During todays session Top Technologies for VoIP Security & Number Mapping, panelists will discuss the future of VoIP security and number mapping as well as what are the necessary regulations to ensure network and user security while enhancing VoIP growth and further integration in the marketplace.
Panelist Tom Kershaw, vice president of Next Generation Networks for VeriSign, will target identity protection in the context of ENUM and VoIP. Kershaw expects to touch on how addresses currently are managed (a service provider gives you a phone number) and how that evolves into the DNS model, where you select your own address and have responsibility and ownership of it.
This creates identity protection and identity theft challenges for validating the subscriber is who they say they are, and that they have certain rights and permissions to access network services, said Kershaw. We see SSL as a big part of the solution here, but also see the need to validate information requests against source data (much like we do today for calling name display).
Also on tap for todays panel is Dave Cullerot, senior product manager for session border controller vendor Acme Packet. With VoIP deployments increasing in frequency and size, there is a growing clamor over VoIP security, said Cullerot. The openness of the Internet and relevant protocols enable amazing new forms of end-to-end communications but also unlock the door for criminals and causal hackers to compromise IP-based communications, he said.
These vulnerabilities exist whether VoIP is delivered over the public
Internet or over a private, managed IP network yet the probabilities and impacts of the threats differ depending on the network and business model. With the right technologies, service providers have the opportunity to build secure VoIP networks so that their customers can receive trusted, high-quality and dependable interactive IP communications.
While there has been little in the way of public security breaches with disastrous consequences, he added, the risks are very real as an attack that causes a compromised, degraded or lost VoIP service is more than just loss of revenue for service providers, as it has the potential for devastating long-term effects in the way of customer defections, tarnished brand reputation and lawsuits.
Security threats for VoIP networks include denial-of-service attacks, viruses and malware, service fraud, identity theft, eavesdropping/ user privacy, and spam over Internet telephony (SPIT).
Also featured on this panel is Randy Nicklas, CTO of XO Communications Inc., and the session leader is Patrick Reilly, director of VoIP product management for Global Crossing Ltd.