Using Voice Over Internet Protocol to Create True End-to-End Security

Abstract

In 2010, there were approximately 260,000 classified messages released to the general public via the website Wikileaks. The classified information was gathered by a "trusted" military member who had the right level of clearance to view the documents in question, but did not have a need-to-know. This easily illustrates the flaw in trusted enclaves and computing bases that secure the data lower than Layer 7 of the OSI Reference Model. Once a spy, hacker, or "trusted" member is inside the enclave, they have access to any and all information they wish to see. The goal of this thesis is to convey the need for security solutions that are developed at layer 7 of the OSI Reference Model. VOIP/SIP clients that use TLS and SRTP in conjunction with PKI will show that there are already solutions that exist at Layer 7. Additionally, clients that take advantage of ZRTP will provide the best examples of protecting data instead of just an infrastructure. Because only small amounts of source code will see unprotected data, thorough analysis of this code is achievable mitigating security vulnerabilities within the code.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Sep 01, 2011
Accession Number
ADA551929

Entities

People

  • Philip J. Starcovic

Organizations

  • Naval Postgraduate School

Tags

Communities of Interest

  • Air Platforms
  • Autonomy
  • Cyber
  • Human Systems

DTIC Thesaurus Topics

  • Communications Protocols
  • Computer Network Security
  • Computer Networks
  • Computer Programs
  • Computers
  • Data Transmission
  • Digital Communications
  • Graphical User Interface
  • Information Security
  • Information Systems
  • Mobile Phones
  • Network Protocols
  • Operating Systems
  • Software Testing
  • Text Messaging
  • Transport Protocols
  • Voice Over Internet Protocol

Fields of Study

  • Computer science

Readers

  • Computer Science.
  • Cybersecurity.