REVIEW: "Securing VoIP Networks", Peter Thermos/Ari Takanen
- BKSVOIPN.RVW 20070913
"Securing VoIP Networks", Peter Thermos/Ari Takanen, 2008,
%A Peter Thermos
%A Ari Takanen
%C P.O. Box 520, 26 Prince Andrew Place, Don Mills, Ontario M3C 2T8
%G 978-0-321-43734-1 0-321-43734-9
%I Addison-Wesley Publishing Co.
%O U$44.99/C$51.99 fax: 416-443-0948 800-822-6339 bkexpress@...
%O Audience s- Tech 2 Writing 1 (see revfaq.htm for explanation)
%P 359 p.
%T "Securing VoIP Networks"
The foreword and preface both stress that the principles used to
secure VoIP (Voice over Internet Protocol) systems are suitable for
any multimedia application over the Internet. While this may be true
in terms of the technology, the perspective indicates that the authors
fail to recognize how many naive users are experimenting with the
technology, and managing their own systems. The large number of
novices in this technology space is a major threat in itself. It is a
truism that there are social controls for technical problems, but no
technical controls for social problems. That Thermos and Takanen
disregard this situation is disturbing.
Chapter one is a generic overview of telephony and VoIP related
topics. The discussion of security is also vague. There is, for
example, mention of the difficulty of node identification, but no
follow up deliberation on resultant problems such as fraud. VoIP
architectures and protocols are listed in chapter two. A structure,
and the relationship of the protocols to each other, would have been
an improvement. Threats are examined in chapter three: some
nebulously and others in excruciating detail. Chapter four outlines
two lists of vulnerabilities, and then presents a taxonomy of VoIP
hazards based upon those previously presented. There doesn't seem to
be much practical application to the material, although it may be of
interest to researchers. Signalling protection mechanisms, listed in
chapter five, are primarily based on existing Internet encryption and
authentication protocols, except for the specialized subset of the
H.323 suite. The Secure Real Time Protocol (SRTP) is outlined in
chapter six. Chapter seven deals with key management, which is an
important issue in regard to almost all the security conventions
associated with VoIP. General network security concerns are discussed
with some emphasis on VoIP in chapters eight and nine. Chapter ten
examines overall Internet Service Provider (ISP) architectures in
terms of VoIP issues. Chapter eleven revisits some topics from the
previous three chapters.
The text is turgid and verbose, and the use of idioms is often quite
clumsy and annoying. While "Practical VoIP Security" (cf.
BKPVOIPS.RVW) is older, and the current work lists some of the more
recent protocols, it is difficult to say that Thermos and Takanen have
provided a more useful text.
copyright Robert M. Slade, 2007 BKSVOIPN.RVW 20070913
====================== (quote inserted randomly by Pegasus Mailer)
rslade@... slade@... rslade@...
Puritanism: The haunting fear that someone, somewhere may be
happy. - H. L. Mencken