Performance, Computing, and Communications Conference, 2002. 21st IEEE International (2006)
Phoenix, AZ, USA
Apr. 10, 2006 to Apr. 12, 2006
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/.2006.1629443
Z. Anwar , Dept. of Comput. Sci., Univ. of Illinois at Urbana-Champaign, USA
Design patterns capture software solutions to specific problems that have evolved over time and reflect many iterations of work. Documenting such patterns promotes proven design and software reuse. There has been a growing amount of work documenting design patterns for security, however, little work specific to VoIP security. In 2005 NIST released a report on recommendations and best practices for securing VoIP, however it lacks the structure, terminology, and ease-of-understanding needed for both technical and non-technical audiences that is an inherent feature of design patterns. In this paper, we document three design patterns for VoIP implementations related to specific security problems: (1) secure traversal of firewalls and NATs; (2) detecting and mitigating DDoS attacks; and (3) securing against eavesdropping. With many VoIP vendors rushing products to market with overlapping functionality and requirements for interoperability, documenting design patterns is poised to become an important part of secure programming processes for VoIP.
secure programming process, VoIP security, voice over Internet protocol, documenting design pattern, firewall, NAT, network address translator, DDoS attack, interoperability
M. Hafiz, W. Yurcik, R. Johnson, R. Campbell and Z. Anwar, "Multiple design patterns for voice over IP (VoIP) security," Performance, Computing, and Communications Conference, 2002. 21st IEEE International(PCC), Phoenix, AZ, USA, 2006, pp. 65.