[VOIPSEC] Identity Management and VoIP and More

Mahesh Jethanandani mahesh at cisco.com
Wed Jun 28 20:58:06 CDT 2006 

One way that I see the equipment and the person coming together is 
through a biometric device. The person authenticates oneself to the 
device under use - whether it is the physical phone or a PC running a 
softphone. Once the identity has been established between the person and 
the device under use, the same is used to transfer it in the call that 
is made.

This way whether the person is using a managed PC or a kiosk the 
identity is carried with them and cannot be stolen.

ZhaoL wrote:

>I do agree to your points. Human identity and authentication is at a higher
>level than equipment/OS identity and authentication. But they both serve us
>well for different purpose. Current PSTN phones use physical equipment
>(line) authentication, while our today's IM/VoIP systems use
>password/personalality recognition. At IMS time, both equipment and  person
>authentication  would be used at the same time for different services.
>
>On 4/19/06, Leslie Asamoa-Krodua <leslie at asamoa.fi> wrote:
>  
>
>>Hello All,
>>
>>I recently completed a major study on VoIP security initiated to
>>understand the impact of this means within this enterprise. The
>>bottom line is that VoIP although ACL'd still lacks the necessary
>>control and tracking because its so easy to impersonate in the
>>virtual world.
>>
>>I then started wondering what eminent, real world, solutions may save
>>this great technology like it saved our society. I then started
>>dwelling on passports and driving licenses. In all forms of the
>>Internet, and maybe this is because of its simplicity or the
>>intention of simplifying this technology (Internet) that such
>>mechanisms of control have been avoided.
>>
>>RATHER, the Internet is rigged with passwords and user names; and
>>then I thought, well if that is the case; and IF simplicity is what I
>>am really gunning for, would I love to log into my car before I go to
>>work?
>>
>>Would I like to provide my user name and password before I purchase
>>an item from a store?
>>
>>Its obvious isn't it? Well then why does this requirement fall on us
>>within the Internet? Because I would rather, and I imagine it to be
>>so, shortly, not have to log into a PC to use an application. I would
>>expect that the PC was like a Kiosk and I could access whatever
>>application IN a PERSONALISED way.
>>
>>This drew my to thinking how the talk of MIKEY for VoIP sounds like a
>>solution I would propose. But this problem is not limited to VoIP
>>only, its everywhere and security issues are hard to resolve because
>>we do not know who started it! And so we cannot ask the WHY and HOW.
>>
>>Well I want to be able to. And so going from Smart cards to
>>Certificates embedded into 'wallets' or credit cards or house keys, I
>>would like to find a way to deal with this. And enable a kiosking
>>mode where personalisation and identity are managed in a different
>>way. and in parallel bring that implementation to the handset or soft
>>client.
>>
>>If VoIP could do anything for 911, it should be able to tell the
>>emergency services who you are and not just where you are.
>>
>>Leslie Asamoa-Krodua
>>Asamoa Oy
>>http://dev.asamoa.fi
>>
>>
>>
>>_______________________________________________
>>Voipsec mailing list
>>Voipsec at voipsa.org
>>http://voipsa.org/mailman/listinfo/voipsec_voipsa.org
>>
>>    
>>
>
>
>
>--
>ZHAO, Liang (Richard)
>Mobile: 86-13911532790
>Office: 8610-58216804
>Email: hi2005 at gmail.com
>Blog: http://hi2005.wordpress.com
>_______________________________________________
>Voipsec mailing list
>Voipsec at voipsa.org
>http://voipsa.org/mailman/listinfo/voipsec_voipsa.org
>  
>

More information about the Voipsec mailing list