Presentation is loading. Please wait.

Presentation is loading. Please wait.

Standards fraud conference April 2018

Published byJasmine Day Modified over 6 years ago

Similar presentations

Presentation on theme: "Standards fraud conference April 2018"— Presentation transcript:

1 Standards fraud conference April 2018
Charles brookson Standards fraud conference April 2018

2 Second law of thermodynamics
Standards try to defeat entropy!

3 There are standards for everything
What are standards? There are standards for everything

4 Standards bodies National Standards - British Standards Institute
There are many National Standards - British Standards Institute European ESOs - ETSI, CEN CENELEC International - ISO, ITU-T Industry bodies W3C - World Wide Web Consortium GSMA - GSM Association

5 Sometimes free - sometimes costs!
getting involved Sometimes free - sometimes costs! ETSI 2000 Euros as Academic Double for costs for 3GPP as well Others Through BSI etc. and National Organizations OR - Membership for most Industry

6 types of standards etsi example
European Standard (EN) – Used when the document is intended to meet needs specific to Europe and requires transposition into national standards, or when the drafting of the document is required under a mandate from the European Commission (EC)/European Free Trade Association (EFTA). An EN is drafted by a Technical Committee and approved by European National Standards Organizations. ETSI Standard (ES) – Used when the document contains technical requirements. An ES is submitted to the whole ETSI membership for approval. ETSI Guide (EG) – Used for guidance to ETSI in general on the handling of specific technical standardization activities. It is submitted to the whole ETSI membership for approval. ETSI Technical Specification (TS) – Used when the document contains technical requirements and it is important that it is available for use quickly. A TS is approved by the Technical Committee that drafted it. ETSI Technical Report (TR) – Used when the document contains explanatory material. A TR is approved by the Technical Committee that drafted it. ETSI Special Report (SR) – Used for various purposes, including to make information publicly available for reference. An SR is approved by the Technical Committee which produced it. ETSI Group Report (GR) - An ETSI deliverable, containing only informative elements, approved for publication by an Industry Specification Group. ETSI Group Specification (GS) – Provides technical requirements or explanatory material or both. Produced and approved within our Industry Specification Groups (ISGs).

7 ETSI TC CYBER (and other standards work)
too many even in Europe Standards Eco System - TR CYBER; Global Cyber Security Ecosystem

8 Legislation & laws GDPR, NIS, Cyber Security Directives
drive standards GDPR, NIS, Cyber Security Directives GDPR - advice to Country Data Protection? NIS Directive - ETSI Technical Report Cybersecurity Directive - Product marking system? RED Radio Equipment Directive - Privacy Mobile Telephone Reprogramming Act 2002

9 quantum computers safe algorithms
EG   Quantum Computing Impact on security of ICT Systems; Recommendations on Business Continuity and Algorithm Selection In brief if the promise of quantum computing holds true then the following impacts will be immediate on the assumption that the existence of viable quantum computing resources will be used against cryptographic deployments: Symmetric cryptographic strength will be halved, e.g. AES with 128 bit keys giving 128 bit strength will be reduced to 64 bit strength (in other words to retain 128 bit security will require to implement 256 bit keys). Elliptical curve cryptography will offer no security.• RSA based public key cryptography will offer no security. The Diffie-Helman-Merkle key agreement protocol will offer no security.

10 eSIM embedded sim The SIM for the next Generation of Connected Consumer Devices eSIM is a global specification by the GSMA which enables remote SIM provisioning of any mobile device. eSIM now allows consumers to store multiple operator profiles on a device simultaneously, and switch between them remotely, though only one can be used at a time.  The specification now extends to a wider range of devices, beyond the single companion device made possible with the first release.   Manufacturers and operators can now enable consumers to select the operator of their choice and then securely download that operator’s SIM application to any device.

11 European and sometimes international
ETSI Standards European and sometimes international Quantum Guide, Eco-System, NFV and LI TC LI and 3GPP SA3 LI Other work of interest Report on techniques for assurance of digital material used in legal proceedings.  NIS Directive, GDPR work even Quantum safe VPNs!

12 5G standards at www.3gpp.org
5g as a disruptor 5G standards at NFV, SDRs, Slicing and Latency Network Function Virtualisation - All done with software, no physical hardware (Mobiles SDR - Software Latency - much quicker (think cars) Network slicing - dedicated virtual networks Much better privacy Challenges for LI (Standards later …)

13 Interesting standards work - 5g (thanks Alex l)
G Architecture Specification - good starting point. Although published may be subject to revisions. G procedures - More detail on how the architecture works procedurally - Again published but there are likely to be revisions. G security spec - This is still in draft v0.7.1 but is likely to be published in next month or so. Largely complete but there are a number of gaps. In the unlikely event you get through this lot you can find the 3GPP specs located here Helpfully specifications for 5G have largely been numbered XX.501 or XX.502 so it is fairly easy to find other low level protocol or other 5G phase 1 specific specifications.

14 Fraud aspects standards
Many are to share information Mobile radio GSMA Security Accreditation Scheme NRTRDE, IMEI (Grey Market), CIFAS (Takeover etc.) Fraud and Security Group Other industry APACS, CFCA & FIINA, NCSC, Actionfraud etc.

15 does it conform? Tested in each National Authority Europe - RED
3gpp mobile example Tested in each National Authority Europe - RED CE Mark! Works in China, USA, Japan - Worldwide! Global Certification Forum Self Certification with Challenge system

16 References to look up ETSI TC CYBER clusters/technologies/cyber-security ETSI TC LI clusters/technologies/lawful-interception 3GPP Security and LI groups/sa-plenary/54-sa3-security

17 any questions? charles@zeata.co.uk Get involved in Standards!
you can always me! Get involved in Standards! ETSI Security week June no charge and in The South of France!! week

Download ppt "Standards fraud conference April 2018"

Similar presentations

World Class Standards 1 SCP(11)0001 SCP Plenary #47 January 12-14, 2011 Title*: Update on TC M2M activities (and Smart Metering Mandate) Submitted by:

World Class Standards 1 SCP(11)0001 SCP Plenary #47 January 12-14, 2011 Title*: Update on TC M2M activities (and Smart Metering Mandate) Submitted by:
Emerging Threats, RF-ID and eCrime issues. Pascal Chauvaud 28/06/2006.

Emerging Threats, RF-ID and eCrime issues. Pascal Chauvaud 28/06/2006.
World Class Standards Recommended Improvements to The ETSI Standards Engineering Process Hans van der Veer Chair OCG-IOP & Steve Randall STF308 OCG#32,

World Class Standards Recommended Improvements to The ETSI Standards Engineering Process Hans van der Veer Chair OCG-IOP & Steve Randall STF308 OCG#32,
The National Standards and Quality System Jean-Louis Racine The World Bank Cambridge, England April 19, 2007 Knowledge Economy Forum VI Technology Acquisition.

The National Standards and Quality System Jean-Louis Racine The World Bank Cambridge, England April 19, 2007 Knowledge Economy Forum VI Technology Acquisition.
IMPLEMENTING MOBILE NETWORK ENERGY EFFICIENCY STANDARDS Mauro Boldi (Telecom Italia) Rapporteur of ETSI TC EE ES 203 228 © ETSI 2013. All rights reserved.

IMPLEMENTING MOBILE NETWORK ENERGY EFFICIENCY STANDARDS Mauro Boldi (Telecom Italia) Rapporteur of ETSI TC EE ES © ETSI All rights reserved.
SACM IETF-92 Meeting ETSI TC CYBER and SACM 27 March 2015 Tony Rutkowski,

SACM IETF-92 Meeting ETSI TC CYBER and SACM 27 March 2015 Tony Rutkowski,
Geneva, Switzerland, 15-16 September 2014 ETSI TC Cyber Charles Brookson Chairman ETSI TC Cyber Zeata Security Ltd and Azenby Ltd ITU.

Geneva, Switzerland, September 2014 ETSI TC Cyber Charles Brookson Chairman ETSI TC Cyber Zeata Security Ltd and Azenby Ltd ITU.
Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All ETSI Standardization Activities on M2M communications Joachim Koss, ETSI Board Member Document No:

Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All ETSI Standardization Activities on M2M communications Joachim Koss, ETSI Board Member Document No:
1 First Set of Standards for the grid Where are we today? Smart Grid Roadmap for India, 21st June ‘2013 Dinesh Chand Sharma Director – Standardization,

1 First Set of Standards for the grid Where are we today? Smart Grid Roadmap for India, 21st June ‘2013 Dinesh Chand Sharma Director – Standardization,
OneM2M Draft proposal for slide set. This is not intended to be a oneM2M presentation. It is a collection of source material slides which can be used.

OneM2M Draft proposal for slide set. This is not intended to be a oneM2M presentation. It is a collection of source material slides which can be used.
World Class Standards © ETSI 2007 All rights reserved ETSI Tomorrow’s World Today.

World Class Standards © ETSI 2007 All rights reserved ETSI Tomorrow’s World Today.
1 Standards Australia and accessibility standards Irene Hagstrom Standards Australia.

1 Standards Australia and accessibility standards Irene Hagstrom Standards Australia.
Consumer Protection. Testing Quantitative Test ( measurable) Qualitative Testing (opinions) Sensory Testing (opinions)

Consumer Protection. Testing Quantitative Test ( measurable) Qualitative Testing (opinions) Sensory Testing (opinions)
Security and LI; ETSI’s role in standards

Security and LI; ETSI’s role in standards
PRESENTATION OF ETSI © ETSI 2014. All rights reserved Sophia Antipolis, 22 May 2014 Luis Jorge Romero Director General, ETSI.

PRESENTATION OF ETSI © ETSI All rights reserved Sophia Antipolis, 22 May 2014 Luis Jorge Romero Director General, ETSI.
DOCUMENT #:GSC15-PLEN-53 FOR:Presentation SOURCE:ETSI AGENDA ITEM:PLEN 6.11 CONTACT(S):Emmanuel Darmois, Board Member Marylin Arndt, TC M2M chair Smart.

DOCUMENT #:GSC15-PLEN-53 FOR:Presentation SOURCE:ETSI AGENDA ITEM:PLEN 6.11 CONTACT(S):Emmanuel Darmois, Board Member Marylin Arndt, TC M2M chair Smart.
World Class Standards CCIF New York - April 2 2009 Grids, Clouds and Service Infrastructures ETSI Strategy & New Initiatives.

World Class Standards CCIF New York - April Grids, Clouds and Service Infrastructures ETSI Strategy & New Initiatives.
Riccardo Genghini - Ws E-Sign Chairman – IETF PKIX San Francisco March 20 2003 Electronic Signature infrastructure for Europe Riccardo Genghini Cen/Isss.

Riccardo Genghini - Ws E-Sign Chairman – IETF PKIX San Francisco March Electronic Signature infrastructure for Europe Riccardo Genghini Cen/Isss.
International Telecommunication Union Committed to connecting the world ITU/EBU Workshop Accessibility to Broadcasting and IPTV ACCESS for ALL, 23 – 24.

International Telecommunication Union Committed to connecting the world ITU/EBU Workshop Accessibility to Broadcasting and IPTV ACCESS for ALL, 23 – 24.
ETSI SECURITY WORK UPDATE Dr. Carmine Rizzo CISA, CISM, CMP, ITIL, PRINCE2 © ETSI 2015 All rights reserved ITU-T SG17 Meeting – 8 April 2015.

ETSI SECURITY WORK UPDATE Dr. Carmine Rizzo CISA, CISM, CMP, ITIL, PRINCE2 © ETSI 2015 All rights reserved ITU-T SG17 Meeting – 8 April 2015.

Similar presentations

Ads by Google