Both of these active working groups are headed by a project leader, and are open to all interested members as well as any other individuals or groups the working group deems necessary to invite to participate.
THREAT TAXONOMY
The VoIP Security Threat Taxonomy is meant to help define the many potential security threats to VoIP deployments, services, and end users. Part of the challenge of devising effective VoIP security protections requires identifying the threats in the first place.
SECURITY REQUIREMENTS
This project is tasked with defining security requirements across the wide spectrum of a VoIP ecosystem including individual VoIP building blocks, supporting security technology components (SBCs, Firewalls, etc.), architecture and network design (NAT, VPN, port security, etc.), network management, and end point Access and Authentication to name a few.
BEST PRACTICES
This project aims to define a common set of industry-wide ‘best practices’ for securing VoIP systems against the threats outlined in the Threat Taxonomy. While specific practices will vary according to vendor and architecture, the document created by this group will provide an overall view of how best to secure VoIP systems.
|