Reflections on security options for the real-time transport protocol framework

The Real-time Transport Protocol (RTP) supports a range of video conferencing, telephony, and streaming video ap- plications, but offers few native security features. We discuss the problem of securing RTP, considering the range of applications. We outline why this makes RTP a difficult protocol to secure, and describe the approach we have recently proposed in the IETF to provide security for RTP applications. This approach treats RTP as a framework with a set of extensible security building blocks, and prescribes mandatory-to-implement security at the level of different application classes, rather than at the level of the media transport protocol

VoIP: Making Secure Calls and Maintaining High Call Quality

Modern multimedia communication tools must have high security, high availability and high quality of service (QoS). Any security implementation will directly impact on QoS. This paper will investigate how end-to-end security impacts on QoS in Voice over Internet Protocol (VoIP). The QoS is measured in terms of lost packet ratio, latency and jitter using different encryption algorithms, no security and just the use of IP firewalls in Local and Wide Area Networks (LAN and WAN). The results of laboratory tests indicate that the impact on the overall performance of VoIP depends upon the bandwidth availability and encryption algorithm used. The implementation of any encryption algorithm in low bandwidth environments degrades the voice quality due to increased loss packets and packet latency, but as bandwidth increases encrypted VoIP calls provided better service compared to an unsecured environment.Les eines modernes de comunicació multimèdia han de tenir alta seguretat, alta disponibilitat i alta qualitat de servei (QoS). Cap tipus d¿implementació de seguretat tindrà un impacte directe en la qualitat de servei. En aquest article s¿investiga com la seguretat d'extrem a extrem impacta en la qualitat de servei de veu sobre el Protocol d'Internet (VoIP). La qualitat de servei es mesura en termes de pèrdua de proporció de paquets, latència i jitter utilitzant diferents algoritmes d¿encriptació, sense seguretat i només amb l'ús de tallafocs IP en local i en xarxes d'àrea àmplia (LAN i WAN). Els resultats de les proves de laboratori indiquen que l'impacte general sobre el rendiment de VoIP depèn de la disponibilitat d'ample de banda i l'algorisme de xifrat que s'utilitza. La implementació de qualsevol algorisme de xifrat en entorns de baix ample de banda degrada la veu a causa de l'augment de la pèrdua de paquets i latència dels paquets de qualitat, però quan l'ample de banda augmenta les trucades de VoIP xifrades proporcionen un millor servei en comparació amb un entorn sense seguretat.Las herramientas modernas de comunicación multimedia deben tener alta seguridad, alta disponibilidad y alta calidad de servicio (QoS). Ningún tipo de implementación de seguridad tendrá un impacto directo en la calidad de servicio. En este artículo se investiga como la seguridad de extremo a extremo impacta en la calidad de servicio de voz sobre el Protocolo de Internet (VoIP). La calidad de servicio se mide en términos de pérdida de proporción de paquetes, latencia y jitter utilizando diferentes algoritmos de encriptación, sin seguridad y sólo con el uso de cortafuegos IP en local y en redes de área amplia (LAN y WAN). Los resultados de las pruebas de laboratorio indican que el impacto general sobre el rendimiento de VoIP depende de la disponibilidad de ancho de banda y el algoritmo de cifrado que se utiliza. La implementación de cualquier algoritmo de cifrado en entornos de bajo ancho de banda degrada la voz debido al aumento de la pérdida de paquetes y latencia de los paquetes de calidad, pero cuando el ancho de banda aumenta las llamadas de VoIP cifradas proporcionan un mejor servicio en comparación con un entorno sin seguridad

Securing Our Future Homes: Smart Home Security Issues and Solutions

The Internet of Things, commonly known as IoT, is a new technology transforming businesses, individuals’ daily lives and the operation of entire countries. With more and more devices becoming equipped with IoT technology, smart homes are becoming increasingly popular. The components that make up a smart home are at risk for different types of attacks; therefore, security engineers are developing solutions to current problems and are predicting future types of attacks. This paper will analyze IoT smart home components, explain current security risks, and suggest possible solutions. According to “What is a Smart Home” (n.d.), a smart home is a home that always operates in consideration of security, energy, efficiency and convenience, whether anyone is home or not

A Comprehensive Survey of Voice over IP Security Research

We present a comprehensive survey of Voice over IP security academic research, using a set of 245 publications forming a closed cross-citation set. We classify these papers according to an extended version of the VoIP Security Alliance (VoIPSA) Threat Taxonomy. Our goal is to provide a roadmap for researchers seeking to understand existing capabilities and to identify gaps in addressing the numerous threats and vulnerabilities present in VoIP systems. We discuss the implications of our findings with respect to vulnerabilities reported in a variety of VoIP products. We identify two specific problem areas (denial of service, and service abuse) as requiring significant more attention from the research community. We also find that the overwhelming majority of the surveyed work takes a black box view of VoIP systems that avoids examining their internal structure and implementation. Such an approach may miss the mark in terms of addressing the main sources of vulnerabilities, i.e., implementation bugs and misconfigurations. Finally, we argue for further work on understanding cross-protocol and cross-mechanism vulnerabilities (emergent properties), which are the byproduct of a highly complex system-of-systems and an indication of the issues in future large-scale systems

Developing Best Practices for Securing VoIP Communication for a non-profit Organization

Voice over Internet Protocol (VoIP) is the most widely used service around the world. The proficiency of it utilizing the web has increased awesome ubiquity in the current years. With this notoriety, there is expanding worry about the wellbeing of the system. The robbery or loss of the information being exchanged is great concern. For example, a basic problem for researchers who are developing safeguards for VoIP systems is the level of threats and other issues experienced by the non-profit organizations while implementing VoIP communication. This problem originated when non-profits received pressure from their donors not to implement VoIP communication because it will record important and valuable information of their bank account, including their bank balance, and consequently, exposing them to the public. Other dangers include safeguarding secrecy, respectability, and accessibility of the system, known as CIA. dangers. To battle these dangers, some security conventions and calculations have been produced. For example, the H.235 has been investigated, their calculations updated, and it is currently regarded as the most recent and effective system for security of the VoIP system. Another method for battling issues and concerns, and one that is the most proficient due to bigger budgets than non-profits, is VoIP being utilized in new structures and the IT work force. Fortunately, the expanding interest of VoIP has guaranteed and emphasized the requirement for more research to build up the effective security structures and countermeasures of CIA threats. This investigation examines the methods by which such security issues concerning VoIP can be set out to give an appropriate, secure and effective method for correspondence and data trade. In this postulation, the analyst will profoundly examine the relief of VoIP security issues

Designing and optimization of VOIP PBX infrastructure

In the recent decade, communication has stirred from the old wired medium such as public switched telephone network (PSTN) to the Internet. Present, Voice over Internet Protocol (VoIP) Technology used for communication on internet by means of packet switching technique. Several years ago, an internet protocol (IP) based organism was launched, which is known as Private Branch Exchange "PBX", as a substitute of common PSTN systems. For free communication, probably you must have to be pleased with starting of domestic calls. Although, fairly in few cases, VoIP services can considerably condense our periodical phone bills. For instance, if someone makes frequent global phone calls, VoIP talk service is the actual savings treat which cannot achieve by using regular switched phone. VoIP talk services strength help to trim down your phone bills if you deal with a lot of long-distance (international) and as well as domestic phone calls. However, with the VoIP success, threats and challenges also stay behind. In this dissertation, by penetration testing one will know that how to find network vulnerabilities how to attack them to exploit the network for unhealthy activities and also will know about some security techniques to secure a network. And the results will be achieved by penetration testing will indicate of proven of artefact and would be helpful to enhance the level of network security to build a more secure network in future