Download
1 / 10
100 likes | 246 Vues
The current landscape of audio and video conferencing systems is plagued by a variety of incompatible protocols and significant security flaws, such as lack of authentication and secure data transfer. Our goal is to identify a suitable solution that maintains usability while introducing essential security features. By utilizing packet reflector technology and enhancing existing tools like VIC and RAT, we propose adding a security module for each client without modifying the original systems. Key improvements include robust authentication, key distribution, and user authorization via X.509 digital certificates.
E N D
Secure Audio and Video Conferencing system Jaroslav Dočkal, Tomáš Bouček, Petr Dušek, Tomáš Koníř SPI 2003
Current status • Many audio/video conferencing systems • Many incompatibile protocols (some are proprietary) • Not secured: • No authentication • No authorization • No secured data over transfer
Our Goal • Find suitable solution based on multicast or similar • Improve existing solution (add the security parts) • Security funcions MUST NOT affect the usability • Our solution must be able to run on the most commonly used platforms.
Software we used as basement • Audio and video conferencing tools, based on packet reflector technology • Programs, named VIC (video conferencing tool) and RAT (robust audio tool) Packet Reflector Client C Client A Client B
Security model • Add one security module to each client • Not modify existing client • Rewrite the packet reflector Packet Reflector Module C Module A Module B Client A Client A Client A
Server improvements • Use authentication • Key generation and distribution • User authorization
What to do now? • Login / password –> X.509 digital certificates • Attribute certificates • User – friendly interface
Thank you for patience • Questions ?
