Applications of qualitative modeling to knowledge-based risk assessment studies
IEA/AIE '89 Proceedings of the 2nd international conference on Industrial and engineering applications of artificial intelligence and expert systems - Volume 1
Information systems security design methods: implications for information systems development
ACM Computing Surveys (CSUR)
NSPW '97 Proceedings of the 1997 workshop on New security paradigms
Toward a secure system engineering methodolgy
Proceedings of the 1998 workshop on New security paradigms
Communications of the ACM - Internet abuse in the workplace and Game engines in scientific research
Writing Secure Code
Identifying enterprise network vulnerabilities
International Journal of Network Management
WiSE '02 Proceedings of the 1st ACM workshop on Wireless security
Quality of Service for VOIP: Measuring and Evaluating Packet - Switched Services
Quality of Service for VOIP: Measuring and Evaluating Packet - Switched Services
Voice over IPsec: Analysis and Solutions
ACSAC '02 Proceedings of the 18th Annual Computer Security Applications Conference
Development of security policies for private networks
International Journal of Network Management
Managing vulnerabilities of information systems to security incidents
ICEC '03 Proceedings of the 5th international conference on Electronic commerce
Randomized instruction set emulation to disrupt binary code injection attacks
Proceedings of the 10th ACM conference on Computer and communications security
The CORAS methodology: model-based risk assessment using UML and UP
UML and the unified process
Security Meter: A Practical Decision-Tree Model to Quantify Risk
IEEE Security and Privacy
Challenges in Securing Voice over IP
IEEE Security and Privacy
IEEE Security and Privacy
Tracking anonymous peer-to-peer VoIP calls on the internet
Proceedings of the 12th ACM conference on Computer and communications security
Security, Wiretapping, and the Internet
IEEE Security and Privacy
New architecture for intra-domain network security issues
Communications of the ACM - Entertainment networking
Survey of network-based defense mechanisms countering the DoS and DDoS problems
ACM Computing Surveys (CSUR)
Assessed quality of service and voice and data integration: A case study
Computer Communications
SP 800-58. Security Considerations for Voice Over IP Systems
SP 800-58. Security Considerations for Voice Over IP Systems
Risk assessment in practice: A real case study
Computer Communications
Detecting Ringing-Based DoS Attacks on VoIP Proxy Servers
Information Security Applications
Sparse telephone gateway for internet telephony
Computer Networks: The International Journal of Computer and Telecommunications Networking
Managing risks at runtime in VoIP networks and services
AIMS'10 Proceedings of the Mechanisms for autonomous management of networks and services, and 4th international conference on Autonomous infrastructure, management and security
Econometric feedback for runtime risk management in VoIP architectures
AIMS'11 Proceedings of the 5th international conference on Autonomous infrastructure, management, and security: managing the dynamics of networks and services
A quantitative risk analysis approach for deliberate threats
CRITIS'10 Proceedings of the 5th international conference on Critical Information Infrastructures Security
Hi-index | 0.00 |
Voice over-IP (VoIP) solutions and services for corporate telephony are usually marketed as 'cost-free' and 'secure': this paper shows that both statements are false in general. Though being no doubt about the economical benefits resulting from the adoption of VoIP products instead of the standard telephony, hidden costs related to VoIP services security arise whenever a company intends to assure the privacy of its phone conversations. This conclusion is extensively justified in the literature and this article aims at reasserting it by analysing the risk that a VoIP phone call may be intercepted when travelling across the Internet. The purpose of deriving a well-known conclusion consists in proving that a general and formal risk assessment method can be used in place of ad-hoc methods not only without losing the strength in the results but also adding up a sound mathematical and engineering foundation.