This authoritative and practical book offers a current and comprehensive understanding of VoIP (Voice over IP) security. You learn how to design and implement secure VoIP networks and services, and how to integrate VoIP securely in existing data networks. You discover how emerging IETF SIP and media security standards will affect future VoIP deployment, and how end-to-end encryption may be deployed to eventually protect all VoIP calls. The book explains Internet security basics, attack types and methods, and details all the key security aspects of a data and VoIP systems and networks, including identity, authentication, signaling, and media encryption. This practical resource discusses security architectures of perimeter vs. end-to-end security in terms of VoIP systems. You also find security approaches and architectures in related applications, such as the World Wide Web, Secure Shell, and the PSTN. A chapter on client and server security discusses general security of Internet hosts in a VoIP system. What's more, the book presents current techniques to combat spam and covers the future problems of spim (spam over instant messaging) and spit (spam over internet telephony).
Table Of Contents
Introduction.; Introduction to Cryptography. VoIP Systems. Internet Threats and Attacks. Internet Security Architectures. Security Protocols. General Client and Server Security Principles. Authentication. Signaling Security. Media Security. Identity. PSTN Gateway. Spam and Spit. Conclusions.
Alan B. Johnston
Alan B. Johnston is a consulting member of the technical staff at Avaya Inc. and an adjunct professor of electrical engineering at Washington University in St. Louis. He holds a Ph.D. in electrical engineering from Lehigh University and a B.E. in electrical and electronic engineering from the University of Melbourne, Australia. He is a co-author of SIP specification RFC 3261 and several other SIP-related RFCs.
David M. Piscitello is president and principal consultant of Core Competence, Inc. He previously worked at Bell Communications Research, where he won a President 's Recognition Award for his contributions to SMDS, ATM, and customer network management for switched data services. David recently accepted a Fellow position with the Internet Corporation for Assigned Names and Numbers on the Security and Stability Advisory Committee.