Internet Based Conferencing Security

    Over the years, it has always been necessary for people to have meetings. These meetings generally happen face to face, and as businesses became more globalized, it became necessary for management to travel to have these meetings. This travel although necessary was a great expense for an organization. A five-person meeting conducted in-person (involving plane travel for four of the attendees) is over seven times more expensive than a meeting conducted by audio conference, and nearly three times as expensive as a videoconference (INFOCOM, 2014). Leading to cost saving measures, which initially toke the form of conference calls over the analog phone systems.

 

    Conference calls did save business money by allowing managers to coordinate and organize activities without the travel expense of having to travel to a site. However, the fact remained that conference calls still that rode over the POTS network remained unsecure and susceptible to intercept via line taping or induction amplification (Communication Security Inc., 2014). Furthermore, they normally relied on a trusted third party to provide the connection. Regardless of their security shortcomings, conference calls were the mainstay of business activities for many years but lacked the interpersonal communication that face to face meeting provided.

 

    In attempt to resolve the issues of interpersonal communications that conference calls could not address, engineers came up with video conferencing. This solution required a digital medium to transmit the signal. The fact that the conference was now digital loaned itself to bulk encryption techniques. This in turn made the connection more secure in point to point communications. However theses early systems still lacked the ability to bring in more than two parties without a third party involved to route traffic. This aging introduced a point of contention in the security framework of the conference as many businesses used intermediaries as Multipoint Control Unit (MCU) gateways (Willebeek-LeMair, Kandlur, & Shae, 1994).

 

    As technology advanced and the internet had taken hold, internet based video conferencing came in vogue. With its low cost of entry and the ability to bring, the entire process in house allows an unprecedented level of security. Organizations no longer have to rely on third parties to make multiparty connections possible. Furthermore, now all you have to do is load a web app up on your internal webserver and have your users connect to it allowing end-to-end control of the conference. Lastly, some web conferencing solutions, like Adobe Connect, and Cisco WebEX have granular access permissions and end-to-end encryption.

 

    Most web conferencing platforms have you download a client or run a java applet, which connects, to the conferencing server. To secure the connection between the clients and server an application layer security protocol, know as Transport Layer Security (TLS) and its predecessor, Secure Sockets Layer (SSL). These cryptographic protocols were designed to provide communication security over the Internet (Dierks, 2014).

 

    TSL/SSL use X.509 certificates (X.509 is an ITU-T standard for a Public Key Infrastructure (PKI) and Privilege Management Infrastructure (PMI)) and hence asymmetric cryptography to authenticate the counterparty with whom they are communicating, and to exchange a symmetric key. This session key is then used to encrypt data flowing between the parties. This allows for data/message confidentiality, and message authentication codes for message integrity and as a by-product, message authentication (M. Cooper, 2014). Web security protocols like TSL/SSL ensure that no one can tap into you online meeting.

 

    Secondly, the granular access permissions implemented by some solutions allow you to only let meeting attendees see and hear what you want them to see and hear. This is especially important when conducting negotiations between two parties as one party might want to pass data between themselves without the other party being aware of what they are discussing. In web conferencing, a feature call whisper allows you to have a privet voice chat with a attendee without they others being aware of the conversation. In addition, a Privet Message (PM) can be used to send a secure note to an attendee. Lastly, some platforms allow you to shear documents, desktops, and whiteboards with only the conference attendees that you choose.

 

    Do I agree that internet-based conferencing is as safe as face-to-face meetings? Yes I do, technological advances like TSL/SSL, granular access permissions, Whispers, and PMs have allowed web meeting to be just as secure as a face to face meeting. Furthermore, the ability to bring these web conferencing platforms in house closes the third party trust loophole. Overall some would argue that web conferencing is safer than a face to face meeting due to the evidence on hand.

 

Works Cited

Communication Security Inc. (2014, 06 15). Telephone Line Attacks. Retrieved from Communication Security Inc.: http://www.bugsweep.com/telephone.html

Dierks, T. (2014, 06 15). The Transport Layer Security (TLS) Protocol. Retrieved from IETF: http://tools.ietf.org/html/rfc5246

INFOCOM. (2014, 06 15). Meetings in America . Retrieved from Verizon: https://e-meetings.verizonbusiness.com/global/en/meetingsinamerica/uswhitepaper.php

M. Cooper, Y. D. (2014, 06 15). Internet X.509 Public Key Infrastructure:Certification Path Building. Retrieved from IETF: http://tools.ietf.org/html/rfc4158

Willebeek-LeMair, M., Kandlur, D., & Shae, Z.-Y. (1994). On multipoint control inits for vieoconferencing. Minneapolis, MN : IEEE.

 

Share

Comments are closed.