كليدواژه :
وُيپ , امنيت , چالش , راهكار مقابله
چكيده فارسي :
معماري شبكه آيپي از نقطه نظر امنيتي شكننده است و وُيپ نيز كه از استانداردهاي اين شبكه استفاده ميكند با حملات متعدد مورد آسيب قرار ميگيرد، حملاتي كه كاهش كيفيت و در مواردي قطع خدمات و اتلاف منابع وُيپ را به دنبال دارد. در اين راستا تأمين امنيت وُيپ امري ضروري است و به طور معمول اعمال راهكارهاي امنيتي در سامانهها از جمله وُيپ موجب كندي و كاهش كيفيت عملكرد و افزايش هزينههاي راهاندازي و نگهداشت ميشود؛ بنابراين مديران فناوري اطلاعات ميبايست راهكارهاي امنيتي با درجهي اولويت بالا را مدنظر قرار دهند. براي اين كار با مرور ادبيات تحقيق، ماتريس جامع امنيت وُيپ مشتمل بر فهرست جامعي از چالشهاي امنيتي وُيپ و راهكارهاي مقابله استخراج گرديد كه كمك بسزايي در هوشمندي و مديريت ريسك سازمانها مينمايد. نتايج به دست آمده در اين مقاله نشان داد كه انجام سه راهكار «جداسازي VLANهاي ترافيك صوت و داده»، «احراز هويت سيگنالينگ» و «احراز هويت درگاه» بيشترين تأثير مثبت را بر امنيت وُيپ دانشگاه علوم انتظامي خواهد داشت. نتايج حاصل با توصيهها و راهكارهاي مقابله امنيتي ذكرشده توسط تحقيقات قبلي و مؤسسات معتبر امنيتي كاملاً مطابق و همراستا است و فقط اولويتهاي پيشنهادي جابجا شده است. لذا در برنامههاي راهبردي فناوري اطلاعات سازمان و تصميمگيري و نظارت مديران فناوري اطلاعات سه راهكار مذكور ميبايست در اولويت به كارگيري وُيپ لحاظ گردد.
چكيده لاتين :
P network architecture is fragile from security point of view, and Voice over IP (VoIP), which uses the standards of this network, is vulnerable to multiple attacks that reduce the quality and, in some cases, disconnect services and waste VoIP resources. In this regard, VoIP security is essential, and typically the implementation of security solutions in systems such as VoIP will slow down and reduce the quality of performance and increase the costs of upgrade and maintenances. Therefore, IT managers should consider high-security security solutions. To do this, by reviewing the research literature, VoIP comprehensive security matrix has been extracted from a comprehensive list of VoIP security challenges and coping strategies that make a significant contribution to the intelligence and risk management of organizations. The results obtained showed that the implementation of 3 strategies including "Separation of Voice and Data Traffic VLANs", "Signaling Authentication" and "Port Authentication" would have the most positive impact on Amin Police University VoIP security. The results are consistent with the recommendations and security countermeasures mentioned by previous research and security institutions, and only the proposed priorities are different. Therefore, in strategic IT planning, decision making, and supervision of IT managers, the three mentioned strategies should be considered as a priority for VoIP applicationIP network architecture is fragile from security point of view, and Voice over IP (VoIP), which uses the standards of this network, is vulnerable to multiple attacks that reduce the quality and, in some cases, disconnect services and waste VoIP resources. In this regard, VoIP security is essential, and typically the implementation of security solutions in systems such as VoIP will slow down and reduce the quality of performance and increase the costs of upgrade and maintenances. Therefore, IT managers should consider high-security security solutions. To do this, by reviewing the research literature, VoIP comprehensive security matrix has been extracted from a comprehensive list of VoIP security challenges and coping strategies that make a significant contribution to the intelligence and risk management of organizations. The results obtained showed that the implementation of 3 strategies including "Separation of Voice and Data Traffic VLANs", "Signaling Authentication" and "Port Authentication" would have the most positive impact on Amin Police University VoIP security. The results are consistent with the recommendations and security countermeasures mentioned by previous research and security institutions, and only the proposed priorities are different. Therefore, in strategic IT planning, decision making, and supervision of IT managers, the three mentioned strategies should be considered as a priority for VoIP application.
