PSTN security concerns linger

Continuing our discussion on PSTN security, today we’d like to take a look at some excerpts from a June 2001 report from the President’s National Security Telecommunications Advisory Committee. We usually don’t get too excited about bringing our readers news that is three years old; however, we find it interesting that since the report’s publication there has been no further progress reported to the NSTAC on solving the issues cited.   Giving credit where credit is due, the report notes that “the U.S. telecommunications industry has designed the PSTN to preclude single points of failure above the local switching level through both logical and physical diversity.” Technologies like “Synchronous Optical Network (SONET) rings and dynamically controlled routing, coupled with the diversity of carriers, result in a high level of public telephone network reliability and robustness. These resilient features mitigate the potential for any single point network failure resulting in a widespread outage of PSTN service.”

Continuing our discussion on PSTN security, today we’d like to take a look at some excerpts from a June 2001 report from the President’s National Security Telecommunications Advisory Committee. We usually don’t get too excited about bringing our readers news that is three years old; however, we find it interesting that since the report’s publication there has been no further progress reported to the NSTAC on solving the issues cited. 

Giving credit where credit is due, the report notes that “the U.S. telecommunications industry has designed the PSTN to preclude single points of failure above the local switching level through both logical and physical diversity.” Technologies like “Synchronous Optical Network (SONET) rings and dynamically controlled routing, coupled with the diversity of carriers, result in a high level of public telephone network reliability and robustness. These resilient features mitigate the potential for any single point network failure resulting in a widespread outage of PSTN service.”

However, the committee did have significant concerns about how to secure the PSTN once we introduce IP gateways as part of the PSTN signaling infrastructure.

The report continues:

“The unreliability of existing gateway screening capabilities, the lack of security guidelines for interconnection, and the lack of control and authentication mechanisms for network management traffic, are all matters requiring further attention. Malicious activity directed at signaling gateways could precipitate network disruptions and impact overall network availability and reliability. Moreover, the Internet Protocol does not accord higher priority to ‘in-band’ signaling messages. As a result, network congestion might not be circumvented in converged networks by using conventional… mechanisms. Also, the scope of analysis should be broadened to include convergence of wireless data networks with the PSTN.”

Stay tuned – we’ll report back on ways to solve these issues as we uncover them.