317 KB | 3 files | PDF, DOC
In this book chapter, you'll learn about the benefits and disadvantages of using VoIP, its vulnerabilities and components. This chapter also dispels some myths about the cost-saving IP telephony solution.
VoIP security issues are becoming increasingly serious because voice networks and services cannot be protected from recent intelligent attacks and fraud by traditional systems such as firewalls and NAT alone.
After analyzing threats and recent patterns of attacks and fraud, consideration needs to be given to the redesign of secure VoIP architectures with advanced protocols and intelligent products, such as Session Border Controller (SBC). Another type of security issue is how to implement lawful interception within complicated service architectures according to government requirements.
The book "Voice over IP Security," by Patrick Park, focuses on the analysis of current and future threats, the evaluation of security products, the methodologies of protection, and best practices for architecture design and service deployment. This book not only covers technology concepts and issues, but also provides detailed design solutions featuring current products and protocols so that you can deploy a secure VoIP service in the real world with confidence. This excerpt is the book's entire first chapter entitled, "Working with VoIP." In this chapter, you learn about the benefits and disadvantages of using VoIP, its vulnerabilities and components, and this chapter also dispels some myths. The content in this chapter refers to recommendations from the National Institute of Standards and Technology.
The attached ZIP file includes:
This publication presents a methodology for assigning authentication strengths based on the strength of pair wise bindings between the five entities involved in smart card based authentications. ... More >>
The Framework enables organizations – regardless of size, degree of cybersecurity risk, or cybersecurity sophistication – to apply the principles and best practices of risk management to improving the security and resilience of critical infrastructure. ... More >>
This document provides Federal agencies with a definition of attribute based access control (ABAC). ABAC is a logical access control methodology where authorization to perform a set of operations is determined by evaluating a variety of attributes. ... More >>