Category: Data Privacy and SIP security in Voice over IP

General Data Protection Regulation (GDPR) in VoIP

VoIP service providers as Data Processors Most VoIP service providers are multinational in nature with services offered directly or indirectly to all regions. The GDPR imposes direct statutory obligations on data processors, which means they will be subject to direct enforcement by supervisory authorities, fines, and compensation claims by data subjects.

Problems and Attacks on SIP Networks

Major standards bodies including 3GPP, ITU-T, and ETSI have all adopted SIP as the core signalling protocol for LTE, VoIP, conferencing, Video on Demand (VoD), IPTV (Internet Television), presence, and Instant Messaging (IM) among others. With the continuous evolution of SIP as the defacto VoIP protocol, we need to understand the risk mitigation practices around … Continue reading Problems and Attacks on SIP Networks

Certificates, compliances and Security in VoIP

This article describes various Certificates and compliances, Bill and Acts on data privacy, Security and prevention of Robocalls as adopted by countries around the world pertaining to Interconnected VoIP providers, telecommunications services, wireless telephone companies , HIPPa , SOX , GDPR , COPPA , CPNI , CCPA , PDP,SPIT ,Traced ACT , CRTC , Fcc E911

CLI/NCLI, Robocalls and STIR/SHAKEN

CLI (Caller Line Identification)Non-CLI (Non-Caller Line Identification)Secure Telephony Identity Revisited (STIR) Attestation levelsSignature-based Handling of Asserted information using toKENs (SHAKEN) To understand the need for implementing an identification verification technique in Internet protocol based network to network communication system, we need to evaluate the existing problem plaguing the VoIP setup that is unwanted robo calls … Continue reading CLI/NCLI, Robocalls and STIR/SHAKEN

Secure Communication with SRTP and key managemnt protocols like SDES, ZRTP and DTLS

With advent of Voice over IP, the real time streaming of data/audio/video also became critically important to be protected from eavesdropping or modification over the open internet. While Secure Real-time Transport Protocol (SRTP) is a profile of the Real-time Transport Protocol (RTP), which can provide confidentiality, message authentication, and replay protection to the RTP traffic and to the control traffic for RTP, the Real-time Transport Control Protocol (RTCP).