Security risks mitigation in session initiation protocol based VoIP networks implementation using MPLS
Kamuti, Farida Gakii
MetadataShow full item record
VoIP is described as, “transfer of voice (and associated services) in digital form in discrete data packets using Internet Protocol (IP) over some or the entire communication route”. SIP on the other hand is a signaling protocol used to initiate interactive communication between end users. SIP-based VoIP therefore is the use of SIP as the signaling protocol during VoIP implementation. SIP has become the predominant protocol used in the implementation of VoIP services in organization; however the protocol has no inbuilt security measures in place. It is therefore very important to come up with a proper security solution that can ensure that SIP-based VoIP networks are fully secured from exiting security risks so as organizations information security (confidentiality, integrity and availability) is achieved at all times. The purpose of this research was to analyze security risks that face organizations using SIP-based VoIP, analyze existing security models used and evaluate how MPLS can be effectively used in securing Sip-based VoIP networks. Through analyzing existing architectures used in securing SIP-based VoIP networks and collection of data, a security model was proposed with the aim of ensuring an all rounded security approach is taken during implementation of a secure SIP-based VoIP network. The research used an applied research method as it aimed at mitigating security risks faced on the SIP-based VoIP network. To come up with an all rounded solution, online questionnaires were used with structured questions which aimed at getting a deeper insight on the current state of SIP-based VoIP networks and the organizations’ security. This greatly influenced in the development of the proposed SIP-based VoIP security model. Research results showed that organizations have greatly neglected the security aspect when it comes to implementation of a SIP-based VoIP network. It also showed that through use of the proposed security model, organizations can better plan and secure their voice network not only on the technology aspect but also on the user aspect. Through the proposed security model, this research sets a platform on which future research can fully incorporate quality of service in proposed security model. In addition further research is highly recommended as security is an ongoing process as new security risks continually emerge.