Telecommunication Requirements draft-zhuang-sacm-telereq-00 Xiaojun Zhuang, Minpeng Qi (presenter) Judy Zhu.

Slides:

Advertisements

Similar presentations

© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Network Troubleshooting Accessing the WAN – Chapter 8.

Advertisements

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Network Troubleshooting Accessing the WAN – Chapter 8.

SACM Terminology Nancy Cam-Winget, David Waltermire, March.

We make it easier for businesses of all sizes to safely accept checks transmodus offers clients automation utilizing our online processing platform for.

ACCIDENT INVESTIGATION

IETF NEA WG (NEA = Network Endpoint Assessment) Chairs:Steve Hanna, Susan Thomson,

SIP-IMS CONFORMANCE TESTING STANDARDIZATION WORK PLAN VICE-CHAIRMAN OF ITU-T SG11 MARTIN BRAND.

Supporting people in Dorset to lead healthier lives Delivering High Quality Seamless Care Medicine Management Anne Edwards November 2014.

Management of Health & Safety Joe McNicholas July 2000.

Computer Integrated assessment. Computer integrated assessment Measurement, testing, assessment and evaluation What is the difference?

Accident Investigation.

Network security policy: best practices

Chapter 8.  Network Management  Organization Management  Risk Assessment & Management  Service Management  Performance Management  Problem Management.

CALEA Discussion Network Policy Council February 4, 2007.

Denver Public Schools 2012 Bond and Mill Levy Planning Technology Investment Scenarios April 25, 2012.

INFORMATION SECURITY GOVERNANCE (ISG) Relates to the security of information systems Is an element of corporate governance.

SACM Information Model. Current Status First WG draft posted 10/24 Many open issues remain Several comments / suggestions sent to WG for review Today.

ISM Workshop 1 Independent Oversight Perspectives Michael A. Kilpatrick Deputy Director Office of Security and Safety Performance Assurance.

Thursday, January 23, :00 am – 11:30 am. Agenda  Cyber Security Center of Excellence  Project Phase  Implementation  Next Steps 2.

Draft-qi-i2nsf-access-network- usecase-00 Author: Minpeng Qi, Xiaojun Zhuang.

Secure Systems Research Group - FAU Using patterns to compare web services standards E. Fernandez and N. Delessy.

Terminology and Use Cases Status Report David Harrington IETF 88 – Nov Security Automation and Continuous Monitoring WG.

Coordination Trafficking in persons.  ROLES AND RESPONSIBILITIES  Coordinator  The Ministry of Foreign Affairs and the Ministry of Social Solidarity.

Network Troubleshooting

Usage Scenarios for CSE Group Name: WG2(ARC-WG) Source: Shingo Meeting Date: Agenda Item: Message.

SACM Scope Discussion IETF-92 Meeting March 23, 2015 Dave Waltermire Adam Montville.

NEA Requirements Update -06 version summary. Posture Transport Considerations Issue –Ability of existing protocols used for network access to meet requirements.

What is Information Technology?

Mutual Network Endpoint Assessment Jiwei Wei Han Yin Ke Jia IETF

Developing a programme for the implementation of the 2008 SNA and supporting statistics Seminar on Developing a programme for the implementation of the.

SDC Update June 5, SDC Update – June 2012 Investment Plans submitted to OCIO for approval – Core Network – Firewall – Storage OB2 Heat Reduction.

Energy Perspectives draft-nordman-eman-energy-perspective-01 Bruce Nordman.

Final Year Project 1 (FYP 1) CHAPTER 1 : INTRODUCTION

Security Snapshot Assessment Maximizing Return on Security Investment What assets do we have? What is running on those assets? What is our risk level?

Copyright ExplorNet™ Operational Procedures Safety and Environmental Computer Engineering Level 1 Objective

Information Security Measures Confidentiality IntegrityAccessibility Information cannot be available or disclosed to unauthorized persons, entities or.

The ABC’s of Assessment: Cycle May 2014: New plans were due to the Center for Teaching and Learning for the cycle July 2014: Plan.

Asset Summary Reporting draft-davidson-sacm-asr-00 David Waltermire

American Public Health Association 2007 Where is the space?! Findings from the Healthy Eating, Active Communities neighborhood physical activity assessment.

SACM Vulnerability Assessment Scenario IETF 95 04/05/2016.

Framework of engagement : big data for official use Roy D. Ibay AVP Regulatory PLDT – Smart.

Data Vertical Working Group

Business Cointinmuit Framework

Information Technology (IT) Department

Pass4itsure Cisco Dumps

draft-fitzgeraldmckay-sacm-endpointcompliance-00

IS4550 Security Policies and Implementation

CMGT 245 Competitive Success/tutorialrank.com

BUS 511 Education on your terms/tutorialrank.com.

CMGT 245 Education for Service-- tutorialrank.com.

Borderless Networks Services Supported

James Nobles| Legislative Auditor

Agenda Agenda Click to edit Master title style 3.

Human (user) behavior patterns and analytics

Units with – James tedder

Instrument PDR Summary of Objectives

1 Stadium Company Network. The Stadium Company Project Is a sports facility management company that manages a stadium. Stadium Company needs to upgrade.

Network Troubleshooting

Open Letter - Summary of Responses

- '1:- bs? a ' I.

Microsoft Data Insights Summit

The OSI Security Architecture

Theme 3 Implementation process issues

Accident Investigation.

CHAPTER 5 THE DATA RESOURCE

LEARNING & DEVELOPMENT STRATEGY: PROCESS OVERVIEW

Common strategy development process I

Henk Birkholz Jarret Lu Nancy Cam-Winget

Approaches to Pollution Prevention

Enterprise Cybersecurity Initiative Department of Information Technology Vince Martinez, State CIO, Executive Sponsor Lorenzo Ornelas, Managing Director.

Presentation transcript:

Telecommunication Requirements draft-zhuang-sacm-telereq-00 Xiaojun Zhuang, Minpeng Qi (presenter) Judy Zhu

Outline Problem statement New use cases for telecommunication equipment

Problem statement Current statement ： – The use cases of SACM are only for enterprise in the endpoint, but the vast majority of them can be applied in the scene of telecommunications network. Problem statement ： – There are following problems for the safety assessment of telecommunications network equipment: Telecommunication network equipments need more complex baseline setting. Lack of process after that equipment security policy does not meet the security posture, and it needs remediation and triggering the new assessment.

Security baseline Operator requirements Device ADevice BDevice C Vendor A’s implemen tation Device A Device B Device C Vendor B’s implemen tation Device A Device B Device C Issue: For the same requirements, different vendors have different implementations, which cause different detailed security attributes. However, same requirement leads to same baseline. This scenario does not mentioned in use case draft. Common part Alt 1 Alt 2

Remediation In use case draft, it covers – Baseline settings – Assessment planning – Value collection – Evaluation However, it lacks – Remediation If evaluation shows there are mistakes on specific attributes, the details of when and how to recover to normal state. Baseline settings Assessment planning Value collection Evaluation remediation

New use cases for telecommunication equipment Use case 1 ： security policy baseline setting – This use case describes the process of setting security policy baseline of the telecommunication equipment. Use case 2: Security posture remediation – This use case describes the process of remedying security posture when the posture evaluation result of has not complied with the operators security policy.

Thank you!