Emerging telecommunication services use, store, or transmit sensitive personal data to form individual network services. We suggest an add-on approach to realize secure telecommunication services which saves the huge invest- ments into existing network infrastructure of the ISDN. This is done by adding trusted runtime environments that contain security functions to existing service infrastructure. This approach aims at separating sensitive service functions from highly complex functions of public telecommunication networks. We propose an enhancement of existing network service interfaces by standardized security service interfaces to enable the provision of open security services. Separated security control functions of independent service providers, however, might not be trusted by network operators. Therefore, this contribution particularly considers gateway functions implementing access control and ancillary conditions concerning network integrity.