[VOIPSEC] Question on VoIP security requirements in financial sector

Mon Jun 18 04:35:25 CDT 2007

Hello,

I'm trying to find some information regarding security policies or legal 
obligations with regards to the use of VoIP in the financial sector. Does 
anybody know if the use of SRTP and/or TLS are mandatory requirements for 
some financial transactiosn (i.e. phone banking)? I'm especially looking 
for information that relates to europe but if you got something from other 
regions that that would be helpful too.

best regards

Roland Auckenthaler
Sales Engineer CEEME, NMS Communications

Address:  Richard Strauss Strasse 71, D-81679 Munich, Germany
Phone: +49 89 945484-78, Fax: +49 89 945484-70
MSN-IM: rauckenthaler at hotmail.com

Amtsgericht Muenchen: HRB 132404, Geschäftsführer: Herb Shumway

voipsec-request at voipsa.org 
Sent by: voipsec-bounces at voipsa.org
19.01.2007 13:00
Please respond to
voipsec at voipsa.org

To
voipsec at voipsa.org
cc

Subject
Voipsec Digest, Vol 25, Issue 4

Send Voipsec mailing list submissions to
                 voipsec at voipsa.org

To subscribe or unsubscribe via the World Wide Web, visit
                 http://voipsa.org/mailman/listinfo/voipsec_voipsa.org
or, via email, send a message with subject or body 'help' to
                 voipsec-request at voipsa.org

You can reach the person managing the list at
                 voipsec-owner at voipsa.org

When replying, please edit your Subject line so it is more specific
than "Re: Contents of Voipsec digest..."

Today's Topics:

   1. EUSecWest 2007 Papers (Dragos Ruiu)

----------------------------------------------------------------------

Message: 1
Date: Thu, 18 Jan 2007 16:07:22 -0800
From: Dragos Ruiu <dr at kyx.net>
Subject: [VOIPSEC] EUSecWest 2007 Papers
To: Voipsec at voipsa.org
Message-ID: <200701181607.22142.dr at kyx.net>
Content-Type: text/plain;  charset="us-ascii"

(Nico already beat me to telling you folks, but
there is some other info in this message that 
may interest some folks here  --dr:)

Hi,

For those who asked, we are still processing the submissions for 
CanSecWest
and the call closed, please stand by. The paper selections are back from 
the
reviewers for EUSecWest, in London on March 1-2.

In absolutely random order:

Threats against and protection of Microsoft's internal network - Greg 
Galford, 
Microsoft
Linux Kernel == Security Nightmare - Marcel Holtmann, Red Hat
/GS and ASLR in Windows Vista - Ollie Whitehouse, Symantec
Fuzzing: history, perspectives and limits - Christian Wieser, Oulu 
university
The new OWASP Web Application Penetration Testing Methodology - Matteo 
Meucci 
& Alberto Revelli, OWASP-Italy
Reverse Engineering Malicious Javascript - Jose Nazario, Ph.D., Arbor
Bypassing NAC Systems - Ofir Arkin, Insightix
RFID - Adam Laurie, trifinite
Protecting Next-Gen Networks @ Nx10G link sizes - Jim Deleskie, Teleglobe
Video Conferencing Security - Navid Jam, Sandia National Laboratories
Software Virtualization Based Rootkits - Sun Bing
VoIP Attacks! - Dustin D. Trammell, TippingPoint
Windows Vista Exploitation Countermeasures - Richard Johnston, Microsoft
OSX Security - Daniel Cuthbert, Corsaire
Distributed drone-based malware propagation and deployment automation - 
Emmanuel H

We have added a new RFID dojo in London with Adam, and Nico 
has a new VoIP Security dojo amongst the new dojos to be announced
for CanSecWest along with the paper selections. Dojos for London 
have final schedules now.

cheers,
--dr

-- 
World Security Pros. Cutting Edge Training, Tools, and Techniques
London, U.K.    Mar 1-2 - 2007    http://eusecwest.com
pgpkey http://dragos.com/ kyxpgp

------------------------------

_______________________________________________
Voipsec mailing list
Voipsec at voipsa.org
http://voipsa.org/mailman/listinfo/voipsec_voipsa.org

End of Voipsec Digest, Vol 25, Issue 4
**************************************