WTSA-12 Resolutions addressing security

Slides:



Advertisements
Similar presentations
World Telecommunication Development Conference May to 4 June 2010, Hyderabad, India Programme 1 Resolution 47 Riccardo Passerini Telecommunication.
Advertisements

International Telecommunication Union An Insight into BDT Programme 3 Marco Obiso ICT Applications and Cybersecurity Division Telecommunication Development.
Geneva, Switzerland, 4 December 2014 ITU-T Study Group 17 activities in the context of digital financial services and inclusion: Security and Identity.
Standards for Shared ICT Jeju, 13 – 16 May 2013 Gale Lightfoot Senior Staff Program Manager, Office of the CTO, SPB Cisco ATIS Cybersecurity Standards.
1 Overview of WTSA-12 Outcome Xiaoya Yang Head, WTSA Programmes Division ITU-TSB Joint ATU-ITU Seminar on WTSA-12 and WCIT-12 Outcome (Durban, South Africa,
ITU Encouraging the deployment of IPv6 in the developing countries IPv6 workshop, Communications and Information Technology Commission (CITC). Riyadh,
WTSA 2012 World Telecommunications Standardization Assembly Debriefing, Durban 2013 WTSA-12 Action Plan for Africa By Dr. Sherif Guinena Advisor to NTRA.
International Telecommunication Union Preparation for WTSA-08 Malcolm Johnson Director, TSB International Telecommunication Union ASTAP March 2007.
TTA activity for countering BOTNET attack and tracing cyber attacks 14 July, 2008 Heung-youl Youm TTA, Korea DOCUMENT #:GSC13-GTSC6-07 FOR:Presentation.
A National approach to Cyber security/CIIP: Raising awareness.
DOCUMENT #: GSC15-GTSC8-06 FOR: Presentation SOURCE: ATIS AGENDA ITEM: GTSC8; 4.2 CONTACT(S): Art Reilly ATIS Cybersecurity.
Africa's involvement in ITU-T Including Quality Aspects
Making South Africa a Global Leader in Harnessing ICTs for Socio-economic Development SECRET 1 PRESENTATION TO THE PORTFOLIO COMMITTEE ON COMMUNICATIONS:
ITU events of relevance to IP address management discussion APNIC Community Consultation - IPv6 and ITU Chair: Masato Yamanishi.
Geneva, 24 May nd Consultation Meeting on Action Line C8 “Cultural Diversity and Identity, Linguistic Diversity and Local Content ” ITU Work on Internationalized.
Draft Action Plan for the Implementation of WCIT12 outcomes By Dr. Sherif Guinena Advisor to NTRA Exec. President Coordinator for African Common Proposals.
1 International Telecommunication Union ITU CHALLENGES AND RESPONSES (Fabio Bigi – TSB Deputy Director) (
Durban, South Africa, 8 July 2013 Outcome of WTSA-12 on spam Xiaoya Yang, Head, WTSA Programmes Division ITU-TSB ITU Workshop on “Countering.
International Telecommunication Union JCA-AHF 30 March 2009 WTSA-08 Resolution 70 and ITU-T Cynthia D. Waddell, Juris Doctor Executive Director & Law,
AUB Department of Electrical and Computer Engineering Imad H. Elhajj American University of Beirut Electrical and Computer Engineering
The information contained in this document is confidential, for internal use only, and may not be distributed outside Ministry of Transport and Communications.
Technology Watch and Standardization Venkatesen Mauree Programme Coordinator, Policy and Technology Watch Division, TSB, ITU ITU-T Workshop on Bridging.
BDT, Havana 8-9 February, 2011 World Telecommunication Development Conference May to 4 June 2010, Hyderabad, India Programme 1 Resolution 47 Riccardo.
WTSA 2012 World Telecommunications Standardization Assembly Debriefing, Durban 2013 Key Issues on NNAI (Numbering, Naming, Addressing and Identification)
Nadi, Fiji, 4-6 July 2011 Technology Watch and Standardization Venkatesen Mauree Programme Coordinator ITU ITU-T Workshop on Bridging the Standardization.
World Telecommunication Standardization Assembly (WTSA-08) DOCUMENT #:GSC13-GTSC6-10 FOR:Presentation SOURCE:ITU AGENDA ITEM:GTSC, 8.1 CONTACT(S):Malcolm.
ITU-T Activities in Bridging The Standardization Gap Vijay Mauree Programme Coordinator, TSB ITU ITU Regional Standardization Forum for Asia-Pacific (Jakarta,
World Telecommunication Standardization Assembly (WTSA-08) DOCUMENT #:GSC13-XXXX-nn FOR:Presentation or Information SOURCE:ITU AGENDA ITEM:GTSC, 8.1 CONTACT(S):Malcolm.
RCC Preparations for ITU Plenipotentiary Conference 2014.
National Standardization Secretariat ITU Regional Standardization Forum for Africa and SG5RG-ARF and SG5RG-AFR Meetings Livingstone, Zambia March.
Inter-American Telecommunication Commission
Inter-American Telecommunication Commission
ITU Regional Standardization Forum For Arab Region SESSION 2 11:05-11:35 Overview of key documents and terms used in study groups and WTSA meetings.
Issues need harmonization
ITU Telecommunication Standardization Sector (ITU-T)
Preparation for World Telecommunication Standardization Assembly 2016
WTSA-12 Resolutions addressing security
Key Issues on Bridging the Standardization GAP
Key Issues on Conformance & Interoperability (C&I)
Bridging the Standardization Gap (BSG) Programme
ITU-T Study Group 5 “Environment, Climate Change and Circular Economy”
ITU-T Study Group 17 Security
Presented by Fabio Bigi Workshop Coordinator
Glenn Parsons, GTSC-9 Chair, ISACC
ITU Activities on Bridging the Standardization Gap (BSG)
ITU Activities on Bridging the Standardization Gap (BSG)
De-Briefing Meeting on WCIT-12 Durban, July 8th 2013
ITU Work on Internationalized Domain Names
Vijay Mauree, Programme Coordinator ITU
Bridging the Standardization Gap
Bridging Standardization Gap
Summary of Actions ITU Regional Standardization Forum for Africa
ITU-T Products & Services
IP and NGN Projects in ITU-T Jean-Yves Cochennec France Telecom SG13 Vice Chair Workshop on Satellites in IP and Multimedia - Geneva, 9-11 December 2002.
Supported by ITU-BTRC Asia-Pacific Regulators’ Roundtable
ITU Update since GSC-15 Bilel Jamoussi
Guidelines for Establishing a National Standardization Secretariat
ITU-T Study Group 17 Security
Martin Euchner, Advisor, ITU-T Study Group 17
Reinhard Scholl, GTSC-7 Chairman
Initiatives of TSB to implement WTSA-08 Resolutions
Richard Hill Partner, Hill & Associates
Interplay between Study Groups and TSAG
ITU-T Study Group 5 “Environment, Climate Change and Circular Economy”
UNDP Asia Pacific Regional Centre August 2010
Malcolm Johnson, Director, Telecommunication Standardization Bureau
ITU-T activity in ICT security
Glenn Parsons, GTSC-9 Chair, ISACC
ITU Update since GSC-13 Global Standards Collaboration (GSC) 14
Standardization efforts at ITU for Inclusive ICT Society
Presentation transcript:

WTSA-12 Resolutions addressing security ITU Workshop on “WTSA-12 Regional Debriefing Meeting” (Durban, South Africa, 11 July 2013) WTSA-12 Resolutions addressing security Martin Euchner, Advisor, ITU-T TSB, martin.euchner@itu.int Durban, South Africa, 11 July 2013

WTSA-12 Resolution 50, cybersecurity WTSA-12 Resolution 52, spam Overview WTSA-12 Resolution 50, cybersecurity WTSA-12 Resolution 52, spam WTSA-12 Resolution 58, CERT/CIRT Conclusions Durban, South Africa, 11 July 2013

WTSA-12 Resolution 50 Cybersecurity In existence since 2004 (Florianópolis) Several amendments proposed to WSTA-12 on Res. 50 by CITEL Administrations, European Administrations, Korea (Republic of), Arab States, and Russian Federation. Durban, South Africa, 11 July 2013

WTSA-12 Resolution 50 Key amendments Several Resolutions added to recalling (PP-10, UN, WTDC-10, WTSA-12) Considers cyberincidents caused by cyberattacks using malware coordinated national, regional and international action is required to protect from and respond to various forms of impairing events ITU‑T has a role to play within its mandate and competencies Durban, South Africa, 11 July 2013

WTSA-12 Resolution 50 Key amendments Rec. ITU-T X.805 provides a systematic framework for identifying security vulnerabilities and Rec. ITU‑T X.1500 provides the cybersecurity information exchange (CYBEX) model and discusses techniques that could be used to facilitate the exchange of cybersecurity information; Durban, South Africa, 11 July 2013

WTSA-12 Resolution 50 Key amendments recognizing further that cyberattacks such as phishing, pharming, scan/intrusion, distributed denials of service, web-defacements, unauthorized access, etc., are emerging and having serious impacts; that botnets are used to distribute bot-malware and carry out cyberattacks; that sources of attacks are sometimes difficult to identify (for example, attacks using spoofed IP addresses); Durban, South Africa, 11 July 2013

WTSA-12 Resolution 50 Key amendments recognizing further that cybersecurity is one of the elements for building confidence and security in the use of telecommunications/ICTs; that, in accordance with PP-10 Res. 181, it is recognized that it is important to study the issue of terminology related to building confidence and security in the use of ICTs, that this base set needs to include other important issues in addition to cybersecurity and that the definition of cybersecurity may need to be modified from time to time to reflect changes in policy; Durban, South Africa, 11 July 2013

WTSA-12 Resolution 50 Key amendments recognizing further that PP-10 Res. 181, resolved to take into account the definition of the term cybersecurity approved in Rec. ITU‑T X.1205 for use in ITU activities related to building confidence and security in the use of ICTs; that, as recognized in PP-10 Res. 181, ITU‑T SG17 is responsible for developing the core Recommendations on telecommunication and ICT security; Durban, South Africa, 11 July 2013

WTSA-12 Resolution 50 Key amendments Noting a national IP-based public network security centre for developing countries is under study by ITU‑T SG17, and some work has been completed in this area, including the ITU‑T X.800-X.849 series of Recommendations and its Supplements, Durban, South Africa, 11 July 2013

WTSA-12 Resolution 50 Key amendments Resolves that all ITU‑T study groups continue to evaluate existing and evolving new Recommendations, and especially signalling and telecommunication protocol Recommendations, with respect to their robustness of design and potential for exploitation by malicious parties to interfere destructively with their deployment in the global information and telecommunication infrastructure, develop new Recommendations for emerging security issues and take into account new services and applications to be supported by the global telecommunication/ICT infrastructure (e.g. cloud computing, smart grid and intelligent transport systems, which are based on telecommunication/ICT networks); Durban, South Africa, 11 July 2013

WTSA-12 Resolution 50 Key amendments Resolves that, in assessing networks and protocols for security vulnerabilities and facilitation of exchanging cybersecurity information, ITU‑T Recs, including the ITU‑T X-series of Recommendations and their Supplements, among them ITU‑T X.805, X.1205, X.1500, ISO/IEC standards and other relevant deliverables from other organizations, be taken into consideration and applied as appropriate; Durban, South Africa, 11 July 2013

WTSA-12 Resolution 50 Key amendments Resolves that ITU‑T continue work on the development and improvement of terms and definitions related to building confidence and security in the use of telecommunications/ICTs, including the term cybersecurity; Durban, South Africa, 11 July 2013

WTSA-12 Resolution 50 Key amendments Resolves ITU‑T SG17 continue its work on the issues raised in PP-10 Res. 130, and on the ITU‑T X-series of Recommendations, including Supplements as appropriate, Durban, South Africa, 11 July 2013

WTSA-12 Resolution 50 Key amendments Instructs TSB Director to continue to recognize the role played by other organizations with experience and expertise in the area of security standards, and coordinate with those organizations as appropriate, Durban, South Africa, 11 July 2013

WTSA-12 Resolution 50 Key amendments Further Instructs TSB Director to continue to cooperate with the Secretary-General's Global Cybersecurity Agenda (CGA) and with IMPACT, FIRST and other global or regional cybersecurity projects, as appropriate, to develop relationships and partnerships with various regional and international cybersecurity-related organizations and initiatives, as appropriate, and to invite all Member States, particularly developing countries, to take part in these activities and to coordinate and cooperate with these different activities Durban, South Africa, 11 July 2013

WTSA-12 Resolution 50 Key amendments taking into account PP-Res.130, to work collaboratively with the other Directors of the Bureaux to support the Secretary-General in preparing a document relating to a possible memorandum of understanding (MoU) (according to WTDC-10 Res.45) among interested Member States to strengthen cybersecurity and combat cyberthreats in order to protect developing countries and any country interested in acceding to this possible MoU, Durban, South Africa, 11 July 2013

WTSA-12 Resolution 52 Countering and combating spam In existence since 2004 (Florianópolis) Several amendments proposed to WSTA-12 on Res. 52 by Canada, Brazil, and Arab States. Durban, South Africa, 11 July 2013

WTSA-12 Resolution 52 Key amendments PP-10 Res. 130 and 174 recognized Considers that exchanging of e-mails and other telecommunications over the Internet has become one of the main ways for communication between people around the world; that currently there are a variety of definitions for the term “spam”; that countering spam by technical means burdens affected entities, including network operators, and service providers as well as users who unwillingly receive such spam, with significant investments in networks, facilities, terminal equipment and applications; Durban, South Africa, 11 July 2013

WTSA-12 Resolution 52 Key amendments Notes the important technical work carried out to date in SG17 and in particular Recs. ITU‑T, X.1240, X.1241, X.1242, X.1243, X.1244, and X.1245, Durban, South Africa, 11 July 2013

WTSA-12 Resolution 52 Key amendments Instruct TSB Director to initiate a study – including sending a questionnaire to the ITU Membership –indicating the volume, types (e.g., email spam, SMS spam, spam in IP-based multimedia applications) and features (e.g., different major routes and sources) of spam traffic, to help Member States and relevant operating agencies to identify such routes and sources and volumes, and in estimating the amount of investment in facilities and other technical means to counter and combat such spam, taking into account work that has already been carried out; Durban, South Africa, 11 July 2013

WTSA-12 Resolution 52 Key amendments further invites Member States to take appropriate steps to ensure that appropriate and effective measures are taken within their national and legal frameworks to combat spam and its propagation. Durban, South Africa, 11 July 2013

In existence since 2008 (Johannesburg) WTSA-12 Resolution 58 Encourage the creation of national computer incident response teams, particularly for developing countries In existence since 2008 (Johannesburg) One amendment proposed to WSTA-12 on Res. 58 by Brazil. Durban, South Africa, 11 July 2013

WTSA-12 Resolution 58 Key amendment resolves the work of SG17 in the area of national computer incident response teams, particularly for developing countries, and cooperation between them, as contained in the outputs of the Study Group. Durban, South Africa, 11 July 2013

Action Plan on WTSA Res. 50 Question 4/17 “Cybersecurity” has the primary role on Resolution 50. Development of the X.1500 CYBEX ensemble of techniques represents significant means for enhancing cybersecurity globally. SG17 to continue develop and improve terms and definitions related to building confidence and security, including the term cybersecurity. SGs to develop new Recommendations for emerging security issues with new services and applications (e.g. cloud computing, smart grid, ITS) Durban, South Africa, 11 July 2013

Action Plan on WTSA-12 Res. 52 SGs, particular SG17, to accelerate their work on spam. SGs to collaborate with other relevant organizations to develop Recommendations with a view to exchanging best practices; SG17, through Question 5/17 Countering spam by technical means”, has approved 5 Recs. and 7 Supplements. Two additional texts are in development. participate in workshops, training sessions, etc. ITU spam workshop on 8 July SG17 has started considering the questionnaire/study on spam. Durban, South Africa, 11 July 2013

Action Plan on WTSA-12 Res. 58 Q3/17 “Telecommunications information security management” and Q4/17 “Cybersecurity” prepared a global directory of cybersecurity organizations, including CIRTs, which is currently hosted and maintained by the TSB under the tag of Network Forensic and Vulnerability Organizations: http://www.itu.int/ITU- T/studygroups/com17/nfvo Q3/17 continues to study the issue of CIRTs creation and possibility to provide a guideline in line with X.1056 (Security incident management for telecommunication organizations), in collaboration with Q4/17 and other relevant Questions and Recommendations (e.g., E.409). The Cybersecurity Information Exchange (CYBEX) initiative provides a suite of techniques to facilitate CIRTs information exchange worldwide. (See Rec. ITU-T X.1500) Durban, South Africa, 11 July 2013