Trends and Developments in Telecommunication Security

SS7 is a signaling system for the public switched telephone network (PSTN) [1,2,3]. SS7 network transports call setup, teardown messages, database queries, trunk status, instructions for remote phone switches and so on, in fact it acts as a glue for the circuit switched networks. Before the deregulation act it was envisioned as a closed community network. After the deregulation, landscape has changed; the emerging environment includes convergence of telephone, IP and wireless networks. The convergence results in increasing number of interfaces between SS7 and other networks, and each brings with it many vulnerabilities. Every point at the interface is a potential point of attack. 1. SS7 Network Security With the increasing number of telecommunication service providers with different levels of experiences, skills and ethics, it is becoming more important to protect signaling network. We have the access of new and more powerful equipments which have the capability of generating custom messages and put into numerous available entry points at interfaces between SS7 and IP or mobile networks. As per Telcordia specification (GR-82-CORE) [8] some screening capability is employed at the Signaling Transfer Points (STPs) because STPs provide a view to the internal network and provide a venue to gather valuable information. This capability is referred as a Gateway Screening capability. Major STP vendors have incorporated Gateway Screening capability in their products. This screening capability screens MTP [2] message headers and if the message type is Network Management Message then it checks content of the message. Gateway Screening checks the origination point code (OPC) [i.e. sender’s address] and destination point code (DPC) [receiver’s address] of the message to determine whether this is allowed into the network. Since Gateway Screening does not check the content of the other higher protocols of SS7 (such as ISUP, TCAP) [1,2,3], responsibility falls upon the Service Switching Points (SSPs) and this may cause problem at the switch affecting all the services [1]. As the number of interfaces increases, the attack points and types of attacks are also increasing. We are facing with the problems in message format or structure, message content, spoofing and sniffing problems. Depending upon the threats persisting in today’s SS7 network it can be classified into three different broad categories: a) Threats related to loss of integrity of signaling data and resources Integrity of data means that the data have not been altered or destroyed in an unauthorized manner in the process of communication. The protection of the SS7 includes the protection of routing data and other relevant information that can be altered using particular signaling messages. To this class of threats belong: • routing reconfiguration • traffic diversion • isolation of a user part • Isolation of a specific node in the network. b) Threats related to masquerading and unauthorized access Before having access to a network, or a specific machine in this network, an entity must identify itself and the network protection then authenticates this entity. These identification and authentication procedures may be performed at various stages of the communication process. The common case in the signaling network is the sending of messages that are not authorized to go through the network they are entering or are not authorized to use a particular signaling service. To this class of threats belong: • congestion • modification of the status of a remote subsystem • Sending of signaling traffic to non available signaling point. c) Threats related to eavesdropping and disclosure of sensitive information Confidentiality of data means that the data have not been disclosed, in the process of communication or while being stored without the permission of its owner. To this class of threats belongs: • Prohibition and inability of a user to access a particular service. The risks of all these intentional or accidental threats including corruption, disclosure, loss or removal of resources are the misuse of data or resources. Ongoing Research Projects Voice Privacy 1.) The main objective is to propose a security architecture that provides end-to-end voice privacy at the application layer with minimum modification of existing public telephone network infrastructures. Voice privacy is achieved by encrypting voice signals between two end telephones using symmetric keys and a one-time encryption key. This one-time encryption key is used to prevent replay attacks. The security architecture also proposes imposing an access control mechanism for telephone subscribers and telephones that are to be used for secure communications. Proposed authentication technique uses public key cryptography and provides authentication center the assurance that the telephone at the other end of the connection is what it claims to be. 2.) Two-way group voice communications, otherwise known as teleconferencing are common in commercial and defense networks [4,5,6]. One of the main features of military teleconferences is the need to provide means to enforce the Multilevel Security (MLS) model. In this paper we provide architecture and protocols facilitating MLS conferences over Public Switched Telephone Network (PSTN), protecting the confidentiality needs of the conversation. We develop protocols to establish secure telephone conferencing at a specific security level, add and drop conference participants, change the security level of an ongoing conference, and tear down a conference. These protocols enforce MLS requirements and prevent eavesdropping. . Our solution is based on encryption methods used for user and telephone authentication and message encryption, and trusted authentication centers and certificate authorities. The control structure of the secure teleconferencing architecture AC0 Sl AC1