Abstract
Voice over Internet Protocol (VoIP) refers to the use of packet-switched internet protocol (IP) networks to relay a voice message. VoIP is among the latest modes of communication. As with a majority of the novel technologies, VoIP comes with both opportunities and security challenges. It has a unique architecture compared to the conventional circuit-based telephony. As a result, VoIP is susceptible to numerous security risks.
The benefits of a VoIP system to an enterprise include flexibility and low operation cost. There are different forms of Voice over Internet Protocol systems.
They include mobile units, conferencing units, and the ordinary telephone handsets. For a VoIP network to meet the needs of a user, it has to guarantee the quality of service. A VoIP system has little tolerance for interruptions. There is no single solution to security challenges that face data transmitted over VoIP. Thus, organizations should ensure that they acquire the appropriate network infrastructure.
Introduction
Voice over Internet Protocol refers to a collection of technologies and methods that facilitate the transfer of voice messages over IP networks. Other terms that are used to refer to VoIP networks include Internet telephony, IP telephony, and broadband phone service among others. VoIP systems can run on any form of computer. Additionally, the conventional telephone handsets can be modified to handle VoIP services.
Other equipment that can provide VoIP services includes mobile units, conferencing units, and “softphone”. Cheng and Lai (2010) argue, “Quality of service (QoS) is fundamental to the operation of a VoIP network” (p. 82). Thus, it is imperative to guarantee security measures when operating a Voice over Internet Protocol network.
Since the management of a VoIP system requires implementation of numerous safety procedures, it is hard to guarantee the quality of service. Among the challenges that affect a VoIP network include firewall delays, jitter, encryption-produced latency and blockage of call setups (Cheng & Lai, 2010). One of the benefits of VoIP over other communication networks is that it is cost-effective. The VoIP system compresses the electronic traffic of an organization into a single physical network.
Thus, it saves an institution from the cost of procuring a private branch exchange (PBX). To explore the challenges that affect VoIP networks, this paper will give an overview of the system. It will discuss the equipment, data handling, cost, speed, and security issues that affect a VoIP network. Additionally, the paper will discuss the quality of service issues..
Overview of VoIP
Many people who have the knowledge of data communication might have “little background in transmitting voice or real-time imaging in a packet-switched environment” (Cheng & Lai, 2010, p. 86).
VoIP technology is a novel concept to many people. Most people assume that it is possible to transmit voice messages over the normal network infrastructures without changing them. The reality is that installation a VoIP system results in numerous complications to the ordinary network. A majority of these challenges are made severe by security considerations.
VoIP Equipment
There are different types of Voice over Internet Protocol systems. Almost every computer can support VoIP services. Apple Macintosh iChat, Microsoft NetMeeting, and Linux platforms provide some VoIP services (Chong & Matthews, 2004). Voice over Internet Protocol is the infrastructure that helps to “dial telephone numbers and communicate with people on the other end of a connection who have a VoIP system” (Chong & Matthews, 2004, p. 109).
The increase in demand for VoIP services has led to the development of multiple products. The conventional telephone handsets are developed with additional features to support VoIP services. Some handsets are equipped with a small liquid-crystal display (screen), which helps to configure their advanced functionalities like call-park and conference calls.
Apart from modification of the conventional telephone handsets, VoIP technology has led to the invention of conferencing units. The groups offer services akin to those of the ordinary conference calling phone systems. The only difference is that conferencing units enable users to synchronize data communication services.
The invention of VoIP network has led to an adjustment of the average personal computer (PC) to create a “softphone”. A “softphone” is a collection of a headset, personal computer, software and a cheap connection service (Endler & Collier, 2006). The primary disadvantage of a “softphone” system is that it is prone to privacy and security issues. Personal computers that are connected to the internet get infested with viruses, worms and a multitude of malicious software.
Therefore, it is hard to guarantee the security of a voice message transmitted through a “softphone” system (Endler & Collier, 2006). Besides, personal computers are mostly connected to data networks. Hence, the use of “softphone” system makes it impractical to split data and voice networks. Voice over Internet Protocol system comprises numerous apparatus like routers, call processors, protocols, gateways, and firewalls.
Data handling
Endler and Collier (2006) assert, “Before any voice can be sent, a call must be placed” (p. 24). For a conventional phone system, call placement entails dialing the number of the intended recipient. The telephone company’s system processes the dialed number and connects the caller to the consignee.
Voice over Internet Protocol system operates differently. Once the user dials a number, a composite sequence of packet exchanges ensues in line with a VoIP signaling protocol. The challenge is that while computer systems are distinguished by their Internet Protocol (IP) address, the user dials a regular telephone number to initiate a call. For the call to be completed, the phone number has to be connected to the IP address of the called party.
A set of rules is used to identify the IP address that matches with the recipient’s phone number. Once the recipient answers a call, the voice is changed into a digital signal and split into a series of packets. The entire process begins by changing analog voice pointers to digital. Because digitized voice demands a vast number of bits, “a compression algorithm is used to reduce the volume of data to be transmitted” (Endler & Collier, 2006, p. 31).
The compressed information is entered into data packets for secure transmission. The voice packets use the Real-time Transport Protocol (RTP). Each packet has a unique header field that contains the information used to reconstruct the packets to obtain the voice signal.
Cost
One reason many institutions opt to use the VoIP system is that it is cheap compared to other modes of communication. The VoIP system does not use the switched telephone networks. Consequently, it is cheap to transmit voice messages over long distances. The VoIP system does not send voice traffic over the ordinary telecommunication line configurations (Jiang & Henning, 2000). Instead, the traffic travels over private data network lines or the internet.
Voice over Internet Protocol is also cheap since it consolidates all of an institution’s electronic traffic. An institution does not require procuring distinct private branch exchange tile lines for each type of traffic. Even though installing the VoIP system is expensive, a company enjoys noteworthy savings by managing a single network (Jiang & Henning, 2000).
An institution does not incur the cost of maintaining a telephony system. Moreover, the work of the system administrator becomes less tasking. The administrator manages a single instead of multiple networks. A company does not require hiring different workers to manage voice and data networks.
Speed and Quality
Theoretically, Voice over Internet Protocol can minimize the usage of bandwidth and enhance the quality of communication compared to the traditional public switched telephone network. Jiang and Henning (2000) posit, “The use of high bandwidth media, combined with high quality of digitized voice, makes VoIP a flexible alternative for speech transmission” (p. 84). However, the circumstances are quite intricate. System administrators encounter challenges in the effort to channel all the traffic of an organization through a single network.
The network becomes overcrowded leading to delays. The bandwidth usage depends on the digitization of voice by circuits, codecs or software procedures that encrypt and decrypt data for communication.
Therefore, minimizing the usage of the bandwidth may result in sluggish encryption and transmission processes (Jiang & Henning, 2000). Technologists are in the process of enhancing the quality and speed of transmitting voice messages through VoIP systems. Indeed, a majority of the organizations that uses VoIP systems do not detect momentous dilapidation in quality or speed.
Security Issues
The introduction of Voice over Internet Protocol system increases the demand for security measures within a company. A business requires guaranteeing the safety of both its data and voice. The federal government agencies have the duty to safeguard a lot of classified and unclassified data.
The agencies need to protect both the financial and sensitive information. On the other hand, public and private corporations require safeguarding their communications. Bradbury (2007) argues that in an ordinary office telephone system, “security is a more valid assumption” (p. 484).
One can hardly intercept communications. To block the communication, one needs to tamper with the private branch exchange of an institution or access the telephone line. Only institutions that transmit sensitive and classified information opt to encrypt voice traffic. The same does not happen for the Internet-related connections. Information sent via the internet is prone to interceptions. Thus, it is imperative to encrypt it to ensure that it is safe.
Bradbury (2007) alleges that the packets mailed via the internet go through systems that not under the control of both the sender and the recipient. If a hacker accesses one of the systems, they can install programs and screen packets for sensitive information. It underlines the reason people use encryption software to transmit data over the VoIP systems.
The existing internet structural design does not offer the security measures analogous to those of the traditional phone lines. The only way to secure the Voice over Internet Protocol system is to apply security techniques like the ones used to protect data networks. Currently, institutions use firewalls and encryption to secure the VoIP systems.
Quality of Service Issues
According to Bai and Ito (2006), quality of service is paramount to the functionality and effectiveness of a VoIP system. In spite of the installation cost, a VoIP system enhances communication within an organization. However, the discharge of varied security procedures affects the quality of service. For instance, the use of firewalls affects the speed of call setups. Moreover, it results in call delays, jitters, and encryption-produced latency.
Bai and Ito (2006) argue “Quality of service issues is central to VoIP security” (p. 801). If organizations were able to guarantee the quality of service, they would have been in a position to use the security measures used to safeguard data networks.
Nevertheless, it is hard to use most security measures used to secure data networks due to the time-critical state of the Voice over Internet Protocol networks. Also, VoIP systems do not tolerate packet loss and disruptions. The primary quality of service issues related to VoIP includes latency, packet loss, and jitter among others.
Latency
According to Kumar (2006), latency in Voice over Internet Protocol refers to the duration that it takes a voice data to travel from the sender to the receiver.
Preferably, institutions would like to use a network that has as low latency as possible. Nevertheless, there are realistic lower limits on the holdup of VoIP. For one-way traffic, the upper bound is 150 milliseconds (ms) (Kumar, 2006). The 150 ms limit corresponds to the present latency limit witnessed in local calls across the public switched telephone network lines in the United States.
The latency bound for international calls is 400 milliseconds. Calls made via the Voice over Internet Protocol network must satisfy the 150 ms limit to imitate the quality of service that the present phones offer. The time constraint experienced in VoIP systems leaves diminutive room for mistakes in packet delivery (Kumar, 2006). Further, it makes it difficult for institutions to implement many security techniques.
The process of data encryption and shipment across the United States may take up to 130 milliseconds. The time taken to transmit voice data across the North American continent may be less than 100 milliseconds. Security discharge and queuing take between 20 and 50 milliseconds.
Kumar (2006) maintains that delay does not only arise at the terminals of the system. Every leap along the system results in a fresh queuing delay and probably a processing latency for the case of a safety checkpoint. Also, transmission of big packets may lead to bandwidth jamming and increased latency. Therefore, Voice over Internet Protocol networks work well with small packages.
Jitter
Toral, Torres, Hernandez, and Estrada (2008) define jitter as the inconsistent packet delays. It results from limited bandwidth conditions in VoIP networks and may have severe effects on the overall quality of service. Toral et al. (2008) claim, “Variations in delays can be more detrimental to the quality of service than the actual delays” (p. 14).
Jitter may lead to erroneous reassembling of packets. Real-time Transport Protocol (RTP) depends on User Datagram Protocol (UDP). As a result, jumbled packets are not reconstructed at the protocol level. Nonetheless, RTP enables programs to reorganize the packets using the timestamp and sequence number fields. The cost of rearranging the packets is intractable when dealing with the stretched time limits of voice over Internet Protocol.
An increase in jitter results in the packets arriving at the terminal in bursts. Therefore, to manage jitter at the terminals, it is imperative to use a buffer. Toral et al. (2008) allege that for a buffer to be effective, it has to release the packets after every 150 milliseconds to minimize variations in delays.
Toral et al. (2008) maintain that the buffer implementation gets complicated when it is hard to tell if a missing packet is lost or delayed. If a latency is principally unreliable, the system cannot rely on historical delay times to determine the condition of a missing packet. Apart from the buffer, individuals can use firewalls and routers to manage jitter.
They can also use network elements that process data based on its urgency. Another way that an institution might mitigate jitter in its VoIP system is by enhancing the usage of the bandwidth. Nevertheless, it is hard to improve bandwidth usage without compromising the security of the data.
Packet Loss
Melvin and Murphy (2007) maintain that Voice over Internet Protocol is extremely intolerant of packet loss. Packet loss may arise as a result of excess latency. Some packets fail to reach the destination on time leading to them being cast off to accommodate the newer ones. Packet loss may also arise due to jitter. The primary reason VoIP is prone to packet loss is because it relies on the Real-time Transport Protocol.
A packet may reach the destination after its adjacent packets have been removed from the buffer, thus rendering it redundant (Melvin & Murphy, 2007). VoIP packets are normally minuscule and carry little information. Hence, it might be hard for a person to detect the missing words in case of packet loss. The only disadvantage is that packets are not lost separately. Bandwidth overcrowding and other sources of packet loss interfere with all the packages that are in transit.
The loss of a single packet might not affect the meaning of the intended message. Nevertheless, probabilistically “the loss of one packet means the loss of several packets” (Tadeus, 2004, p. 179). In other words, the loss of a single packet may result in the loss of numerous packets, thus degrading the quality of service.
Although it is hard to use an efficient delivery protocol like Transmission Control Protocol to enhance the quality of service, one can still minimize the challenge of packet loss. Tadeus (2004) argues that one cannot ensure that all the packets reach the intended destination. If one has an adequate bandwidth, they can send redundant information to cancel the prospect of loss. The problem is that it is hard to get such bandwidth.
The introduction of redundant information results in latency and, at times, aggravates packet loss. Steps are underway to develop novel codecs like internet Low Bit-rate Codec that tolerate packet loss. The codecs will guarantee that the meaning of a message does not change despite the loss of some packets.
Conclusion
The development of Voice over Internet Protocol network is a complex process that must be handled with great care. The network managers can hardly detect the numerous challenges that affect data packets. The incorporation of a VoIP system into an already overworked network may be detrimental to an organization. There is no approved solution to the challenges, which affect voice data that is in transit via a VoIP network.
Organizations must use different solutions selectively according to the nature of VoIP system that they use. Institutions can run secure VoIP systems; however, they have to incur a high cost with respect to installing security measures. Until the experts come up with a reliable and efficient method of running a VoIP network, organizations should operate their systems cautiously. They should ensure that they acquire the correct software and establish the appropriate network infrastructure.
References
Bai, Y., & Ito, M. (2006). A study for providing better quality of service to VoIP users. Advanced Information Networking and Applications, 1(2), 799-804.
Bradbury, D. (2007). The security challenges inherent in VoIP. Computers & Security, 26(7), 485-487.
Cheng, F., & Lai, W. (2010). An overview of VoIP and P2P copyright and lawful-interception issues in the United States and Taiwan. Digital Investigation, 7(2), 81-89.
Chong, H., & Matthews, H. (2004). Comparative analysis of traditional telephone and voice-over-internet protocol (VoIP) systems. Electronics and the Environment, 3(1), 106-111.
Endler, D., & Collier, M. (2006). Hacking exposed VoIP: Voice over IP security secrets & solutions, New York: McGraw-Hill.
Jiang, W., & Henning, S. (2000). Analysis of on-off patterns in VoIP and their effect on voice traffic aggregation. Computer Communications and Networks, 4(1), 82-87.
Kumar, A. (2006). An overview of voice over internet protocol (VoIP). Rivier College Online Academic Journal, 2(1), 1-13.
Melvin, H., & Murphy, L. (2007). Time synchronization for VoIP quality of service. Internet Computing, 6(3), 57-63.
Tadeus, U. (2004). Quality of service in VoIP communication. International Journal of Electronics and Communications, 58(3), 178-182.
Toral, H., Torres, D., Hernandez, C., & Estrada, L. (2008). Self-similarity, packet loss, jitter, and packet size: Empirical relationships for VoIP. Electronics, Communications and Computer, 5(3), 11-16.