By Chun K. Chan, Andrew R. McGee, Martin J. Glapa, and Uma Chandrashekhar, Bell Laboratories, Lucent Technologies
The Lucent Bell Labs Security model has now become the foundation of the newly ratified ITU-T Recommendation X.805 "Security Architecture for Systems Providing End-to-End Communications." The X.805 standard was developed as the framework for the architecture and dimensions in achieving end-to-end security of distributed applications. In this paper, we introduce the X.805 standard and describe how it can be applied to the PacketCable™ Security Specification (PKT-SP-SEC-107-021127) and the DOCSIS BPI+ specification (SP-BPI+- I10-030730) for Voice over Cable (VoC) networks. We identify areas of conformance and gaps that the current PacketCable standards have with respect to the X.805 Security Model and examine the effect on endto- end availability of VoC networks. The PacketCable™ reliability models (PKT-TRVoIPAR- V01-001128) are generalized to include downtime due to security vulnerabilities and attacks. Our analysis shows that the traditional reliability models produce results that are optimistic if we do not consider both availability and security within a network dependability framework. The X.805 standard can be used to augment these models to provide optimal availability and security for Voice over Cable networks.