Study of security aspects for Session Initiation Protocol

Abstract: The objective with this thesis is to describe security mechanisms that are inte-grated or are proposed to be integrated with the Session Initiation Protocol (SIP). SIP is used for establishing, modifying, and terminating multimedia ses-sions over the IP network. This thesis is divided into two main parts, where the first part describes the implemented security mechanisms in SIP and the second part describes a number of proposed security mechanisms that may be implemented in SIP. At the end of the report there is a section that presents the scripts and results from different security tests that were performed on two implementations of SIP. Apart from describing different security mechanisms in the first part of this thesis, this section also contains an analysis on how possible security threats against SIP may be used to launch different attacks. The analysis also describes how these attacks may be prevented, if possible, by using the secu-rity mechanisms provided by SIP. The second part also contains an analysis section, which is focusing on finding the advantages and disadvantages of using a specific security mechanism compared to a similar security mechanism that is currently used or has been used in SIP. In the last section of this thesis I present my conclusions and a summary of the results.