ABSTRACT
Besides security, the Session Initiation Protocol (SIP) also needs privacy both at user-session and media level. However, media-level privacy is termed as confidentiality, as described earlier. Session Description Protocol (SDP), which deals with media as part of the SIP signaling message body, may also include user-level information. Here, the message body may need privacy as well. First, we elaborate on the privacy mechanism that needs to be used for the target SIP header and SDP parameters. In this context, nontarget SIP headers and SDP parameters are also described. Second, a variety of privacy types including user- and network-provided privacy in SIP are defined. Accordingly, the construction rules for private messages by SIP user agents (UAs) and the behavior of privacy service are explained. Third, the asserted and connected identity that can be used for privacy in SIP are discussed. Finally, anonymity services along with UA-driven SIP messages related to critical and noncritical privacy-sensitive information are described.
