SIP Privacy Extensions
This section explains how you can configure privacy services to be applied only when the source is trusted and the destination is considered untrusted. (Prior to this release, the Oracle Communications Session Border Controller always applied the privacy services, unless the source and the destination were both trusted.)
The Oracle Communications Session Border Controller considers all user endpoints and nodes outside the core as untrusted.
The Oracle Communications Session Border Controller acts as the boundary device between the trusted platform and the untrusted Internet, to implement privacy requirements. When it receives a message, the Oracle Communications Session Border Controller checks whether the source is trusted. It evaluates the level of privacy requested in a Privacy header, if present.
Depending on whether the source is trusted or untrusted, the Oracle Communications Session Border Controller can do different things when passing the message to the outgoing side. It also checks whether the destination is trusted.
Privacy Types Supported
The Oracle Communications Session Border Controller supports the following Privacy types:
- user: user-level privacy function provided. Any non-essential informational headers are removed, including the Subject, Call-Info, Organization, User-Agent, Reply-To, and In-Reply-To. Possibly the original value of the From header is changed to anonymous.
- header: headers that cannot be set arbitrarily by the user (Contact/Via) are modified. No unnecessary headers that might reveal personal information about the originator of the request are added. (The values modified must be recoverable when further messages in the dialog need to be routed to the originator.)
- id: third-party asserted identity kept private with respect to SIP entities outside the trust domain with which the user authenticated.
The following SIP headers can directly or indirectly reveal identity information about the originator of a message: From, Contact, Reply-To, Via, Call-Info, User-Agent, Organization, Server, Subject, Call-ID, In-Reply-To and Warning.
user
The Oracle Communications Session Border Controller supports the Privacy type user. It can remove non-essential information headers that reveal user information by:
- Setting the SIP From header and display information to anonymous
- Removing the Privacy header
- Removing Proxy-Require option tag = privacy (if present)
- Removing the following headers:
Subject
Call-Info
Organization
User-Agent
Reply-To
In-Reply-To
header
The Oracle Communications Session Border Controller also supports the Privacy type header. It modifies SIP headers that might reveal the user identity by:
- Stripping the Via header
- Replacing the Contact header
- Stripping Record-Route
- Removing the Privacy header
- Removing Proxy-Require option tag = privacy (if present)
In general, the B2BUA behavior of the Oracle Communications Session Border Controller by default provides header privacy for all sessions.
id
The Oracle Communications Session Border Controller also supports the Privacy type id. It keeps the Network Asserted Identity private from SIP entities outside the trusted domain by:
- Stripping only P-Asserted-Identity
- Removing the Privacy header and Proxy-Require option-tag = privacy
- Setting the From header to anonymous (for the backward compatibility)
Examples
The following examples show the actions the Oracle Communications Session Border Controller performs depending on the source and target of the calls.
Calls from Untrusted Source to Trusted Target
When calls are from an untrusted source to a trusted target and PPI is included in the INVITE sent to IP border elements, the Oracle Communications Session Border Controller maps the PPI information to PAI in the outgoing INVITE to the trusted side (even if the Privacy header is set to id or to none). The Privacy and From headers get passed on unchanged.
IP border elements must pass PAI (if received in the ingress INVITE) and the From and Privacy headers to the egress side just as they were received on the ingress side.
The Oracle Communications Session Border Controller maps the PPI to PAI by default, if the outgoing side is trusted. To change this behavior, you need to configure the disable-ppi-to-pai option.
Calls from Trusted to Untrusted
When calls are from a trusted source to an untrusted target, and the Privacy header is set to id, the Oracle Communications Session Border Controller strips PAI, makes the From header anonymous, and strips the Privacy header.
If the Privacy header is set to none, the Oracle Communications Session Border Controller does not change the From header and passes on the Privacy header, if there is one.
Calls from Trusted to Trusted
When calls are going from trusted source to trusted target acting as a peer network border element and PPI is included, the Oracle Communications Session Border Controller maps PPI to PAI. The Privacy header remains the same as signaled and the Oracle Communications Session Border Controller passes the From header and the PAI without changes.
Configuring SIP Privacy Extensions
Prior to this release the session agent’s trust mode provided this functionality. Now you configure SIP interface’s trust-mode as none, which means nothing is trusted for this SIP interface.
You also configure the disable-ppi-to-pai parameter disable the changing of the P-Preferred header to the P-Asserted-Identity header, if the outgoing side is trusted.