14th Annual Computer Security Applications Conference
December 7-11, 1998
Phoenix, Arizona


Security Services in an Open Service Environment

Reiner Sailer
Institute of Communication Networks and Computer Engineering
University of Stuttgart,
Pfaffenwaldring 47, D-70569 Stuttgart, Germany

Emerging telecommunication services use, store, or transmit sensitive personal data to form individual network services. We suggest an add-on approach to realize secure telecommunication services which saves the huge invest- ments into existing network infrastructure of the ISDN. This is done by adding trusted runtime environments that contain security functions to existing service infrastructure. This approach aims at separating sensitive service functions from highly complex functions of public telecommunication networks. We propose an enhancement of existing network service interfaces by standardized security service interfaces to enable the provision of open security services. Separated security control functions of independent service providers, however, might not be trusted by network operators. Therefore, this contribution particularly considers gateway functions implementing access control and ancillary conditions concerning network integrity.