Mobility March 26 Capability Package 2012 This document defines the 2nd release of earlier phases of the Enterprise Secure VoIP Mobility Architecture and focuses on the architectural components of providing a Secure VoIP capability using commercial grade products. Version 1.2 Table of Contents 1 Overview of Enterprise Mobility ................................................................................................... 8 1.1 Goals...................................................................................................................................... 8 1.2 Description ............................................................................................................................ 9 1.3 Provisioning, Operations, and Management ...................................................................... 10 1.4 Component Requirements – Thresholds and Objectives ................................................... 11 2 Overview of Smartphone Secure Voice over Internet Protocol (VoIP) on Cellular Networks .... 12 2.1 Goals.................................................................................................................................... 12 2.2 Description .......................................................................................................................... 13 2.3 Threat Environment ............................................................................................................ 14 2.4 Security Principles ............................................................................................................... 14 2.5 Mobile User and Wireless Access ....................................................................................... 14 2.6 Mobile User to Mobile User ................................................................................................ 15 3 Operating System and Applications Mobile Device Security ...................................................... 17 3.1 Overview ............................................................................................................................. 17 3.2 Operation ............................................................................................................................ 18 3.3 Approach ............................................................................................................................. 18 3.3.1 Architecture .................................................................................................................... 18 3.3.2 Security Relevant Components ....................................................................................... 22 3.3.3 Inter-relationship to Other Elements of the Secure VoIP System .................................. 33 3.4 Gap Analysis ........................................................................................................................ 33 3.4.1 System Overview ............................................................................................................. 33 3.5 Risk ...................................................................................................................................... 33 3.5.1 Threats to the System ..................................................................................................... 33 3.5.2 Risks to the System ......................................................................................................... 34 3.6 References .......................................................................................................................... 35 4 Carrier Services Connections ...................................................................................................... 36 4.1 Overview ............................................................................................................................. 36 4.2 Description .......................................................................................................................... 36 4.3 Approach ............................................................................................................................. 37 2 4.3.1 Architecture .................................................................................................................... 37 4.3.2 Security Components ...................................................................................................... 43 4.3.3 Inter-relationship to Other Elements of the Secure VoIP System .................................. 45 4.4 Gap Analysis ........................................................................................................................ 46 4.4.1 Secure Roaming .............................................................................................................. 46 4.4.2 Network Authentication ................................................................................................. 46 4.4.3 Audit System ................................................................................................................... 47 4.4.4 Secure Identity Module ................................................................................................... 47 4.4.5 Secure Over-the-Air Provisioning Server ........................................................................ 47 4.4.6 Quality of Service ............................................................................................................ 48 4.5 Risk ...................................................................................................................................... 48 4.5.1 Rogue Base-Station ......................................................................................................... 48 4.5.2 Rogue Carrier .................................................................................................................. 49 4.5.3 Rogue Manufacturer/Supply Chain Compromise ........................................................... 50 4.5.4 Geo-location .................................................................................................................... 50 4.5.5 Frequency Jamming ........................................................................................................ 51 4.5.6 Passive Collection ............................................................................................................ 51 4.6 References .......................................................................................................................... 52 5 Enterprise Mobility Infrastructure .............................................................................................. 53 5.1 Overview ............................................................................................................................. 53 5.2 Description .......................................................................................................................... 54 5.2.1 Rationale for Security Design .......................................................................................... 55 5.2.2 Security Approach in the Enterprise Mobility Infrastructure ......................................... 56 5.3 Approach ............................................................................................................................. 57 5.3.1 Architecture .................................................................................................................... 57 Intrusion Detection System (IDS)/Intrusion Prevention System (IPS) .................................... 57 Firewall (multiple) ................................................................................................................... 57 Collection of audit log records received from the mobile device ........................................... 58 5.3.2 Security Relevant Components ....................................................................................... 59 5.4 Gap Analysis ........................................................................................................................ 88 3 5.5 Risks..................................................................................................................................... 89 5.5.1 Threats and Risks to the System ..................................................................................... 89 5.5.2 Risk Mitigations to the System ........................................................................................ 89 5.6 References .......................................................................................................................... 90 6 Secure Voice over IP (SVoIP) Application .................................................................................... 92 6.1 Overview ............................................................................................................................. 92 6.2 Description .......................................................................................................................... 92 6.3 Approach ............................................................................................................................. 93 6.3.1 Architecture .................................................................................................................... 93 6.3.2 Security Relevant Components ....................................................................................... 94 6.3.3 Inter-relationship to Other Elements of the Secure VoIP System .................................