back

VoIP Security Alliance Elects Board of Directors, Announces Projects and Issues Call for Participation

VOIPSA Membership Doubles since February Launch

AUSTIN, Texas – March 28, 2005 – The Voice over IP Security Alliance (VOIPSA), www.voipsa.org, today announced the newly elected board of directors and short-term projects to develop a threat taxonomy and document security requirements for VoIP networks. VOIPSA is an open group with the purpose of improving the public awareness of issues and best practices for security and privacy of Voice over IP, and is inviting participation in the new projects.

Membership in the VOIPSA technical board of advisors has more than doubled since its initial launch February 7. Membership is open to all, and subject to the approval of the Board of Directors. New members include: Acme Packet; Agilent Technologies; Arbor Networks; Bell Canada; BorderWare Technologies; Cox Communications; Extreme Networks; Foundstone Professional Services, a division of McAfee, Inc.; InfraVAST; MCI; Miercom; Mitel; PricewaterhouseCoopers; Samsung Telecommunications America; SonicWALL; Sprint; Telcordia, VeriSign. 
A complete list of members can be accessed at http://www.voipsa.org/board.html.

VOIPSA projects are managed using a collaborative, consensus-based process where leadership arises from the skills and contributions of individual participants. The short-term projects for developing a threat taxonomy and security requirements will feed into the newly formed committees.  The official call for participation in these two near term projects is available at http://www.voipsa.org.  The new committees are:

• Security Requirements 
  This committee is tasked with defining security requirements across the wide spectrum of VoIP deployments and use cases including individual VoIP building blocks, supporting security technology components, architecture and network design, network management, and end point access and authentication to name a few. 
• Best Practices 
  This committee is tasked with developing best practice guidelines and tools in satisfying security requirements for VoIP component and network configuration, deployment, and security management processes.
• Testing  
  This committee is tasked with developing methodologies and tool frameworks around testing the security posture of VoIP components, infrastructure, and related support security technologies.
• Security Research 
  This committee will drive the current state of security research around VoIP infrastructure weaknesses, VoIP protocol implementation vulnerabilities, and emerging VoIP application attacks. 
• Education and Community Outreach 
  This committee is tasked with refining VOIPSA’s message to the industry and public at large.  It will manage the web portal, crafting content that raises public awareness of VoIP security and threats as well as positioning VOIPSA at relevant conferences and VOIPSA specific events. 

In addition to forming committees and short-term projects at the March VOIPSA meeting, members were elected to the 2005-2006 board of directors:

Chairman 
David Endler, TippingPoint

Treasurer 
Anne L. Coulombe, Enterasys Networks

Secretary and Education/Outreach Chair 
Jonathan Zar, SonicWALL

Best Practices Committee Chair 
Jeffrey Stutzman, PricewaterhouseCoopers

Security Requirements Committee Chair 
Andrew Graydon, BorderWare Technologies

Security Research Committee Chair 
Ofir Arkin, Insightix

Testing Committee Chair 
Brian Tolly, Spirent Communications

There are now over 2,500 individuals signed up for the public VOIPSEC mailing list actively discussing VoIP security issues. To sign up, visit http://www.voipsa.org/lists.html.  TippingPoint, a division of 3com, was the driving force in administering the formation of VOIPSA and recruiting charter members; however VOIPSA is a vendor and product-neutral organization that is open to all.

About VOIPSA 
The VoIP Security Alliance (VOIPSA) is the first and only group solely and holistically dedicated to VoIP security research and education backed by a wide spectrum of organizations represented by universities, security researchers, VoIP vendors, thought leaders and VoIP providers. The mission of VOIPSA is to improve the public awareness of issues and best practices for security and privacy of Voice over IP. VOIPSA is an open group that aims to help organizations discover, understand and avoid VoIP security risks through discussion lists, white papers, sponsorship of VoIP security research projects, and the development of tools and methodologies for public use. For more information, please visit www.voipsa.org.

CONTACT: 
Laura Craddick 
512.681.8441 
lcraddick@tippingpoint.com 

###