Presentation is loading. Please wait.

Presentation is loading. Please wait.

ITU-T Perspectives on the Standards-Based Security Landscape (SG 17 Main Focus) Abbie Barbir, Ph.D. ITU-T Q6/17 Cybersecurity.

Published byDevonte Pigeon Modified over 10 years ago

Similar presentations

Presentation on theme: "ITU-T Perspectives on the Standards-Based Security Landscape (SG 17 Main Focus) Abbie Barbir, Ph.D. ITU-T Q6/17 Cybersecurity."— Presentation transcript:

1 ITU-T Perspectives on the Standards-Based Security Landscape (SG 17 Main Focus) www.oasis-open.org Abbie Barbir, Ph.D. abbieb@nortel.com ITU-T Q6/17 Cybersecurity Question Rapporteour OASIS IDTrust MS Steering Committe OASIS Telecom MS Co-chair OASIS TAB ISO JTC1 CAC SC6 Vice-Chair Senior Advisor CEA, SOA, Web Services, IdM, Security Strategic Standards Nortel

2 www.oasis-open.org Introduction to ITU Security work at ITU Study Groups SG 17 Security work Higlight of Current Activities Challenges Outline

3 What is International Telecommunication Union (ITU) ? n Headquartered in Geneva, is the UN specialized agency for telecom ITU-T Telecommunication standardization of network and service aspectsITU-D Assisting implementation and operation of telecommunications in developing countries ITU-R Radiocommunication standardization and global radio spectrum management Study Group Organization (TSAG) (WTSA)  SG 17, Security, Languages and Telecommunication Software Lead Study Group on Telecommunication Security  Lead Study Group on Telecommunication Security  SG 2, Operational Aspects of Service Provision, Networks and Performance  SG 4, Telecommunication Management  SG 5, Protection Against Electromagnetic Environment Effects  SG 9, Integrated Broadband Cable Networks and Television and Sound Transmission  SG 11, Signalling Requirements and Protocols  SG 13, Next Generation Networks  SG 15, Optical and Other Transport Network Infrastructures  SG 16, Multimedia Terminals, Systems and Applications  SG 19, Mobile Telecommunication Networks

4 Strategic Direction Cybersecurity – one of the top priorities of the ITU  ITU’s role in implementing the outcomes of the World Summit on the Information Society (WSIS) Plenipotentiary Resolution 140 (2006)  Study of definitions and terminology relating to building confidence and security in the use of information and communication technologies Plenipotentiary Resolution 149 (2006)  WTSA-04 Resolution 50, Cybersecurity – Instructs the Director of TSB to develop a plan to undertake evaluations of ITU-T “existing and evolving Recommendations, and especially signalling and communications protocol Recommendations with respect to their robustness of design and potential for exploitation by malicious parties to interfere destructively with their deployment”  WTSA-04 Resolution 52, Countering spam by technical means – Instructs relevant study groups “to develop, as a matter of urgency, technical Recommendations, including required definitions, on countering spam”

5 Highlights of current activities (1)  ITU Global Cybersecurity Agenda (GCA)  A Framework for international cooperation in cybersecurity  Five key work areas: Legal, Technical, Organisational, Capacity Building, International Cooperation  High-Level Experts (HLEG) working on global strategies  GCA/HLEG met 26 June 2008 to agree upon a set of recommendations on all five work areas for presentation to ITU Secretary-General  ISO/IEC/ITU-T Strategic Advisory Group on Security  Coordinates security work and identifies areas where new standardization initiatives may be warranted. Portal established. Workshops conducted.  Identity Management Effort jump started by IdM Focus Group which produced 6 substantial reports (265 pages) in 9 months JCA – IdM and IdM-GSI established – main work is in SGs 17 and 13

6  Core security (SG 17)  Covering frameworks, cybersecurity, countering spam, home networks, mobile, web services, secure applications, telebiometrics, etc.  Work underway on additional topics including IPTV, multicast, security; risk management and incident management; traceback, Bots, Privacy,  Questionnaire issued to developing countries to ascertain their security needs  Updated security roadmap/database, compendia, manual; strengthened coordination  Security for NGN (SG 13)  Y.2701: Security Requirements for NGN Release 1  Y.2702: NGN Authentication and Authorization Requirements  Y.NGN SecMechanisms: NGN Security Mechanisms and Procedures  Y.NGN Certificate: NGN Certificate Management  Y.AAA: Application of AAA for Network Access Control in UNI and ANI over NGN Highlights of current activities (2)

7 Identity Connecting users with services and with others (Federation) At your Desk Managed Office Whatever you’re doing (applications) In the Air On the Road Collaboration Voice Telephony ERP In Town PDA Cellular Smart Phone Wherever you are (across various access types) Whatever you’re using (devices) At Home Video Web Apps Network Identity is essential Need end-to-end trust model PC People have multiple identities, each within a specific context or domain Work – me@company.com Family – me@smith.family Hobby – me@icedevils.team Volunteer – me@association.org

8 Challenges Addressing security to enhance trust and confidence of users in networks, applications and services  With global cyberspace, what are the security priorities for the ITU with its government / private sector partnership?  Need for top-down strategic direction to complement bottom-up, contribution-driven process  Balance between centralized and distributed efforts on security standards  Legal and regulatory aspects of cybersecurity, spam, identity/privacy  Address full cycle – vulnerabilities, threats and risk analysis; prevention; detection; response and mitigation; forensics; learning  Marketplace acceptance of Information Security Management System (ISMS) standards (ISO/IEC 27000-series and ITU-T X.1051) – the security equivalent to ISO 9000-series  Effective cooperation and collaboration across the many bodies doing cybersecurity work  Informal security experts network – needs commitment There is no “silver bullet” for Cybersecurity

9 Some useful web resources n ITU-T Home page http://www.itu.int/ITU-T/http://www.itu.int/ITU-T/ n Security Roadmap http://www.itu.int/ITU- T/studygroups/com17/ict/index.htmlhttp://www.itu.int/ITU- T/studygroups/com17/ict/index.html n Security Manualhttp://www.itu.int/publ/T-HDB-SEC.03-2006/enhttp://www.itu.int/publ/T-HDB-SEC.03-2006/en n Cybersecurity Portalhttp://www.itu.int/cybersecurity/http://www.itu.int/cybersecurity/ n Cybersecurity Gatewayhttp://www.itu.int/cybersecurity/gateway/index.htmlhttp://www.itu.int/cybersecurity/gateway/index.html n Recommendations http://www.itu.int/ITU-T/publications/recs.htmlhttp://www.itu.int/ITU-T/publications/recs.html n ITU-T Lighthouse http://www.itu.int/ITU-T/lighthouse/index.phtmlhttp://www.itu.int/ITU-T/lighthouse/index.phtml n ITU-T Workshops http://www.itu.int/ITU-T/worksem/index.htmlhttp://www.itu.int/ITU-T/worksem/index.html n LSG on Security http://www.itu.int/ITU-T/studygroups/com17/tel- security.htmlhttp://www.itu.int/ITU-T/studygroups/com17/tel- security.html

10 www.oasis-open.org Backup

11 NGN architecture overview (Y.2012) Transport stratum Service stratum Control Media Management Functions ANI Transport Control Functions Resource and Admission Control Functions Network Attachment Control Functions NNI UNI Application Support Functions & Service Support Functions Applications Transport Functions End-User Functions Other Networks Service Control Functions Service User Profiles Transport User Profiles

12 NGN architecture overview (Y.2012) Transport stratum Service stratum Control Media Management Functions ANI Transport Control Functions Resource and Admission Control Functions Network Attachment Control Functions NNI UNI Application Support Functions & Service Support Functions Applications Transport Functions End-User Functions Other Networks Service Control Functions Service User Profiles Transport User Profiles  Packet-based network with QoS support and Security  Separation between Services and Transport  Access can be provided using many underlying technologies  Should be reflected in policy  Decoupling of service provision from network Support wide range of services/applications Converged services between Fixed/Mobile  Broadband capabilities with end-to-end QoS  Compliant with regulatory requirements  Emergency communications, security, privacy, lawful interception  ENUM Resources, Domain Names/ Internet Addresses

13 NGN Security Trust Model Trusted Zone Trusted but Vulnerable Zone Untrusted Zone Network Elements controlled by the NGN provider Network Elements not always controlled by the NGN provider NGN network Elements Network Border Elements (NBE) TE-BE TE Provider- controlled Equipment TE-BE TE

14 NGN Peering Trust Model Trusted Zone Trusted but Vulnerable Zone Untrusted Zone NGN network Elements Domain Border Elements (DBE) NGN network Elements Domain Border Elements (DBE) Provider B from Provider A’s point of view Provider A

Download ppt "ITU-T Perspectives on the Standards-Based Security Landscape (SG 17 Main Focus) Abbie Barbir, Ph.D. ITU-T Q6/17 Cybersecurity."

Similar presentations

ITU-T 1 EU Commission Open Workshop – Identifying policy and regulatory issues of Next Generation Networks, Brussels 22 June 2005 Some comments on ITU-T.

ITU-T 1 EU Commission Open Workshop – Identifying policy and regulatory issues of Next Generation Networks, Brussels 22 June 2005 Some comments on ITU-T.
GSC: Standardization Advancing Global Communications Home Networking in ITU-T An overview of the Home Networking studies in ITU-T and of the Joint Co-ordination.

GSC: Standardization Advancing Global Communications Home Networking in ITU-T An overview of the Home Networking studies in ITU-T and of the Joint Co-ordination.
GSC: Standardization Advancing Global Communications ITU-T Status Report on standardization of Networked RFID P.A. Probst/Chairman of ITU-T SG16 SOURCE:ITU-T.

GSC: Standardization Advancing Global Communications ITU-T Status Report on standardization of Networked RFID P.A. Probst/Chairman of ITU-T SG16 SOURCE:ITU-T.
Copyright © 2007 Telcordia Technologies Challenges in Securing Converged Networks Prepared for : Telcordia Contact: John F. Kimmins Executive Director.

Copyright © 2007 Telcordia Technologies Challenges in Securing Converged Networks Prepared for : Telcordia Contact: John F. Kimmins Executive Director.
INTERNATIONAL TELECOMMUNICATION UNION Document 27 – E TELECOMMUNICATION STANDARDIZATION SECTOR TSB Directors Consultation Meeting on IPTV standardization.

INTERNATIONAL TELECOMMUNICATION UNION Document 27 – E TELECOMMUNICATION STANDARDIZATION SECTOR TSB Directors Consultation Meeting on IPTV standardization.
ITU-R activities related to TDR Colin Langtry Counsellor Radiocommunication Study Group 8 Workshop on Telecommunications for Disaster Relief, 17-19 February.

ITU-R activities related to TDR Colin Langtry Counsellor Radiocommunication Study Group 8 Workshop on Telecommunications for Disaster Relief, February.
Overview of Convergence APT-ITU workshop on the International Telecommunications Regulations Bangkok, 6-8 February 2012 Preetam Maloor, ITU.

Overview of Convergence APT-ITU workshop on the International Telecommunications Regulations Bangkok, 6-8 February 2012 Preetam Maloor, ITU.
Forum on Next Generation Network Standardization Colombo, Sri Lanka, 7-10 April 2009 Forum on Next Generation Network Standardization Colombo, Sri Lanka,

Forum on Next Generation Network Standardization Colombo, Sri Lanka, 7-10 April 2009 Forum on Next Generation Network Standardization Colombo, Sri Lanka,
Geneva, 15 May 2009 Status of NGN architecture related studies in ITU-T SG13 Olivier Le Grand WP 3/13 chairman France Telecom JOINT ITU-T SG13 - IEEE NGSON.

Geneva, 15 May 2009 Status of NGN architecture related studies in ITU-T SG13 Olivier Le Grand WP 3/13 chairman France Telecom JOINT ITU-T SG13 - IEEE NGSON.
1 Measuring ICT4D: ITUs Focus on Household and Individual Market, Economics & Finance Unit Telecommunication Development Bureau.

1 Measuring ICT4D: ITUs Focus on Household and Individual Market, Economics & Finance Unit Telecommunication Development Bureau.
ITU-T Network Security Initiatives

ITU-T Network Security Initiatives
International Telecommunication Union ICT Security Standards Roadmap: an Update Mike Harrop Rapporteur ITU-T, Study Group 17 Q4 3 rd ETSI Security Workshop.

International Telecommunication Union ICT Security Standards Roadmap: an Update Mike Harrop Rapporteur ITU-T, Study Group 17 Q4 3 rd ETSI Security Workshop.
Enhanced Collaboration in Europe Region

Enhanced Collaboration in Europe Region
International Telecommunication Union TSAG Newbie Session, 12-16 July 2004 TSAG Newbie Session TSAG Chairman

International Telecommunication Union TSAG Newbie Session, July 2004 TSAG Newbie Session TSAG Chairman
Committed to connecting the world Major issues related to working methods of ITU-T WTSA-12 Regional Preparatory Meeting Tashkent, Uzbekistan 3 April 2012.

Committed to connecting the world Major issues related to working methods of ITU-T WTSA-12 Regional Preparatory Meeting Tashkent, Uzbekistan 3 April 2012.
Committed to connecting the world Bridging The Standardization Gap for Africa Africa Regional Preparatory Meeting for WTSA-12 Bridging the standardization.

Committed to connecting the world Bridging The Standardization Gap for Africa Africa Regional Preparatory Meeting for WTSA-12 Bridging the standardization.
BUILDING THE INFORMATION SOCIETY 14 May 2007 1 ITU-T activities on security (focus on ITU-T ITU-T activities on security (focus on ITU-T Study Group 17)

BUILDING THE INFORMATION SOCIETY 14 May ITU-T activities on security (focus on ITU-T ITU-T activities on security (focus on ITU-T Study Group 17)
Arkadiy Kremer Chairman ITU-T Study Group 17 Session 5: SDOs security standardization, implementation and evaluation strategy ITU-T Workshop on New challenges.

Arkadiy Kremer Chairman ITU-T Study Group 17 Session 5: SDOs security standardization, implementation and evaluation strategy ITU-T Workshop on "New challenges.
International Telecommunication Union ITU-T Seminar – Lisbon, 25 June 2002 ITU-T Activities on Security Greg Jones ITU Telecommunication Standardization.

International Telecommunication Union ITU-T Seminar – Lisbon, 25 June 2002 ITU-T Activities on Security Greg Jones ITU Telecommunication Standardization.
ITU-D STUDY GROUPS A unique and neutral worldwide Forum where developed and developing countries meet to study through Questions matters of priority to.

ITU-D STUDY GROUPS A unique and neutral worldwide Forum where developed and developing countries meet to study through Questions matters of priority to.

Similar presentations

Ads by Google