摘要
文章首先简要介绍了SIP协议,给出了本地和漫游用户的注册流程,然后通过抓包分析信令流程,对SIP注册机制中的HTTP摘要认证进行了研究。在实现摘要认证的过程中,分析出HTTP摘要认证存在一些缺陷,并提出了采用动态密码进行摘要认证的改良策略,提高了SIP的安全性。
Firstly, this paper introduces the Session Initiation Protocol briefly, and describes the process of local and roaming users' registration. Then the article develops the HTTP Digest authentication in SIP registration mechanism based on the analysis of the signaling flow. At last, the author indicates based on analysis that the HTI'P Digest authentication has some defects in the process of Digest authentication, therefore an improvement strategy using dynamic passwords is proposed and the security of SIP is improved.
出处
《电光系统》
2010年第3期36-39,共4页
Electronic and Electro-optical Systems