ETVRA, a Threat, Vulnerability and Risk Assessment Tool for eEurope

Abstract

AbstractSecuring the evolving telecommunications environment and establishing trust in its services and infrastructure is crucial for enabling the development of modern public services. The security of the underlying network and services environment for eBusiness is addressed as a crucial area in the eEurope action plan [2]. In response to this Specialist Task Force (STF) 292 associated with the European Telecommunication Standardisation Institute (ETSI) TISPAN [3] under contract from eEurope, has developed a threat, vulnerability and risk assessment (eTVRA) method and tool for use in standardisation. Using the eTVRA method and tool, the threats to a next generation network (NGN) can be analyzed and a set of recommended countermeasures identified that when implemented will reduce the overall risk to users of NGNs. In this paper we present the eTVRA method and tool along with the results of using the eTVRA for an analysis of a Voice over IP (VoIP) scenario of the NGN.KeywordsSession Initiation ProtocolInternational Standard OrganizationRisk Assessment ToolService AvailabilityCommunication DenialThese keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.