|
|
|
|
Table of
contents |
Voice over IP The end of the world as we knew it
Should the captain of a cruise ship care about the engine’s technology? Certainly, if it matters. VoIP puts the one and only killer application of telcos, voice, on a completely different technology basis. Here is why this matters. Voice has always been the core service and the cash cow of operators. Technically, voice over ISDN or GSM is tightly coupled to the underlying transport network. Delivering Voice over IP (VoIP) changes this, because the principle underlying the Internet Protocols is the decoupling of network layers. This principle is an important reason for the tremendous success of the Internet: it replaces monolithic network stacks by loosely coupled layers, and the services are sitting on top. The actual implementation of the individual layers is not even visible, so a service can use any network that provides a compliant interface to services. This results in a dramatic increase of flexibility, in particular since it also decouples services from the innovation cycles of the underlying transport networks. VoIP implements voice as “just another service” running on TCP/IP. This is probably the biggest challenge “traditional” telecom operators are being confronted with. It seems the Internet revolution in telecommunications is just about to start. March 2007. You are about to move into a new apartment; do you have to tell your VoIP provider? No, VoIP provides network mobility, so he won’t even realize. The DSL connection at the new place is not working? Weird … but the place is cheap, so maybe you should be happy that electricity and water is not cut off. Your new neighbour won’t let you use his WLAN until you sorted out the best connectivity option? Strange people here…OK, UMTS is a fall-back, and if you use it sparsely, it will be affordable for a few days. Too bad you cannot use your usual VoIP provider with UMTS, because voice quality is too poor and you are being charged a fortune even for incoming calls. From a technology point of view, this future scenario is reality. It is left to the imagination of the reader at which point in time it also describes the typical market situation, and what this would meant, e.g. for customer relationship. Some technical implications of Voice over IP The standardised way to carry voice over IP consists of the Session Initiation Protocol (SIP) for signalling and RTP for the actual media transfer. Technically, both are certainly not an efficient way for transmitting voice, but this does not matter here. More important are, for instance, the implications to security of VoIP technology, which we will briefly discuss below. At the end of the day, a network operator needs a certain degree of security to justify billing and to prevent fraud. Furthermore, security is a quality of the service offered which protects customers. The risk involved with VoIP technology is significantly higher than with “traditional” voice networks for the following reasons: 1. VoIP offers network and device mobility: Costumers can use VoIP services independently of their access network and the device (client). Mobility, however, makes securing a system much harder: the experience of mobile phones suggests that the only suitable solution is a smart card (SIM), thus a security “footprint” of the service provider in the user’s terminal. As of today, VoIP systems do not offer anything like this. 2. VoIP moves the intelligence from the network into the end points (terminals). This complicates securing such a system a lot, because a distributed system is much harder to secure than a centralised one. Furthermore, complex, IP-based terminals, as they are needed for VoIP, are an easy target for attacks. Certainly some sort of credentials must be stored in these devices, and experience with viruses and worms in the Internet shows that securing such devices is an uphill battle. 3. Lastly, the Internet is a “shared medium”, this means, signalling and payload are accessible to all parties that can access the network. Telco veterans might still remember the reasons for protecting signalling information against end users and third parties. VoIP goes “back to the roots”, anyone can send signalling messages unless some sort of protection against it is deployed. The three security-related issues above just sketch the problem. These issues are elaborated in detail in our paper on VoIP security, presented at the recent Eurescom Summit. There are, of course, also other technicalities of VoIP that would be worth being considered, for example the problem of localization for emergency calls, or the provision of lawful interception interfaces. All this is beyond the scope of this short article. We chose to focus on security, since this has an obvious relation to billing, and therefore to revenue. Maybe this motivates the captain to consult his chief engineer. Please send us your comments on this article. |
||
