Security management of a network involves identity validation (authentication), service authorization, and information privacy protection. Authentication processes identifies the device or person that is requesting the use of the telecommunications device or network services. Authorization is the process of determining what services devices are customers are permitted to use. Privacy or encryption services are used to help ensure that the information transmitted or received is not available to unauthorized recipients.
Authentication
Authentication is a process during where information is exchanged between a communications device (typically a user device such as a mobile phone) and a communications network that allows the carrier or network operator to confirm the true identity of the user (or device). Validation of the authenticity of the user or device allows a service provider to deny service to users that cannot be identified. Thus, authentication inhibits fraudulent use of a communication device that does not contain the proper identification information.
Authorization
Authorization is the enabling of services to a device or customer that requests services. Authorization is often part of the billing and customer care (BCC) system and is maintained in a customer database service profile. Services are initially enabled in a network as a result of provisioning. Provisioning is a process within a company that allows for establishment of new accounts, activation, termination of features, and coordinating and dispatching the resources necessary to fill those service orders. Provisioning is usually part of customer care systems.
Networks sometimes use mediation devices to help manage provisioning and authorizing services to customers. A mediation device is device in a telecommunications network that receives, processes, reformats, and sends information to other formats between network elements. Mediation devices are can take non-standard proprietary information (such as proprietary digital call detail records) from switches and other network equipment and reformat them into messages billing systems can understand.
Information Privacy
Information privacy is a process of protecting transmitted or received information from being understood by unauthorized recipients. Information privacy typically involves encrypting of the voice signal with a shared secret key so only authorized users with the correct key and decryption program can listen to the communication information.
Encryption is a process of a protecting voice or data information from being obtained by unauthorized users. Encryption involves the use of a data processing algorithm (formula program) that uses one or more secret keys that both the sender and receiver of the information use to encrypt and decrypt the information. Without the encryption algorithm and key(s), unauthorized listeners cannot decode the message.
No comments:
Post a Comment