VoIP threats outlined

The Voice over IP Security Alliance released Monday the first comprehensive description of security and threats in the field of Voice over Internet Protocol.

The results, known as the VoIP Security Threat Taxonomy, provide the industry with a view of VoIP threats, the vulnerabilities and a context for balancing tradeoffs.

"The importance of this accomplishment is that it gives a foundation to all future discussions on VoIP security that are both technically and socially informed. Until now, the public has been uncertain about the various threats, how risks related to each other and technical trade-offs. This is fundamental to all future work in the field," said Jonathan Zar, secretary and outreach chair for VOIPSA, head of the taxonomy project and senior director for SonicWALL.

The project, launched in late March, is the first completed project of VOIPSA, an organization formed in February with the purpose of improving the public awareness of issues and best practices for securing VoIP.

Major elements of the work include recognition of the human element in threats as distinct from their technical means, specific sets of issues for consideration by legislative bodies and by law enforcement, and a detailed structure for technical vulnerabilities across the value chain.

"While technical work on the taxonomy will continue, the results published today provide an effective framework with which to inform the press, the policy community and other projects within VOIPSA," said Zar.

Copyright 2005 by United Press International