About us     
   Mission     
   Structure   
   Contact Celtic   
   Celtic Core Group   
   Location   
   General Funding Information   
   National Contact Points   
   Call 6 Information         
   Call 6 calendar   
   Call support (docs and forms)   
   Online submission   
   Project Key Information   
   Project Support   
   Project Tools   
   Find Project or Partner to join   
   Celtic Handbook   
   Frequently Asked Questions   
   Press & Media   
   Celtic News       
   Purple Book   
   Celtic Brochure   
   Project Leaflets   
   Celtic Events       
   Celtic Domain log-in   
   Apply for log-in             
   Search the EURESCOM Public Web       
     
 

TAST

Trust And Security for Telephony over IP

Coordinator: Eric Carpentier, e-mail: eric.carpentier (at) eads.com

Involved countries: France, Spain, Sweden

 

Abstract

Since the last decade, the telephony has known a major evolution with the emergence of the telephony over internet. This major evolution in the domain of telecommunication has had an important impact and has become an important stake for the enterprises. Indeed, the ability to realise the convergence of communications services like data, voice or video on an unique network can provide and offer several advantages to these enterprises:
  • Reduction of the global costs of infrastructure and its maintenance (only one network for the voice and data, inter-site link over IP and no more over PSTN, …);
  • Equipments that have become open and interoperable between the providers;
  • Creation of new services;
  • A better mobility in an intra-enterprise domain;
  • Furthermore, the emergence of the telephony over IP has had an impact on the architecture design of network.

Indeed, existing security equipments like firewalls have been enhanced in order to support new signalling and media protocols in particular with the dynamic negotiations of ports. And some new kind of equipment has been deployed like Session Border Controllers (SBC). The main challenges of the project are manifold. First of all, the project will define an end-to-end secure architecture for the Telephony over IP by reinforcing authentication and taking into account any nodes such as proxies, SBC. In order to validate and prove the security of this kind of architecture and ToIP architecture in general, the other main objective will be to define and to implement security audit and survey tools.
The secure architecture that will be defined within the project will be transparent and compatible with existing architecture and system:

  • From the users viewpoints, there will be no usage constraint nor at the authentication level (management of global security policies) neither at the use level (no manipulation of the equipments for the users);
  • From the system management viewpoint, the proposed solution will lay aside the subjacent infrastructures meaning that providers will be able to deploy or not transparently this architecture which will be interoperable with existing standards and equipments (phone sets and commutation equipments). This architecture will be analysed and validated from the security point of view (referencing of vulnerabilities on which the system is focusing, realisation of vulnerabilities tests, ...) especially thanks the audit tools that will have been defined and implemented within the project.