RFC 3788 (rfc3788) - Page 2 of 13

Security Considerations for Signaling Transport (SIGTRAN) Protocols

Alternative Format: Original Text Document
< Previous
Next >
RFC 3788                    SIGTRAN Security                   June 2004


Table of Contents

   1.  Introduction . . . . . . . . . . . . . . . . . . . . . . . . .  2
       1.1.  Overview . . . . . . . . . . . . . . . . . . . . . . . .  2
       1.2.  Abbreviations  . . . . . . . . . . . . . . . . . . . . .  3
   2.  Convention . . . . . . . . . . . . . . . . . . . . . . . . . .  3
   3.  Security in Telephony Networks . . . . . . . . . . . . . . . .  4
   4.  Threats and Goals  . . . . . . . . . . . . . . . . . . . . . .  4
   5.  IPsec Usage  . . . . . . . . . . . . . . . . . . . . . . . . .  6
   6.  TLS Usage  . . . . . . . . . . . . . . . . . . . . . . . . . .  7
   7.  Support of IPsec and TLS . . . . . . . . . . . . . . . . . . .  8
   8.  Peer-to-Peer Considerations  . . . . . . . . . . . . . . . . .  9
   9.  Security Considerations  . . . . . . . . . . . . . . . . . . . 10
   10. IANA Considerations  . . . . . . . . . . . . . . . . . . . . . 10
   11. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 10
   12. References . . . . . . . . . . . . . . . . . . . . . . . . . . 11
       12.1. Normative References . . . . . . . . . . . . . . . . . . 11
       12.2. Informative References . . . . . . . . . . . . . . . . . 11
   13. Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . 12
   14. Full Copyright Statement . . . . . . . . . . . . . . . . . . . 13

1.  Introduction

1.1.  Overview

   The SIGTRAN protocols are designed to carry signaling messages for
   telephony services.  These protocols will be used between

   o  customer premise and service provider equipment in case of ISDN
      Q.921 User Adaptation Layer (IUA) [9].

   o  service provider equipment only.  This is the case for SS7 MTP2
      User Adaptation Layer (M2UA) [12], SS7 MTP2 Peer-to-Peer User
      Adaptation Layer (M2PA) [15], SS7 MTP3 User Adaptation Layer
      (M3UA) [13] and SS7 SCCP User Adaptation Layer (SUA) [16].  The
      carriers may be different and may use other transport network
      providers.

   The security requirements for these situations may be different.

   SIGTRAN protocols involve the security needs of several parties, the
   end-users of the services, the service providers and the applications
   involved.  Additional security requirements may come from local
   regulation.  While having some overlapping security needs, any
   security solution should fulfill all of the different parties' needs.

   The SIGTRAN protocols assume that messages are secured by using
   either IPsec or TLS.



Loughney, et al.            Standards Track
< Previous
Next >