VoIP has long been touted as the “it” communications solutions for businesses of all sizes. While it has a long list of items checked in the “pro” column, researchers at the University of Alabama (UAB) have found a few kinks in the wire, quite literally.
Backed by the financial support of Cisco (News - Alert), researchers have been testing for weaknesses in current video and VoIP services. Late last year, the team announced the findings of their research at the ACM Conference on Computer and Communications Security in Scottsdale, Arizona.
“Given the surge in popularity of computing devices, ensuring the security of VoIP connections is very important for personal users, and especially for business users,” said Nitesh Saxena, associate professor of computer information services at UAB, in a press statement.
The research focused primarily on the use of peer-to-peer Crypto Phones and shared cryptographic keys designed to remove any possible dangers that can put devices and data at risk. Crypto phones are mobile phones that provide safety against snooping and electronic surveillance.
“Securing VoIP sessions requires each user to agree upon a shared cryptographic key. Rather than relying on a third-party entity to provide such a key, the new project will design and test a peer-to-peer mechanism. Users will verbally exchange the information resulting from a cryptographic protocol employing Short Authenticated Strings (SAS (News - Alert)) to confirm each other’s identity,” according to the research press statement.
“We believe our findings from this project will make strong impacts — not only on networking security, but also on human-computer interaction and real-world usability,” said Maliheh Shirvanian, the doctoral student who led the project.
Other issues also included with VoIP security are VoIP fraud. Business VoIP fraud is a very real potential problem for any company and can be destructive. While protection from business VoIP fraud has improved significantly through the years, hackers are still at large and they are constantly coming up with new schemes and angles to break-in and wreak havoc. That is why it is up to businesses and enterprises to protect their VoIP borders in addition to their data networks.
VoIP is a complex technology and this complexity can lead to all types of vulnerabilities, however taking the proper precautions and using a few simple solutions will ensure that business VoIP security is nothing but a concern.
Edited by Stefania Viscusi