ITU-T Network Security Initiatives

Slides:



Advertisements
Similar presentations
Anne Hurley, CEO Communications Alliance Seeing beyond the horizon CommsDay Summit 2008 Industry Futures Symposium.
Advertisements

Telecommunication Security
GSC: Standardization Advancing Global Communications Home Networking in ITU-T An overview of the Home Networking studies in ITU-T and of the Joint Co-ordination.
GSC: Standardization Advancing Global Communications ITU-T Status Report on standardization of Networked RFID P.A. Probst/Chairman of ITU-T SG16 SOURCE:ITU-T.
GSC: Standardization Advancing Global Communications 1 ITU-T Status Report on Disaster Relief and Early warning SOURCE:ITU-T TITLE:ITU-T Status Report.
GSC: Standardization Advancing Global Communications NGN-GSI TSR (Technical and Strategic Review) Chae Sub Lee, Dick Knight NGN-GSI TSR Coordinators SOURCE:ITU-T.
INTERNATIONAL TELECOMMUNICATION UNION Document 27 – E TELECOMMUNICATION STANDARDIZATION SECTOR TSB Directors Consultation Meeting on IPTV standardization.
Geneva, Switzerland, 17 October 2011 ITU Workshop on Service Delivery Platforms (SDP) for Telecommunication Ecosystems: from todays realities to requirements.
GSC Global Standards Collaboration GSC#10 28 August – 2 September 2005 Sophia Antipolis, France ITU-T Security Standardization Herb Bertine Chairman ITU-T.
Telecommunication Security
International Telecommunication Union ICT Security Standards Roadmap: an Update Mike Harrop Rapporteur ITU-T, Study Group 17 Q4 3 rd ETSI Security Workshop.
Enhanced Collaboration in Europe Region
International Telecommunication Union Informal Forum Summit San Francisco, July 2003 PROGRESS REPORT ON ACTION ITEMS SINCE THE 2001 IFS Greg Jones.
Committed to connecting the world Bridging The Standardization Gap for Africa Africa Regional Preparatory Meeting for WTSA-12 Bridging the standardization.
Overview of SG5 and SG5RG for Africa activities
BUILDING THE INFORMATION SOCIETY 14 May ITU-T activities on security (focus on ITU-T ITU-T activities on security (focus on ITU-T Study Group 17)
ITU-T activity in ICT security
International Telecommunication Union ITU-T Seminar – Lisbon, 25 June 2002 ITU-T Activities Greg Jones ITU Telecommunication Standardization Sector (ITU-T)
Arkadiy Kremer Chairman ITU-T Study Group 17 Session 5: SDOs security standardization, implementation and evaluation strategy ITU-T Workshop on "New challenges.
International Telecommunication Union ITU-T Seminar – Lisbon, 25 June 2002 ITU-T Activities on Security Greg Jones ITU Telecommunication Standardization.
International Telecommunication Union ITU-D Overview.
ITU-D STUDY GROUPS A unique and neutral worldwide Forum where developed and developing countries meet to study through Questions matters of priority to.
International Telecommunication Union An Insight into BDT Programme 3 Marco Obiso ICT Applications and Cybersecurity Division Telecommunication Development.
Working methods of ITU-T Georges Sebek Counselor, SG 17 ITU.
Saif Bin Ghelaita Director of Technologies & Standards TRA UAE
Supporting National e-Health Roadmaps WHO-ITU-WB joint effort WSIS C7 e-Health Facilitation Meeting 13 th May 2010 Hani Eskandar ICT Applications, ITU.
Maputo, Mozambique, April 2014 Standardization activities on optical access transport systems in ITU-T SG15 Hiroshi OTA Study Group Engineer, ITU/TSB.
Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All GTSC-9 Summary Glenn Parsons, GTSC-9 Chair, ISACC Document No: GSC16-CL-04 Source: GTSC-9 Contact:
Committed to connecting the world Overview of ITU-T Study Group 5 “Environment and Climate Change” Cristina Bueti Adviser, ITU-T Study Group 5.
Summary of Results Study Period ITU-T Study Group 11 Signalling requirements, protocols and Test specifications Wei Feng.
ITU-T Perspectives on the Standards-Based Security Landscape (SG 17 Main Focus) Abbie Barbir, Ph.D. ITU-T Q6/17 Cybersecurity.
Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All Wayne Zeuch, ATIS ATIS Cybersecurity Standards Document No: GSC16-GTSC9-10 Source: ATIS Contact:
Cloud computing security related works in ITU-T SG17
Security Standardization in ITU-T
Geneva, Switzerland, 4 December 2014 ITU-T Study Group 17 activities in the context of digital financial services and inclusion: Security and Identity.
Arkadiy Kremer Chairman ITU-T Study Group 17 Session 2: Role of Standardization in Cybersecurity.
DOCUMENT #:GSC15-GTSC-05 FOR:Presentation SOURCE:ITU-T AGENDA ITEM:4.1 NGN, Testing specification and Beyond Chaesub.
DOCUMENT #:GSC15-CL-04 FOR:Presentation SOURCE:CCSA AGENDA ITEM:Closing Plenary, 2.3 GTSC-8 Summary Report Duo Liu GTSC-8.
WTSA 2012 World Telecommunications Standardization Assembly Debriefing, Durban 2013 WTSA-12 Action Plan for Africa By Dr. Sherif Guinena Advisor to NTRA.
ITU Regional Standardization Forum for Americas (Washington D.C., United States, 21 September 2015) The CITEL Standards Coordination Role in Bridging the.
DOCUMENT #: GSC15-GTSC8-06 FOR: Presentation SOURCE: ATIS AGENDA ITEM: GTSC8; 4.2 CONTACT(S): Art Reilly ATIS Cybersecurity.
Committed to Connecting the World International Telecommunication Union Presentation Brief about ICTs Applications activities Telecommunication Development.
International Telecommunication Union Eighth Global Standards Collaboration (GSC) Meeting - Ottawa, Canada, 27 April-1 May 2003 Security Standardization.
Geneva, Switzerland, April 2012 Introduction to session 7 - “Advancing e-health standards: Roles and responsibilities of stakeholders” ​ Marco Carugi.
ITU Overview Empowering global ICT development Malcolm Johnson DOCUMENT #:GSC13-XXXX-nn FOR:Presentation SOURCE:ITU AGENDA ITEM:Opening Plenary, 4.6 CONTACT(S):Malcolm.
1 International Telecommunication Union ITU CHALLENGES AND RESPONSES (Fabio Bigi – TSB Deputy Director) (
International Telecommunication Union Geneva, 9(pm)-10 February 2009 BEST PRACTICES FOR ORGANIZING NATIONAL CYBERSECURITY EFFORTS James Ennis US Department.
Durban, South Africa, 8 July 2013 Outcome of WTSA-12 on spam Xiaoya Yang, Head, WTSA Programmes Division ITU-TSB ITU Workshop on “Countering.
AUB Department of Electrical and Computer Engineering Imad H. Elhajj American University of Beirut Electrical and Computer Engineering
International Telecommunication Union Accra, Ghana, June 2009 AN AFRICAN VIEW ON THE OUTCOMES OF WTSA-08 Joshua Peprah Director, Regulatory Administration,
ITU Workshop on “Voice and Video over LTE” Geneva, Switzerland, 1 December 2015 ACTIVITIES OF THE ITU-T SG11 TOWARDS IMS AND VoLTE/ViLTE INTEROPERABILITY.
IRG-AVA REPORT The Role of Information and Communication Technologies in the Development of Inclusive Society Belgrade, 8 October 2015 Pilar Orero IRG-AVA.
Jeju Island, Korea, 13 – 16 May 2013Identity Management and Identification Systems GSC17-PLEN-43 ITU-T IDENTITY MANAGEMENT UPDATE Bilel Jamoussi, Chief,
ITU - Empowering global ICT development Malcolm Johnson DOCUMENT #:GSC13-PLEN-44 FOR:Presentation SOURCE:ITU AGENDA ITEM:Opening Plenary, 4.6 CONTACT(S):Malcolm.
World Telecommunication Standardization Assembly (WTSA-08) DOCUMENT #:GSC13-XXXX-nn FOR:Presentation or Information SOURCE:ITU AGENDA ITEM:GTSC, 8.1 CONTACT(S):Malcolm.
International Telecommunication Union 5th Annual Meeting for Telecom Development Beirut, May 2003 ITU-T standardization directions Greg Jones ITU.
ITU-T SG17 Q.2 Security Architecture and Framework An overview for newcomers Patrick Mwesigwa Q.2/17 Rapporteur 15 March 2016.
Inter-American Telecommunication Commission
Inter-American Telecommunication Commission
Global Standards Collaboration (GSC) 14
ATIS Cybersecurity DOCUMENT #: GSC13-GTSC6-12 FOR: Presentation
Glenn Parsons, GTSC-9 Chair, ISACC
Survey of ICT Standardization Capability of Developing Countries
IP and NGN Projects in ITU-T Jean-Yves Cochennec France Telecom SG13 Vice Chair Workshop on Satellites in IP and Multimedia - Geneva, 9-11 December 2002.
ITU Overview Empowering global ICT development Malcolm Johnson
Good Morning 1/17/2019.
ITU-T Study Group 17 Security
Martin Euchner, Advisor, ITU-T Study Group 17
ITU-T activity in ICT security
Glenn Parsons, GTSC-9 Chair, ISACC
Presentation transcript:

ITU-T Network Security Initiatives Mike Harrop Rapporteur SG17 Q4 ETSI Security Workshop January 2007

Overview of Presentation Show the context of ITU-T security standards activities Highlight some of key areas of focus Report on some of the results being achieved

Context of ITU-T security standards work

High Level Security Drivers ITU Plenipotentiary Conference (PP-02) Intensify efforts on security World Telecommunications Standardization Assembly (WTSA-04) Security robustness of protocols Combating/Countering spam World Summit on the Information Society (WSIS-05) Cyber security

ITU-T Organizational Structure WORKING PARTY Q WORLD TELECOMMUNICATION STANDARDIZATION ASSEMBLY TELECOMMUNICATION STANDARDIZATION ADVISORY GROUP STUDY GROUP Workshops, Seminars, Symposia, … Focus Groups Joint Rapporteurs Groups IPR ad hoc

ITU-T Study Groups ITU-T work is divided up between Study Groups (SGs). SG 2: Operational aspects of service provision, networks and performance SG 4: Telecommunication management SG 5: Protection against electromagnetic environment effects SG 6 Outside Plant and related indoor installations SG 9 Integrated broadband cable networks and television and sound transmission SG 11 Signaling requirements and protocols SG 12 Performance and quality of service SG 13 Next Generation Networks SG 15: Optical and other transport networks SG 16: Multimedia services, systems and terminals SG 17: Security, languages and telecommunication software SG 19: Mobile Telecommunications Networks Note: SG17 has overall security responsibility but almost all SGs have work with security implications and requirements.

ITU-T Security Building Blocks

Study Group 17: Security, languages and telecommunication software SG 17 is the Lead Study Group on telecommunication security - It is responsible for coordination of security across all Study Groups. Subdivided into three Working Parties (WPs) WP1 - Open systems technologies; WP2 - Telecommunications security; and WP3 - Languages and telecommunications software Most (but not all) security Questions are in WP2

Current SG 17 security-related Questions Working Party 1: 1/17 End-to-end Multicast Communications with QoS Managing Facility 2/17 Directory services, Directory systems, and public- key/attribute certificates 3/17 Open Systems Interconnection (OSI) Working Party 2: 4/17 Communications Systems Security Project 5/17 Security Architecture and Framework 6/17 Cyber Security 7/17 Security Management 8/17 Telebiometrics 9/17 Secure Communication 17/17   Countering spam by technical means Note: a short description of the work of each of these Questions is contained under the ITU-T SG17 section of the Security Roadmap (see later slide).

SG 17 WP2 Security Questions (2005-2008) Telecom Systems Users Q8/17 Telebiometrics *Multimodal Model Fwk *System Mechanism *Protection Procedure *X.1081 Telecom Systems Q5/17 Q7/17 Secure Communication Services *Mobile Secure Communications *Home Network Security *Security Web Services *X.1121, X.1122 Security Management *ISM Guideline for Telecom *Incident Management *Risk Assessment Methodology *etc… *X.1051 Security Architecture & Framework *Architecture, Model, Concepts, Frameworks, *etc… *X.800 series *X.805 Q9/17 Cyber Security *Overview of Cyber-security *Vulnerability Information Sharing * Incident Handling Operations Q6/17 New Countering SPAM *Technical anti-spam measures Q17/17 New Q4/17 New Communications System Security *Vision, Coordination, Roadmap, Compendia…

Overview of ITU-T Security Standardization -Collaboration is key factor-

Overview of current security Questions and Recommendations under development

SG 17 Security Recommendations under development - 1 Q4 Communications Systems Security Project X.sbno, Security baseline for network operators Security Roadmap Security in Telecommunications and Information Security Manual Q5 Security Architecture and Framework X.805+, Division of the security features between the network and the users X.805nsa, Network security certification based on ITU-T Recommendation X.805 X.ngn-akm, Framework for authentication and key management for link layer security of NGN X.pak, Password-authenticated key exchange (PAK) X.spn, Framework for creation, storage, distribution and enforcement of security policies for networks

SG 17 Security Recommendations under development - 2 Q6 Cyber Security X.cso, Overview of cybersecurity X.sds, Guidelines for Internet Service Providers and End-users for Addressing the Risk of Spyware and Deceptive Software X.cvlm, Guidelines on Cybersecurity Vulnerability Life-cycle Management X.vds, A vendor-neutral framework for automatic checking of the presence of vulnerabilities information update Q7 Security Management X.1051 (R), Information security management guidelines for telecommunications based on ISO/IEC 27002 X.rmg, Risk management guidelines for telecommunications X.sim, Security incident management guidelines for telecommunications Q8 Telebiometrics X.bip, BioAPI interworking protocol X.physiol, Telebiometrics related to human physiology X.tai, Telebiometrics authentication infrastructure X.tpp-1, A guideline of technical and managerial countermeasures for biometric data security X.tpp-2, A guideline for secure and efficient transmission of multi-modal biometric data X.tsm-1, General biometric authentication protocol and profile on telecommunication systems X.tsm-2, Profile of telecomunication device for Telebiometrics System Mechanism (TSM)

SG 17 Security Recommendations under development - 3 Q9 Secure Communication Services X.crs, Correlative reacting system in mobile network X.homesec-1, Framework of security technologies for home network X.homesec-2, Certificate profile for the device in the home network X.homesec-3, User authentication mechanisms for home network service X.msec-3, General security value added service (policy) for mobile data communication X.msec-4, Authentication architecture in mobile end-to-end data communication X.p2p-1, Requirements of security for peer-to-peer and peer-to-multi peer communications X.p2p-2, Security architecture and protocols for peer to peer network X.sap-1, Guideline on secure password-based authentication protocol with key exchange X.sap-2, Secure communication using TTP service X.websec-1, Security Assertion Markup Language (SAML) – X.1141 now in AAP Last Call X.websec-2, eXtensible Access Control Markup Language (XACML) – X.1142 now in AAP Last Call X.websec-3, Security architecture for message security in mobile web services Q17 Countering spam by technical means X.csreq, Requirement on countering spam X.fcs, Technical framework for countering email spam X.gcs, Guideline on countering email spam X.ocsip, Overview of countering spam for IP multimedia application X.tcs, Technical means for countering spam

SG 17 Security Recommendations under development - 4 Summaries of all Study Group 17 Recommendations under development are available on the Study Group 17 web page at: www.itu.int/itu-t/studygroups/com17

Recent Initiatives Workshops

New Horizons for Security Standardization Workshop Security Workshop held in Geneva 3-4 October 2005 Hosted by ITU-T SG17 as part of security coordination responsibility Speakers, panelists, chairs from ATIS, ETSI, ITU, ISO/IEC, IETF, OASIS, RAIS , 3GPP

Workshop Objectives Provide an overview of key international security standardization activities; Seek to find out from stakeholders their primary security concerns and issues (including possible issues of adoption or implementation of standards); Try to determine which issues are amenable to a standards-based solution and how the SDOs can most effectively play a role in helping address these issues; Identify which SDOs are already working on these issues or are best equipped to do so; and Consider how SDOs can collaborate to improve the timeliness and effectiveness of security standards and avoid duplication of effort.

Results Excellent discussions, feedback and suggestions Documented in detail in the Workshop report Results are reported under following topics: What are the crucial problems in ICT security standardization? Meta issues and need for a global framework; Standards Requirements and Priorities; Liaison and information sharing; User issues; Technology and threat issues; Focus for future standardization work; Process issues; Follow-on issues The report is available on-line at: www.itu.int/ITU-T/worksem/security/200510/index.html

Workshop on Digital Identity for Next Generation Networks Joint ITU-T/EU IST Daidalos Project workshop Held on 5th December 2006 Objectives: To investigate approaches and analyze gaps in current standards To identify future challenges and find common goals to provide direction to the current work in different projects and SDOs

Digital Identity Focus Group Focus Group on Digital Identity established December 2006 Aims to facilitate the development of a generic Identity Management Framework Participation open to other SDOs Meeting in Geneva 13-16 February 2007 www.itu.int/ITU-T/studygroups/com17/index.asp

Workshop on Interoperability and Testing Held as part of WP3 meeting on 8th Dec. 2006 Aimed to raise awareness of conformance and interoperability testing issues, with particular focus on testing needs for Next Generation Networks

Recent Initiatives Specific projects

Q.15/13 – NGN Security Aims to assure the security of the telecommunications infrastructure as PSTNs evolve to NGNs. Must address and develop network architectures that: - Provide for maximal network and end-user resource protection - Allow for highly-distributed intelligence end-to-end - Allow for co-existence of multiple networking technologies - Provide for end-to-end security mechanisms - Provide for security solutions that apply over multiple administrative domains

Q.17/17 – Combating spam by technical means Study items to be considered include: What risks does spam pose to the telecommunication network? What technical factors associated with the telecommunication network contribute to the difficulty of identifying the sources of spam? How can new technologies lead to opportunities to counter spam and enhance the security of the telecommunication network? Do network technologies such as SMS, instant messaging & VoIP) offer unique opportunities for spam that require unique solutions? What technical work is already being undertaken in other fora, and the private sector to address the problem of spam? How does spam impact the stability and robustness of the telecommunication network and what network standardization work, if any, is needed to effectively counter spam Spam has become a widespread problem causing a complex range of problems to users, service providers, and network operators around the globe. While spam was originally used to send unsolicited commercial messages, increasingly spam messages are being used to spread viruses, worms, and other malicious code that negatively impact the security and stability of the global telecommunication network. Spam may include the delivery of phishing and spyware. It is a global problem that requires a multifaceted, comprehensive approach.

Focus Group: Security Baseline for Network Operators Established October 2005 by SG 17 Objectives: Define a security baseline against which network operators can assess their network and information security posture in terms of what security standards are available, which of these standards should be used to meet particular requirements, when they should be used, and how they should be applied Describe a network operator’s readiness and ability to collaborate with other entities (operators, users and law enforcement authorities) to counteract information security threats Provide meaningful criteria that can be used by network operators against which other network operators can be assessed, if required. Survey network operators and service providers conducted in November 2006 by means of a questionnaire Development of first draft Recommendations began in December 2006

ICT Security Standards Roadmap (An SG 17 Work-in-progress) Part 1 contains information about organizations working on ICT security standards Part 2 is database of existing security standards Part 3 lists (or links to) current projects and standards in development Part 4 will identify future needs and proposed new standards

Roadmap access Part 2 now includes ITU-T, ISO/IEC JTC1, IETF, ETSI IEEE and OASIS standards. It will also be converted to a Database format to allow searching and to allow organizations to manage their own data Publicly available under Special Projects and Issues at: www.itu.int/ITU-T/studygroups/com17/index We invite you to use the Roadmap, provide feedback and help us develop it to meet your needs

Other SG17 projects Security in Telecommunications and Information Technology – an overview of existing ITU-T recommendations for secure telecommunications. Available in hard copy and on the SG 17 part of the ITU-T web site at www.itu.int/ITU-T/publications/index.html We are in the process of establishing a Security Experts Network (SEN) to maintain on-going dialogue on key issues of security standardization.

The ITU Global Cybersecurity Gateway LIVE at: http://www.itu.int/cybersecurity Provides an easy-to-use information resource on national, regional and international cybersecurity-related activities and initiatives worldwide.

Structure of the Cybersecurity Gateway The portal is geared towards four specific audiences: “Citizens”; “Businesses”; “Governments”, “International Organizations” Database information collected within five main themes: Information sharing of national approaches, good practices and guidelines; Developing watch, warning and incident response capabilities; Technical standards and industry solutions; Harmonizing national legal approaches and international legal coordination and enforcement; Privacy, data and consumer protection. Additional information resources on the following topics: spam, spyware, phishing, scams and frauds, worms and viruses, denial of service attacks, etc.

What about the future? The threat scenario will continue to evolve Attacks are widespread and innovative Broad collaboration is needed to understand and respond to the threats Security needs to be designed in upfront and to be an on-going effort SDOs need to collaborate (eliminate duplication) SDOs should aim to develop solutions that can support robust, secure, standards-based implementations that can provide protection regardless of the nature of the evolving threats

Some useful web resources ITU-T Home page www.itu.int/itu-t Study Group 17 www.itu.int/itu-t/studygroups/com17 e-mail: tsbsg17@itu.int Recommendations www.itu.int/ITU-T/publications/recs.html ITU-T Lighthouse www.itu.int/ITU-T/lighthouse ITU-T Workshops www.itu.int/ITU-T/worksem Roadmap www.itu.int/ITU-T/studygroups/com17/index Cybersecurity Portal http://www.itu.int/cybersecurity

Thank you. Any questions?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.