Effective identities for trusted interactions in converged telecommunication systems.

摘要

Telecommunication systems have evolved significantly since their inception and the recent convergence of telephony infrastructure allows users to communicate through a variety of ways including landlines, mobile phones and Voice over IP (VoIP) phones. While cellular and public switched telephone (PSTN) networks use Caller ID to identify users, VoIP networks employ user ids, similar to email, to identify users. However, in all these networks this identity is locally asserted and is therefore easily manipulated. It is easiest to assert any identity within IP networks and this has resulted in VoIP spam (e.g., the recent Skype Computer Repair spam calls). As IP networks converge with other PSTN and cellular networks, it has also become easy to assert any Caller ID across these networks. The larger issue of Caller-ID spoofing has increasingly contributed to credit card fraud and identity theft. To address this, we introduce the notion of effective identity which is a combination of mechanisms to (1) establish identity of the caller that is harder to manipulate, and (2) provide additional information about the caller when necessary.;In this dissertation, we first look at the specific issue of determining the legitimacy (additional information) of a user id within IP networks to address the VoIP spam problem. We propose CallRank, a novel mechanism built around call duration and social network linkages to differentiate between a legitimate user and a spammer. We realize that any system that determines the legitimacy of users based on their social network linkages leaks private information. To address this, we create a to- ken/credential framework that allows a user to prove the existence of a social network path between him/her and the user he/she is trying to initiate contact with, without actually revealing the path. We combine the privacy properties of two techniques in cryptography: Delegatable Anonymous Credentials (DAC) and E-Cash to create this framework. We then look at the broader issue of determining identity across the entire telecommunication landscape to address the issue of Caller ID spoofing. Towards this, we develop PinDr0p, a technique to determine the provenance of a call - the source and the path taken by a call. In particular, we show that the codec transformations applied by multiple intermediary networks, in combination with packet loss and noise characteristics, allow us to develop profiles for various call sources based solely on features extracted from the received audio. In the absence of any verifiable metadata, these profiles offer a means of developing specific fingerprints that help uniquely identify a call source. We show that the audio can also provide valuable additional information. We use anomalies in timbre created by different undersea telecommunication cables to develop London Calling, a mechanism to identify geography of a caller. Together, the contributions made in this dissertation create effective identities that can help address the new threats in a converged telecommunication infrastructure.