INTERNET PROTOCOL TELEPHONY SECURITY ARCHITECTURE
3 Assignments
0 Petitions
Accused Products
Abstract
A secure Internet Protocol (IP) telephony system, apparatus, and methods are disclosed. Communications over an IP telephony system can be secured by securing communications to and from a Cable Telephony Adapter (CTA). The system can include one or more CTAs, network servers, servers configured as signaling controllers, key distribution centers (KDC), and can include gateways that couple the IP telephony system to a Public Switched Telephone Network (PSTN). Each CTA can be configured as secure hardware and can be configured with multiple encryption keys that are used to communicate signaling or bearer channel communications. The KDC can be configured to periodically distribute symmetric encryption keys to secure communications between devices that have been provisioned to operate in the system and signaling controllers. The secure devices, such as the CTA, can communicate with other secure devices by establishing signaling and bearer channels that are encrypted with session specific symmetric keys derived from a symmetric key distributed by a signaling controller.
-
Citations
47 Claims
-
1-14. -14. (canceled)
-
15. A secure IP telephony system, the system comprising:
-
a Cable Telephony Adapter (CTA) coupled to an IP telephony network and comprising a public/private key pair and a public key certificate signed by a certificate authority; a Key Distribution Center (KDC) coupled to the IP telephony network and configured to generate a ticket and session key to the CTA in response to a request from the CTA and distribute the session key to the CTA using public key encryption; and a signaling controller coupled to the IP telephony network and configured to receive the ticket in a set up request from the CTA and generate and distribute a symmetric sub-key to the CTA in response to the set up request. - View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32)
-
-
33. A secure IP telephony system, the system comprising:
-
a cable modem coupled to a computer-based network for transferring data to and from the cable modem and the computer based network;
one or more conventional telephones;a Cable Telephony Adapter (CTA) coupled between the cable modem and the one or more conventional telephones, and configured to execute a cryptographic process for securing the a communications protocol and transferred data; and one or more processors configured to execute the communications protocol to facilitate transfer of data between the CTA and the computer-based network.
-
-
34. A method of securing communications in an IP telephony system, the method comprising:
-
receiving a session key; establishing a secure signaling session with a signaling controller, in part, using the session key; receiving an end to end sub-key from the signaling controller; and establishing secure communications with a destination device using at least one symmetric key derived from the end to end sub-key. - View Dependent Claims (35, 36, 37, 38, 39, 40, 41, 42)
-
-
43. A method of securing communications in an IP telephony system, the method comprising:
-
receiving a ticket from a Cable Telephony Adapter (CTA); transmitting to the CTA a signaling sub-key encrypted with a session key from the ticket; establishing secure signaling with the CTA based in part on the signaling sub-key; receiving from the CTA a request for a call set up with a destination device; generating a call specific sub-key; transmitting the call specific sub-key to the destination device; and transmitting the call specific sub-key to the CTA. - View Dependent Claims (44, 45, 46, 47)
-
Specification