The Best Books of 2024 (So Far) Explore All Lists

Understanding Voice Over Ip Security

Add to Wishlist

Understanding Voice Over Ip Security

Hardcover(1ST)

$123.00

Hardcover(1ST)
$123.00

SHIP THIS ITEM

Qualifies for Free Shipping
PICK UP IN STORE
Check Availability at Nearby Stores

Available within 2 business hours

Want it Today?
Check Store Availability

Related collections and offers

Overview

This authoritative and practical book offers a current and comprehensive understanding of VoIP (Voice over IP) security. Professionals learn how to design and implement secure VoIP networks and services, and how to integrate VoIP securely in existing data networks. The authors explain how IETF SIP and media security standards affect VoIP deployment, and how end-to-end encryption can be deployed to protect all VoIP calls. For readers unfamiliar with Internet security, the book explains security basics and attack types and methods and details all the key security aspects of data and VoIP systems and networks, including identity, authentication, signaling, and media encryption.

Product Details
Table of Contents

Product Details

ISBN-13:	9781596930506
Publisher:	Artech House, Incorporated
Publication date:	03/31/2006
Series:	Artech House Telecommunications Library
Edition description:	1ST
Pages:	288
Product dimensions:	6.14(w) x 9.21(h) x 0.69(d)

	Foreword	xiii
	Acknowledgments	xvii
1	Introduction	1
1.1	VoIP: A Green Field for Attackers	2
1.2	Why VoIP Security Is Important	3
1.3	The Audience for This Book	4
1.4	Organization	4
2	Basic Security Concepts: Cryptography	7
2.1	Introduction	7
2.2	Cryptography Fundamentals	7
2.2.1	Secret Key (Symmetric) Cryptography	10
2.2.2	Asymmetric (Public Key) Cryptography	12
2.2.3	Integrity Protection	13
2.2.4	Authenticated and Secure Key Exchange	17
2.3	Digital Certificates and Public Key Infrastructures	20
2.3.1	Certificate Assertions	22
2.3.2	Certificate Authorities	24
	References	27
3	VoIP Systems	29
3.1	Introduction	29
3.1.2	VoIP Architectures	29
3.2	Components	31
3.3	Protocols	32
3.3.1	Session Initiation Protocol	32
3.3.2	Session Description Protocol	39
3.3.3	H.323	42
3.3.4	Media Gateway Control Protocols	44
3.3.5	Real Time Transport Protocol	46
3.3.6	Proprietary Protocols	46
3.4	Security Analysis of SIP	48
	References	49
4	Internet Threats and Attacks	51
4.1	Introduction	51
4.2	Attack Types	51
4.2.1	Denial of Service (DoS)	51
4.2.2	Man-in-the-Middle	56
4.2.3	Replay and Cut-and-Paste Attacks	57
4.2.4	Theft of Service	58
4.2.5	Eavesdropping	59
4.2.6	Impersonation	60
4.2.7	Poisoning Attacks (DNS and ARP)	60
4.2.8	Credential and Identity Theft	61
4.2.9	Redirection/Hijacking	62
4.2.10	Session Disruption	63
4.3	Attack Methods	64
4.3.1	Port Scans	64
4.3.2	Malicious Code	65
4.3.3	Buffer Overflow	67
4.3.5	Password Theft/Guessing	69
4.3.6	Tunneling	69
4.3.7	Bid Down	69
4.4	Summary	70
	References	70
5	Internet Security Architectures	73
5.1	Introduction	73
5.1.1	Origins of Internet Security Terminology	73
5.1.2	Castle Building in the Virtual World	74
5.2	Security Policy	75
5.3	Risk, Threat, and Vulnerability Assessment	77
5.4	Implementing Security	79
5.5	Authentication	80
5.6	Authorization (Access Control)	82
5.7	Auditing	82
5.8	Monitoring and Logging	84
5.9	Policy Enforcement: Perimeter Security	85
5.9.1	Firewalls	86
5.9.2	Session Border Controller	90
5.9.3	Firewalls and VoIP	92
5.10	Network Address Translation	93
5.11	Intrusion Detection and Prevention	95
5.12	Honeypots and Honeynets	97
5.13	Conclusions	97
	References	98
6	Security Protocols	101
6.1	Introduction	101
6.2	IP Security (IPSec)	103
6.2.1	Internet Key Exchange	105
6.3	Transport Layer Security (TLS)	107
6.4	Datagram Transport Layer Security (DTLS)	111
6.5	Secure Shell (SecSH, SSH)	112
6.6	Pretty Good Privacy (PGP)	115
6.7	DNS Security (DNSSEC)	116
	References	119
7	General Client and Server Security Principles	121
7.1	Introduction	121
7.2	Physical Security	122
7.3	System Security	122
7.3.1	Server Security	122
7.3.2	Client OS Security	124
7.4	LAN Security	126
7.4.1	Policy-Based Network Admission	127
7.4.2	Endpoint Control	128
7.4.3	LAN Segmentation Strategies	129
7.4.4	LAN Segmentation and Defense in Depth	130
7.5	Secure Administration	131
7.6	Real-Time Monitoring of VoIP Activity	132
7.7	Federation Security	132
7.8	Summary	132
	References	133
8	Authentication	135
8.1	Introduction	135
8.2	Port-Based Network Access Control (IEEE 802.1x)	137
8.3	Remote Authentication Dial-In User Service	140
8.4	Conclusions	143
	References	143
9	Signaling Security	145
9.1	Introduction	145
9.2	SIP Signaling Security	146
9.2.1	Basic Authentication	146
9.2.2	Digest Authentication	147
9.2.3	Pretty Good Privacy	152
9.2.4	S/MIME	153
9.2.5	Transport Layer Security	155
9.2.6	Secure SIP	159
9.3	H.323 Signaling Security with H.235	160
	References	161
10	Media Security	163
10.1	Introduction	163
10.2	Secure RTP	164
10.3	Media Encryption Keying	168
10.3.1	Preshared Keys	168
10.3.2	Public Key Encryption	169
10.3.3	Authenticated Key Management and Exchange	170
10.4	Security Descriptions in SDP	172
10.5	Multimedia Internet Keying (MIKEY)	173
10.5.1	Generation of MIKEY Message by Initiator	177
10.5.2	Responder Processing of a MIKEY Message	183
10.6	Failure and Fallback Scenarios	186
10.7	Alternative Key Management Protocol-ZRTP	188
10.8	Future Work	190
	References	190
11	Identity	193
11.1	Introduction	193
11.2	Names, Addresses, Numbers, and Communication	193
11.2.1	E.164 Telephone Numbers	194
11.2.2	Internet Names	195
11.3	Namespace Management in SIP	196
11.3.1	URI Authentication	196
11.4	Trust Domains for Asserted Identity	199
11.5	Interdomain SIP Identity	202
11.5.1	SIP Authenticated Identity Body (AIB)	203
11.5.2	Enhanced SIP Identity	204
11.6	SIP Certificates Service	209
11.7	Other Asserted Identity Methods	217
11.7.1	Secure Assertion Markup Language	217
11.7.2	Open Settlements Protocol and VoIP	219
11.7.3	H.323 Identity	219
11.7.4	Third Party Identity and Referred-By	219
11.8	Privacy	220
	References	223
12	PSTN Gateway Security	225
12.1	Introduction	225
12.2	PSTN Security Model	225
12.3	Gateway Security	227
12.3.1	Gateway Security Architecture	228
12.3.2	Gateway Types	229
12.3.3	Gateways and Caller ID	230
12.3.4	Caller ID and Privacy	231
12.3.5	Gateway Decomposition	231
12.3.6	SIP/ISUP Interworking	232
12.4	Telephone Number Mapping in the DNS	233
	References	236
13	Spam and Spit	237
13.1	Introduction	237
13.2	Is VoIP Spam Inevitable?	238
13.3	Technical Approaches to Combat E-Mail Spam	240
13.3.1	Filtering Spam Using Identity Information	240
13.3.2	Grey Listing	241
13.3.3	Challenge/Response (Sender Verification)	242
13.3.4	Distributed Checksum Filtering (DCF)	242
13.3.5	Content Filtering	243
13.3.6	Summary of Antispam Approaches	243
13.4	VoIP and Spit	243
13.5	Summary	245
	References	246
14	Conclusions	247
14.1	Summary	247
14.2	VoIP Is Still New	248
14.3	VoIP Endpoints Are New	248
14.4	VoIP Standards Are Not Complete	249
14.5	Base VoIP Security on Best Current Security Practices for Data	249
14.6	VoIP Is a QoS-Sensitive Data Application	250
14.7	Merging Public and Private VoIP Services Will Be Problematic	250
14.8	Concluding Remarks	251
	Index	255

From the B&N Reads Blog

Page 1 of

Related collections and offers

Overview

Product Details

Table of Contents

Related Subjects

Customer Reviews