ITU-T SG17 Q.2 Security Architecture and Framework An overview for newcomers Patrick Mwesigwa Q.2/17 Rapporteur 15 March 2016.

Slides:



Advertisements
Similar presentations
Supporting National e-Health Roadmaps WHO-ITU-WB joint effort WSIS C7 e-Health Facilitation Meeting 13 th May 2010 Hani Eskandar ICT Applications, ITU.
Advertisements

Cloud computing security related works in ITU-T SG17
Chapter 1 – Introduction
Applied Cryptography for Network Security
ISO 17799: Standard for Security Ellie Myler & George Broadbent, The Information Management Journal, Nov/Dec ‘06 Presented by Bhavana Reshaboina.
Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,
Geneva, Switzerland, 4 December 2014 ITU-T Study Group 17 activities in the context of digital financial services and inclusion: Security and Identity.
Standards for Shared ICT Jeju, 13 – 16 May 2013 Gale Lightfoot Senior Staff Program Manager, Office of the CTO, SPB Cisco ATIS Cybersecurity Standards.
DOCUMENT #: GSC15-GTSC8-02 FOR: Presentation SOURCE: ATIS AGENDA ITEM: GTSC8; 4.1 CONTACT(S): Wayne Zeuch ATIS:
DOCUMENT #:GSC15-GTSC-05 FOR:Presentation SOURCE:ITU-T AGENDA ITEM:4.1 NGN, Testing specification and Beyond Chaesub.
Metadata for the Cloud Telco Motivation presentation to ISO/IEC JTC1 SC32 WG2 Ewelina Szczekocka, Orange Labs Poland, Telekomunikacja Polska S.A. 25th.
Eng. Wafaa Kanakri Second Semester 1435 CRYPTOGRAPHY & NETWORK SECURITY Chapter 1:Introduction Eng. Wafaa Kanakri UMM AL-QURA UNIVERSITY
ATIS & TISPAN JOINT MEETING ON NGN Washington D.C., 1 April 2005 MEETING SUMMARY Draft v2 (4 April 2005) Based on Notes from David Boswarthick (ETSI),
ppt ITU-T status report ieprep-related activities Stephen Perschau, NCS.
DOCUMENT #: GSC15-GTSC8-06 FOR: Presentation SOURCE: ATIS AGENDA ITEM: GTSC8; 4.2 CONTACT(S): Art Reilly ATIS Cybersecurity.
International Telecommunication Union Eighth Global Standards Collaboration (GSC) Meeting - Ottawa, Canada, 27 April-1 May 2003 Security Standardization.
1 University of Palestine Information Security Principles ITGD 2202 Ms. Eman Alajrami 2 nd Semester
Committed to Connecting the World ITU-T SG13 since the 1 st AFRG Chairman: Chaesub Lee Counsellor: Tatiana Kurakova.
1 International Telecommunication Union ITU CHALLENGES AND RESPONSES (Fabio Bigi – TSB Deputy Director) (
International Telecommunication Union ITU Seminar on the Standardization and ICT development for the Information Society Uzbekistan, 6-8 October 2003 Network.
ITU CoE/ARB 11 th Annual Meeting of the Arab Network for Human Resources 16 – 18 December 2003; Khartoum - Sudan 1 The content is based on New OECD Guidelines.
1 Chapter 1 – Background Computer Security T/ Tyseer Alsamany - Computer Security.
Topic 1 – Introduction Huiqun Yu Information Security Principles & Applications.
GSC Global Standards Collaboration GSC August – 2 September 2005 Sophia Antipolis, France August 28 – September 2, ISACC Opening Plenary Presentation.
1 Status Report on CJK NGN Working Group China Communications Standards Association 9 th CJK meeting April 2009 HeyuanXu, Chairman of NGN-WG.
ITU-T SG16 and JCA-IoT activities
IRG-AVA REPORT The Role of Information and Communication Technologies in the Development of Inclusive Society Belgrade, 8 October 2015 Pilar Orero IRG-AVA.
Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All ATIS: Advancing the Next Generation Network Wayne Zeuch, ATIS Document No: GSC16-GTSC9-09 Source:
Cryptography and Network Security Chapter 1. Background  Information Security requirements have changed in recent times  traditionally provided by physical.
1 Network Security: Introduction Behzad Akbari Fall 2009 In the Name of the Most High.
ITU-T Study Group 13 and L1 VPNs Marco Carugi ITU-T SG13 Liaison Officer to IETF CCAMP/VPN WGs Q.2/13 Rapporteur
The 16th CJK NGN-WG Meeting July 22 ~ 24, 2009, Beijing, China 16 th CJK NGN-WG (Standardization on DSN and Future Direction ) Shin-Gak Kang
Presented by: Sonali Pagade Nibha Dhagat paper1.pdf.
ITU-T SG17 Q.6 Security aspects of ubiquitous telecommunication services An overview for newcomers Jonghyun Baek Q6/17 Rapporteur 21 March 2016.
ITU-T SG17 Q.3 Telecommunication information security management An overview Miho Naganuma Q.3/17 Rapporteur 17 March 2016.
Standardization activities on IPTV in CCSA
14th CJK NGN-WG (Status of New SG 13) Chae Sub Lee
ITU-T STUDY GROUP 16 Multimedia Yushi Naito Chairman ITU-T SG16
Future Network Standardization Activities in ISO/IEC JTC1/SC6
ITU Telecommunication Standardization Sector (ITU-T)
Preparation for World Telecommunication Standardization Assembly 2016
Tutorials of Q.8: cloud security related works in SG17
ISO Smart and Sustainable Cities developments
2 ATIS 5G OVERVIEW ATIS launched its 5G Ad Hoc in 2015 to advance regulatory imperatives, deliver an evolutionary path, address co-existence of technologies,
Information Security.
20th CJK UNIOT-WG (Standardization of Mobile IPTV in ITU-T)
SG-13 / SSG Information Sharing Session Geneva - 05 November 2002
HIS Smart Grid – Summary (1)
Glenn Parsons, GTSC-9 Chair, ISACC
Brief Introduction to IEEE P802.1CF
CONFIDENTIALITY, INTEGRITY, LEGAL INTERCEPTION
Standardization activities on IPTV in CCSA
ITU-T Products & Services
Cryptography and Network Security
IP and NGN Projects in ITU-T Jean-Yves Cochennec France Telecom SG13 Vice Chair Workshop on Satellites in IP and Multimedia - Geneva, 9-11 December 2002.
Standardization activities on NGN in CCSA
Good Morning 1/17/2019.
ISO Smart and Sustainable Cities developments
ITU-T SG17 Q.3 Telecommunication information security management
ITU-T Study Group 17 Security
Martin Euchner, Advisor, ITU-T Study Group 17
Chapter 4 Network Management Standards and Models
Reinhard Scholl, GTSC-7 Chairman
Chapter 4 Network Management Standards and Models
The OSI Security Architecture
ITU-T activity in ICT security
Cryptography and Network Security
Glenn Parsons, GTSC-9 Chair, ISACC
Standardization efforts at ITU for Inclusive ICT Society
Wayne Zeuch, GTSC-6 Chair Nicole Butler, ATIS Staff
Presentation transcript:

ITU-T SG17 Q.2 Security Architecture and Framework An overview for newcomers Patrick Mwesigwa Q.2/17 Rapporteur 15 March 2016

Contents  Question text for Q.2/17 Motivation, Question, Tasks and Relationships  Recommendations and Supplements related to Q.2/17  Draft Recommendations on developing under Q.2/17  Future Plan for Next Study Period ( ) 2

Question text for 2/17 – Motivation  Security architecture Recommendations – Recommendations ITU ‑ T X.800, X.802 and X.803 describe security within the context of open systems interconnection (OSI). – The security architecture for systems providing end-to-end communications is provided in Recommendation ITU ‑ T X.805. – A comprehensive set of detailed security frameworks covering aspects of security such as authentication, access control, non-repudiation, confidentiality, integrity, and security audit and alarms has been established (X.810, X.811, X.812, X.813, X.814, X.815 and X.816). – Generic Upper Layers Security (GULS), Recommendations ITU ‑ T X.830, X.831, X.832, X.833, X.834 and X.835 have been developed. – In cooperation with ISO/IEC JTC 1/SC 27, Recommendations ITU ‑ T X.841, X.842 and X.843 on security information objects and trusted third party services have been established.  A continued effort to maintain and enhance these security Recommendations to satisfy the needs of emerging technologies (e.g., the next generation networks (NGN) and Internet protocol based networks) and services is required. This effort is reflected by X.1035 and X.1036 that show details of password-authenticated key exchange protocols and policy distribution and enforcement. 3

Question text for 2/17 – Motivation (cont’)  Due to convergence and mobility, telecommunications carrier networks and the associated information systems are exposed to new classes of security threats. The attackers have a deeper reach into networks and require less skill levels with a higher damage propensity. Viruses, hacking and denial of service attacks have become pervasive and they adversely impact network elements and support systems alike.  The telecommunications and information technology industries are seeking cost-effective comprehensive security solutions that are technology agnostic and protect a wide spectrum of services and applications. To achieve such solutions in multi-vendor environment, network security should be designed around the standard security architectures and standard security technologies. Taking into account the security threats to the telecommunication environment and the current advancement of security countermeasures against the threats, new security requirements and solutions should be investigated. New Recommendations that show how to combine the technology standards and security frameworks are needed to implement comprehensive security for the emerging networks and services. 4

Question text for 2/17 – Question  Study items to be considered include, but are not limited to: – How should a comprehensive, coherent telecommunications security solution be defined? – What is the architecture for a comprehensive, coherent telecommunications security solution? – What is the framework for applying the security architecture in order to establish a new security solution? – What is the framework for applying the security architecture in order to assess (and consequently improve) an existing security solution? – What are the architectural underpinnings for security? 5.1 What is the architecture for end-to-end security? 5.2 What is the open systems security architecture? 5.3 What is the security architecture for the mobile environment? 5.4 What is the security architecture for evolving networks? 5.5 What is the security architecture for application services in collaboration with Q7/17? 5

Question text for 2/17 – Question (cont’)  Study items to be considered include, but are not limited to: – What new security architecture and framework Recommendations are required for providing security solutions in the changing environment? – How should architectural standards be structured with respect to existing Recommendations on security? – How should architectural standards be structured with respect to the existing advanced security technologies? – How should the security framework Recommendations be modified to adapt them to emerging technologies and what new framework Recommendations are required? – How are security services applied to provide security solutions? – How is telecommunication/ICT infrastructure monitoring applied to provide security solutions? 6

Question text for 2/17 – Tasks and Relationships  Tasks include, but are not limited to: – Development of a comprehensive set of security architecture and framework Recommendations for providing standard security solutions for telecommunications in collaboration with other standards development organizations and ITU ‑ T study groups. – Studies and development of Recommendations on a trusted telecommunication network architecture that integrates advanced security technologies. – Maintenance and enhancements of Recommendations and Supplements in the X.800-series and X.103x-series.  Relationships: – Recommendations: X-series and others related to security – Questions: ITU ‑ T Questions 1/17, 3/17, 4/17, 5/17, 6/17, 7/17, 8/17, 9/17, 10/17 and 11/17 – Study Groups: ITU ‑ T SGs 2, 9, 11, 13 and 16 – Standardization bodies: ISO/IEC JTC 1/SC 27 and SC 37; IEC TC 25; ISO TC12; IETF; ATIS; ETSI; 3GPP, 3GPP2; FIINA. 7

Contents  Question text for Q.2/17 Motivation, Question, Tasks and Relationships  Recommendations and supplements related to Q.2/17  Draft Recommendations on developing under Q.2/17  Future Plan for Next Study Period ( ) 8

Recommendations related to Q.2/17  OSI security architecture (Rec. ITU-T X.800)Rec. ITU-T X.800  OSI security models (Recs. ITU-T X.802, X.803, X.830, X.831, X.832, X.833, X.834, X.835)X.802X.803X.830X.831X.832X.833X.834 X.835  OSI security frameworks for open systems (Recs. ITU-T X.810, X.811, X.812, X.813, X.814, X.815, X.816, X.841)X.810X.811X.812X.813X.814X.815X.816 X.841  Security architecture for systems providing end-to-end communications (Rec. ITU-T X.805)Rec. ITU-T X.805 9

Security architecture for systems providing end-to-end communications (10/2003)  Defines a general network security architecture for providing end-to-end network security  For a systematic security design of products. 10 Rec. ITU-T X Security architectural elements Recommendation ITU-T X.805

Recommendations related to Q.2/17  Roles of end users and telecommunications networks within security architecture (Rec. ITU-T X.1031)Rec. ITU-T X.1031  IP-based telecommunication network security system (TNSS) (Rec. ITU-T X.1032)Rec. ITU-T X.1032  EAP + key management guideline (Rec. ITU-T X.1034)Rec. ITU-T X.1034  Password-authenticated key exchange (PAK) protocol (Rec. ITU-T X.1035)Rec. ITU-T X.1035  Framework for creation, storage, distribution and enforcement of policies for network security (Rec. ITU-T X.1036)  IPv6 security (Rec. ITU-T X.1037) 11

Supplements related to Q.2/17  X.Suppl. 2: ITU-T X.800-X.849 series – Supplement on security baseline for network operators  X Suppl. 3: ITU-T X.800-X.849 series – Supplement on guidelines for implementing system and network security  X Suppl. 15: ITU-T X.800-X.849 series - Supplement on guidance for creating a national IP-based public network security centre for developing countries  X.Suppl. 16: ITU-T X.800-X.849 series – Supplement on architectural systems for security controls for preventing fraudulent activities in public carrier networks  X.Suppl. 23: ITU-T X Supplement on security management guidelines for the implementation of an IPv6 environment in telecommunication organizations 12

 P2P (peer-to-peer) communication Rec. ITU-T X.1161: Framework for secure peer-to-peer communications Rec. ITU-T X.1162: Security architecture and operations for peer-to-peer networks  Mobile web services Rec. ITU-T X.1143: Security architecture for message security in mobile web services  Network management architecture Rec. ITU-T M.3010: Principles for a telecommunications management network  IPCablecom architecture Rec. ITU-T J.160: Architectural framework for the delivery of time-critical services over cable television networks using cable modems  IPTV service Rec. ITU-T X.1191: Functional requirements and architecture for IPTV security aspects 13 Some application-specific architectures

Contents  Question text for Q.2/17 Motivation, Question, Tasks and Relationships  Recommendations and supplements related to Q.2/17  Draft Recommendations on developing under Q.2/17  Future Plan for Next Study Period ( ) 14

Guidelines on security of the individual information service for operators (Timing : , Consent)  Addresses the aspects of security of the information service provided by the telecommunication operators  Defines the classification of the telecommunication information service; Communication services: telephone, internet broadband etc. Content services: web indexing/searching, mobile TV/IPTV etc. Information services: e-government, e-commerce, e-health, etc. Individual information services: users’ requirements, privileges, preferences, and habitual behaviors, etc. 15 Draft Recommendation ITU-T X.gsiiso

Security requirements and reference architecture for Software- Defined Networking (Timing : , Consent) 16 Draft Recommendation ITU-T X.sdnsec-2  Describe use cases to detail new security threats when introducing SDN;  Identify security threats;  Define security requirements;  Provide possible security mechanisms for new security threats;  Design security reference architecture for SDN Security reference architecture for SDN, in Rec. ITU-T Y.3300

ITU-T X Supplement on Security guideline for mobile virtual network operator (MVNO) (Timing : , Agreement) 17 Draft Supplement ITU-T X.sgmvno  Provides security guideline for MVNOs Main features and typical threats of MVNOs Security framework including security objectives and security requirements. Mobile Virtual Network Operator (MVNO)

Technical implementation guidelines for ITU-T X.805 (Timing : , Consent)  Provides technical implementation guideline for security countermeasures A set of technical countermeasures or solutions to implement technical information security domains, including access control, authentication, Non-repudiation, data confidentiality, communication security, data integrity, availability, and privacy. Provides examples for applying the set of technical countermeasures to the organizations with practical levels of information security domains 18 Draft Recommendation ITU-T X.tigsc

Contents  Question text for Q.2/17 Motivation, Question, Tasks and Relationships  Recommendations and supplements related to Q.2/17  Draft Recommendations on developing under Q.2/17  Future Plan for Next Study Period ( ) 19

 Q.2/17 will address all aspects of security architecture and framework; OSI security architecture and security architecture in end-to-end communication Guidelines and supplements to support Recommendation ITU-T X.805 Other networks: NGN (Next Generation Network), Internet protocol based networks, SDN (Software-defined Networking), etc. New topics: NFV (Network Function Virtualization), LTE/SAE (Long-Term Evolution/System Architecture Evolution), etc.  Q.2/17 will endeavour to improve the relationship with other groups dealing with work related to security architecture and framework. Questions in SG17: SDN, Mobile, P2P, IdM, etc. Other SGs: NGN, FN, IPCablecom, Multimedia, etc. External SDOs: IEO/IEC JTC 1/SC 27, IETF, 3GPP/3GPP2, etc. 20 Future Plan for Next Study Period ( )

Thank you very much for your attention! Rapporteur: Patrick MWESIGWA Associate Rapporteur: Heung-Ryong OH and Zhiyuan HU

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.