Technically, voice over PSTN, ISDN or GSM is tightly coupled to the underlying transport network. Delivering Voice over IP (VoIP) changes this, because the principle underlying the Internet Protocols is the decoupling of network layers. This principle is an important reason for the tremendous success of the Internet: it replaces monolithic network stacks by loosely coupled layers, and the services are sitting on top. The actual implementation of the individual layers is not even visible, so a service can use any network that provides a compliant interface to services. This results in a dramatic increase of flexibility, in particular since it also decouples services from the innovation cycles of the underlying transport networks.

Voice has always been the main service and killer application of telecommunication operators. VoIP puts now this service on a completely different technology basis. Technically, the standardised way to carry voice over IP consists of the Session Initiation Protocol (SIP) for signalling, and the Real-time Transport Protocol (RTP) for the actual media transfer. There exist significant implications to security of VoIP technology, since at the end of the day, a network operator needs a certain degree of security to justify billing and to prevent fraud. Furthermore, security is a quality of the service offered which protects customers.

The risk involved with VoIP technology is significantly higher than with “traditional” voice networks for the following reasons:

1. VoIP offers service and device mobility: Costumers can use VoIP services independently of their access network and the device (client). Mobility, however, makes securing a system much harder: the experience of mobile phones suggests that the only suitable solution is a smart card (SIM), thus a security “footprint” of the service provider in the user’s terminal. As of today, VoIP systems do not offer anything like this.
2. VoIP moves the intelligence from the network into the end points (terminals). This complicates securing such a system a lot, because a distributed system is much harder to secure than a centralised one. Furthermore, complex, IP-based terminals, as they are needed for VoIP, are an easy target for attacks. Certainly some sort of credentials must be stored in these devices, and experience with viruses and worms in the Internet shows that securing such devices is an uphill battle.
3. Lastly, the Internet is a “shared medium”, this means, signalling and payload are accessible to all parties that can access the network. Telco veterans might still remember the reasons for protecting signalling information against end users and third parties. VoIP goes “back to the roots”, anyone can send signalling messages unless some sort of protection against it is deployed.

There are of course also other issues of VoIP that need to be considered, for example the problem of localisation for emergency calls, the provision of lawful interception interfaces, or the survivability of the service in case of power failure etc.

Note that the US National Institute for Standards and Technology (NIST) has recently published a document with security considerations for VoIP Systems. However its scope is limited to providing agencies guidance for establishing secure VoIP networks. Even if this guide could be used by companies and organisation it is not suitable to address the concerns from a network operator point of view.

What are the main objectives of this Project?

The objective of this study are:

• To analyse the fundamental security mechanisms of VoIP technologies
• Propose, if appropriate, a security architecture for VoIP services
• Identify the additional security mechanisms that even if already defined (or under definition) shall be mandatory in VoIP deployments
• Evaluate the potential “implementation cost” of these additional security mechanisms
• Analyse the potential technological impact of possible regulatory requirements
• Evaluate the potential “implementation cost” to satisfy such regulatory requirements
• If appropriate propose recommendations that support policy setting in this area
• Identify technical areas that need international standardisation