Secure Telephony Identity Revisited (STIR) is a framework that enables the cryptographic assertion and verification of an identity of a caller. Through an out-of-band (OOB) mechanism, an entity that cryptographically asserts caller identity places a Personal Assertion Token (PASSporT) in a Call Placement Service (CPS). To verify the identity of the caller, a verification service running at a callee contacts the same CPS to obtain, decrypt, and verify the PASSporT identity assertion. In large scale deployments, such as a contact center, there is likely to be a single main line number for all incoming calls and that called number would be expected to service several hundred calls per minute resulting in a significant load on a verification service. Additionally, the verification service would be expected to sift through several hundred PASSporT entries on a CPS to obtain, decrypt and validate the correct PASSporT for a given call. Techniques are presented herein to address these challenges by providing to a verification service the explicit location of the PASSporT for a given call in the CPS.
Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 License.
Inamdar, Kaustubh and Salgueiro, Gonzalo, "MECHANISM FOR DUAL LOOKUP IN SECURE TELEPHONY IDENTITY REVISITED (STIR)", Technical Disclosure Commons, (September 24, 2020)