The meeting url is not an http based uri therefore an

Info icon This preview shows pages 38–40. Sign up to view the full content.

View Full Document Right Arrow Icon
The meeting URL is not an HTTP-based URI. Therefore, an end user cannot join a conference by copying the URI and pasting it into a browser. 2. The external user initiates the join procedure by clicking the meeting URI in the email. This starts the Live Meeting console, which sends a SIP INVITE containing the user’s credentials. A federated or remote user joins a conferencing using their enterprise credentials. For a federated user, the SIP INVITE is first sent to his or her home server, which authenticates the user and forwards the INVITE to the enterprise hosting the conference. An anonymous user is required to pass digest authentication. For details about digest authentication, see User and Client Authentication for Lync Server 2010 . 3. A Director or Front End Server authenticates the remote or anonymous user and notifies the client. (As mentioned in step 2, federated users joining a conference are authenticated by their enterprise.) 4. The client sends an INFO request to add user to the web conference. 5. The Web conferences sends an add User response that contains the token to present to the Web Conferencing Edge service among other information. 34
Image of page 38

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Microsoft Lync Server 2010 Security Guide Notice that all the preceding SIP traffic flowed through the Access Edge service. 6. The client connects to the Web Conference Server, which validates the token and proxies the request, which contains another authorization token, to the internal Web Conferencing Server. The Web Conferencing Server validates the Authorization Token, which it originally issued over the SIP channel, to further ensure that a valid user is joining the conference. 7. The Web Conferencing Server sends the external user the slide URL for the meeting, along with a key for decrypting the slide. The URL to the slide content is generated randomly and is not visible to the user. It is not included in the initial email and is not discoverable on the client. Directory browsing is forbidden on the Web Components Server as well. The key to the slides is separate from the conference key and is unique for this conference resource and this particular meeting. The user receives this key only after being authenticated on the SIP channel. 8. The external user downloads the slides and decrypts them using the unique slide key. The slides and other conference resources are encrypted using 128-bit AES. With AES encryption, the only way to decrypt the content is by brute force, and the number of possible keys is so large that it is computationally infeasible to stage a successful brute-force attack in the short amount of time that would be available. Note that the meeting content and the key are only stored in process and are not physically stored on the end user’s hard disk drive.
Image of page 39
Image of page 40
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern