Internet protocol telephony security architecture
First Claim
1. A secure IP telephony system, the system comprising:
- a signaling controller within an IP telephony network and in communication with at least one Cable Telephony Adapter (CTA), and configured to perform call set up and tear down and to generate a symmetric sub-key in response to a request from the at least one CTA, the request including a signaling controller ticket;
wherein the signaling controller ticket comprises a signaling controller session key, an identity of the at least one CTA, and an identity of the signaling controller;
the signaling controller further configured to distribute the symmetric sub-key to the at least one CTA in response to the signaling controller ticket; and
a Key Distribution Center (KDC) within the IP telephony network and coupled to the signaling controller, and configured to generate and distribute the signaling controller ticket and said signaling controller session key to the at least one CTA using public key encryption,wherein said at least one CTA generates an additional symmetric key specific for a given call based on the symmetric sub-key provided by the signaling controller.
3 Assignments
0 Petitions
Accused Products
Abstract
A secure Internet Protocol (IP) telephony system, apparatus, and methods are disclosed. Communications over an IP telephony system can be secured by securing communications to and from a Cable Telephony Adapter (CTA). The system can include one or more CTAs, network servers, servers configured as signaling controllers, key distribution centers (KDC), and can include gateways that couple the IP telephony system to a Public Switched Telephone Network (PSTN). Each CTA can be configured as secure hardware and can be configured with multiple encryption keys that are used to communicate signaling or bearer channel communications. The KDC can be configured to periodically distribute symmetric encryption keys to secure communications between devices that have been provisioned to operate in the system and signaling controllers. The secure devices, such as the CTA, can communicate with other secure devices by establishing signaling and bearer channels that are encrypted with session specific symmetric keys derived from a symmetric key distributed by a signaling controller.
16 Citations
15 Claims
-
1. A secure IP telephony system, the system comprising:
-
a signaling controller within an IP telephony network and in communication with at least one Cable Telephony Adapter (CTA), and configured to perform call set up and tear down and to generate a symmetric sub-key in response to a request from the at least one CTA, the request including a signaling controller ticket; wherein the signaling controller ticket comprises a signaling controller session key, an identity of the at least one CTA, and an identity of the signaling controller; the signaling controller further configured to distribute the symmetric sub-key to the at least one CTA in response to the signaling controller ticket; and a Key Distribution Center (KDC) within the IP telephony network and coupled to the signaling controller, and configured to generate and distribute the signaling controller ticket and said signaling controller session key to the at least one CTA using public key encryption, wherein said at least one CTA generates an additional symmetric key specific for a given call based on the symmetric sub-key provided by the signaling controller. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
Specification