The term “audiovisual communication” is used to mean any multimedia communication using known network architectures and network equipments, such as those based on ITU-T Recommendation H.323 “Packet based multimedia communications systems” and the recommendations derived therefrom, in particular Recommendation H.225 “Call signaling protocols and media stream packetization for packet-based multimedia communications systems” and Recommendation H.235 “Security and encryption for H-series (H.323 and other H.245-based) multimedia terminals”.
Recommendation H.323 specifies endpoints such as terminals, gateways, multipoint control units (MCU) and, more generally, any entity capable of generating or receiving calls by processing the associated information streams. Recommendation H.323 further specifies call control elements (gatekeepers) with which endpoints are registered in order to be able to communicate.
Recommendation H.225 defines signaling protocols on which H.323 networks and equipments are based. Messages and protocols defined in recommendation H.225 perform the functions of registering and unregistering endpoints with control elements (gatekeepers), admitting and setting up calls, clearing down calls, locating terminals and requesting information about network elements.
With regard to the security of H.323 systems, Recommendation H.225 focuses on the exchange of signaling between two entities of the H.323 network, but not on the security linked to those messages. Conversely, Recommendation H.235, which focuses on the security of H.323 systems, defines authentication, data integrity, confidentiality, and non-repudiation mechanisms, but does not concern itself with the semantic content of H.225 messages.
Recent events have demonstrated security gaps between those two approaches, and research and laboratory experiments have led to an approach that focuses on the content of H.225 signaling messages and have identified certain sensitive information fields, adopting an approach that can be independent of or complementary to the use of H.235 functions in the elements of the H.323 network. Analysis of these fields and the chaining of signaling messages in the light of the expected behavior of network equipments has uncovered vulnerabilities to which the invention aims to provide a remedy.