The public switched telephone network (PSTN) has evolved into an efficient real-time, multi-media communication session tool wherein users can pick up any one of nearly one billion telephones and dial any one of nearly one billion endpoints. Several developments have enabled this automated network, such as numbering plans, distributed electronic switching and routing, and networked signaling systems.
Similar to the manner in which the PSTN is based on a hierarchy, the Internet is based on an Internet protocol (IP). IP messages are routed or forwarded from one link to the next (i.e., from a source of a data flow to a destination of the data flow). Each IP packet contains an IP address, which, in Internet protocol version 4 (IPv4), has 32 bits. Each IP address also has a certain number of bits dedicated to a network portion and a certain number of bits dedicated to a host portion.
IP routers are used to take a data packet from one network (or link) and place it onto another network (or link). Tables are located within IP routers that contain information or criteria used to determine a best way to route the data packet. An example of this information may be the state of network links and programmed distance indications. By using intelligent devices on both sides of a network domain, it is possible to allocate a temporary address to route a packet through a network and restore the original address on the far side of the network when the packet leaves the network. This is the basis for many current virtual private network (VPN) products and is understood in the art.
To ensure that the network elements (e.g., switches in the telephone network, routers in the data network) can perform their associated tasks, it helps for them to know the status of adjacent communication links and available routes; signaling systems are used to provide this information. In telephone networks, signaling systems used are either SS7 or are equivalent to SS7. The signaling system provides information about individual links, link sets, routes, etc. In data networks, protocols such as border gateway protocol (BGP), interior gateway protocol (IGP), open shortest path first (OSPF), etc., are used to determine link states and routes.
Due to most current telecommunication endpoints receiving service through a PSTN-based system, a gateway is used to facilitate a multi-media data flow between a packet data network and a PSTN. Gateways are installed at edges between data networks and voice networks, wherein the gateways are used to convert multi-media (and signaling) to ensure communication. There are several strategies for routing calls received by gateways to other gateways described in the art. Two of these strategies are full mesh routing and hierarchical routing. Full mesh routing is the standard method described in most of the softswitching architectures. Session initiation protocol (SIP) is the inter-softswitch signaling system because it supports an anywhere-to-anywhere signaling model. In this model, softswitches have a virtual connection to other softswitches for completing calls. Routing tables are instantiated that can be used to direct traffic to a softswitch based on policy provided by the softswitch maker.
Unfortunately, when running a network that comprises many softswitches, the owner of the network has many different points of policy management that need to be maintained to create a full mesh. Such policy management issues include assuring that each softswitch knows the IP address of each other softswitch and what telephone numbers or PSTN to which they connect. When running softswitches from multiple vendors, further management issues arise. The management issues are then more complicated due to the fact that the equipment may be managed through different interfaces.
When the number of softswitches deployed grows large, the sharing of different routes is likely. In the full mesh routing arrangement, the routing of calls may be difficult since several different egress softswitches may be full or not functioning. For example, if a carrier has thirty softswitches that can handle national long distance, and the network is running at about 50% full, then each originating softswitch will likely have to try an average of fifteen (15) separate softswitches before finding one with a non-blocked route. This search effort can be greatly reduced if a purely random distribution is implemented, however, it is assumed that some routes would be preferred over others due to cost or quality, thereby exacerbating the problem.
Therefore, guiding real-time packet flows, such as, but not limited to, multi-media flows, through certain thresholds, which is required to create a high-quality border between various IP networks, is important. Without proper guidance, the packets would flow whichever way the networks would allow, thereby subjecting multi-media data packets to disruptive paths, as well as upstream and downstream failures.
If a guided multi-media data flow is traversing over public networks, it is desirable to prevent any person from eavesdropping on the communication. To address this issue, signaling channels can be encrypted using transport layer security (TLS), however, there is no known mechanism for encrypting multi-media data packets. Endpoints are assumed to comprise functionality to perform encryption. This is problematic in a network where sessions are routed to destinations such as telephone numbers. The problem is that the actual termination point is unknown until it is discovered. As an example, there may be multiple different termination points possible for a particular communication session. The actual termination point chosen may be selected for different reasons. Therefore, when forward routing a communication session, the actual terminating equipment is not known in advance.
Specific reasons for problems associated with encryption are based on currently used mechanisms. As an example, a certificate of authentication, and a certificate of authority are generally used in the most advanced forms of encryption. The volume and delays associated with using certificate servers are significant. It may also be the case that using manually distributed private keys could work, however, this is the case if the number of destinations are limited to a known set in advance which would facilitate the distribution.