Presentation is loading. Please wait.

Presentation is loading. Please wait.

Updates: ITU-T Study Group 17 Standardization of “Security”

Published byBlaze Flynn Modified over 5 years ago

Similar presentations

Presentation on theme: "Updates: ITU-T Study Group 17 Standardization of “Security”"— Presentation transcript:

1 Updates: ITU-T Study Group 17 Standardization of “Security”

2 LSG (Lead Study Group) responsibilities of SG17:
Security cybersecurity security management countering spam protection of personally identifiable information security of applications and services for the IoT, smart grid, smartphone, software‑defined networking (SDN), Internet Protocol television (IPTV), web services, ITS, cloud computing, big data analytics, mobile financial system and telebiometrics Identity management (IdM) Languages and description techniques

3 ITU-T SG17 Management Team (as appointed by WTSA-16)
For the new study period (2017 – 2020) Chairman Heung Youl YOUM Korea (Republic of) Vice-Chairmen (9) Mr. Y. Miyake Japan Ms. I. Furey The United States Mr. V. Dolmatov Russian Federation Mr. G. LIN P.R. China Mr. P-K. Kettin-Zanga Central African Republic Ms. W. Latrous Tunisia (Republic of) Mr. Mohamed M.K. ELHAJ Sudan Mr. G.Evren Turkey Mr. H.D.Miguel Argentina

4 ITU-T Study Group 17: Questions
Question number Question title Status 1/17 Telecommunication/ICT security coordination Continuation of Q1/17 2/17 Security architecture and framework Continuation of Q2/17 3/17 Telecommunication information security management Continuation of Q3/17 4/17 Cybersecurity Continuation of Q4/17 5/17 Countering spam by technical means Continuation of Q5/17 6/17 Security aspects of telecommunication services and networks Continuation of Q6/17 7/17 Secure application services Continuation of Q7/17 8/17 Cloud computing security Continuation of Q8/17 9/17 Telebiometrics Continuation of Q9/17 10/17 Identity management architecture and mechanisms Continuation of Q10/17 11/17 Generic technologies (Directory, Public-Key Infrastructure (PKI), Privilege Management Infrastructure (PMI), Abstract Syntax Notation 1 (ASN.1), Object Identifiers (OIDs)) to support secure applications Continuation of Q11/17 12/17 Formal languages for telecommunication software and testing Continuation of Q12/17 13/17 Security aspects for Intelligent Transport System (ITS) New Question

5 SG17 Structure Q1/17 Telecommunication/ICT security coordination
Working Party 1 “Telecommunication/ICT Security” Q2/17 Security architecture and framework Q3/17 Telecommunication information security management Q6/17 Security aspects of telecommunication services and networks Q13/ Security aspects for Intelligent Transport System Working Party 2 “Cyberspace security” Q4/17 Cybersecurity Q5/17 Countering spam by technical means Working Party 3 “Application security” Q7/17 Secure application services Q8/17 Cloud computing security Q12/17 Formal languages for telecommunication software and testing Working Party 4 “Identity management and authentication” Q9/17 Telebiometrics Q10/17 Identity management architecture and mechanisms Q11/17 Generic technologies to support secure applications Question number Question title Status A/17 - Telecommunication/ICT security coordination Continuation of Q1/17 B/17 - Security architecture and framework Continuation of Q2/17 C/17 - Telecommunications information security management Continuation of Q3/17 D/17 - Cybersecurity Continuation of Q4/17 E/17 - Countering spam by technical means Continuation of Q5/17 F/17 - Security aspects of ubiquitous telecommunication services Continuation of Q6/17 G/17 - Secure application services Continuation of Q7/17 H/17 - Cloud computing security Continuation of Q8/17 I/17 - Telebiometrics Continuation of Q9/17 J/17 - Identity management architecture and mechanisms Continuation of Q10/17 R/17 - Generic technologies to support secure applications Continuation of Q11/17, Q12/17, Q15/17 and the ODP part of Q13/17 S/17 - Formal languages for telecommunication software and testing Continuation of Q14/17 and part of Q13/17

6 ITU-T SG17 Q.13 “Security aspects for Intelligent Transport System (ITS)”
Recommendations related to ITS: Draft Recommendation ITU-T X.1373 (X.itssec-1)  Approved Draft Recommendation ITU-T X.itssec-2  Discussed at the interim meeting. No progress. Approval of a new question on ITS (Q13)

7 Draft Recommendation ITU-T X.1373
Secure software update capability for intelligent transportation system communications devices (Status : Approved) Scope: In the context of updates of software modules in the electric devices of vehicles in the intelligent transportation system (ITS) communication environment, this Recommendation aims to provide a procedure of secure software updating for ITS communication devices for the application layer. This includes a basic model of software update, its threat and risk analysis, security requirements and controls for software update and a specification of abstract data format of update software module. The procedure related to in-vehicle communication is the out of scope of this Recommendation. For reference, the procedure used in-vehicle in this Recommendation is informative. The procedure is intended to be applied to communication devices on ITS vehicles under vehicle-to-infrastructure (V2I) communication by means of the Internet and/or ITS dedicated networks. The procedure can be practically utilized by car manufactures and ITS-related industries as a set of standard secure procedures and security controls.

8 General Model for a remote software update in Rec. ITU-T X.1373
Scope

9 Overview of X.itssec-2 Q13 Rapporteur: Sang-Woo Lee ETRI
Information Security Research Division

10 X.itssec-2(Overview) Revised draft at SG17 March 2017 meeting Scope
This Recommendation provides security guidelines for V2X communication systems. Contents Analysis of threat for V2X communication systems The security requirements for V2X communication systems Use case of V2X communication systems V2X V2V(Vehicle to Vehicle) V2I(Vehicle to Infrastructure V2ND(Vehicle to Nomadic Devices) V2P(Vehicle to Pedestrian)

11 Content of X.itssec-2 1. Scope 2. References 3. Definitions 3.1 Terms defined elsewhere 3.2 Terms defined in this Recommendation 4. Abbreviations and acronyms 5. Conventions 6. Overview of the vehicular communication 7. Analysis on threat 7.1. V2V/V2I comm. system 7.2. V2ND comm. system 8. Security requirements 8.1. V2V/V2I comm. system 8.2. V2ND comm. system 9. Examples for V2X security system 9.1. Vehicle registration service model 9.2. V2X entity authentication service model 9.3. V2X message confidentiality service model Bibliography This draft Recommendation should be actively discussed at the next SG17 meeting (August/September 2017).

12 X.itssec-2(V2V/V2I) V2V/V2I communication type < V2V beaconing>
< V2V warning propagation - forward warning propagation > < V2V warning propagation - backward warning propagation> < V2V beaconing> <V2V platoon communication> < V2I warning> < V2V/V2I information exchange>

13 X.itssec-2(Threat Analysis-1)
Threats related to authentication between vehicle and RSU (Road Side Unit) Threat Description Routing table and LDM (Local Dynamic Map) modification attack Spoof GPS information of a vehicle and modify the original geospatial information. Impersonation attack Pretend to other entity by stealing other entity's secret authentication information. For example, pretending an emergency vehicle. Sybil attack The Sybil attack is an attack wherein a reputation system is subverted by forging identities (e.g. multiple vehicles) in peer-to-peer ITS network. Threat related to message integrity Threat Description Message manipulation by malicious intermediate node A malicious intermediate node modifies the message. Thus, vehicles receive a forgery information. Sensor information manipulation Attacker modifies a physical address of the communication module or manipulates ECU sensor information such as a speed sensor.

14 X.itssec-2(Threat Analysis-2)
Threat related to confidentiality Threat Description Eavesdropping Sniff V2V message nearby vehicles and V2I message of RSUs. Attacker analyzes traffic information by sniffing message. Replay (Playback attack) Intercept V2V message nearby vehicles and V2I message of RSUs. Later, attacker replays those messages or information for the malicious purpose.   Threat related to privacy Threat Description Attack on personal information Analyze an owner of the vehicle by collecting V2V/V2I messages and track the location of driving route of a particular person. Pseudonym analysis attack Analyze the relation between vehicle ID and pseudonyms and find out that multiple pseudonyms indicate same vehicle.

15 X.itssec-2(Threat Analysis-3)
Threat related to non-repudiation Threat Description Certification database attack Manipulate pseudonym data in certificate database of the CA. Attacker may modify the relation between long term certificate and short term pseudonym certificate. Unauthorized access to credential Attacker can access a private key and certificate without authorization. Attack related to availability Threat Description Jamming and DDoS attack on V2V/V2I communication channel Flood the bandwidth or resources of a vehicle or RSU by sending a lot of useless messages or signals so as to lose availability of the target entity. DDoS attack on OBU Inject malicious code into an OBU and send a message which requires a lot of computation resource. In particular, frequent software update without authorization can be severe attack.

16 X.itssec-2(Security features)
Security features for V2V/V2I communication system in terms of communication type V2V warning propagation V2V platooning communication beaconing V2I warning V2V/V2I Information exchange Authentication between vehicle and RSU O Message integrity Confidentiality - Privacy protection Non-repudiation Availability Comm. Types Security Features O: Required, -: Not required, : partially required

17 Liaison Statement to CITS (+SG16)
During SG 17 meeting under Question 6, the following updates were made for draft Recommendations related to ITS security. Recommendation X.1373 (Secure software update capability for intelligent transportation system communication devices) was approved after TAP consultation in SG 17. Attachment-1 is the final text of X.1373 in TD 267. Draft Rec. X.itssec-2 (Security guidelines for V2X communication systems) was updated based on contributions in SG 17. SG 17 kindly asks SG 16 and CITS for comment on the baseline text of draft X.itssec-2 for our future discussion. The baseline text of the draft X.itssec-2 is in TD 337. It is also our pleasure to inform SG 16 and CITS of an establishment of a new Question 13 specifically focusing on ITS security. The title of the new Question is “Security aspects for Intelligent Transport System” and it was approved at the SG 17 meeting on 30 March 2017. An Annex to this TD contains the new Question 13 text for your information. Attachments: TD 267 (X.1373) and TD 337 (Draft baseline of X.itssec-2)

18 Future works in SG17 on ITS
Improve the draft Rec. X.itssec-2; Collaboration with related SDOs on ITS; - In ITU-T, SG16, CITS - Outside ITU-T, ISO/TC204, ISO/TC22, WP29/TFCS - OEM vendors, etc. Roadmap of ITS security Recommendations to be developed in Q13/17 should be urgently developed at the next interim meeting of Q13/17 (July 14, Seoul); Support for the forthcoming ITS security workshop on 28th August at Geneva.

19 ITS security workshop August 28, 2017 at Geneva
09: :15, Session-1: Understanding current threats and security requirements 11:30 – 12:50, Session-2: ITS security standardization Overview 14:00 – 15:45, Session-3: Mitigating security threats to automotive systems 16:00 – 17:30, Session-4: Panel discussion – Future directions on ITS standardization activity

20 Thank you for listening
Implement & use Security* Design Security* Maintain & improve Security* Monitor & review Security*

Download ppt "Updates: ITU-T Study Group 17 Standardization of “Security”"

Similar presentations

ITU-T activity in ICT security

ITU-T activity in ICT security
Security by Design A Prequel for COMPSCI 702. Perspective “Any fool can know. The point is to understand.” - Albert Einstein “Sometimes it's not enough.

Security by Design A Prequel for COMPSCI 702. Perspective “Any fool can know. The point is to understand.” - Albert Einstein “Sometimes it's not enough.
Cloud computing security related works in ITU-T SG17

Cloud computing security related works in ITU-T SG17
 Introduction  Benefits of VANET  Different types of attacks and threats  Requirements and challenges  Security Architecture  Vehicular PKI.

 Introduction  Benefits of VANET  Different types of attacks and threats  Requirements and challenges  Security Architecture  Vehicular PKI.
The 6th CJK IT Standards Meeting April 10 ~ 12, 2006, Hangzhou, China CJK IT Standards Meeting (Collaboration of Security Activity between CJK On NGN and.

The 6th CJK IT Standards Meeting April 10 ~ 12, 2006, Hangzhou, China CJK IT Standards Meeting (Collaboration of Security Activity between CJK On NGN and.
Committed to Connecting the World International Telecommunication Union April 2015 Presentation of contributions to ITU-T SG17: GuidelinesITU-T SG17 Martin.

Committed to Connecting the World International Telecommunication Union April 2015 Presentation of contributions to ITU-T SG17: GuidelinesITU-T SG17 Martin.
Geneva, Switzerland, 4 December 2014 ITU-T Study Group 17 activities in the context of digital financial services and inclusion: Security and Identity.

Geneva, Switzerland, 4 December 2014 ITU-T Study Group 17 activities in the context of digital financial services and inclusion: Security and Identity.
DOCUMENT #:GSC15-GTSC-05 FOR:Presentation SOURCE:ITU-T AGENDA ITEM:4.1 NGN, Testing specification and Beyond Chaesub.

DOCUMENT #:GSC15-GTSC-05 FOR:Presentation SOURCE:ITU-T AGENDA ITEM:4.1 NGN, Testing specification and Beyond Chaesub.
Progress of LTE V2X in China

Progress of LTE V2X in China
ITU Overview Empowering global ICT development Malcolm Johnson DOCUMENT #:GSC13-XXXX-nn FOR:Presentation SOURCE:ITU AGENDA ITEM:Opening Plenary, 4.6 CONTACT(S):Malcolm.

ITU Overview Empowering global ICT development Malcolm Johnson DOCUMENT #:GSC13-XXXX-nn FOR:Presentation SOURCE:ITU AGENDA ITEM:Opening Plenary, 4.6 CONTACT(S):Malcolm.
The 6th CJK IT Standards Meeting April 10 ~ 12, 2006, Hangzhou, China CJK IT Standards Meeting (Collaboration of Security Activity between CJK On NGN and.

The 6th CJK IT Standards Meeting April 10 ~ 12, 2006, Hangzhou, China CJK IT Standards Meeting (Collaboration of Security Activity between CJK On NGN and.
Recent Results of JCA-NID and TSAG Byoung Nam LEE HyoungJun KIM ETRI, Korea.

Recent Results of JCA-NID and TSAG Byoung Nam LEE HyoungJun KIM ETRI, Korea.
Jeju Island, Korea, 13 – 16 May 2013Identity Management and Identification Systems GSC17-PLEN-43 ITU-T IDENTITY MANAGEMENT UPDATE Bilel Jamoussi, Chief,

Jeju Island, Korea, 13 – 16 May 2013Identity Management and Identification Systems GSC17-PLEN-43 ITU-T IDENTITY MANAGEMENT UPDATE Bilel Jamoussi, Chief,
T.Russell Shields, Co-Chair, Collaboration on ITS Communication Standards Martin Adolph, Programme Coordinator, ITU ITU activities on secure vehicle software.

T.Russell Shields, Co-Chair, Collaboration on ITS Communication Standards Martin Adolph, Programme Coordinator, ITU ITU activities on secure vehicle software.
 Attacks and threats  Security challenge & Solution  Communication Infrastructure  The CA hierarchy  Vehicular Public Key  Certificates.

 Attacks and threats  Security challenge & Solution  Communication Infrastructure  The CA hierarchy  Vehicular Public Key  Certificates.
1 Network Security Maaz bin ahmad.. 2 Outline Attacks, services and mechanisms Security attacks Security services Security Mechanisms A model for Internetwork.

1 Network Security Maaz bin ahmad.. 2 Outline Attacks, services and mechanisms Security attacks Security services Security Mechanisms A model for Internetwork.
History and Summary of N-ID Activities in ITU-T Yong-Woon KIM HyoungJun KIM ETRI, Korea.

History and Summary of N-ID Activities in ITU-T Yong-Woon KIM HyoungJun KIM ETRI, Korea.
ITU-T SG17 Q.6 Security aspects of ubiquitous telecommunication services An overview for newcomers Jonghyun Baek Q6/17 Rapporteur 21 March 2016.

ITU-T SG17 Q.6 Security aspects of ubiquitous telecommunication services An overview for newcomers Jonghyun Baek Q6/17 Rapporteur 21 March 2016.
ITU-T SG17 Q.3 Telecommunication information security management An overview Miho Naganuma Q.3/17 Rapporteur 17 March 2016.

ITU-T SG17 Q.3 Telecommunication information security management An overview Miho Naganuma Q.3/17 Rapporteur 17 March 2016.
ITU-T SG17 Q.2 Security Architecture and Framework An overview for newcomers Patrick Mwesigwa Q.2/17 Rapporteur 15 March 2016.

ITU-T SG17 Q.2 Security Architecture and Framework An overview for newcomers Patrick Mwesigwa Q.2/17 Rapporteur 15 March 2016.

Similar presentations

Ads by Google