AUSTIN, Texas - The Voice over IP Security Alliance (VOIPSA), has announced its newly elected board of directors as well as its short-term projects to develop a threat taxonomy and document security requirements for VoIP networks. VOIPSA is an open group with the purpose of improving the public awareness of issues and best practices for security and privacy of Voice over IP, and is inviting participation in the new projects.

Membership in the VOIPSA technical board of advisors has more than doubled since its initial launch February 7 to over 50 member organizations. Membership is open to all, and subject to the approval of the Board of Directors. New members include: Acme Packet; Agilent Technologies; Arbor Networks; Bell Canada; BorderWare Technologies; Cox Communications; Extreme Networks; Foundstone Professional Services, a division of McAfee, Inc.; InfraVAST; MCI; Miercom; Mitel; PricewaterhouseCoopers; Samsung Telecommunications America; SonicWALL; Sprint; Telcordia and VeriSign. A complete list of members can be accessed at http://www.voipsa.org/board.html.

VOIPSA projects are managed using a collaborative, consensus-based process where leadership arises from the skills and contributions of individual participants. The short-term projects for developing a threat taxonomy and defining security requirements will feed into the newly formed committees. The official call for participation in these two near term projects is available at http://www.voipsa.org/projects.html. The new committees are:

Security Requirements - This committee is tasked with defining security requirements across the wide spectrum of VoIP deployments and use cases including individual VoIP building blocks, supporting security technology components, architecture and network design, network management, and end point access and authentication to name a few.

Best Practices - This committee is tasked with developing best practice guidelines and tools in satisfying security requirements for VoIP component and network configuration, deployment, and security management processes.

Testing - This committee is tasked with developing methodologies and tool frameworks around testing the security posture of VoIP components, infrastructure, and related support security technologies.

Security Research - This committee will drive the current state of security research around VoIP infrastructure weaknesses, VoIP protocol implementation vulnerabilities, and emerging VoIP application attacks.