Itu t perspectives on the standards based security landscape sg 17 main f ocus
Download
1 / 14

ITU-T Perspectives on the Standards-Based Security Landscape SG 17 Main Focus - PowerPoint PPT Presentation


  • 381 Views
  • Uploaded on

www.oasis-open.org ITU-T Perspectives on the Standards-Based Security Landscape (SG 17 Main F ocus) Abbie Barbir, Ph.D. [email protected] ITU-T Q6/17 Cybersecurity Question Rapporteour OASIS IDTrust MS Steering Committe OASIS Telecom MS Co-chair OASIS TAB ISO JTC1 CAC SC6 Vice-Chair

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'ITU-T Perspectives on the Standards-Based Security Landscape SG 17 Main Focus' - Thomas


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Itu t perspectives on the standards based security landscape sg 17 main f ocus l.jpg

www.oasis-open.org

ITU-T Perspectives on the Standards-Based Security Landscape (SG 17 Main Focus)

Abbie Barbir, Ph.D.

[email protected]

ITU-T Q6/17 Cybersecurity Question Rapporteour

OASIS IDTrust MS Steering Committe

OASIS Telecom MS Co-chair

OASIS TAB

ISO JTC1 CAC SC6 Vice-Chair

Senior Advisor

CEA, SOA, Web Services, IdM, Security

Strategic Standards

Nortel


Slide2 l.jpg

www.oasis-open.org

Outline

  • Introduction to ITU

  • Security work at ITU Study Groups

  • SG 17 Security work

  • Higlight of Current Activities

  • Challenges


What is international telecommunication union itu l.jpg

Study Group Organization

(WTSA)

(TSAG)

ITU-T

Telecommunication

standardization of

network and service

aspects

ITU-D

Assisting implementation

and operation of

telecommunications in

developing countries

ITU-R

Radiocommunication

standardization and

global radio spectrum

management

What is International Telecommunication Union (ITU) ?

  • SG 17, Security, Languages and Telecommunication Software

    • Lead Study Group on Telecommunication Security

  • SG 2, Operational Aspects of Service Provision, Networks and Performance

  • SG 4, Telecommunication Management

  • SG 5, Protection Against Electromagnetic Environment Effects

  • SG 9, Integrated Broadband Cable Networks and Television and Sound Transmission

  • SG 11, Signalling Requirements and Protocols

  • SG 13, Next Generation Networks

  • SG 15, Optical and Other Transport Network Infrastructures

  • SG 16, Multimedia Terminals, Systems and Applications

  • SG 19, Mobile Telecommunication Networks

  • Headquartered in Geneva, is the UN specialized agency for telecom


Strategic direction l.jpg
Strategic Direction

Cybersecurity – one of the top priorities of the ITU

  • ITU’s role in implementing the outcomes of the World Summit on the Information Society (WSIS) Plenipotentiary Resolution 140 (2006)

    • Study of definitions and terminology relating to building confidence and security in the use of information and communication technologies Plenipotentiary Resolution 149 (2006)

  • WTSA-04 Resolution 50, Cybersecurity – Instructs the Director of TSB to develop a plan to undertake evaluations of ITU-T “existing and evolving Recommendations, and especially signalling and communications protocol Recommendations with respect to their robustness of design and potential for exploitation by malicious parties to interfere destructively with their deployment”

  • WTSA-04 Resolution 52, Countering spam by technical means – Instructs relevant study groups “to develop, as a matter of urgency, technical Recommendations, including required definitions, on countering spam”


Highlights of current activities 1 l.jpg
Highlights of current activities (1)

  • ITU Global Cybersecurity Agenda (GCA)

    • A Framework for international cooperation in cybersecurity

    • Five key work areas: Legal, Technical, Organisational, Capacity Building, International Cooperation

    • High-Level Experts (HLEG) working on global strategies

      • GCA/HLEG met 26 June 2008 to agree upon a set of recommendations on all five work areas for presentation to ITU Secretary-General

  • ISO/IEC/ITU-T Strategic Advisory Group on Security

    • Coordinates security work and identifies areas where new standardization initiatives may be warranted. Portal established. Workshops conducted.

  • Identity Management

    • Effort jump started by IdM Focus Group which produced 6 substantial reports (265 pages) in 9 months

    • JCA –IdM and IdM-GSI established – main work is in SGs 17 and 13


Highlights of current activities 2 l.jpg
Highlights of current activities (2)

  • Core security (SG 17)

    • Covering frameworks, cybersecurity, countering spam, home networks, mobile, web services, secure applications, telebiometrics, etc.

    • Work underway on additional topics including IPTV, multicast, security; risk management and incident management; traceback, Bots, Privacy,

    • Questionnaire issued to developing countries to ascertain their security needs

    • Updated security roadmap/database, compendia, manual; strengthened coordination

  • Security for NGN (SG 13)

    • Y.2701: Security Requirements for NGN Release 1

    • Y.2702: NGN Authentication and Authorization Requirements

    • Y.NGN SecMechanisms: NGN Security Mechanisms and Procedures

    • Y.NGN Certificate: NGN Certificate Management

    • Y.AAA: Application of AAA for Network Access Control in UNI and ANI over NGN


Identity connecting users with services and with others federation l.jpg

PDA

Cellular

At your Desk

In the Air

Managed Office

On the Road

At Home

In Town

IdentityConnecting users with services and with others (Federation)

Collaboration

PC

Video

Voice Telephony

Smart Phone

Whatever you’re doing

(applications)

Whatever you’re using

(devices)

Web Apps

ERP

Wherever you are

(across various access types)

  • Network Identity is essential

  • Need end-to-end trust model


Challenges l.jpg
Challenges

Addressing security to enhance trust and confidence of users in networks, applications and services

  • With global cyberspace, what are the security priorities for the ITU with its government / private sector partnership?

  • Need for top-down strategic direction to complement bottom-up, contribution-driven process

  • Balance between centralized and distributed efforts on security standards

  • Legal and regulatory aspects of cybersecurity, spam, identity/privacy

  • Address full cycle – vulnerabilities, threats and risk analysis; prevention; detection; response and mitigation; forensics; learning

  • Marketplace acceptance of Information Security Management System (ISMS) standards (ISO/IEC 27000-series and ITU-T X.1051) – the security equivalent to ISO 9000-series

  • Effective cooperation and collaboration across the many bodies doing cybersecurity work

  • Informal security experts network – needs commitment

    There is no “silver bullet” for Cybersecurity


Some useful web resources l.jpg
Some useful web resources

  • ITU-T Home page http://www.itu.int/ITU-T/

  • Security Roadmap http://www.itu.int/ITU-T/studygroups/com17/ict/index.html

  • Security Manual http://www.itu.int/publ/T-HDB-SEC.03-2006/en

  • Cybersecurity Portal http://www.itu.int/cybersecurity/

  • Cybersecurity Gateway http://www.itu.int/cybersecurity/gateway/index.html

  • Recommendations http://www.itu.int/ITU-T/publications/recs.html

  • ITU-T Lighthouse http://www.itu.int/ITU-T/lighthouse/index.phtml

  • ITU-T Workshops http://www.itu.int/ITU-T/worksem/index.html

  • LSG on Security http://www.itu.int/ITU-T/studygroups/com17/tel-security.html



Ngn architecture overview y 2012 l.jpg

Service User

Profiles

Transport User

Profiles

Network Attachment

Control Functions

NGN architecture overview (Y.2012)

Applications

ANI

Application Support Functions & Service Support Functions

Service Control

Functions

Service stratum

Management Functions

End-User

Functions

Resource and

Admission

Control Functions

Other

Networks

Transport Control Functions

Transport Functions

UNI

NNI

Transport stratum

Control

Media


Ngn architecture overview y 201212 l.jpg

Applications

Service User

Profiles

ANI

Application Support Functions & Service Support Functions

Service Control

Functions

Transport User

Profiles

Network Attachment

Control Functions

Service stratum

Management Functions

End-User

Functions

Resource and

Admission

Control Functions

Other

Networks

Transport Control Functions

Transport Functions

UNI

NNI

Transport stratum

Control

Media

NGN architecture overview (Y.2012)

  • Packet-based network with QoS supportand Security

  • Separation between Services and Transport

  • Access can be provided using many underlying technologies

    • Should be reflected in policy

  • Decoupling of service provision from network

  • Support wide range of services/applications

    • Converged services between Fixed/Mobile

  • Broadband capabilities with end-to-end QoS

  • Compliant with regulatory requirements

    • Emergency communications, security, privacy, lawful interception

    • ENUM Resources, Domain Names/ Internet Addresses


Ngn security trust model l.jpg

Network Elements not always controlledby the NGN provider

Network Elements

controlled bythe NGN provider

Untrusted Zone

Trusted but

Vulnerable

Zone

Trusted

Zone

TE

Provider-

controlled

Equipment

TE-BE

TE

Network

Border

Elements

(NBE)

TE

NGN

network

Elements

TE-BE

TE

NGN Security Trust Model


Ngn peering trust model l.jpg

Provider B from

Provider A’s point of view

Provider A

Trusted

Zone

Trusted but

Vulnerable

Zone

Untrusted

Zone

Domain

Border

Elements

(DBE)

Domain

Border

Elements

(DBE)

NGN

network

Elements

NGN

network

Elements

NGN Peering Trust Model


ad