Learn More
This paper proposes a ITU-T X.805 based Vulnerability Analysis Method for developing Security Framework of NGN infrastructure and services. It is derived from ITU-T X.805 and security consulting methods. It provides a holistic approach and a systematic vulnerability analysis view of security model for new network infrastructure and services. As a further(More)
Several VoIP security protocols have been standardized for preventing many VoIP threats. But since several VoIP carriers have different VoIP protocols, end-to-end VoIP secure communication can not be possible. Also when initiator using secure VoIP phone wants a secure communication with responder using non-VoIP phone such as PSTN phone, or cellular phone,(More)
With the population of an internet telephony, the security issues of a SIP application service is focused on, currently. For example, VoIP is easier to access than existing PSTN, and more exposed at many security threats. However, there is not enough monitoring and attack detecting devices, yet. In this paper, we propose analysis factors, a detection(More)
User authentication is still heavily reliant on the use of passwords, and the security problems associated with passwords are becoming more and more serious. The main causes of these problems are the prevalence of password sniffing and the difficulty of password management due to the increased number of accessible systems. In this paper, we propose a(More)
VoIP spam will become severe problem preventing from generalization of VoIP service. For the purpose of presenting multi-leveled anti-spit framework, we divided VoIP service domain into three independent domains as an outbound, an intermediary, and an inbound domain. The proposed framework enables administrator to establish anti-spit policies in each(More)
In current advanced internet and electronic commerce environments, the use of accredited certificates first used in PCs has now been expanded to mobile phones and other mobile devices. Due to the lack of computing power and memory in earlier mobile devices, the use of certificates was limited, but recently this limit has been overcome to the point where we(More)
This paper proposes lawful interception scheme for secure VoIP (Voice over IP) communications using TTP (Trusted Third Party). The proposed scheme is that TTP creates a master key and send it to VoIP terminals, and VoIP terminals create session keys for media traffic encryption using master key. TTP sends session key to law enforcement agency for decrypting(More)
In Korea, hacking, computer viruses, such as infringement on electronic systems for protecting Critical Information Infrastructure from the law was enacted. Every year, Specified facilities that Critical Information Infrastructure are analysed system risks and will be submitted to Central Government. This research intends to provide IT service attributes to(More)
This information security pre-evaluation methodology for u-IT service analyzes the information security threats and vulnerabilities from the step of u-IT service provider developing the service and provides the methods and procedure of preparing the countermeasures to support the identification of potential risks and planning to cope with it
  • 1