Sale!

Understanding Voice over IP Security Artech House Telecommunications Library 1st Edition by Alan Johnston, David Piscitello ISBN 978-1596930506 1596930500

Original price was: $50.00.Current price is: $35.00.

Understanding Voice over IP Security Artech House Telecommunications Library 1st Edition Alan B. Johnston Digital Instant Download

Author(s): Alan B. Johnston, David M. Piscitello
ISBN(s): 9781596930513, 1596930519
Edition: 1
File Details: PDF, 3.42 MB
Year: 2006
Language: english
SKU: EB-1747790 Category: Tags: ,

Understanding Voice over IP Security Artech House Telecommunications Library 1st Edition by Alan B. Johnston,  David M. Piscitello- Ebook PDF Instant Download/Delivery: 978-1596930506, 1596930500
Full download Understanding Voice over IP Security Artech House Telecommunications Library 1st Edition  after payment


Product details: 

ISBN 10: 1596930500

ISBN 13: 978-1596930506

Author: Alan B. Johnston,  David M. Piscitello 
This authoritative and practical book offers a current and comprehensive understanding of VoIp (Voice over Ip) security. You learn how to design and implement secure VoIp networks and services, and how to integrate VoIp securely in existing data networks. You discover how emerging Ietf Sip and media security standards will affect future VoIp deployment, and how end-to-end encryption may be deployed to eventually protect all VoIp calls. The book explains Internet security basics, attack types and methods, and details all the key security aspects of a data and VoIp systems and networks, including identity, authentication, signaling, and media encryption. This practical resource discusses security architectures of perimeter vs. end-to-end security in terms of VoIp systems. You also find security approaches and architectures in related applications, such as the World Wide Web, Secure Shell, and the Pstn. A chapter on client and server security discusses general security of Internet hosts in a VoIp system. What’s more, the book presents current techniques to combat spam and covers the future problems of spim (spam over instant messaging) and spit (spam over internet telephony).

Table of contents: 

Introduction
1.1 VoIP: A Green Field for Attackers
1.2 Why VoIP Security Is Important
1.3 The Audience for This Book
1.4 Organization

Chapter 2. Basic Security Concepts: Cryptography
2.1 Introduction
2.2 Cryptography Fundamentals
 2.2.1 Secret Key (Symmetric) Cryptography
 2.2.2 Asymmetric (Public Key) Cryptography
 2.2.3 Integrity Protection
 2.2.4 Authenticated and Secure Key Exchange
2.3 Digital Certificates and Public Key Infrastructures
 2.3.1 Certificate Assertions
 2.3.2 Certificate Authorities
References

Chapter 3. VoIP Systems
3.1 Introduction
 3.1.2 VoIP Architectures
3.2 Components
3.3 Protocols
 3.3.1 Session Initiation Protocol (SIP)
 3.3.2 Session Description Protocol (SDP)
 3.3.3 H.323
 3.3.4 Media Gateway Control Protocols
 3.3.5 Real Time Transport Protocol (RTP)
 3.3.6 Proprietary Protocols
3.4 Security Analysis of SIP
References

Chapter 4. Internet Threats and Attacks
4.1 Introduction
4.2 Attack Types
 4.2.1 Denial of Service (DoS)
 4.2.2 Man-in-the-Middle
 4.2.3 Replay and Cut-and-Paste Attacks
 4.2.4 Theft of Service
 4.2.5 Eavesdropping
 4.2.6 Impersonation
 4.2.7 Poisoning Attacks (DNS and ARP)
 4.2.8 Credential and Identity Theft
 4.2.9 Redirection/Hijacking
 4.2.10 Session Disruption
4.3 Attack Methods
 4.3.1 Port Scans
 4.3.2 Malicious Code
 4.3.3 Buffer Overflow
 4.3.5 Password Theft/Guessing
 4.3.6 Tunneling
 4.3.7 Bid Down
4.4 Summary
References

Chapter 5. Internet Security Architectures
5.1 Introduction
 5.1.1 Origins of Internet Security Terminology
 5.1.2 Castle Building in the Virtual World
5.2 Security Policy
5.3 Risk, Threat, and Vulnerability Assessment
5.4 Implementing Security
5.5 Authentication
5.6 Authorization (Access Control)
5.7 Auditing
5.8 Monitoring and Logging
5.9 Policy Enforcement: Perimeter Security
 5.9.1 Firewalls
 5.9.2 Session Border Controller
 5.9.3 Firewalls and VoIP
5.10 Network Address Translation
5.11 Intrusion Detection and Prevention
5.12 Honeypots and Honeynets
5.13 Conclusions
References

Chapter 6. Security Protocols
6.1 Introduction
6.2 IP Security (IPSec)
 6.2.1 Internet Key Exchange
6.3 Transport Layer Security (TLS)
6.4 Datagram Transport Layer Security (DTLS)
6.5 Secure Shell (SSH)
6.6 Pretty Good Privacy (PGP)
6.7 DNS Security (DNSSEC)
References

Chapter 7. General Client and Server Security Principles
7.1 Introduction
7.2 Physical Security
7.3 System Security
 7.3.1 Server Security
 7.3.2 Client OS Security
7.4 LAN Security
 7.4.1 Policy-Based Network Admission
 7.4.2 Endpoint Control
 7.4.3 LAN Segmentation Strategies
 7.4.4 LAN Segmentation and Defense in Depth
7.5 Secure Administration
7.6 Real-Time Monitoring of VoIP Activity
7.7 Federation Security
7.8 Summary
References

Chapter 8. Authentication
8.1 Introduction
8.2 Port-Based Network Access Control (IEEE 802.1x)
8.3 Remote Authentication Dial-In User Service (RADIUS)
8.4 Conclusions
References

Chapter 9. Signaling Security
9.1 Introduction
9.2 SIP Signaling Security
 9.2.1 Basic Authentication
 9.2.2 Digest Authentication
 9.2.3 Pretty Good Privacy (PGP)
 9.2.4 S/MIME
 9.2.5 Transport Layer Security
 9.2.6 Secure SIP
9.3 H.323 Signaling Security with H.235
References

Chapter 10. Media Security
10.1 Introduction
10.2 Secure RTP
10.3 Media Encryption Keying
 10.3.1 Preshared Keys
 10.3.2 Public Key Encryption
 10.3.3 Authenticated Key Management and Exchange
10.4 Security Descriptions in SDP
10.5 Multimedia Internet Keying (MIKEY)
 10.5.1 Generation of MIKEY Message by Initiator
 10.5.2 Responder Processing of a MIKEY Message
10.6 Failure and Fallback Scenarios
10.7 Alternative Key Management Protocol – ZRTP
10.8 Future Work
References

Chapter 11. Identity
11.1 Introduction
11.2 Names, Addresses, Numbers, and Communication
 11.2.1 E.164 Telephone Numbers
 11.2.2 Internet Names
11.3 Namespace Management in SIP
 11.3.1 URI Authentication
11.4 Trust Domains for Asserted Identity
11.5 Interdomain SIP Identity
 11.5.1 SIP Authenticated Identity Body (AIB)
 11.5.2 Enhanced SIP Identity
11.6 SIP Certificates Service
11.7 Other Asserted Identity Methods
 11.7.1 Secure Assertion Markup Language (SAML)
 11.7.2 Open Settlements Protocol and VoIP
 11.7.3 H.323 Identity
 11.7.4 Third Party Identity and Referred-By
11.8 Privacy
References

Chapter 12. PSTN Gateway Security
12.1 Introduction
12.2 PSTN Security Model
12.3 Gateway Security
 12.3.1 Gateway Security Architecture
 12.3.2 Gateway Types
 12.3.3 Gateways and Caller ID
 12.3.4 Caller ID and Privacy
 12.3.5 Gateway Decomposition
 12.3.6 SIP/ISUP Interworking
12.4 Telephone Number Mapping in the DNS
References

Chapter 13. Spam and Spit (Spam over Internet Telephony)
13.1 Introduction
13.2 Is VoIP Spam Inevitable?
13.3 Technical Approaches to Combat E-Mail Spam
 13.3.1 Filtering Spam Using Identity Information
 13.3.2 Grey Listing
 13.3.3 Challenge/Response (Sender Verification)
 13.3.4 Distributed Checksum Filtering (DCF)
 13.3.5 Content Filtering
 13.3.6 Summary of Antispam Approaches
13.4 VoIP and Spit
13.5 Summary
References

Chapter 14. Conclusions
14.1 Summary
14.2 VoIP Is Still New
14.3 VoIP Endpoints Are New
14.4 VoIP Standards Are Not Complete
14.5 Base VoIP Security on Best Current Security Practices for Data
14.6 VoIP Is a QoS-Sensitive Data Application
14.7 Merging Public and Private VoIP Services Will Be Problematic
14.8 Concluding Remarks

People also search for:

understanding voice over ip technology
    
understanding voice over ip technology by nicholas wittenberg
    
what is voice over ip and how does it work
    
what is a voice over ip
    
how does voice over work on iphone

Tags: Alan Johnston, David Piscitello, Understanding Voice, Security Artech