Archived U.S. Government Approved Protection Profile - Protection Profile for VOIP Applications Version 1.2
Short Name: pp_voip_v1.2
Technology Type: VoIP
CC Version: 3.1
Preceded By: pp_mobility_voip_v0.6
Succeeded By: pp_voip_v1.3
Sunset Date: 2014.11.06
Conformance Claim: NoneProtection Profile
This document specifies Security Functional Requirements (SFRs) for a VoIP Application. VoIP provides a protected transmission of private voice data between two endpoints. The VoIP application in the context of this PP is part of a workspace installed for use by the phone user. The VoIP infrastructure can vary greatly, both in size and complexity. Many kinds of functionality are possible, often desirable, and sometimes necessary – including Session Border Controllers (SBC), gateways, trunking, and Network Address Translation (NAT) and firewall traversal. The VoIP Application in the context of this PP is considered to be a VoIP client that interacts with a SIP Server which provides registrar and proxy capabilities required for call-session management via SIP requests and responses to establish, process, and terminate VoIP calls.
The TOE defined by this PP is the VoIP Client Application, a component executing on a remote access client, together with an API that enables the VoIP client application to interact with other applications and the client device platform (part of the Operational Environment of the TOE).
SECURITY EVALUATION SUMMARY