Accession Number:

ADA551929

Title:

Using Voice Over Internet Protocol to Create True End-to-End Security

Descriptive Note:

Master's thesis

Corporate Author:

NAVAL POSTGRADUATE SCHOOL MONTEREY CA

Personal Author(s):

Report Date:

2011-09-01

Pagination or Media Count:

91.0

Abstract:

In 2010, there were approximately 260,000 classified messages released to the general public via the website Wikileaks. The classified information was gathered by a trusted military member who had the right level of clearance to view the documents in question, but did not have a need-to-know. This easily illustrates the flaw in trusted enclaves and computing bases that secure the data lower than Layer 7 of the OSI Reference Model. Once a spy, hacker, or trusted member is inside the enclave, they have access to any and all information they wish to see. The goal of this thesis is to convey the need for security solutions that are developed at layer 7 of the OSI Reference Model. VOIPSIP clients that use TLS and SRTP in conjunction with PKI will show that there are already solutions that exist at Layer 7. Additionally, clients that take advantage of ZRTP will provide the best examples of protecting data instead of just an infrastructure. Because only small amounts of source code will see unprotected data, thorough analysis of this code is achievable mitigating security vulnerabilities within the code.

Subject Categories:

  • Computer Systems Management and Standards
  • Voice Communications

Distribution Statement:

APPROVED FOR PUBLIC RELEASE