Vulnerabilities and Security Limitations of current IP Telephony Systems
Key: ASRS01-1
Author: Ralf Ackermann, Markus Schumacher, Utz Roedig, Ralf Steinmetz
Date: May 2001
Kind: In proceedings
Book title: Proceedings of the Conference on Communications and Multimedia Security (CMS 2001), Darmstadt
Abstract: Within the traditional telephone system a certain level of quality and security has been established over the years. If we try to use IP Telephony systems as a core part of our future communication infrastructure (e.g. as classical PBX enhancement or replacement) continuous high availability, stable and error-free operation and the protection of the privacy of the spoken word are challenges, that definitely have to be met. <BR> Since manufacturers start deploying new end systems and infrastructure components rather fast now - a critical inspection of their security features and vulnerabilities is mandatory. The critical presentation of the theoretical background of certain vulnerabilities, testing and attacking tools and the evaluation results reveals, that well-known security flaws become part of implementations in the new application area again and the security level of a number of examined solutions is rather insufficient.
View Full paper (PDF) | Download Full paper (PDF)

The documents distributed by this server have been provided by the contributing authors as a means to ensure timely dissemination of scholarly and technical work on a non-commercial basis. Copyright and all rights therein are maintained by the authors or by other copyright holders, not withstanding that they have offered their works here electronically. It is understood that all persons copying this information will adhere to the terms and constraints invoked by each author's copyright. These works may not be reposted without the explicit permission of the copyright holder.