Before this chapter goes into the details of various techniques available to secure a VoIP network, you need to understand the problem and the set of requirements that must be met. This section outlines some of the typical security requirements. This is not an exhaustive listing. Specific VoIP services might have additional requirements:
IntegrityThe recipient should receive the packets that the originator sends without any change to their content. A third party should be unable to modify the packets in transit.
This definition is strictly applied in the case of VoIP signaling. However, in the case of media, packet loss is usually tolerable.
PrivacyA third party should not be able to read the data that is intended for the recipient.
AuthenticityThe sender and recipient of VoIP signaling or media messages need to be sure that the peer they are communicating with is in fact who it claims to be.
Availability/protection from Denial-of-Service (DoS) attacksThe VoIP service should be available to the users at all times. Malicious or misbehaving users/devices should not be able to disrupt the service. Mitigation of DoS attacks requires taking measures to protect VoIP resources and to protect the underlying IP network.