Using voice over internet protocol to create true end-to-end security
Starcovic, Philip J.
MetadataShow full item record
In 2010, there were approximately 260,000 classified messages released to the general public via the website Wikileaks. The classified information was gathered by a "trusted" military member who had the right level of clearance to view the documents in question, but did not have a need-to-know. This easily illustrates the flaw in trusted enclaves and computing bases that secure the data lower than Layer 7 of the OSI Reference Model. Once a spy, hacker, or "trusted" member is inside the enclave, they have access to any and all information they wish to see. The goal of this thesis is to convey the need for security solutions that are developed at layer 7 of the OSI Reference Model. VOIP/SIP clients that use TLS and SRTP in conjunction with PKI will show that there are already solutions that exist at Layer 7. Additionally, clients that take advantage of ZRTP will provide the best examples of protecting data instead of just an infrastructure. Because only small amounts of source code will see unprotected data, thorough analysis of this code is achievable mitigating security vulnerabilities within the code.
Approved for public release; distribution is unlimited.
Showing items related by title, author, creator and subject.
Levin, Timothy E.; Dinolt, George W. (Monterey, California. Naval Postgraduate School, 2002-05); NPS-CS-02-003Through neglect, the national capability to design and construct trusted computers and networks has begun to atrophy. Not only has the information infrastructure been built weakly, but also our capability to strengthen it ...
Bartram, Scott A. (Monterey, California. Naval Postgraduate School, 2000-06);The existence of Trojan horses, viruses, and other malicious software has motivated the computer security industry to invent mechanisms that protect against malicious software. One such mechanism is called the Trusted Path. ...
BryerJoyner, Susan.; Heller, Scott D. (Monterey, California. Naval Postgraduate School, 1999-03);To reduce the cost and complexity of the current DoD information infrastructure, a Multilevel Secure (MLS) network solution eliminating hardware redundancies is required. Implementing a high assurance MLS LAN requires the ...