FAQ: Telco, More on Security
Q Isn’t it more secure to use a private IP transport network than an extended Internet, as suggested in the Internet+ model?
You can also use such an alternative within the Internet+ model. The TOQrouter can still present the services to the LAN for the users. But notice that a global network is the same as a public network regardless of what it’s called. Security is created on other levels – not by wiring anymore!
Here, for example, everyone is using the public Internet for all banking – fully secured.
Q Can’t traffic be intercepted and listened to over the public Internet?
Not easily, it is about the same as over all public (global) networks. Internet+ signaling between telco’s SIP proxies in the TOQrouters is encrypted through the use of TLS. The media can be encrypted by the endpoints using SRTP or SRTP can be added by an enterprise TOQrouter.
Q Can the requirements of legal intercept be fulfilled?
Yes, the trusted TOQrouter is a SIP proxy and sees the signaling and the key for the media encryption. The TOQrouter can then do legal intercept by mirroring the media.
Q Can the requirements of emergency calling also be fulfilled?
Yes, a proper SIP network makes fulfilling the new requirements listed in RFC 6443 straight forward to fulfill!
Q Isn’t it better to have a separate quality network?
No! Having Internet+ as an extension to the Internet gives important benefits:
1) We need to interoperate with the world of Internet connected devices! In the Internet+ model, we get the same SIP interface everywhere – allowing all SIP applications! Having Internet gatewayed into a new network, would give limited functionality and an application dependant network again. (We must assure that SIP goes between the endpoints without interference, so it becomes as successful as HTTP has been for the Web.)
2) We already have the best bandwidth and robustness for the Internet. Here we simply introduce a better way to share that bandwidth. Enabling diffserv will simply prioritize a portion of the available bandwidth for real-time applications, giving that portion better value.
Q If communication is over the Internet, how do we stop someone from stealing telco service?
The telco deploys, controls and manages the TOQrouter at the physical delivery point of the subscriber. It is the demarcation point.
The TOQrouter, its integrity and function are verified and authenticated using a telco signed certificate (using a common root CA for all telcos) and using mutual TLS signaling between the TOQrouters for the SIP communication.
This replaces the old way of rolling out a specific wire (physical or e.g. “MPLS”) for a specific service and gives a better trust in the delivery.
A PKI structure verifies the certificate and allows revocation for stolen or misbehaving TOQrouters.
The TOQrouter authenticates users and includes such information in the SIP communication (RFC 3325). One policy may be that all users on a private LAN are considered authenticated by just being on the LAN, while remote users are SIP digest authenticated.
The TOQrouter measures the usage, just like an electricity meter. It does not in itself stop usage, but informs who is using. (The management system may turn off access in case of any problem.)
On top of this, the user or a PBX may have its own password to a specific telco or 3rd party service, for SIP authentication for that service - just as usual.
In a mobile network, this trust stretches to the TOQrouter (in place of today’s firewall) “behind the antenna mast” that creates the private IP domain to the user. Thereafter, the ordinary SIM card in the handset assures that an allowed user is accessing.