There was an interesting description on SMA (Secure Mobile Architecture) by another Richard from Boeing :). SMA is expected to address security issues in VoIP and identity for those enterprise networks with some sample implementation inside Boeing
There have to be some fundamental changes in the way the Internet operates. One way is through a framework and architecture called the Secure Mobile Architecture (SMA). This architecture is published by The Open Group and is available at the following URL:
The architecture addresses many of the issues you have been talking about. Until we actually address the issues of basing security on the MAC and IP addresses, all of your approaches will not address the basic problem.
I have an example of the issues hiding our heads in the sand can lead to. I have been a member of IEEE 802.11 since about 1995. Boeing got involved in 802.11 because of the potential solutions 802.11 provided for both Internet access onboard airplanes and for the mobile enterprise communications. So I got involved early in the security provided for the Wireless LANs. The initial group of 802.11 standards developers felt, as I did, that the WEP was sufficient (good enough) to get the standard rolling. It wasn't! The work around was VPNs for any wireless connections, but it definitely slowed and inhibited the growth of WLANs. It took six years to provide a WEP replacement that was cryptographically secure.
If IEEE 802.11i is any example, the VOIP growth and viability is inexorably tied to how secure our telephone calls are. I have always been incredulous that we never cared very much how vulnerable our telephone conversations are. The wire makes us seem less vulnerable, but in fact, backbone communications links are sometimes over major microwave links. Many of the Fortune 500 contractually stipulate that none of their business communications are sent over microwave links. In addition to the microwave links, we have wholly trusted our telephony companies to protect us and they have done quite a good job in that most of the connections are in central offices that have not been broken into. This is all changing now and this mailing list is at the forefront of the discussion. What do we do about voice security now that our telephone conversations are riding over the Internet and have all the Internet vulnerabilities of viruses, MAC address spoofing, IP address spoofing, replay, spamming, etc?
In the big picture, end-to-end secure sessions with cryptographically based mechanisms to identify people and machines are the only way to assure secure VOIP communications. In our work with the Secure Mobile Architecture (SMA), we have been exposed to all the regulatory requirements for privacy and legality. These requirements include Sorbannes-Oxley, HIPPA, and many others. They are quite extensive and demanding, especially of privacy and protection from exposure on the Internet. Without addressing the requirement of an end-to-end cryptographically secure infrastructure, we are not addressing the problem and those of us responsible for unleashing VOIP on the world have a responsibility to address this problem in a big picture way.
The core of the problem comes from the relationship of security and identity. When I first heard and participated in discussions on identity management, I was very skeptical that this was a required discipline at all. In fact, I still think that identity management is not the right term for what we need to address in Internet VOIP and WLAN infrastructure contexts. We do not need to manage the identities. In reality, the people, organizations, and enterprises need to be assured that their identities are protected when they use the Internet. So, the identity of a person or machine must be protected in a business context or in an individual context. By the way, this identity of a machine is an imperative one to address. We are still not doing a good job of identifying a computer or intelligent machine's identity. In fact, as VOIP gets more integrated into the business processes and telephony becomes more versatile and VOIP applications are used for event notification, the validity of such processes is dependent on getting the cryptographically validated sources of the VOIP information you get.
The architecture The Open Group developed called the Secure Mobile Architecture (SMA) deals with these issues through the use of four elements (Boeing deployment); 1. Public Key Infrastructure (PKI) access, 2. use of the Host Identity Protocol (HIP), 3. a Network Directory Service (NDS), and 4. use of a Location Enabled Network Service (LENS). I will treat each of these and their relationship to VOIP and VOIP security in the following four paragraphs. Read the rest of this entry »