Security for SIP-Based VoIP Networks
Threat Modeling, Hardening, and CountermeasuresBy
- Vinay Rao, Senior Manager, Field Applications Engineering, Centillium Communications, Inc., Fremont, CA, USA
Voice over Internet Protocol (VoIP) is eroding the use of traditional wired phone service in the home and business. The market leader is tripling subscription rates in one year which will continue to rise. As with any new technology now that it is up and running concerns turn to the security of the information being transmitted. Due to the fact that VoIP networks are often implemented over the public Internet they are left open to attacks. Vinay Rao offers a well-structured and in-depth look at VoIP security with an emphasis on SIP-based applications. He will explain protocol fundamentals, review threat analysis and hardening of security. Real-world issues and countermeasures will be discussed extensively resulting in a basic security checklist on which to base future security implementation architecture schemes.
VoIP Network Architects, Service Providers, IT Managers, Graduate Students
Paperback, 352 pages
Published: January 2010
- PART I: THE FUNDAMENTALSTechnology OverviewTelecommunications NetworksData Communications NetworksCryptography FundamentalsVoice Over IPA Brief Introduction to VoIPVoice Over IP ArchitectureSESSION INITIATION PROTOCOL (SIP)SIP FundamentalsIntroduction to SIPSIP ArchitecturePART II: The SIP-Based VoIP EcosystemSIP Associated Protocols and ServicesOpterational OverviewPART III: Securing SIP-Based VoIPSection I: Threat ModelingThreat AssessmentSIP Threat Assessment ModelsSection II: Hardening and CountermeasuresHardening MechanismsSecure SIP and RTPFirewall and NAT TraversalSection III: Security AnalysisBasic Security Analysis ToolkitThe Evolution of ThreatsAppendices