16 research outputs found
ACUTA eNews July 2013 Vol. 42, No. 7
In this Issue...
1 Let\u27s Talk about Data Security
2 ACUTA Reaches Out to Local Schools
2 Regulatory Webinar on Section 255
2 Welcome, Owen West
3 20 Universities Form SIP Steering Committee i
3ACUTA Discount for SIP Certification
4 Info Links
4 Annual Dues Reminder Mailed July 1
5 loyn/RCSvs. webRTC: Solving Directory Services
6 Do You ROCKZi?
6 Mark Your Calendar for Fall Seminar
7 Board Report
8 Welcome New Members
8 Check It Ou
A Model for Emergency Service of VoIP Through Certification and Labeling
Voice over Internet Protocol (VoIP) will transform many aspects of
traditional telephony service including technology, the business models
and the regulatory constructs that govern such service. This
transformation is generating a host of technical, business, social and
policy problems. The Federal Communications Commission (FCC) could
attempt to mandate obligations or specific solutions to the policy
issues around VoIP, but is instead looking first to industry initiatives
focused on key functionality that users have come to expect of
telecommunications services. High among these desired functionalities is
access to emergency services that allow a user to summon fire, medical
or law enforcement agencies. Such services were traditionally required
(and subsequently implemented) through state and federal regulations.
Reproducing emergency services in the VoIP space has proven to be a
considerable task, if for no other reason then the wide and diverse
variety of VoIP implementations and implementers. Regardless of this
difficulty, emergency service capability is a critical social concern,
making it is particularly important for the industry to propose viable
solutions for promoting VoIP emergency services before regulators are
compelled to mandate a solution, an outcome that often suffers
compromises both through demands on expertise that may be better
represented in industry and through the mechanisms of political
influence and regulatory capture. While technical and business
communities have, in fact, made considerable progress in this area,
significant uncertainty and deployment problems still exist. The
question we ask is: can an industry based certification and labeling
process credibly address social and policy expectations regarding
emergency services and VoIP, thus avoiding the need for government
regulation at this critical time?1 We hypothesize that it can. To
establish this, we developed just such a model for VoIP emergency
service compliance through industry certification and device labeling.
The intent of this model is to support a wide range of emergency service
implementations while providing the user some validation that the
service will operate as anticipated. To do this we first examine
possible technical implementations for emergency services for VoIP.
Next, we summarize the theory of certification as self-regulation and
examine several relevant examples. Finally, we synthesize a specific
model for certification of VoIP emergency services. We believe that the
model we describe provides both short term and long-term opportunities.
In the short term, an industry driven effort to solve the important
current problem of emergency services in VoIP, if properly structured
and overseen as we suggest, should be both effective and efficient. In
the long term, such a process can serve as a model for the application
of self-regulation to social policy goals in telecommunications, an
attractive tool to have as telecommunications becomes increasingly
diverse and heterogeneous
Major: Electronics and Communication Engineering
Today, information technology is strategically important to the goals and aspirations of the business enterprises, government and high-level education institutions â university.
Universities are facing new challenges with the emerging global economy characterized by the importance of providing faster communication services and improving the productivity and effectiveness of individuals. New challenges such as provides an information network that supports the demands and diversification of university issues. A new network architecture, which is a set of design principles for build a network, is one of the pillar bases. It is the cornerstone that enables the universityâs faculty, researchers, students, administrators, and staff to discover, learn, reach out, and serve society.
This thesis focuses on the network architecture definitions and fundamental components. Three most important characteristics of high-quality architecture are that: itâs open network architecture; itâs service-oriented characteristics and is an IP network based on packets. There are four important components in the architecture, which are: Services and Network Management, Network Control, Core Switching and Edge Access.
The theoretical contribution of this study is a reference model Architecture of University Campus Network that can be followed or adapted to build a robust yet flexible network that respond next generation requirements. The results found are relevant to provide an important complete reference guide to the process of building campus network which nowadays play a very important role. Respectively, the research gives university networks a structured modular model that is reliable, robust and can easily grow
On the development of Voice over IP
This record of study documents the experience acquired during my internship at Sonus
Networks, Inc. for the Doctor of Engineering Program.
In this record of study, I have surveyed and analyzed the current standardization
status of Voice over Internet Protocol (VoIP) security and proposed an Internet draft on
secure retargeting and response identity. The draft provides a simple and comprehensive
solution to the response identity, call recipient identity and intermediate server
retargeting problems in the Session Initiation Protocol (SIP) call setup process.
To support product line development and enable product evolution in the quickly
growing VoIP market, I have proposed a generic development framework for SIP
application servers. The common and open architecture of the framework supports
multiple products development and facilitates integration of new service modules. The
systematical reuse of proven software design and implementation enables companies to
reduce the development cost and shorten the time-to-market.
As the development and diffusion of VoIP can never be isolated from the social
sphere, I have investigated the current status, influence and interaction of three most important factors: standardization, market forces and government regulation on the
development and diffusion of VoIP. The worldwide deregulation and market
privatization have caused the transition of the standards development model. This
transition in turn influences the market diffusion. Other than standardization, market
forces including customer needs, the revenue pressure on carriers and vendors,
competitive and economic environment, social culture and regulation uncertainties
create both threats and opportunities. I have examined market drivers and obstacles in
the current VoIP adoption stage, analyzed current VoIP market players and their
strategies, and predicted the direction of VoIP business. The regulation creates the macro
environment in which VoIP develops and diffuses. I have explored modern
telecommunications regulation principles based on which government makes decisions
on most current issues, including 911 support, mergers and acquisitions, interconnection
obligation and leasing rights, rate structure and universal service fees
A Model for Emergency Service of VoIP through Certification and Labeling
Voice over Internet Protocol (VoIP) will transform many aspects of traditional telephony service, including the technology, the business models, and the regulatory constructs that govern such service. Perhaps not unexpectedly, this transformation is generating a host of technical, business, social, and policy problems. In attempting to respond to these problems, the Federal Communications Commission (FCC) could mandate obligations or specific solutions to VoIP policy issues; however, it is instead looking first to industry initiatives focused on the key functionality that users have come to expect of telecommunications services. High among this list of desired functionality is user access to emergency services for purposes of summoning fire, medical, and law enforcement agencies. Such services were traditionally required to be implemented (and subsequently were implemented) through state and federal regulations.
An emergency service capability is a critical social concern, making it particularly important for the industry to propose viable solutions for promoting VoIP emergency services before regulators are compelled to mandate a solution. Reproducing emergency services in the VoIP space has proven to be a considerable task, mainly due to the wide and diverse variety of VoIP implementations and implementers. While technical and business communities have, in fact, made considerable progress in this area, significant uncertainty and deployment problems still exist.
The question we ask is this: Can an industry-based certification and labeling process credibly address social and policy expectations regarding emergency services and VoIP, thus avoiding the need for government regulation at this critical time? We hypothesize that the answer is âyes.â In answering this question, we developed a model for VoIP emergency service compliance through industry certification and device labeling. This model is intended to support a wide range of emergency service implementations while providing users with sufficient verification that the service will operate as anticipated. To this end, we first examine possible technical implementations for VoIP emergency services. Next, we summarize the theory of certification as self-regulation and examine several relevant examples. Finally, we synthesize a specific model for certification of VoIP emergency services. We believe that the model we describe provides both short-term and long-term opportunities. In the short term, an industry-driven effort to solve the current problem of VoIP emergency services, if properly structured and overseen as we suggest, should be both effective and efficient. In the long term, such a process can serve as a self-regulatory model that can be applied to social policy goals in the telecommunications industry, making it an important tool to have as the industry becomes increasingly diverse and heterogeneous
Vulnerabilities of signaling system number 7 (SS7) to cyber attacks and how to mitigate against these vulnerabilities.
As the mobile network subscriber base exponentially increases due to some attractive offerings
such as anytime anywhere accessibility, seamless roaming, inexpensive handsets with sophisticated
applications, and Internet connectivity, the mobile telecommunications network has now become
the primary source of communication for not only business and pleasure, but also for the many life
and mission critical services. This mass popularisation of telecommunications services has resulted
in a heavily loaded Signaling System number 7 (SS7) signaling network which is used in Second
and Third Generations (2G and 3G) mobile networks and is needed for call control and services
such as caller identity, roaming, and for sending short message servirces. SS7 signaling has enjoyed
remarkable popularity for providing acceptable voice quality with negligible connection delays, pos-
sibly due to its circuit-switched heritage. However, the traditional SS7 networks are expensive to
lease and to expand, hence to cater for the growing signaling demand and to provide the seamless
interconnectivity between the SS7 and IP networks a new suite of protocols known as Signaling
Transport (SIGTRAN) has been designed to carry SS7 signaling messages over IP.
Due to the intersignaling between the circuit-switched and the packet-switched networks, the mo-
bile networks have now left the âwalled gardenâ, which is a privileged, closed and isolated ecosystem
under the full control of mobile carriers, using proprietary protocols and has minimal security risks
due to restricted user access. Potentially, intersignaling can be exploited from the IP side to disrupt
the services provided on the circuit-switched side.
This study demonstrates the vulnerabilities of SS7 messages to cyber-attacks while being trans-
ported over IP networks and proposes some solutions based on securing both the IP transport and
SCTP layers of the SIGTRAN protocol stack
Infrastructure electronic numbering implementation in Australia
VoIP is becoming the dominant approach for telephony and this growth will continue with the upcoming introduction of 4G mobile wireless and fibre to the home networks. With the growing demand for VoIP and increased VoIP traffic, it is important to implement a system that provides interoperability between the existing telephony numbering system and the IP network device addresses. Infrastructure ENUM is one approach that may be used. This paper examines the Infrastructure ENUM implementation in Australia
Creation of value with open source software in the telecommunications field
Tese de doutoramento. Engenharia Electrotécnica e de Computadores. Faculdade de Engenharia. Universidade do Porto. 200
Security Enhancements in Voice Over Ip Networks
Voice delivery over IP networks including VoIP (Voice over IP) and VoLTE (Voice over LTE) are emerging as the alternatives to the conventional public telephony networks. With the growing number of subscribers and the global integration of 4/5G by operations, VoIP/VoLTE as the only option for voice delivery becomes an attractive target to be abused and exploited by malicious attackers. This dissertation aims to address some of the security challenges in VoIP/VoLTE. When we examine the past events to identify trends and changes in attacking strategies, we find that spam calls, caller-ID spoofing, and DoS attacks are the most imminent threats to VoIP deployments. Compared to email spam, voice spam will be much more obnoxious and time consuming nuisance for human subscribers to filter out. Since the threat of voice spam could become as serious as email spam, we first focus on spam detection and propose a content-based approach to protect telephone subscribers\u27 voice mailboxes from voice spam. Caller-ID has long been used to enable the callee parties know who is calling, verify his identity for authentication and his physical location for emergency services. VoIP and other packet switched networks such as all-IP Long Term Evolution (LTE) network provide flexibility that helps subscribers to use arbitrary caller-ID. Moreover, interconnecting between IP telephony and other Circuit-Switched (CS) legacy telephone networks has also weakened the security of caller-ID systems. We observe that the determination of true identity of a calling device helps us in preventing many VoIP attacks, such as caller-ID spoofing, spamming and call flooding attacks. This motivates us to take a very different approach to the VoIP problems and attempt to answer a fundamental question: is it possible to know the type of a device a subscriber uses to originate a call? By exploiting the impreciseness of the codec sampling rate in the caller\u27s RTP streams, we propose a fuzzy rule-based system to remotely identify calling devices. Finally, we propose a caller-ID based public key infrastructure for VoIP and VoLTE that provides signature generation at the calling party side as well as signature verification at the callee party side. The proposed signature can be used as caller-ID trust to prevent caller-ID spoofing and unsolicited calls. Our approach is based on the identity-based cryptography, and it also leverages the Domain Name System (DNS) and proxy servers in the VoIP architecture, as well as the Home Subscriber Server (HSS) and Call Session Control Function (CSCF) in the IP Multimedia Subsystem (IMS) architecture. Using OPNET, we then develop a comprehensive simulation testbed for the evaluation of our proposed infrastructure. Our simulation results show that the average call setup delays induced by our infrastructure are hardly noticeable by telephony subscribers and the extra signaling overhead is negligible. Therefore, our proposed infrastructure can be adopted to widely verify caller-ID in telephony networks