Telecommunication Security

Size: px
Start display at page:

Download "Telecommunication Security"

Transcription

1 SOURCE: TITLE: AGENDA ITEM: CONTACT: ITU-T ITU-T Security Standardization GTSC, agenda item 5.5 Herb Bertine, GSC11(06)_GTSC_07 Telecommunication Security Herbert Bertine Chairman, ITU-T SG 17

2 High Level Security Drivers ITU Plenipotentiary Conference (PP-02) Intensify efforts on security World Telecommunications Standardization Assembly (WTSA-04) Security robustness of protocols Combating/Countering spam World Summit on the Information Society (WSIS-05) Cyber security

3 ITU-T Study Groups ITU-T work is divided up between Study Groups (SGs). SG 2: Operational aspects of service provision, networks and performance SG 4: Telecommunication management SG 5: Protection against electromagnetic environment effects SG 6 Outside Plant and related indoor installations SG 9 Integrated broadband cable networks and television and sound transmission SG 11 Signaling requirements and protocols SG 12 Performance and quality of service SG 13 Next Generation Networks SG 15: Optical and other transport networks SG 16: Multimedia services, systems and terminals SG 17: Security, languages and telecommunication software* SG 19: Mobile Telecommunications Networks *SG17 is the Lead Study Group on telecommunication security.

4 Overview of ITU-T Security Standardization Collaboration is key factor

5 WP 2/17 Security Questions ( ) Q7/17 Telecom Systems Security Management *ISM Guideline for Telecom *Incident Management *Risk Assessment Methodology *etc *X.1051 Telecom Systems Users Telebiometrics *Multimodal Model Fwk *System Mechanism *Protection Procedure *X.1081 Secure Communication Services *Mobile Secure Communications *Home Network Security *Security Web Services Q9/17 *X.1121, X.1122 Cyber Security Q6/17 *Overview of Cyber-security *Vulnerability Information Sharing * Incident Handling Operations Countering spam *Technical anti-spam measures Q17/17 New Q8/17 Q5/17 Security Architecture & Framework *Architecture, Model, Concepts, Frameworks, *etc *X.800 series *X.805 Q4/17 Communications System Security *Vision, Coordination, Roadmap, Compendia

6 Highlights of what s new since GSC-10 Two new ITU-T Questions: Q.15/13, NGN security (May 2005) Q.17/17, Countering spam by technical means 38 security Recommendations are under development in Study Group 17 Other SGs are developing security Recommendations for specific technologies for example 5 on NGN security Focus Group on Security Baseline For Network Operators New Horizons for Security Standardization Workshop Security standards roadmap Cybersecurity web portal

7 Q.15/13 NGN Security Recognizing that security is one of the defining features of NGN, it is essential to put in place a set of standards that will guarantee, to the maximum degree possible, the security of the telecommunications infrastructure as PSTNs evolve to NGNs. The NGN Security studies must address and develop network architectures that: - Provide for maximal network and end-user resource protection - Allow for highly-distributed intelligence end-to-end - Allow for co-existence of multiple networking technologies - Provide for end-to-end security mechanisms - Provide for security solutions that apply over multiple administrative domains

8 Q.17/17 Combating spam by technical means Spam has become a widespread problem causing a complex range of problems to users, service providers, and network operators around the globe. While spam was originally used to send unsolicited commercial messages, increasingly spam messages are being used to spread viruses, worms, and other malicious code that negatively impact the security and stability of the global telecommunication network. Spam may include the delivery of phishing and spyware. It is a global problem that requires a multifaceted, comprehensive approach. Study items to be considered include, but are not limited to: - What risks does spam pose to the telecommunication network? - What technical factors associated with the telecommunication network contribute to the difficulty of identifying the sources of spam? - How can new technologies lead to opportunities to counter spam and enhance the security of the telecommunication network? - Do advanced telecommunication network technologies (for example, SMS, instant messaging, VoIP) offer unique opportunities for spam that require unique solutions? - What technical work is already being undertaken within the IETF, in other fora, and by private sector entities to address the problem of spam? - What telecommunication network standardization work, if any, is needed to effectively counter spam as it relates to the stability and robustness of the telecommunication network?

9 SG 17 Security Recommendations under development (1/3) Summaries of all Study Group 17 Recommendations under development are available on the Study Group 17 web page at: Communications Systems Security Project X.sbno, Security baseline for network operators Security Architecture and Framework X.805+, Division of the security features between the network and the users X.805nsa, Network security certification based on ITU-T Recommendation X.805 X.ngn-akm, Framework for authentication and key management for link layer security of NGN X.pak, Password-authenticated key exchange (PAK) X.spn, Framework for creation, storage, distribution and enforcement of security policies for networks

10 SG 17 Security Recommendations under development (2/3) Cyber Security X.cso, Overview of cybersecurity X.sds, Guidelines for Internet Service Providers and End-users for Addressing the Risk of Spyware and Deceptive Software X.cvlm, Guidelines on Cybersecurity Vulnerability Life-cycle Management X.vds, A vendor-neutral framework for automatic checking of the presence of vulnerabilities information update Security Management X.1051 (R), Information security management guidelines for telecommunications based on ISO/IEC X.rmg, Risk management guidelines for telecommunications X.sim, Security incident management guidelines for telecommunications Telebiometrics X.bip, BioAPI interworking protocol X.physiol, Telebiometrics related to human physiology X.tai, Telebiometrics authentication infrastructure X.tpp-1, A guideline of technical and managerial countermeasures for biometric data security X.tpp-2, A guideline for secure and efficient transmission of multi-modal biometric data X.tsm-1, General biometric authentication protocol and profile on telecommunication systems X.tsm-2, Profile of telecomunication device for Telebiometrics System Mechanism (TSM)

11 SG 17 Security Recommendations under development (2/3) Secure Communication Services X.crs, Correlative reacting system in mobile network X.homesec-1, Framework of security technologies for home network X.homesec-2, Certificate profile for the device in the home network X.homesec-3, User authentication mechanisms for home network service X.msec-3, General security value added service (policy) for mobile data communication X.msec-4, Authentication architecture in mobile end-to-end data communication X.p2p-1, Requirements of security for peer-to-peer and peer-to-multi peer communications X.p2p-2, Security architecture and protocols for peer to peer network X.sap-1, Guideline on secure password-based authentication protocol with key exchange X.sap-2, Secure communication using TTP service X.websec-1, Security Assertion Markup Language (SAML) X.1141 now in AAP Last Call X.websec-2, extensible Access Control Markup Language (XACML) X.1142 now in AAP Last Call X.websec-3, Security architecture for message security in mobile web services Countering spam by technical means X.csreq, Requirement on countering spam X.fcs, Technical framework for countering spam X.gcs, Guideline on countering spam X.ocsip, Overview of countering spam for IP multimedia application X.tcs, Technical means for countering spam

12 SG 13 Security Recommendations under development NGN Security Security Requirements for NGN Release 1* Guidelines for NGN Security Release 1* Authentication requirements for NGN Release 1 AAA Service for Network Access to NGN Security considerations for Pseudowire (PWE) technology * Continuation of the work originated in the ITU-T Focus Group on NGN

13 Focus Group: Security Baseline for Network Operators Established October 2005 by SG 17 Objectives: Define a security baseline against which network operators can assess their network and information security posture in terms of what security standards are available, which of these standards should be used to meet particular requirements, when they should be used, and how they should be applied Describe a network operator s readiness and ability to collaborate with other entities (operators, users and law enforcement authorities) to counteract information security threats Provide meaningful criteria that can be used by network operators against which other network operators can be assessed, if required. Next Step Survey network operators by means of a questionnaire

14 New Horizons for Security Standardization Workshop Workshop held in Geneva 3-4 October 2005 Objectives Provide an overview of key international security standardization activities; Seek to identify primary security concerns and issues; Determine which issues are amenable to a standards-based solution; Identify which SDOs are are best equipped to do so; and Consider how SDOs can collaborate to improve the timeliness and effectiveness of security standards and avoid duplication of effort. Results reported under following topics: What are the crucial problems in ICT security standardization? Meta issues and need for a global framework; Standards Requirements and Priorities; Liaison and information sharing; User issues; Technology and threat issues; Focus for future standardization work; Process issues; Follow-on issues Report available at

15 ICT Security Standards Roadmap Four Part Roadmap Part 1 contains information about organizations working on ICT security standards Part 2 is a database of existing security standards Presently includes ITU-T, ISO/IEC JTC1 and IETF standards Will be expanded to include other standards Part 3 will be a list of standards in development Part 4 will identify future needs and proposed new standards Publicly available under Special Projects and Issues at: We invite you to use the Roadmap, provide feedback and help us develop it to meet your needs

16 The ITU Global Cybersecurity Gateway LIVE at: Provides an easy-to-use information resource on national, regional and international cybersecurity-related activities and initiatives worldwide.

17 Structure of the Cybersecurity Gateway The portal is geared towards four specific audiences: Citizens ; Businesses ; Governments, International Organizations Database information collected within five main themes: 1. Information sharing of national approaches, good practices and guidelines; 2. Developing watch, warning and incident response capabilities; 3. Technical standards and industry solutions; 4. Harmonizing national legal approaches and international legal coordination and enforcement; 5. Privacy, data and consumer protection. Additional information resources on the following topics: spam, spyware, phishing, scams and frauds, worms and viruses, denial of service attacks, etc.

18

19 Some useful web resources ITU-T Home page Study Group 17 LSG on Security Recommendations ITU-T Lighthouse ITU-T Workshops Security Roadmap Cybersecurity Portal

20 Closing Observations Security is everybody's business Collaboration with other SDOs is necessary Security needs to be designed in upfront Security must be an ongoing effort Systematically addressing vulnerabilities (intrinsic properties of networks/systems) is key so that protection can be provided independent of what the threats (which are constantly changing and may be unknown) may be X.805 is helpful here

21 Additional details on security work in ITU-T Study Groups: - Study Group 17 - Study Group 4 - Study Group 9 - Study Group 13 - Study Group 16 - Study Group 19

22 ITU-T SG 17 Work on Security

23 Study Group 17: Security, languages and telecommunication software SG 17 is the Lead Study Group on telecommunication security - It is responsible for coordination of security across all Study Groups. Subdivided into three Working Parties (WPs) WP1 - Open systems technologies; WP2 - Telecommunications security; and WP3 - Languages and telecommunications software Most (but not all) security Questions are in WP2 Summaries of all draft Recommendations under development in SG 17 are available on the SG 17 web page at

24 Current SG 17 security-related Questions Working Party 1: 1/17 End-to-end Multicast Communications with QoS Managing Facility 2/17 Directory services, Directory systems, and publickey/attribute certificates 3/17 Open Systems Interconnection (OSI) 16/17 Internationalized Domain Names (IDN) Working Party 2: 4/17 Communications Systems Security Project 5/17 Security Architecture and Framework 6/17 Cyber Security 7/17 Security Management 8/17 Telebiometrics 9/17 Secure Communication Services 17/17 Countering spam by technical means

25 ITU-T SG 17 Question 4 Communications Systems Security Project Security Workshop ICT Security Roadmap Focus Group on Security Baseline For Network Operators

26 New Horizons for Security Standardization Workshop Workshop held in Geneva 3-4 October 2005 Hosted by ITU-T SG17 as part of security coordination responsibility ISO/IEC JTC1 played an important role in planning the program and in providing speakers/panelists. Speakers, panelists, chairs from: ITU-T ISO/IEC IETF Consortia OASIS, 3GPP Regional SDOs ATIS, ETSI, RAIS

27 Workshop Objectives Provide an overview of key international security standardization activities; Seek to find out from stakeholders (e.g., network operators, system developers, manufacturers and end-users) their primary security concerns and issues (including possible issues of adoption or implementation of standards); Try to determine which issues are amenable to a standards-based solution and how the SDOs can most effectively play a role in helping address these issues; Identify which SDOs are already working on these issues or are best equipped to do so; and Consider how SDOs can collaborate to improve the timeliness and effectiveness of security standards and avoid duplication of effort.

28 Workshop Results Excellent discussions, feedback and suggestions Documented in detail in the Workshop report Results are reported under following topics: What are the crucial problems in ICT security standardization? Meta issues and need for a global framework; Standards Requirements and Priorities; Liaison and information sharing; User issues; Technology and threat issues; Focus for future standardization work; Process issues; Follow-on issues The report is available on-line at:

29 ICT Security Standards Roadmap (An SG 17 Work-in-progress) Part 1 contains information about organizations working on ICT security standards Part 2 is database of existing security standards Part 3 will be a list of standards in development Part 4 will identify future needs and proposed new standards

30 Roadmap access Part 2 includes ITU-T, ISO/IEC JTC1 and IETF standards. It will be expanded to include other standards (e.g. regional and consortia specifications). It will also be converted to a Database format to allow searching and to allow organizations to manage their own data Publicly available under Special Projects and Issues at: We invite you to use the Roadmap, provide feedback and help us develop it to meet your needs

31 Other Q.4/17 projects Security in Telecommunications and Information Technology an overview of existing ITU-T Recommendations for secure telecommunications. Security compendium: catalogue of approved ITU-T Recommendations related to telecommunication security extract of ITU-T approved security definitions listing of ITU-T security related Questions We are in the process of establishing a Security Experts Network (SEN) to maintain on-going dialogue on key issues of security standardization.

32 Focus Group: Security Baseline for Network Operators Established October 2005 by SG 17 Objectives: Define a security baseline against which network operators can assess their network and information security posture in terms of what security standards are available, which of these standards should be used to meet particular requirements, when they should be used, and how they should be applied Describe a network operator s readiness and ability to collaborate with other entities (operators, users and law enforcement authorities) to counteract information security threats Provide meaningful criteria that can be used by network operators against which other network operators can be assessed, if required. Next Step Survey network operators by means of a questionnaire

33 ITU-T SG 17 Question 5 Security Architecture and Framework Brief description of Q.5 Milestones Draft Recommendations under development

34 Brief description of Q.5/17 Motivation The telecommunications and information technology industries are seeking cost-effective comprehensive security solutions that could be applied to various types of networks, services and applications. To achieve such solutions in multi-vendor environment, network security should be designed around the standard security architectures and standard security technologies. Major tasks Development of a comprehensive set of Recommendations for providing standard security solutions for telecommunications in collaboration with other Standards Development Organizations and ITU-T Study Groups. Maintenance and enhancements of Recommendations in the X.800 series: X.800, X.802, X.803, X.805, X.810, X.811, X.812, X.813, X.814, X.815, X.816, X.830, X.831, X.832, X.833, X.834, X.835, X.841, X.842 and X.843

35 Q.5/17 Milestones ITU-T Recommendation X.805, Security Architecture for Systems Providing End-to-end Communications, was published in ISO Standard , Network security architecture, was developed in collaboration between ITU-T Q.5/17 and ISO/IEC JTC 1 SC 27 WG 1. The Standard is technically aligned with X.805. It was published in 2006.

36 ITU-T Recommendation X.805 VULNERABILITIES Security layers Applications security Services security Infrastructure security Access control Authentication Non-repudiation Data confidentiality Communication security Data integrity Availability Privacy THREATS Destruction Corruption Removal Disclosure Interruption ATTACKS End-user plane Control plane Management plane 8 Security dimensions X.805_F3 X.805 defines a network security architecture for providing end-to-end network security. The architecture can be applied to various kinds of networks where the end-to-end security is a concern and independently of the network s underlying technology.

37 Q.5/17 Draft Recommendations 1/2 Applications and further development of major concepts of ITU-T Recommendation X.805 X.805+, Division of the security features between the network and the users. This Recommendation specifies division of security features between the networks and users. It provides guidance on applying concepts of the X.805 architecture to securing service provider s, application provider s networks and the end user s equipment. X.805nsa, Network security certification based on ITU-T Recommendation X.805. This Recommendation describes the methodology, processes and controls required for network security certification based on ITU-T Recommendation X.805, Security Architecture for Systems Providing End-to-End Communications.

38 Q.5/17 Draft Recommendations 2/2 Standardization in support of Authentication Security Dimension (defined in X.805) X.pak, Password-authenticated Key Exchange Protocol (PAK). This Recommendation specifies a password-based protocol for authentication and key exchange, which ensures mutual authentication of both parties in the act of establishing a symmetric cryptographic key via Diffie-Hellman exchange. X.ngn-akm, Framework for authentication and key management for link layer security of NGN. This Recommendation establishes a framework for authentication and key management for securing the link layer of NGN. It also provides guidance on selection of the EAP methods for NGN. Standardization of network security policies X.spn, Framework for creation, storage, distribution, and enforcement of security policies for networks. This Recommendation establishes security policies that are to drive security controls of a system or service. It also specifies a framework for creation, storage, distribution, and enforcement of policies for network security that can be applied to various environmental conditions and network devices.

39 ITU-T SG 17 Question 6 Cyber Security Motivation Objectives Scope Current area of focus Draft Recommendations under development

40 Q.6/17 Motivation Network connectivity and ubiquitous access is central to today s IT systems Wide spread access and loose coupling of interconnected IT systems is a primary source of widespread vulnerability Threats such as: denial of service, theft of financial and personal data, network failures and disruption of voice and data telecommunications are on the rise Network protocols in use today were developed in an environment of trust. Most new investments and development is dedicated to building new functionality and not on securing that functionality An understanding of cybersecurity is needed in order to build a foundation of knowledge that can aid in securing the networks of tomorrow

41 Q.6/17 Objectives Perform actions in accordance with Lead Study Group (LSG) responsibility with the focus on cybersecurity Work with Q.1 of SG 2 on a definition of Cybersecurity Identify and develop standards required for addressing the challenges in cybersecurity, within the scope of Q.6/17 Provide assistance to other ITU-T Study Groups in applying relevant cybersecurity Recommendations for specific security solutions. Review project-oriented security solutions for consistency. Maintain and update existing Recommendations within the scope of Q.6/17. Coordinate security activities with other ITU-T SGs, ISO/IEC JTC 1 eg. SC6, SC27 and SC37), and consortia as appropriate. Provide awareness on new security technologies related to cybersecurity

42 Q.6/17 Scope Definition of Cybersecurity Security of Telecommunications Network Infrastructure Security Knowledge and Awareness of Telecom Personnel and Users Security Requirements for Design of New Communications Protocol and Systems Communications relating to Cybersecurity Security Processes Life-cycle Processes relating to Incident and Vulnerability Security of Identity in Telecommunication Network Legal/Policy Considerations

43 Q.6/17 Current Area of Focus Work with SG 2 on the definition and requirements of cybersecurity. Collaborate with Q5,7,9,17/17 and SG 2 in order to achieve better understanding of various aspects of network security. Collaborate with IETF, OASIS, ISO/IEC JTC1, W3C, APEC-TEL and other standardization bodies on cybersecurity. Work on framework for secure network operations to address how telecommunications network providers secure their infrastructure and maintain secure operations. Work on Recommendation for standardization of vulnerability data definition. Study new cybersecurity issues How should ISPs deal with botnets, evaluating the output of appropriate bodies when available. Call for contributions for the outstanding questions identified in the revised scope.

44 Q.6/17 Draft Recommendations 1/2 1. Overview of Cybersecurity (X.cso) This Recommendation provides a definition for Cybersecurity. The Recommendation provides a taxonomy of security threats from an operator point of view. Cybersecurity vulnerabilities and threats are presented and discussed at various network layers. Various Cybersecurity technologies that are available to remedy the threats include: Routers, Firewalls, Antivirus protection, Intrusion detection systems, Intrusion protection systems, Secure computing, Audit and Monitoring. Network protection principles such as defence in depth, access and identity management with application to Cybersecurity are discussed. Risk Management strategies and techniques are discussed including the value of training and education in protecting the network. A discussion of Cybersecurity Standards, Cybersecurity implementation issues and certification are presented. 2. A vendor-neutral framework for automatic checking of the presence of vulnerabilities information update (X.vds) This Recommendation provides a framework of automatic notification on vulnerability information. The key point of the framework is that it is a vendor-neutral framework. Once users register their software, updates on the vulnerabilities and patches of the registered software will automatically be made available to the users. Upon notification, users can then apply

45 Q.6/17 Draft Recommendations 2/2 3. Guidelines for Internet Service Providers and End-users for Addressing the Risk of Spyware and Deceptive Software (X.sds) This Recommendation provides guidelines for Internet Service Providers (ISP) and end-users for addressing the risks of spyware and deceptive software. The Recommendation promotes best practices around principles of clear notices, and users consents and controls for ISP web hosting services. The Recommendation also promotes best practices to end-users on the Internet to secure their computing devices and information against the risks of spyware and deceptive software 4. Guidelines on Cybersecurity Vulnerability Life-cycle Management(X.cvlm) The Recommendation provides a framework for the provision of monitoring, discovering, responding and post-analysis of vulnerabilities. Service providers can use this Recommendation to complement their existing Information Security Management System process in the aspect of regular vulnerability assessment, vulnerability management, incident handling and incident management.

46 ITU-T SG 17 Question 7 Security Management Systems Tasks Recommendations planned Revised X.1051 Approach for revised X.1051

47 Q.7/17 Tasks Information Security Management Guidelines for telecommunications (Existing X.1051, Information security management system Requirements for telecommunications (ISMS-T) ) Maintain and revise Recommendation X.1051, Information Security Management Guidelines for telecommunications based on ISO/IEC Jointly develop a guideline of information security management with ISO/IEC JTC 1/SC 27. Risk Management Methodology Study and develop a methodology of risk management for telecommunications in line with Recommendation X Produce and consent a new ITU-T Recommendation for risk management methodology. Incident Management Study and develop a handling and response procedure on security incidents for the telecommunications in line with Recommendation X Produce and consent a new ITU-T Recommendation for incident management methodology and procedures.

48 Recommendations planned in Q.7/17 (Security Management) X.1050: To be proposed X.1051: In revision process Information Security Management Guidelines for Telecommunications based on ISO/IEC X.1052: To be proposed X.1053: To be proposed (Implementation Guide for Telecoms) X.1054: To be proposed (Measurements and metrics for Telecommunications) X.1055 :In the first stage of development Risk Management Guidelines for Telecommunications X.1056: In the first stage of development Security Incident Management Guidelines for Telecommunications X.1057: To be proposed (Identity Management for Telecoms)

49 Information security management guidelines for Telecommunications (Revised X.1051) Revised X.1051 Security policy Organising information security Asset management Human resources security Physical & environmental security Information Assets for Telecom Communications & operations management Access control Information systems acquisition, development and maintenance Information security incident management Business continuity management Compliance

50 Q.7/17 Approach to develop revised Recommendation X.1051 ISMS Process CONTROL Implementation guidance Other information CONTROL Implementation guidance for Telecom Other information CONTROL Implementation requirements for Telecom ISO/IEC (2005) Revised X.1051 Existing X.1051

51 ITU-T SG 17 Question 8 Telebiometrics Objectives Study areas on Biometric Processes X.1081 and draft Recommendations under development

52 Q.8/17 Objectives 1)To define telebiometric multimodal model framework 2)To specify biometric authentication mechanism in open network 3)To provide protection procedures and countermeasures for telebiometric systems

53 Q.8/17 Study areas on Biometric Processes X.tai: Telebiometrics Authentication Infrastructure X.bip: BioAPI Interworking Protocol X.1081 X.physiol Safety conformity X.tsm: Telebiometrics System Mechanism X.tpp: Telebiometrics Protection Procedures Biometric Sensors Storage NW Acquisition (Capturing) NW Extraction NW Matching Score NW NW:Network Decision NW Application Yes/No

54 Q.8/17 Recommendations 1/4 - X.1081 The telebiometric multimodal model framework A framework for the specification of security and safety aspects of telebiometrics This Recommendation defines a telebiometric multimodal model that can be used as a framework for identifying and specifying aspects of telebiometrics, and for classifying biometric technologies used for identification (security aspects). - X.physiol Telebiometrics related to human physiology This Recommendation gives names and symbols for quantities and units concerned with emissions from the human body that can be detected by a sensor, and with effects on the human body produced by the telebiometric devices in his environments.

ITU-T Security Standard Activities

ITU-T Security Standard Activities ITU-T Security Standard Activities Koji NAKAO Information Security Fellow, KDDI Corporation Rapporteur, Security Management, Q7/SG 17, ITU-T Chair of ISO/IEC JTC 1/SC 27/WG 4, Japan, & Co-Chair of RAISS

More information

ICT Security Cybersecurity CYBEX Overview of activities in ITU-T with focus on Study Group 17

ICT Security Cybersecurity CYBEX Overview of activities in ITU-T with focus on Study Group 17 ICT Security Cybersecurity CYBEX Overview of activities in ITU-T with focus on Study Group 17 TSB Briefing to the Regional Offices, 28 Feb 2011 Martin Euchner Advisor of ITU-T Study Group 17 Martin.Euchner@itu.int

More information

Securing SIP Trunks APPLICATION NOTE. www.sipera.com

Securing SIP Trunks APPLICATION NOTE. www.sipera.com APPLICATION NOTE Securing SIP Trunks SIP Trunks are offered by Internet Telephony Service Providers (ITSPs) to connect an enterprise s IP PBX to the traditional Public Switched Telephone Network (PSTN)

More information

VOICE OVER IP SECURITY

VOICE OVER IP SECURITY VOICE OVER IP SECURITY February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in part without

More information

Draft ITU-T Recommendation X.805 (Formerly X.css), Security architecture for systems providing end-to-end communications

Draft ITU-T Recommendation X.805 (Formerly X.css), Security architecture for systems providing end-to-end communications Draft ITU-T Recommendation X.805 (Formerly X.css), architecture for systems providing end-to-end communications Summary This Recommendation defines the general security-related architectural elements that

More information

INTERNATIONAL TELECOMMUNICATION UNION

INTERNATIONAL TELECOMMUNICATION UNION INTERNATIONAL TELECOMMUNICATION UNION TELECOMMUNICATION STANDARDIZATION SECTOR STUDY PERIOD 2009-2012 English only Original: English Question(s): 4/17 Geneva, 11-20 February 2009 Ref. : TD 0244 Rev.2 Source:

More information

ITU-T Y.2001. General overview of NGN

ITU-T Y.2001. General overview of NGN INTERNATIONAL TELECOMMUNICATION UNION ITU-T Y.2001 TELECOMMUNICATION STANDARDIZATION SECTOR OF ITU (12/2004) SERIES Y: GLOBAL INFORMATION INFRASTRUCTURE, INTERNET PROTOCOL ASPECTS AND NEXT-GENERATION NETWORKS

More information

Internet Communications Using SIP

Internet Communications Using SIP Internet Communications Using SIP Delivering VolP and Multimedia Services with Session Initiation Protocol Second Edition Henry Sinnreich Alan B. Johnston WILEY Wiley Publishing, Inc. Contents Foreword

More information

Voice over IP Security

Voice over IP Security Voice over IP Security Patrick Park Cisco Press Cisco Press 800 East 96th Street Indianapolis, Indiana 46240 USA vii Contents Introduction xvii Part I VoIP Security Fundamentals 3 Chapter 1 Working with

More information

Session Border Controller and IP Multimedia Standards. Mika Lehtinen mika.lehtinen@teliasonera.com

Session Border Controller and IP Multimedia Standards. Mika Lehtinen mika.lehtinen@teliasonera.com Session Border Controller and IP Multimedia Standards Mika Lehtinen mika.lehtinen@teliasonera.com December 1, 2005 Contents Introduction Motivation Research problem Research method Results Conclusion December

More information

Next Generation Networks architecture by ITU-T

Next Generation Networks architecture by ITU-T Next Generation Networks architecture by ITU-T Robert Wójcik Department of Telecommunications 21st January 2009, Kraków, Poland Outline 1 The beginnings 2 The definition 3 Fundamental characteristics of

More information

S-Series SBC Interconnect Solutions. A GENBAND Application Note May 2009

S-Series SBC Interconnect Solutions. A GENBAND Application Note May 2009 S-Series SBC Interconnect Solutions A GENBAND Application Note May 2009 Business Requirements A ubiquitous global voice service offering is the challenge among today s large service providers. The need

More information

Standards for VoIP in the Enterprise

Standards for VoIP in the Enterprise Standards for VoIP in the Enterprise By: John Elwell (John.Elwell@siemens.com) Rue du Rhône 114- CH-1204 Geneva - T: +41 22 849 6000 - F: +41 22 849 6001 - www.ecma-international.org Traditional Enterprise

More information

Network Security Administrator

Network Security Administrator Network Security Administrator Course ID ECC600 Course Description This course looks at the network security in defensive view. The ENSA program is designed to provide fundamental skills needed to analyze

More information

EUCIP - IT Administrator. Module 5 IT Security. Version 2.0

EUCIP - IT Administrator. Module 5 IT Security. Version 2.0 EUCIP - IT Administrator Module 5 IT Security Version 2.0 Module 5 Goals Module 5 Module 5, IT Security, requires the candidate to be familiar with the various ways of protecting data both in a single

More information

Ingate Firewall/SIParator SIP Security for the Enterprise

Ingate Firewall/SIParator SIP Security for the Enterprise Ingate Firewall/SIParator SIP Security for the Enterprise Ingate Systems February, 2013 Ingate Systems AB (publ) Tel: +46 8 600 77 50 BACKGROUND... 1 1 NETWORK SECURITY... 2 2 WHY IS VOIP SECURITY IMPORTANT?...

More information

District of Columbia Courts Attachment 1 Video Conference Bridge Infrastructure Equipment Performance Specification

District of Columbia Courts Attachment 1 Video Conference Bridge Infrastructure Equipment Performance Specification 1.1 Multipoint Control Unit (MCU) A. The MCU shall be capable of supporting (20) continuous presence HD Video Ports at 720P/30Hz resolution and (40) continuous presence ports at 480P/30Hz resolution. B.

More information

VoIP Security regarding the Open Source Software Asterisk

VoIP Security regarding the Open Source Software Asterisk Cybernetics and Information Technologies, Systems and Applications (CITSA) 2008 VoIP Security regarding the Open Source Software Asterisk Prof. Dr.-Ing. Kai-Oliver Detken Company: DECOIT GmbH URL: http://www.decoit.de

More information

PARAMETERS TO BE MONITORED IN THE PROCESS OF OPERATION WHEN IMPLEMENTING NGN TECHNICAL MEANS IN PUBLIC TELECOMMUNICATION NETWORKS

PARAMETERS TO BE MONITORED IN THE PROCESS OF OPERATION WHEN IMPLEMENTING NGN TECHNICAL MEANS IN PUBLIC TELECOMMUNICATION NETWORKS Draft Recommendation Q.3902 PARAMETERS TO BE MONITORED IN THE PROCESS OF OPERATION WHEN IMPLEMENTING NGN TECHNICAL MEANS IN PUBLIC TELECOMMUNICATION NETWORKS Summary This Recommendation describes the main

More information

Standards for Identity & Authentication. Catherine J. Tilton 17 September 2014

Standards for Identity & Authentication. Catherine J. Tilton 17 September 2014 Standards for Identity & Authentication Catherine J. Tilton 17 September 2014 Purpose of these standards Wide deployment of authentication technologies that may be used in a global context is heavily dependent

More information

The Information Security Problem

The Information Security Problem Chapter 10 Objectives Describe the major concepts and terminology of EC security. Understand phishing and its relationship to financial crimes. Describe the information assurance security principles. Identify

More information

An outline of the security threats that face SIP based VoIP and other real-time applications

An outline of the security threats that face SIP based VoIP and other real-time applications A Taxonomy of VoIP Security Threats An outline of the security threats that face SIP based VoIP and other real-time applications Peter Cox CTO Borderware Technologies Inc VoIP Security Threats VoIP Applications

More information

SERIES Y: GLOBAL INFORMATION INFRASTRUCTURE, INTERNET PROTOCOL ASPECTS AND NEXT-GENERATION NETWORKS Next Generation Networks Security

SERIES Y: GLOBAL INFORMATION INFRASTRUCTURE, INTERNET PROTOCOL ASPECTS AND NEXT-GENERATION NETWORKS Next Generation Networks Security International Telecommunication Union ITU-T Y.2740 TELECOMMUNICATION STANDARDIZATION SECTOR OF ITU (01/2011) SERIES Y: GLOBAL INFORMATION INFRASTRUCTURE, INTERNET PROTOCOL ASPECTS AND NEXT-GENERATION NETWORKS

More information

A Model-based Methodology for Developing Secure VoIP Systems

A Model-based Methodology for Developing Secure VoIP Systems A Model-based Methodology for Developing Secure VoIP Systems Juan C Pelaez, Ph. D. November 24, 200 VoIP overview What is VoIP? Why use VoIP? Strong effect on global communications VoIP will replace PSTN

More information

ECMA TR/100. Next Generation Corporate Networks (NGCN) - Security of Session-based Communications. 1 st Edition / December 2009

ECMA TR/100. Next Generation Corporate Networks (NGCN) - Security of Session-based Communications. 1 st Edition / December 2009 ECMA TR/100 1 st Edition / December 2009 Next Generation Corporate Networks (NGCN) - Security of Session-based Communications Reference number ECMA TR/12:2009 Ecma International 2009 COPYRIGHT PROTECTED

More information

Kommunikationsdienste im Internet Möglichkeiten und Risiken

Kommunikationsdienste im Internet Möglichkeiten und Risiken Die Zukunft der Kommunikationsdienste im Internet Möglichkeiten und Risiken Erwin P. Rathgeb Technik der Rechnernetze, Universität Duisburg-Essen Jochen Kögel, Marc Barisch IKR, Universität Stuttgart Steffen

More information

FBLA Cyber Security aligned with Common Core 6.14. FBLA: Cyber Security RST.9-10.4 RST.11-12.4 RST.9-10.4 RST.11-12.4 WHST.9-10.4 WHST.11-12.

FBLA Cyber Security aligned with Common Core 6.14. FBLA: Cyber Security RST.9-10.4 RST.11-12.4 RST.9-10.4 RST.11-12.4 WHST.9-10.4 WHST.11-12. Competency: Defend and Attack (virus, spam, spyware, Trojans, hijackers, worms) 1. Identify basic security risks and issues to computer hardware, software, and data. 2. Define the various virus types and

More information

Part 2: ICT security standards and guidance documents

Part 2: ICT security standards and guidance documents Part 2: ICT security standards and guidance documents Version 3.0 April, 2007 Introduction The purpose of this part of the Security Standards Roadmap is to provide a summary of existing, approved ICT security

More information

Status Report on IP/Telecommunications Interworking

Status Report on IP/Telecommunications Interworking GSC#5/RAST#8 Williamsburg, Virginia, USA 23-26 August 1999 GSC5 (99) 32 SOURCE: TITLE: Committee T1 Status Report on IP/Telecommunications Interworking AGENDA ITEM: 10.6 DOCUMENT FOR: Decision Discussion

More information

COSC 472 Network Security

COSC 472 Network Security COSC 472 Network Security Instructor: Dr. Enyue (Annie) Lu Office hours: http://faculty.salisbury.edu/~ealu/schedule.htm Office room: HS114 Email: ealu@salisbury.edu Course information: http://faculty.salisbury.edu/~ealu/cosc472/cosc472.html

More information

Guidance Regarding Skype and Other P2P VoIP Solutions

Guidance Regarding Skype and Other P2P VoIP Solutions Guidance Regarding Skype and Other P2P VoIP Solutions Ver. 1.1 June 2012 Guidance Regarding Skype and Other P2P VoIP Solutions Scope This paper relates to the use of peer-to-peer (P2P) VoIP protocols,

More information

COPYRIGHTED MATERIAL. Contents. Foreword. Acknowledgments

COPYRIGHTED MATERIAL. Contents. Foreword. Acknowledgments Contents Foreword Preface Acknowledgments 1 Introduction 1 1.1 Motivation for Network Convergence 1 1.2 The Core Network 2 1.3 Legacy Service Requirements 4 1.4 New Service Requirements 5 1.5 Architectures

More information

Firewall-Friendly VoIP Secure Gateway and VoIP Security Issues

Firewall-Friendly VoIP Secure Gateway and VoIP Security Issues Firewall-Friendly VoIP Secure Gateway and VoIP Security Issues v Noriyuki Fukuyama v Shingo Fujimoto v Masahiko Takenaka (Manuscript received September 26, 2003) IP telephony services using VoIP (Voice

More information

An ITU-T Vision on SPAM

An ITU-T Vision on SPAM International Telecommunication Union Aspectos Jurídicos del Comercio Electrónico An ITU-T Vision on SPAM Sesión 9 Telecommunication Standardization Bureau Simão Campos Counsellor, ITU-T Study Group 16

More information

WHITE PAPER ON SECURITY TESTING IN TELECOM NETWORK

WHITE PAPER ON SECURITY TESTING IN TELECOM NETWORK WHITE PAPER ON SECURITY TESTING IN TELECOM NETWORK DATE OF RELEASE: 27 th July 2012 Table of Contents 1. Introduction... 2 2. Need for securing Telecom Networks... 3 3. Security Assessment Techniques...

More information

a) Encryption is enabled on the access point. b) The conference room network is on a separate virtual local area network (VLAN)

a) Encryption is enabled on the access point. b) The conference room network is on a separate virtual local area network (VLAN) MIS5206 Week 12 Your Name Date 1. Which significant risk is introduced by running the file transfer protocol (FTP) service on a server in a demilitarized zone (DMZ)? a) User from within could send a file

More information

State of New Mexico Statewide Architectural Configuration Requirements. Title: Network Security Standard S-STD005.001. Effective Date: April 7, 2005

State of New Mexico Statewide Architectural Configuration Requirements. Title: Network Security Standard S-STD005.001. Effective Date: April 7, 2005 State of New Mexico Statewide Architectural Configuration Requirements Title: Network Security Standard S-STD005.001 Effective Date: April 7, 2005 1. Authority The Department of Information Technology

More information

Internet Communications Using SIP

Internet Communications Using SIP Internet Communications Using SIP Delivering VolP and Multimedia Services with Session Initiation Protocol John Wiley & Sons, Inc. NEW YORK CHICHESTER WEINHEIM BRISBANE SINCAPORE TORONTO Contents Foreword

More information

SIP SECURITY WILEY. Dorgham Sisalem John Floroiu Jiri Kuthan Ulrich Abend Henning Schulzrinne. A John Wiley and Sons, Ltd.

SIP SECURITY WILEY. Dorgham Sisalem John Floroiu Jiri Kuthan Ulrich Abend Henning Schulzrinne. A John Wiley and Sons, Ltd. SIP SECURITY Dorgham Sisalem John Floroiu Jiri Kuthan Ulrich Abend Henning Schulzrinne WILEY A John Wiley and Sons, Ltd., Publication Foreword About the Authors Acknowledgment xi xiii xv 1 Introduction

More information

SIP Trunking Configuration with

SIP Trunking Configuration with SIP Trunking Configuration with Microsoft Office Communication Server 2007 R2 A Dell Technical White Paper End-to-End Solutions Team Dell Product Group - Enterprise THIS WHITE PAPER IS FOR INFORMATIONAL

More information

ICANWK406A Install, configure and test network security

ICANWK406A Install, configure and test network security ICANWK406A Install, configure and test network security Release: 1 ICANWK406A Install, configure and test network security Modification History Release Release 1 Comments This Unit first released with

More information

Voice over IP, or "VoIP" for Voice over IP is a technology that allows to communicate by voice over IP compatible networks, either networks or the

Voice over IP, or VoIP for Voice over IP is a technology that allows to communicate by voice over IP compatible networks, either networks or the Voice over IP, or "VoIP" for Voice over IP is a technology that allows to communicate by voice over IP compatible networks, either networks or the Internet. Several solutions exist to make VoIP: Some use

More information

Managed Security Services for Data

Managed Security Services for Data A v a y a G l o b a l S e r v i c e s Managed Security Services for Data P r o a c t i v e l y M a n a g i n g Y o u r N e t w o r k S e c u r i t y 2 4 x 7 x 3 6 5 IP Telephony Contact Centers Unified

More information

Converged Video Network Security

Converged Video Network Security S T R A T E G I C W H I T E P A P E R Converged Video Network Security How service providers can counter with the various security risks associated with implementing IPTV This white paper: Describes the

More information

The OMA Perspective On SOA in Telecoms

The OMA Perspective On SOA in Telecoms The OMA Perspective On SOA in Telecoms Adopting SOA for Telecom Workshop, Open Standards Forum 2008 Ditton Manor, 30 September 3 October 2008 Musa Unmehopa» Chairman OMA Architecture Working Group» Distinguished

More information

Call Control Protocols and IPv6 in IP Video Solutions

Call Control Protocols and IPv6 in IP Video Solutions CHAPTER 4 Call Control Protocols and IPv6 in IP Video Solutions Revised: March 30, 2012, Protocols provide a complete set of specifications and suite of standards for communications between devices, This

More information

Security. Contents. S-72.3240 Wireless Personal, Local, Metropolitan, and Wide Area Networks 1

Security. Contents. S-72.3240 Wireless Personal, Local, Metropolitan, and Wide Area Networks 1 Contents Security requirements Public key cryptography Key agreement/transport schemes Man-in-the-middle attack vulnerability Encryption. digital signature, hash, certification Complete security solutions

More information

Fundamentals of Network Security - Theory and Practice-

Fundamentals of Network Security - Theory and Practice- Fundamentals of Network Security - Theory and Practice- Program: Day 1... 1 1. General Security Concepts... 1 2. Identifying Potential Risks... 1 Day 2... 2 3. Infrastructure and Connectivity... 2 4. Monitoring

More information

Vesselin Tzvetkov, Holger Zuleger {vesselin.tzvetkov, holger.zuleger}@arcor.net Arcor AG&Co KG, Alfred-Herrhausen-Allee 1, 65760 Eschborn, Germany

Vesselin Tzvetkov, Holger Zuleger {vesselin.tzvetkov, holger.zuleger}@arcor.net Arcor AG&Co KG, Alfred-Herrhausen-Allee 1, 65760 Eschborn, Germany Service Provider implementation of SIP regarding security Vesselin Tzvetkov, Holger Zuleger {vesselin.tzvetkov, holger.zuleger}@arcor.net Arcor AG&Co KG, Alfred-Herrhausen-Allee 1, 65760 Eschborn, Germany

More information

INTERNATIONAL TELECOMMUNICATION UNION

INTERNATIONAL TELECOMMUNICATION UNION INTERNATIONAL TELECOMMUNICATION UNION TELECOMMUNICATION STANDARDIZATION SECTOR STUDY PERIOD 2009-2012 English only Original: English Question(s): 1/13 Mar del Plata, Argentina, 2-12 September 2009 Ref.:

More information

World Summit on Information Society (WSIS) Forum 2013. 16 May 2013

World Summit on Information Society (WSIS) Forum 2013. 16 May 2013 World Summit on Information Society (WSIS) Forum 2013 Toolkit for creating ICT-based services using mobile communications for e- government services 16 May 2013 Hani Eskandar ICT Applications coordinator

More information

Session Border Controllers in Enterprise

Session Border Controllers in Enterprise A Light Reading Webinar Session Border Controllers in Enterprise Thursday, October 7, 2010 Hosted by Jim Hodges Senior Analyst Heavy Reading Sponsored by: Speakers Natasha Tamaskar VP Product Marketing

More information

IPTV and IMS in Next-generation Networks

IPTV and IMS in Next-generation Networks S T R A T E G I C W H I T E P A P E R IPTV and IMS in Next-generation Networks Choosing the right approach for IPTV integration IPTV is the next frontier for multimedia information and entertainment over

More information

WHITE PAPER. WiMAX Security for Real-World Network Service Provider Deployments

WHITE PAPER. WiMAX Security for Real-World Network Service Provider Deployments WHITE PAPER WiMAX Security for Real-World Network Service Provider Deployments Executive Summary For network service providers in search of next-generation subscriber services and new revenue streams,

More information

Fraud Detection for Next-Generation Networks

Fraud Detection for Next-Generation Networks Fraud Detection for Next-Generation Networks Name of company/ies submitting case study: University of Deusto Web links to company/ies submitting case studies: http://www.deusto.es http://www.fundacion-deusto.deusto.es/

More information

Recommended IP Telephony Architecture

Recommended IP Telephony Architecture Report Number: I332-009R-2006 Recommended IP Telephony Architecture Systems and Network Attack Center (SNAC) Updated: 1 May 2006 Version 1.0 SNAC.Guides@nsa.gov This Page Intentionally Left Blank ii Warnings

More information

ICT Category Sub Category Description Architecture and Design

ICT Category Sub Category Description Architecture and Design A A01 Architecture and Design Architecture and Design Enterprise & Business Architecture A02 Architecture and Design Information Architecture A03 Architecture and Design Solution Architecture B Benchmarking

More information

Standardizing Information and Communication Systems

Standardizing Information and Communication Systems ECMA Technical Report TR/77 December 1999 Standardizing Information and Communication Systems Telephony System with Integrated Internet Access - Overview Phone: +41 22 849.60.00 - Fax: +41 22 849.60.01

More information

Cloud Computing Standards: Overview and ITU-T positioning

Cloud Computing Standards: Overview and ITU-T positioning ITU Workshop on Cloud Computing (Tunis, Tunisia, 18-19 June 2012) Cloud Computing Standards: Overview and ITU-T positioning Dr France Telecom, Orange Labs Networks & Carriers / R&D Chairman ITU-T Working

More information

Security issues in Voice over IP: A Review

Security issues in Voice over IP: A Review www.ijecs.in International Journal Of Engineering And Computer Science ISSN:2319-7242 Volume 3 Issue 2 February, 2014 Page No. 3879-3883 Security issues in Voice over IP: A Review Rajni a, Preeti a, Ritu

More information

A business view for NGN service usage

A business view for NGN service usage A business view for NGN service usage Emmanuel Bertin 1, Idir Fodil 1, Noel Crespi 2 1 France Telecom, R&D division 2 Institut National des Télécommunications (GET-INT) Abstract. Next Generation Networks

More information

A Brief Overview of VoIP Security. By John McCarron. Voice of Internet Protocol is the next generation telecommunications method.

A Brief Overview of VoIP Security. By John McCarron. Voice of Internet Protocol is the next generation telecommunications method. A Brief Overview of VoIP Security By John McCarron Voice of Internet Protocol is the next generation telecommunications method. It allows to phone calls to be route over a data network thus saving money

More information

7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?

7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security? 7 Network Security 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework 7.4 Firewalls 7.5 Absolute Security? 7.1 Introduction Security of Communications data transport e.g. risk

More information

Implementing Cisco IOS Network Security v2.0 (IINS)

Implementing Cisco IOS Network Security v2.0 (IINS) Implementing Cisco IOS Network Security v2.0 (IINS) Course Overview: Implementing Cisco IOS Network Security (IINS) v2.0 is a five-day instructor-led course that is presented by Cisco Learning Partners

More information

Attachment Q5. Voice over Internet Protocol (VoIP)

Attachment Q5. Voice over Internet Protocol (VoIP) DHS 4300A Sensitive Systems Handbook Attachment Q5 To Handbook v. 11.0 Voice over Internet Protocol (VoIP) Version 11.0 December 22, 2014 Protecting the Information that Secures the Homeland This page

More information

Securing VoIP Networks using graded Protection Levels

Securing VoIP Networks using graded Protection Levels Securing VoIP Networks using graded Protection Levels Andreas C. Schmidt Bundesamt für Sicherheit in der Informationstechnik, Godesberger Allee 185-189, D-53175 Bonn Andreas.Schmidt@bsi.bund.de Abstract

More information

Connecting MPLS Voice VPNs Enabling the Secure Interconnection of Inter-Enterprise VoIP

Connecting MPLS Voice VPNs Enabling the Secure Interconnection of Inter-Enterprise VoIP Connecting MPLS Voice VPNs Enabling the Secure Interconnection of Inter-Enterprise VoIP Connecting MPLS Voice VPNs Enabling the secure interconnection of Inter-Enterprise VoIP Executive Summary: MPLS Virtual

More information

IMS Interconnect: Peering, Roaming and Security Part One

IMS Interconnect: Peering, Roaming and Security Part One T E C H N O L O G Y W H I T E P A P E R IMS Interconnect: Peering, Roaming and Security Part One IMS interconnection promises to enable greater reach and richer offerings for the providers that establish

More information

VoIP Resilience and Security Jim Credland

VoIP Resilience and Security Jim Credland VoIP Resilience and Security Jim Credland About THUS plc Provider and user of VoIP and Soft Switch technologies Developing Enterprise Security Standards NISCC VoIP Working Group Security Considerations

More information

CPNI VIEWPOINT 02/2007 ENTERPRISE VOICE OVER IP

CPNI VIEWPOINT 02/2007 ENTERPRISE VOICE OVER IP ENTERPRISE VOICE OVER IP AUGUST 2007 Abstract Voice over IP (VoIP) is the term used for a set of technologies that enable real time voice or video conversations to take place across IP networks. VoIP devices

More information

Content Teaching Academy at James Madison University

Content Teaching Academy at James Madison University Content Teaching Academy at James Madison University 1 2 The Battle Field: Computers, LANs & Internetworks 3 Definitions Computer Security - generic name for the collection of tools designed to protect

More information

Best Practices for Securing IP Telephony

Best Practices for Securing IP Telephony Best Practices for Securing IP Telephony Irwin Lazar, CISSP Senior Analyst Burton Group Agenda VoIP overview VoIP risks Mitigation strategies Recommendations VoIP Overview Hosted by VoIP Functional Diagram

More information

Overview of VoIP Systems

Overview of VoIP Systems 2 Overview of VoIP Systems In their simplest form, Voice over IP protocols simply enable two (or more) devices to transmit and receive real-time audio traffic that allows their respective users to communicate.

More information

Maintaining Herd Communication - Standards Used In IT And Cyber Security. Laura Kuiper

Maintaining Herd Communication - Standards Used In IT And Cyber Security. Laura Kuiper Maintaining Herd Communication - Standards Used In IT And Cyber Security Laura Kuiper So what is Cyber Security? According to ITU-T X.1205 Cybersecurity is the collection of tools, policies, security concepts,

More information

How to secure an LTE-network: Just applying the 3GPP security standards and that's it?

How to secure an LTE-network: Just applying the 3GPP security standards and that's it? How to secure an LTE-network: Just applying the 3GPP security standards and that's it? Telco Security Day @ Troopers 2012 Peter Schneider Nokia Siemens Networks Research 1 Nokia Siemens Networks 2012 Intro

More information

PROPOSAL 20. Resolution 130 of Marrakesh on the role of ITU in information and communication network security

PROPOSAL 20. Resolution 130 of Marrakesh on the role of ITU in information and communication network security PROPOSAL 20 Resolution 130 of Marrakesh on the role of ITU in information and network security Submitted by the following Member States: Germany (Federal Republic of), Austria, Belarus (Republic of), Bulgaria

More information

SIP Trunking: Deployment Considerations at the Network Edge

SIP Trunking: Deployment Considerations at the Network Edge Small Logo SIP Trunking: Deployment Considerations at the Network Edge at the Network Edge Executive Summary The move to Voice over IP (VoIP) and Fax over IP (FoIP) in the enterprise has, until relatively

More information

Permeo Technologies WHITE PAPER. HIPAA Compliancy and Secure Remote Access: Challenges and Solutions

Permeo Technologies WHITE PAPER. HIPAA Compliancy and Secure Remote Access: Challenges and Solutions Permeo Technologies WHITE PAPER HIPAA Compliancy and Secure Remote Access: Challenges and Solutions 1 Introduction The Healthcare Insurance Portability and Accountability Act (HIPAA) of 1996 has had an

More information

Human Factors in Information Security

Human Factors in Information Security University of Oslo INF3510 Information Security Spring 2014 Workshop Questions Lecture 2: Security Management, Human Factors in Information Security QUESTION 1 Look at the list of standards in the ISO27000

More information

ICTTEN8195B Evaluate and apply network security

ICTTEN8195B Evaluate and apply network security ICTTEN8195B Evaluate and apply network security Release 1 ICTTEN8195B Evaluate and apply network security Modification History Release Release 2 Comments This version first released with ICT10 Integrated

More information

VoIP some threats, security attacks and security mechanisms. Lars Strand RiskNet Open Workshop Oslo, 24. June 2009

VoIP some threats, security attacks and security mechanisms. Lars Strand RiskNet Open Workshop Oslo, 24. June 2009 VoIP some threats, security attacks and security mechanisms Lars Strand RiskNet Open Workshop Oslo, 24. June 2009 "It's appalling how much worse VoIP is compared to the PSTN. If these problems aren't fixed,

More information

Mobility and cellular networks

Mobility and cellular networks Mobility and cellular s Wireless WANs Cellular radio and PCS s Wireless data s Satellite links and s Mobility, etc.- 2 Cellular s First generation: initially debuted in Japan in 1979, analog transmission

More information

Ram Dantu. VOIP: Are We Secured?

Ram Dantu. VOIP: Are We Secured? Ram Dantu Professor, Computer Science and Engineering Director, Center for Information and Computer Security University of North Texas rdantu@unt.edu www.cse.unt.edu/~rdantu VOIP: Are We Secured? 04/09/2012

More information

Overview of Voice Over Internet Protocol

Overview of Voice Over Internet Protocol Overview of Voice Over Internet Protocol Purva R. Rajkotia, Samsung Electronics November 4,2004 Overview of Voice Over Internet Protocol Presentation Outline History of VoIP What is VoIP? Components of

More information

ENTERPRISE SESSION BORDER CONTROLLERS: SAFEGUARDING TODAY S AND TOMORROW S UNIFIED COMMUNICATIONS

ENTERPRISE SESSION BORDER CONTROLLERS: SAFEGUARDING TODAY S AND TOMORROW S UNIFIED COMMUNICATIONS ENTERPRISE SESSION BORDER CONTROLLERS: SAFEGUARDING TODAY S AND TOMORROW S UNIFIED COMMUNICATIONS ALCATEL-LUCENT OPENTOUCH SESSION BORDER CONTROLLER A SECURE SOLUTION FOR BORDERLESS CONVERSATIONS APPLICATION

More information

SIP Signaling Router (SSR) Use Cases

SIP Signaling Router (SSR) Use Cases APPLICATION GUIDE SIP Signaling Router (R) Use Cases Using SIP to improve network performance and deliver advanced services This application guide discusses how operators can use a SIP Signaling Router

More information

An Overview of H.323 - SIP Interworking

An Overview of H.323 - SIP Interworking An Overview of - Interworking 2001 RADVISION. All intellectual property rights in this publication are owned by RADVision Ltd. and are protected by United States copyright laws, other applicable copyright

More information

SIP Security Controllers. Product Overview

SIP Security Controllers. Product Overview SIP Security Controllers Product Overview Document Version: V1.1 Date: October 2008 1. Introduction UM Labs have developed a range of perimeter security gateways for VoIP and other applications running

More information

Cloud Standards - A Telco Perspective

Cloud Standards - A Telco Perspective Cloud Standards - A Telco Perspective Abdellatif Benjelloun Touimi abdellatif.benjelloun@huawei.com Corporate Standards Department www.huawei.com TEN YEARS OF CONNECTING EUROPE HUAWEI TECHNOLOGIES CO.,

More information

Introduction Chapter 1. Uses of Computer Networks

Introduction Chapter 1. Uses of Computer Networks Introduction Chapter 1 Uses of Computer Networks Network Hardware Network Software Reference Models Example Networks Network Standardization Metric Units Revised: August 2011 Uses of Computer Networks

More information

Cisco Wireless Security Gateway R2

Cisco Wireless Security Gateway R2 Cisco Wireless Security Gateway R2 Product Overview The Cisco Wireless Security Gateway (WSG) is a highly scalable solution for tunneling femtocell, Unlicensed Mobile Access (UMA)/Generic Access Network

More information

Security Frameworks. An Enterprise Approach to Security. Robert Belka Frazier, CISSP belka@att.net

Security Frameworks. An Enterprise Approach to Security. Robert Belka Frazier, CISSP belka@att.net Security Frameworks An Enterprise Approach to Security Robert Belka Frazier, CISSP belka@att.net Security Security is recognized as essential to protect vital processes and the systems that provide those

More information

Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006

Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 April 2013 Hologic and the Hologic Logo are trademarks or registered trademarks of Hologic, Inc. Microsoft, Active Directory,

More information

Transparent weaknesses in VoIP

Transparent weaknesses in VoIP Transparent weaknesses in VoIP Peter Thermos peter.thermos@palindrometech.com 2007 Palindrome Technologies, All Rights Reserved 1 of 56 Speaker Background Consulting Government and commercial organizations,

More information

End-to-End Quality-of-Service Support in Next Generation Networks with NSIS

End-to-End Quality-of-Service Support in Next Generation Networks with NSIS End-to-End Quality-of-Service Support in Next Generation Networks with NSIS Roland Bless, Martin Röhricht Karlsruhe Institute of Technology, Germany Institute of Telematics, Department of Computer Science

More information

Transforming Networks with SIP Trunking

Transforming Networks with SIP Trunking S T R A T E G I C W H I T E P A P E R Transforming Networks with SIP Trunking Enabling cost-effective communications and new services for small and medium businesses (SMBs) The Internet is critical for

More information

VIDEOCONFERENCING. Video class

VIDEOCONFERENCING. Video class VIDEOCONFERENCING Video class Introduction What is videoconferencing? Real time voice and video communications among multiple participants The past Channelized, Expensive H.320 suite and earlier schemes

More information

CH ENSA EC-Council Network Security Administrator Detailed Course Outline

CH ENSA EC-Council Network Security Administrator Detailed Course Outline CH ENSA EC-Council Network Security Administrator Detailed Course Outline Summary Duration Vendor Audience 5 Days hands-on training EC-Council Security Professionals Level Technology Category Advance Ethical

More information

What is an E-SBC? WHITE PAPER

What is an E-SBC? WHITE PAPER Executive Summary Enterprise communications is in a state of transformation. Businesses are replacing conventional PBX systems with VoIP and Unified Communications (UC) solutions and cloud-based services

More information