SIP 200 for indicating the encryption side between the called equipment and the section point Formula.
A kind of 13. caller device, it is characterised in that including processor and communication interface,
The processor, for generating cipher mode probe requests thereby, the cipher mode probe requests thereby is used to ask the number According to the cipher mode between each node in transmission path;
The communication interface, for sending cipher mode probe requests thereby to section point, the section point is caller device The next-hop node of caller device described in data transfer path between called equipment;
The communication interface, it is additionally operable to receive the cipher mode probe response that the section point is sent, the cipher mode Probe response carries the configured information for indicating the cipher mode in the data transfer path between each node;
The processor, it is additionally operable to determine the encryption in the data transfer path between each node according to the configured information Mode.
A kind of 14. called equipment, it is characterised in that including processor and communication interface,
The communication interface, for receiving the cipher mode probe requests thereby of section point transmission, the section point is caller The upper hop node of equipment is called between equipment and called equipment described in data transfer path, the cipher mode detection please Ask for asking the cipher mode in the data transfer path between each node;
The processor, for after the communication interface receives the cipher mode probe requests thereby, generating cipher mode Probe response, the cipher mode probe response are carried for indicating adding between the called equipment and the section point The configured information of close mode;
The communication interface, it is additionally operable to send cipher mode probe response to the section point.
15. a kind of VoIP system, it is characterised in that including caller device, called equipment and at least one be used to realize master It is the network side equipment of data transfer between equipment and called equipment;
The caller device, it is described for sending cipher mode probe requests thereby to called equipment by the network side equipment Cipher mode probe requests thereby is used to ask between the caller device and called equipment in data transfer path between each node Cipher mode;
The called equipment, for after the cipher mode probe requests thereby that the network side equipment is sent is received, generation to add Close mode probe response, and cipher mode probe response is sent to the caller device by the network side equipment;
The network side equipment, for receiving between the caller device and called equipment described in data transfer path After cipher mode probe requests thereby transmitted by network side equipment upper hop node, by the cipher mode probe requests thereby send to The next-hop node of network side equipment described in the data transfer path;
The network side equipment, be additionally operable to receive sent by the next-hop node and write the first configured information encryption After mode probe response, sent to the upper hop node and carry first configured information and second configured information Cipher mode probe response, wherein, first configured information is used to indicate in first path segmentation between each node Cipher mode, the first path are segmented into network side equipment described in the data transfer path to the part of called equipment; Second configured information is used to indicate the cipher mode between the network side equipment and the upper hop node.
CN201610286865.8A 2016-05-03 2016-05-03 Encryption mode determination method, calling device, called device and VoIP system Active CN107342970B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610286865.8A CN107342970B (en) 2016-05-03 2016-05-03 Encryption mode determination method, calling device, called device and VoIP system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610286865.8A CN107342970B (en) 2016-05-03 2016-05-03 Encryption mode determination method, calling device, called device and VoIP system

Publications (2)

Publication Number Publication Date
CN107342970A true CN107342970A (en) 2017-11-10
CN107342970B CN107342970B (en) 2020-08-07

Family

ID=60222922

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610286865.8A Active CN107342970B (en) 2016-05-03 2016-05-03 Encryption mode determination method, calling device, called device and VoIP system

Country Status (1)

Country Link
CN (1) CN107342970B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111741031A (en) * 2020-08-26 2020-10-02 深圳信息职业技术学院 Block chain based network communication encryption method

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1937624A (en) * 2005-09-24 2007-03-28 国际商业机器公司 Method and apparatus for verifying encryption of sip signalling
US20070130475A1 (en) * 2005-12-05 2007-06-07 Ajay Sathyanath Method of embedding information in internet transmissions
CN101227272A (en) * 2007-01-19 2008-07-23 华为技术有限公司 System and method for obtaining media stream protection cryptographic key
CN101997681A (en) * 2009-08-14 2011-03-30 中国移动通信集团公司 Authentication method and system for multi-node path and relevant node equipment

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1937624A (en) * 2005-09-24 2007-03-28 国际商业机器公司 Method and apparatus for verifying encryption of sip signalling
US20070130475A1 (en) * 2005-12-05 2007-06-07 Ajay Sathyanath Method of embedding information in internet transmissions
CN101227272A (en) * 2007-01-19 2008-07-23 华为技术有限公司 System and method for obtaining media stream protection cryptographic key
CN101997681A (en) * 2009-08-14 2011-03-30 中国移动通信集团公司 Authentication method and system for multi-node path and relevant node equipment

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111741031A (en) * 2020-08-26 2020-10-02 深圳信息职业技术学院 Block chain based network communication encryption method

Also Published As

Publication number Publication date
CN107342970B (en) 2020-08-07

Similar Documents

Publication Publication Date Title
US9749292B2 (en) Selectively performing man in the middle decryption
JP5763267B2 (en) Lawful intercept based on policy routing in a communication system with end-to-end encryption
US9648006B2 (en) System and method for communicating with a client application
US10771624B1 (en) Data store for communication authentication
US9351203B2 (en) Voice call continuity in hybrid networks
US11496319B2 (en) Method of identity authentication for voice over internet protocol call and related device
US9398055B2 (en) Secure call indicator mechanism for enterprise networks
CN103987037A (en) Secret communication implementation method and device
US10608996B2 (en) Trust status of a communication session
WO2016033764A1 (en) Establishment of a secure connection for a communication session
CN107566671A (en) Network voice communication method and its system, storage medium, electronic equipment
KR20160026631A (en) Hybrid cloud media architecture for media communications
US20210092005A1 (en) System and method for enhancing identification of network node initiator errors
CN108833943A (en) The encrypted negotiation method, apparatus and conference terminal of code stream
WO2015154520A1 (en) Call recording method, recording server, private branch exchange and recording system
US8381301B1 (en) Split-flow attack detection
US20150150076A1 (en) Method and device for instructing and implementing communication monitoring
CN107342970A (en) Cipher mode determines method, caller device, called equipment and VoIP system
US7571317B1 (en) Providing user notification signals in phones that use encryption
CN109379378A (en) Sending method, device, server, system and the storage medium of internet short message
CN104753876A (en) Flexible and controllable session encryption method
CN109479060A (en) RCS originates bifurcated
JP5384445B2 (en) Session processing system, SIP processing device, policy management device, session processing method, and program
Orrblad et al. Secure VoIP: call establishment and media protection
Traynor et al. Vulnerabilities in Voice over IP

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant