Policy and Trust in Open Multi-Operator Networks

In the future telecommunications network, more and more services are based on open protocols and architectures. In such an environment, there is a clear need for controlling the access of users and other operators to the network services. If the network is based on internetworked facilities, traditional address based access control may not be sufficient due to the possibility of address spoofing attacks. Thus, the usage of strong cryptography is often the only possibility for providing authenticity and integrity. However, in such a setting both key management and trust management become challenging problems. In this paper we present an architecture, called TeSSA, for managing service level access control and other security aspects in open telecom networks, and our experiences with an early prototype version of the architecture. The architecture is based on digitally signed certificates and explicitly presented permissions. The architecture itself is policy free, thereby allowing any reasonable security policy to be applied. Furthermore, the architecture fully supports both centralized and decentralized administrative models, thereby being especially suitable for internets where the networks of several operators are interconnected. In addition to security policies, the architecture can be extended to represent any types of policies. Using the TeSSA facilities, the operators do not need fully trust each other, but can explicitly vary the level and structure of trust.