| Summary: | 碩士 === 國立臺灣科技大學 === 資訊工程系 === 95 === This thesis proposes MobileALG architecture that enables SIP-based handoff management to support mobility for TCP-based applications. TCP connections are preserved in the architecture by keeping the connection tuples unchanged as MH moves across subnets. The proposed architecture also optimizes the handoff delay associated with real-time SIP-based applications, namely the TCP/IP inter-layer independence. It also takes into account additional delay imposed due to DAD procedures. The handoff delay is further reduced by eliminating the need for DAD procedure with the use a MAC address based NAT routing in the edge subnet. SIP INFO, based on SIP-EYE is also proposed to maintain direct path with an application level IP binding, as well as enabling parallel execution of SIP application handoff and link handoff procedures. In addition to mobility support, the thesis also focuses on security implications on SIP-based real-time applications. A security analysis of SIP-based media and secure session keys generation and exchange are carried out through experiment. The experiment is based on a SIP-based UA on the Linux platform. It compares the performance of media security protocols namely, IPSec and SRTP
on real-time VoIP traffic. Based on the SDP security features, a Diffie-Hellman key exchange is also implemented and tested. The possibility of using an out-of-band GDOI authenticated key exchange (AKE) is also experimented. From test results, the use of SRTP for VoIP media protection is recommended.
|
|---|
