Title :
Socio-technical Security Assessment of a VoIP System
Author :
Pietikäinen, Pekka ; Karjalainen, Kati ; Röning, Juha ; Eronen, Juhani
Author_Institution :
Oulu Univ. Secure Programming Group (OUSPG), Univ. of Oulu, Oulu, Finland
Abstract :
In this paper, we introduce a method and a tool for systematically assessing the security of complex systems. We gather data from interviews, network documentation as well as active and passive network measurements and combine them in a semantic model with our tool, Graphingwiki. We tested our methodology on an active large-scale VoIP system. The multifaceted data gathering and analysis method was fast and extensive and proved to be effective in finding the weaknesses of the system. The method provided a repeatable method of measuring and ensuring the security of the system. The largest benefit of the method is in quick and efficient data collection from several, differing, data sources and the resulting analyses of the combined data.
Keywords :
Internet telephony; computer network security; data analysis; Graphingwiki tool; VoIP system; data analysis; data gathering; socio-technical security assessment; voice-over-Internet protocol; Data visualization; Documentation; Interviews; Logic gates; Organizations; Security; Semantics; Voice over IP; security assessment; semantic wiki;
Conference_Titel :
Emerging Security Information Systems and Technologies (SECURWARE), 2010 Fourth International Conference on
Conference_Location :
Venice
Print_ISBN :
978-1-4244-7517-9
Electronic_ISBN :
978-0-7695-4095-5
DOI :
10.1109/SECURWARE.2010.31
