Private Branch Exchanges (PBXs) are privately owned equipment that serve the communication needs of a private or public entity making connections among internal telephones and linking them to other users in the Public Switched Telephone Network (PSTN) or other communication networks. Even if the core public network is operating normally, unintentional or targeted damages and attacks in PBXs can cause significant instability and problems. Furthermore, interception of calls is a very sensitive issue that affects all of us. In that sense, it is not an exaggeration to state that PBXs are part of a nation’s critical infrastructure. Much has been said and done regarding data communication security but PBXs have been left unprotected, forgotten and waiting to be attacked. This contribution outlines a targeted, centralized project in order to both educate the users and secure their telephony systems. It compromises of educational, policy, auditing, technical, documentation, hardware and software solutions and actions that could be implemented under a joint project.
BT - Information & Security: An International Journal DA - 2012 DO - http://dx.doi.org/10.11610/isij.2807 IS - 1 LA - eng M1 - 7 N2 -Private Branch Exchanges (PBXs) are privately owned equipment that serve the communication needs of a private or public entity making connections among internal telephones and linking them to other users in the Public Switched Telephone Network (PSTN) or other communication networks. Even if the core public network is operating normally, unintentional or targeted damages and attacks in PBXs can cause significant instability and problems. Furthermore, interception of calls is a very sensitive issue that affects all of us. In that sense, it is not an exaggeration to state that PBXs are part of a nation’s critical infrastructure. Much has been said and done regarding data communication security but PBXs have been left unprotected, forgotten and waiting to be attacked. This contribution outlines a targeted, centralized project in order to both educate the users and secure their telephony systems. It compromises of educational, policy, auditing, technical, documentation, hardware and software solutions and actions that could be implemented under a joint project.
PY - 2012 SP - 89 EP - 97 T2 - Information & Security: An International Journal TI - PRETTY (Private Telephony Security) - Securing the Private Telephony Infrastructure VL - 28 ER -