Secure telephony service appliance
First Claim
Patent Images
1. A computer system having a processor and a memory, the computer system operable to execute a method for implementing a secure appliance for IP telephony, the method comprising:
- providing an operating system with a restricted access in the appliance wherein the operating system is embedded in an erasable programmable read-only memory in the processor of the appliance;
implementing a set of services in the appliance in the erasable programmable read-only memory in an embedded platform, wherein the set of services is applications that perform the functions of the appliance, wherein a set of security mitigation features in the appliance is applied to the set of services, and wherein the set of security mitigation features include security policies that are applied to the set of services in the appliance;
performing a modification in the appliance to at least one of the operating system and the set of services through one or more secure interfaces wherein performing the modification comprises implementing an encryption technique during a software change between a source of the software change and the appliance and performing the software change in the appliance; and
providing the set of services from the appliance to a set of registered devices wherein the set of registered devices is a registry of devices created by an administrator and the registry identifies devices that can interact together in a secure environment,wherein the appliance only communicates with the set of registered devices and wherein the appliance does not include a hard drive, an external storage, a CDROM device, nor a floppy disk device.
6 Assignments
0 Petitions
Accused Products
Abstract
Secure telephony service appliances are created from computing devices. The computing devices have restricted access to their hardware and software. The computing devices perform VOP functions to other devices such as phones, modems, and adapters. Security vulnerabilities are reduced by implementing the computing devices as secure appliances for IP telephony.
37 Citations
24 Claims
-
1. A computer system having a processor and a memory, the computer system operable to execute a method for implementing a secure appliance for IP telephony, the method comprising:
-
providing an operating system with a restricted access in the appliance wherein the operating system is embedded in an erasable programmable read-only memory in the processor of the appliance; implementing a set of services in the appliance in the erasable programmable read-only memory in an embedded platform, wherein the set of services is applications that perform the functions of the appliance, wherein a set of security mitigation features in the appliance is applied to the set of services, and wherein the set of security mitigation features include security policies that are applied to the set of services in the appliance; performing a modification in the appliance to at least one of the operating system and the set of services through one or more secure interfaces wherein performing the modification comprises implementing an encryption technique during a software change between a source of the software change and the appliance and performing the software change in the appliance; and providing the set of services from the appliance to a set of registered devices wherein the set of registered devices is a registry of devices created by an administrator and the registry identifies devices that can interact together in a secure environment, wherein the appliance only communicates with the set of registered devices and wherein the appliance does not include a hard drive, an external storage, a CDROM device, nor a floppy disk device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. One or more non-transitory computer-readable media having computer-readable instructions embodied thereon, wherein all steps are performed by at least one computing device, for causing a computing device to perform a method for implementing a secure appliance for IF telephony, comprising:
-
providing an operating system with a restricted access in the appliance wherein the operating system is embedded in an erasable programmable read-only memory in a processor in the appliance; implementing a set of services in the appliance in the erasable programmable read-only memory in an embedded platform, wherein the set of services is applications that perform the functions of the appliance, wherein a set of security mitigation features in the appliance is applied to the set of services, and wherein the set of security mitigation features include security policies that are applied to the set of services in the appliance; performing a modification in the appliance to at least one of the operating system and the set of services through one or more secure interfaces wherein performing the modification comprises implementing an encryption technique during a software change between a source of the software change and the appliance and performing the software change in the appliance; and providing the set of services from the appliance to a set of registered devices wherein the set of registered devices is a registry of devices created by an administrator and the registry identifies devices that can interact together in a secure environment, wherein the appliance only communicates with the set of registered devices and wherein the appliance does not include a hard drive, an external storage, a CDROM device, nor a floppy disk device. - View Dependent Claims (15, 16, 17, 18, 19)
-
-
20. A system for implementing a secure appliance for IP telephony, comprising:
-
an appliance operating in a packet network associated with IP telephony; and the appliance operable; to provide an operating system with a restricted access wherein the operating system is embedded in an erasable programmable read-only memory in a processor, to implement a set of services in the erasable programmable read-only memory in an embedded platform in the appliance, wherein the set of services is applications that perform the functions of the appliance, wherein a set of security mitigation features in the appliance is applied to the set of services, and wherein the set of security mitigation features include security policies that are applied to the set of services in the appliance, to receive a modification to at least one of the operating system and the set of services through one or more secure interfaces wherein the modification is a software change in the appliance and includes an encryption technique during the software change between a source of the software change and the appliance, and to provide the set of services from the appliance to a set of registered devices wherein the set of registered devices is a registry of devices created by an administrator and the registry identifies devices that can interact together in a secure environment, wherein the appliance does not include a hard drive, an external storage, a CDROM device, nor a floppy disk device. - View Dependent Claims (21)
-
-
22. A system for implementing a secure network for IP telephony services, comprising:
-
one or more computing devices operating in a packet network associated with a VOP call; the one or more computing devices operable to at least one of communicate with each other and communicate with a set of registered devices wherein the set of registered devices is a registry of devices created by an administrator and the registry identifies devices that can interact together in a secure environment; and the one or more computing devices operable to provide an operating system with a restricted access wherein the operating system is embedded in an erasable programmable read-only memory in a processor, to implement a set of services in the erasable programmable read-only memory in an embedded platform in the appliance, wherein the set of services is applications that perform the functions of the appliance, wherein a set of security mitigation features in the appliance is applied to the set of services, and wherein the set of security mitigation features include security policies that are applied to the set of services in the appliance, to receive a modification to at least one of the operating system and the set of services through one or more secure interfaces wherein the modification is a software change in the appliance and includes an encryption technique during the software change between a source of the software change and the appliance, and to provide the set of services to the set of registered devices, wherein the one or more computing devices do not include a hard drive, an external storage, a CDROM device, nor a floppy disk device. - View Dependent Claims (23, 24)
-
Specification