VoIP Security Alliance Announces Projects, New Board

March 28, 2005
Membership doubles since launch in February, group calls for more participation

AUSTIN, Texas - The Voice over IP Security Alliance (VOIPSA), has announced its newly elected board of directors as well as its short-term projects to develop a threat taxonomy and document security requirements for VoIP networks. VOIPSA is an open group with the purpose of improving the public awareness of issues and best practices for security and privacy of Voice over IP, and is inviting participation in the new projects.

Membership in the VOIPSA technical board of advisors has more than doubled since its initial launch February 7 to over 50 member organizations. Membership is open to all, and subject to the approval of the Board of Directors. New members include: Acme Packet; Agilent Technologies; Arbor Networks; Bell Canada; BorderWare Technologies; Cox Communications; Extreme Networks; Foundstone Professional Services, a division of McAfee, Inc.; InfraVAST; MCI; Miercom; Mitel; PricewaterhouseCoopers; Samsung Telecommunications America; SonicWALL; Sprint; Telcordia and VeriSign. A complete list of members can be accessed at http://www.voipsa.org/board.html.

VOIPSA projects are managed using a collaborative, consensus-based process where leadership arises from the skills and contributions of individual participants. The short-term projects for developing a threat taxonomy and defining security requirements will feed into the newly formed committees. The official call for participation in these two near term projects is available at http://www.voipsa.org/projects.html. The new committees are:

Security Requirements - This committee is tasked with defining security requirements across the wide spectrum of VoIP deployments and use cases including individual VoIP building blocks, supporting security technology components, architecture and network design, network management, and end point access and authentication to name a few.

Best Practices - This committee is tasked with developing best practice guidelines and tools in satisfying security requirements for VoIP component and network configuration, deployment, and security management processes.

Testing - This committee is tasked with developing methodologies and tool frameworks around testing the security posture of VoIP components, infrastructure, and related support security technologies.

Security Research - This committee will drive the current state of security research around VoIP infrastructure weaknesses, VoIP protocol implementation vulnerabilities, and emerging VoIP application attacks.

Education and Community Outreach - This committee is tasked with refining VOIPSA's message to the industry and public at large. It will manage the web portal, crafting content that raises public awareness of VoIP security and threats as well as positioning VOIPSA at relevant conferences and VOIPSA specific events.

In addition to forming committees and short-term projects at the March VOIPSA meeting, members were elected to the 2005-2006 board of directors:

  • Chairman, David Endler, TippingPoint
  • Treasurer, Anne L. Coulombe, Enterasys Networks
  • Secretary and Education/Outreach Chair, Jonathan Zar, SonicWALL
  • Best Practices Committee Chair, Jeffrey Stutzman, PricewaterhouseCoopers
  • Security Requirements Committee Chair, Andrew Graydon, BorderWare Technologies
  • Security Research Committee Chair, Ofir Arkin, Insightix
  • Testing Committee Chair, Brian Tolly, Spirent Communications

VOIPSA is a vendor and product-neutral organization that is open to all.