VoIP Security Threat Taxonomy
VoIPSA, The Voice over IP security alliance has published a must read document if you are interested in VOIP.
They seem to be almost same as the PSTN or POTS line woes but with added bag internet woes.
Topping the industry bodyĆs list are more familiar issues such as privacy and eavesdropping, harassment by phone, premium rate abuse, and hijacking of service, all of which remain to be tackled by the industry.
The Document can be downloaded or view online. The online version is a wiki site, gives one ability to add, edit to the content.
VOIPSA was formed in February 2005 with the purpose of improving the public awareness of issues and best practices for securing VoIP including video, Instant Messaging and presence. The organization has grown rapidly since its inception and now includes more than 100 organizing companies worldwide. VOIPSA invites participation in new projects in the form of comments, feedback and discussion.
Major elements of the work announced today include the following:
· Core definitions that give specific meaning to privacy and security
· A framework that effectively connects public policy and technology issues
· Recognition of the human element in threats as distinct from their technical means
· Specific sets of issues for consideration by legislative bodies and by law enforcement
· A detailed structure for technical vulnerabilities across the value chain