Title :
A hardware-assisted proof-of-concept for secure VoIP clients on untrusted operating systems
Author :
Ender, Maik ; Duppmann, Gerd ; Wild, Alexander ; Poppelmann, Thomas ; Guneysu, Tim
Author_Institution :
Horst Gortz Inst. for IT Security, Ruhr Univ. Bochum, Bochum, Germany
Abstract :
In this work we propose a secure architecture for Voice-over-IP (VoIP) that encapsulates all security and privacy critical components and I/O functions into secure hardware and thus drastically reduces the underlying trusted computing base. Our proof-of-concept implementation shows that high security and reliance on established standards and software (e.g., device drivers, transmission control, and protocols) to keep development costs down are no contradiction. Security is ensured as all security and privacy critical operations of the VoIP system are performed in protected hardware and as a consequence a successful attack on any software component (e.g., buffer overflow) does not lead to a violation of security. All I/O devices like microphones, speakers, displays, and dial buttons are directly connected to the secure hardware and cannot be controlled by an adversary even if the software part has been compromised.
Keywords :
Internet telephony; computer network security; operating systems (computers); VoIP clients; hardware-assisted proof-of-concept; operating systems; privacy critical component; privacy critical operation; security component; security critical operation; voice-over-Internet protocol; Encryption; Hardware; Operating systems; Protocols;
Conference_Titel :
ReConFigurable Computing and FPGAs (ReConFig), 2014 International Conference on
Conference_Location :
Cancun
Print_ISBN :
978-1-4799-5943-3
DOI :
10.1109/ReConFig.2014.7032489
