317 KB | 3 files | PDF, DOC
In this book chapter, you'll learn about the benefits and disadvantages of using VoIP, its vulnerabilities and components. This chapter also dispels some myths about the cost-saving IP telephony solution.
VoIP security issues are becoming increasingly serious because voice networks and services cannot be protected from recent intelligent attacks and fraud by traditional systems such as firewalls and NAT alone.
After analyzing threats and recent patterns of attacks and fraud, consideration needs to be given to the redesign of secure VoIP architectures with advanced protocols and intelligent products, such as Session Border Controller (SBC). Another type of security issue is how to implement lawful interception within complicated service architectures according to government requirements.
The book "Voice over IP Security," by Patrick Park, focuses on the analysis of current and future threats, the evaluation of security products, the methodologies of protection, and best practices for architecture design and service deployment. This book not only covers technology concepts and issues, but also provides detailed design solutions featuring current products and protocols so that you can deploy a secure VoIP service in the real world with confidence. This excerpt is the book's entire first chapter entitled, "Working with VoIP." In this chapter, you learn about the benefits and disadvantages of using VoIP, its vulnerabilities and components, and this chapter also dispels some myths. The content in this chapter refers to recommendations from the National Institute of Standards and Technology.
The attached ZIP file includes:
This excerpt from chapter 2 focuses on major browser security issues, including same-origin policy, sandboxing, malicious URL intercepts, and the continuing rapid development of security. ... More >>
This document contains the technical specifications to interface with the smart card to retrieve and use the PIV identity credentials. ... More >>
This publication provides guidance on protecting the confidentiality, integrity, and availability of information processed, stored, or transmitted on replication devices. ... More >>