Using voice over internet protocol to create true end-to-end security

Thumbnail Image
Files
11Sep_Starcovic.pdf (1.14 MB)
Authors
Starcovic, Philip J.
Subjects
Advisors
Buddenberg, Rex
McGregor,Don
Date of Issue
2011-09
Date
Publisher
Monterey, CA; Naval Postgraduate School
Language
Abstract
In 2010, there were approximately 260,000 classified messages released to the general public via the website Wikileaks. The classified information was gathered by a "trusted" military member who had the right level of clearance to view the documents in question, but did not have a need-to-know. This easily illustrates the flaw in trusted enclaves and computing bases that secure the data lower than Layer 7 of the OSI Reference Model. Once a spy, hacker, or "trusted" member is inside the enclave, they have access to any and all information they wish to see. The goal of this thesis is to convey the need for security solutions that are developed at layer 7 of the OSI Reference Model. VOIP/SIP clients that use TLS and SRTP in conjunction with PKI will show that there are already solutions that exist at Layer 7. Additionally, clients that take advantage of ZRTP will provide the best examples of protecting data instead of just an infrastructure. Because only small amounts of source code will see unprotected data, thorough analysis of this code is achievable mitigating security vulnerabilities within the code.
Type
Thesis
Description
URI
https://hdl.handle.net/10945/5540
Series/Report No
Department
Organization
Identifiers
NPS Report Number
Sponsors
Funder
Format
xx, 69 p. : col. ill. ;
Citation
Distribution Statement
Approved for public release; distribution is unlimited.
Rights
This publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. Copyright protection is not available for this work in the United States.
Collections
Theses