For many years voice telephone service was implemented over a circuit switched network commonly known as the public switched telephone network (PSTN) and controlled by a local telephone service provider. In such systems, the analog electrical signals representing the conversation are transmitted between the two telephone handsets on a dedicated twisted-pair-copper-wire circuit. More specifically, each telephone handset is coupled to a local switching station on a dedicated pair of copper wires known as a subscriber loop. When a telephone call is placed, the circuit is completed by dynamically coupling each subscriber loop to a dedicated pair of copper wires between the two switching stations.
In a separate field of technology, the Internet Protocols have facilitated widespread deployment of IP compliant packet switched networks for transferring of data between devices. When a device is coupled to an IP compliant network, it is assigned an IP address. Typically, a device obtains its IP address and other required IP networking information using a broad cast based protocol for locating a DHCP server capable of providing such information.
Recent advances in the speed of Internet data transmissions and Internet bandwidth have made it possible for telephone conversations to be communicated using the Internet's packet switched architecture. A Voice-Over-Internet Protocol (VoIP) is an IP compliant device capable of establishing and maintaining real time protocol (RTP) sessions for full duplex audio communication with a VoIP peer.
Although traditional PSTN telephone numbers are not required for peer-to-peer VoIP, a VoIP endpoint which is incapable of performing both inbound and outbound calls to PSTN telephone numbers is of little value.
Internet telephony service providers have added value to peer-to-peer VoIP technology by providing infrastructure that enables a VoIP endpoint to emulate a traditional PSTN telephone line—with the subscriber loop being replaced by session signaling and RTP media sessions between the VoIP endpoint and the service provider's systems.
Such systems enable the VoIP endpoint to be assigned a PSTN routable telephone number, place calls to telephone numbers that terminate on the PSTN, place calls to telephone numbers that terminate at another VoIP endpoint, and receive calls placed to the assigned telephone number—whether placed from a PSTN endpoint or another VoIP endpoint.
The service provider's system comprise a combination of soft switches, call agents, proxy servers, trunking gateways, signaling gateways, accounting servers, and various other servers useful for the set up, maintenance, and tracking of telephone usage for each customer's VoIP endpoint.
Therefore, when an Internet telephony device is coupled to an IP network, not only does the Internet telephony device need to obtain an IP address and the required networking configuration provided by a DHCP server, but the device also needs to obtain its configuration for operation with the Internet telephony service provider's systems—and when appropriate, obtain updates to such configuration.
In existing provisioning systems, the VoIP endpoint contacts an appropriate DHCP server to obtain DHCP extensions which identify the service provider's servers. However, DHCP provisioning is insecure. Further, any files provided by servers that operate insecure protocols (such as TFTP) are also insecure.
This insecure provisioning can lead to one of several results including in-operation of the Internet telephony device or unintended operation of the Internet telephony device with another communication service provider's system.
Existing secure provisioning systems, such as the provisioning system proposed by Cable Television Laboratories in its specification entitled “PacketCable MTA Device Provisioning Specification” numbered PKT-SP-PROV-I10-040730, propose using DHCP options such that a DHCP server can provide: i) a fully qualified domain name for the Internet telephony service provider's SNMP server and TFTP server; and ii) an IP address for the Internet telephony service provider's SYSLOG server.
PKINIT, an extension of Kerberos, is used to establish a secure connection between the VoIP endpoint and the provisioning servers. However, such a system is very complicated to deploy and maintain because, before communicating with the provisioning servers, the VoIP endpoint must authenticate its self to the Keberos infrastructure and obtain the appropriate tickets from a Kerberos key distribution server.
What is needed is a system for secure provisioning of an Internet telephony device that does not suffer the disadvantages of the above described systems. More specifically, what is needed is a system which assures both: i) that the Internet telephony device contacts the correct servers for obtaining its Internet telephony configuration; and ii) that its Internet telephony configuration is provided in a secure manner to prevent unintended (or fraudulently intended) operation with the wrong service provider's systems.