An Investigation into the Effect of Security on Performance in a VoIP Network

Voice over Internet Protocol (VoIP) is a communications technology that transmits voice over packet switched networks such as the Internet. VoIP has been widely adopted by home and business customers. When adding security to a VoIP system, the quality of service and performance of the system are at risk. This study has two main objectives, firstly it illustrates suitable methods to secure the signalling and voice traffic within a VoIP system, secondly it evaluates the performance of a VoIP system after implementing different security methods. This study is carried out on a pilot system using an asterisk based SIP (Session initiation Protocol) server (Asterisk, 2009). Since VoIP is intended for use over the Internet, VPNs (Virtual Private Networks) have been used in a tunnel configuration to provide the service. Additionally the performance of networks level IPSec (Internet Protocol Security) and application level ZRTP (Zimmerman Real Time Transport Protocol) security have been compared with no security. Registration, call setup and voice transmission packets have been captured and analysed. The results have then been extrapolated to the Internet

Secure communication using dynamic VPN provisioning in an Inter-Cloud environment

Most of the current cloud computing platforms offer Infrastructure as a Service (IaaS) model, which aims to provision basic virtualised computing resources as on-demand and dynamic services. Nevertheless, a single cloud does not have limitless resources to offer to its users, hence the notion of an Inter-Cloud enviroment where a cloud can use the infrastructure resources of other clouds. However, there is no common framework in existence that allows the srevice owners to seamlessly provision even some basic services across multiple cloud service providers, albeit not due to any inherent incompatibility or proprietary nature of the foundation technologies on which these cloud platforms are built. In this paper we present a novel solution which aims to cover a gap in a subsection of this problem domain. Our solution offer a security architecture that enables service owners to provision a dynamic and service-oriented secure virtual private network on top of multiple cloud IaaS providers. It does this by leveraging the scalability, robustness and flexibility of peer- to-peer overlay techniques to eliminate the manual configuration, key management and peer churn problems encountered in setting up the secure communication channels dynamically, between different components of a typical service that is deployed on multiple clouds. We present the implementation details of our solution as well as experimental results carried out on two commercial clouds

On the security of software-defined next-generation cellular networks

In the recent years, mobile cellular networks are ndergoing fundamental changes and many established concepts are being revisited. Future 5G network architectures will be designed to employ a wide range of new and emerging technologies such as Software Defined Networking (SDN) and Network Functions Virtualization (NFV). These create new virtual network elements each affecting the logic of the network management and operation, enabling the creation of new generation services with substantially higher data rates and lower delays. However, new security challenges and threats are also introduced. Current Long-Term Evolution (LTE) networks are not able to accommodate these new trends in a secure and reliable way. At the same time, novel 5G systems have proffered invaluable opportunities of developing novel solutions for attack prevention, management, and recovery. In this paper, first we discuss the main security threats and possible attack vectors in cellular networks. Second, driven by the emerging next-generation cellular networks, we discuss the architectural and functional requirements to enable appropriate levels of security