Project factsheet

EUX2010SEC ― Enterprise Unified Exchange Security

Period

January 2007 - December 2010

Web site

EUX2010SEC.nr.no

NR contact

Arne-Kristian Groven (project manager)

Funding

Norges forskningsrådet (project 180054)

Norwegian partners

International partners

UNU-MERIT - United Nations University

Project description

The overall goal of this research project is to improve both the security level and the security awareness when developing, installing, and using (open source) VoIP/PBX/multimedia solutions. The project is anchored in the newly formed EUX 2010 network where researchers (from the Nordic countries) regularly meet representatives from Nordic (probably extended to other European countries in near future) open source PBX/VoIP developers, integrators and deployers, consultants, support organizations, and (future) customers. The aim of EUX 2010 is to develop, in the coming years, an open integrated communication platform for voice and video communication giving government organisations and larger corporations a better communication infrastructure and a more efficient use of time and effort.

NR's contribution

We improve the security of VoIP systems by building a security testbed, preparing security models for various scenarios, and by performing security protocol verification.

Benefit for customers

Increased security, quality and stability in VoIP infrastructures.

Benefit for society

A more secure, stable VoIP infrastructure with highly knowledable vendors and service providers.

Project results (preliminary)

Publications:

Fritsch, Lothar; Groven, Arne-Kristian; Strand, Lars: A holistic approach to Open-Source VoIP security: Preliminary results from the EUX2010SEC project (Best Paper Award). The Eighth International Conference on Networks (ICN 2009), Proceedings of the The Eighth International Conference on Networks (ICN) 2009, Bestak, Robert; George, Laurent; Zaborovsky, Vladimir S., Dini, Cosmin, IEEE Computer Society, ISBN 978-0-7695-3552-4/09, pp. 275-280, March 05, 2009. [Article]
Hagalisletto, Anders Moen; Strand, Lars; Leister, Wolfgang; Groven, Arne-Kristian: Analyzing Protocol Implementations. ISPEC 2009, Information Security Practice and Experience, Bao, F.; Li H., Wang, G, Springer Heidelberg, Berlin, ISBN 978-3-642-00842-9, Vol. LNCS 5451, pp. 171-182, April 02, 2009.
Hagalisletto, Anders Moen; Lars Strand: Formal modeling of authentication in SIP registration. The Second International Conference on Emerging Security Information, Systems and Technologies, SECU, IEEE Computer Society, ISBN ISBN 978-0-7695-3329-2, pp. pp. 16-21, August 25, 2008.

Please refer to our results list at the project site.