1 / 48

Study Group 17, Security Input for the joint ITU-T | ISO/IEC JTC 1 leadership meeting November 2011

Study Group 17, Security Input for the joint ITU-T | ISO/IEC JTC 1 leadership meeting November 2011. Chairman: Arkadiy Kremer kremer@rans.ru TSB Advisor: Martin Euchner martin.euchner@itu.int. Topics for Joint Meeting. Networks & their Future Security (including Identity Management)

abiba
Download Presentation

Study Group 17, Security Input for the joint ITU-T | ISO/IEC JTC 1 leadership meeting November 2011

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Study Group 17, SecurityInput for the jointITU-T | ISO/IEC JTC 1 leadership meetingNovember 2011 Chairman: Arkadiy Kremerkremer@rans.ru TSB Advisor: Martin Euchner martin.euchner@itu.int

  2. Topics for Joint Meeting • Networks & their Future • Security (including Identity Management) • Multimedia (including 3D aspects) • RFID, Sensor Networks, Internet of Things, M2M • Smart Grid • Green ICT, Green by ICT and Energy Efficiency • Home Networking • Cloud Computing (including Web Services) • Accessibility Note: Since all the above topics have security aspects, these are consolidated in this one presentation

  3. SG 17 collaborative work with ISO/IEC JTC 1 Existing relationships having collaborative (joint) projects: Note – In addition to collaborative work, extensive communications and liaison relationships exist with the following JTC 1 SCs: 6, 7, 17, 22, 27, 31, 37 and 38 on a wide range of topics. All SG 17 Questions are involved.

  4. Suggested items for discussion • Improving collaboration • Better coordination of meeting schedules - Collaboration is most effective when there are common participants attending both groups. For this to happen there needs to be better coordination of meeting schedules between groups to avoid overlaps. This is especially important for SG 6 and SG 17 and for SC 27 and SG 17 as there are many collaborative projects. In last two years, these meetings have overlapped. • Increased used of collaborative teams – This has worked very well between SC 6 and SG 17. SG 17 would like to have collaborative teams with SC 27 on joint projects. For example, SG 17 believes our repeated requests for a collaborative team for ITU-T X.eaa | ISO/IEC 29115 would have reduced the total effort spent and sped up its completion.

  5. Suggested items for discussion (cnt’d) • Managing growing overlap of work between SG 17 and SC 27 • A fundamental role of ITU, following the World Summit on the Information Society (WSIS) is to build confidence and security in the use of Information and Communication Technologies (ICTs) [Action line C5]. SG 17 is the ITU-T lead study group on security. • SC 27 is responsible for IT Security techniques • Every security Question in SG 17 has relationships with SC 27 • Additional new work items are continually being identified where cooperation/collaboration is needed – for example: • X.gpim, Guideline for management of personally identifiable information for telecommunication organizations (SG 17 Q3 with SC 27 WG 1 and WG 5) • SG 17 believes this is a serious issue and recommends a joint effort be established to develop an approach for going forward.

  6. Contents • Study Group 17 mandate and overview • Study Group 17 work programme • Security Coordination • Future meetings • Useful references • Summary - Suggestions for further dialog

  7. SG 17 mandate established by World Telecommunication Standardization Assembly (WTSA-08) WTSA-08 decided the following for Study Group 17: • Title: Security • Responsible for: studies relating to security including cybersecurity, countering spam and identity management. Also responsible for the application of open system communications including directory and object identifiers, and for technical languages, the method for their usage and other issues related to the software aspects of telecommunication systems. • Lead Study Group for: • Telecommunication security • Identity management • Languages and description techniques • Responsible for specific E, F, X and Z series Recommendations • Responsible for 15 Questions • Chairman: Arkadiy Kremer • Vice chairmen: Jianyong Chen, Mohamed M.K. Elhaj, Antonio Guimaraes, Patrick Mwesigwa, Koji Nakao, Heung Youl Youm

  8. Study Group 17 is the Lead Study Group on:●Telecommunication security● Identity management (IdM)● Languages and description techniques • A study group may be designated by WTSA or TSAG as the lead study group for ITU‑T studies forming a defined programme of work involving a number of study groups. • This lead study group is responsible for the study of the appropriate core Questions. • In addition, in consultation with the relevant study groups and in collaboration, where appropriate, with other standards bodies, the lead study group has the responsibility to define and maintain the overall frameworkand to coordinate, assign (recognizing the mandates of the study groups) and prioritize the studies to be carried out by the study groups, and to ensure the preparation of consistent, complete and timely Recommendations. * Extracted from WTSA-08 Resolution 1

  9. SG 17 is “Parent” for Joint Coordination Activities (JCAs) on:● Identity management● Conformance & interoperability testing • A joint coordination activity (JCA) is a tool for management of the work programme of ITU-T when there is a need to address a broad subject covering the area of competence of more than one study group. A JCA may help to coordinate the planned work effort in terms of subject matter, time-frames for meetings, collocated meetings where necessary and publication goals including, where appropriate, release planning of the resulting Recommendations. • The establishment of a JCA aims mainly at improving coordination and planning. The work itself will continue to be conducted by the relevant study groups and the results are subject to the normal approval processes within each study group.A JCA may identify technical and strategic issues within the scope of its coordination role, but will not perform technical studies nor write Recommendations. A JCA may also address coordination of activities with recognized standards development organizations (SDOs) and forums, including periodic discussion of work plans and schedules of deliverables. The study groups take JCA suggestions into consideration as they carry out their work. * Extracted from Recommendation ITU-T A.1

  10. Study Group 17 Overview • Meets twice a year. Last meeting had 171 participants from 21 Member States, 20 Sector Members and 7 Associates. • As of 16 October 2012, SG 17 is responsible for 279 approved Recommendations, 11 approved Supplements and 3 approved Implementer’s Guides in the E, F, X and Z series. • Large program of work: • 23 new work items added to work program in 2011 • 24 Recommendations, 8 Corrigenda and 3 Supplements approved or entered approval process in 2011 • 143 new or revised Recommendations and other texts are under development for approval in 2012 or later • Work organized into 3 Working Parties with 15 Questions • 5 Correspondence groups • See SG 17 web page for more informationhttp://www.itu.int/ITU-T/studygroups/com17/index.asp

  11. SG 17, Security Identity management and languages Working Party 1 Working Party 2 Working Party 3 Network and information security Q10 IdM Securityproject Application security Q1 Ubiquitousservices Q6 Q11 Directory Q2 Architecture Q7 Applications Q12 ASN.1, OID Q3 ISM Q13 Languages Q8 SOA Q4 Cybersecurity Q14 Testing Q9 Telebiometrics Counteringspam Q5 Q15 OSI WP 1 WP 2 WP 3

  12. Additional Security Work • Cloud Computing Security • Expected transfer in early 2012 of security work from ITU-T Focus Group on Cloud Computing to SG 17 • Smart Grid Security • Expected transfer in early 2012 of security work from ITU-T Focus Group on Smart Grid to SG 17 • Child Online Protection • Correspondence group currently looking at what aspects are appropriate given SG 17 mandate and area of expertise • Cybercrime • ITU-T Secretary General signed MoU with United Nations Office on Drugs and Crime (UNODC) – Role of SG 17 needs further consideration SG 17 has prepared first draft of 17 proposed Questions for the 2013-2016 study period

  13. Contents • Study Group 17 mandate and overview • Study Group 17 work programme • Security Coordination • Future meetings • Useful references • Summary - Suggestions for further dialog

  14. Working Party 1/17Network and information security Chairman: Koji Nakao Q1 Telecommunications systems security project Q2 Security architecture and framework Q3 Telecommunications information security management Q4Cybersecurity Q5 Countering spam by technical means

  15. Question 1/17Telecommunications systems security project • Security Coordination • Coordinate security matters within SG 17, with ITU-T SGs, ITU-D and externally with other SDOs • Maintain reference information on LSG security webpage • ICT Security Standards Roadmap • Searchable database of approved ICT security standards from ITU-T, ISO/IEC and others • Security Compendia • Catalogue of approved security-related Recommendations and security definitions extracted from approved Recommendations • ITU-T Security Manual • 4th edition published in 4Q/2009; 5th edition planned for 2012 • Bridging the standardization gap

  16. Question 1/17 (cnt’d)Telecommunications systems security project • Security standardization strategy – Define a top-down approach to complement the contribution-driven work • to ensure the continued relevance of security standards by keeping them current with rapidly-developing technologies and operators’ trends (in e-commerce, e-payments, e-banking, telemedicine, fraud-monitoring, fraud-management, fraud identification, digital identity, infrastructure creation, billing systems, IPTV, Video-on-demand, grid network computing, ubiquitous networks, etc.) • to follow-up on considerable attention recently given to trust between network providers and communication infrastructure vendors, in particular for communication hardware and software security, issues of how trust can be established and/or enhanced would need to be considered • Rapporteur: Antonio Guimaraes

  17. Question 2/17Security Architecture and Framework • Responsible for general security architecture and framework for telecommunication systems • Recommendation in approval process: • X.1037, Architectural systems for security controls for preventing fraudulent activities in public carrier networks • Recommendations currently under study include: • X.gsiiso, Guidelines on security of the individual information service for operators • X.ncns-1, National IP-based Public Networks Security Center for Developing Countries • X.ipv6-secguide, Technical guideline on deploying IPv6 • X.hns, Heterarchic for secure distributed services networks • 25 Recommendations and 2 Supplements approved • Relationships with ISO/IEC JTC 1 SCs 27 and 37, IEC TC 25, ISO TC 12, IETF, ATIS, ETSI, 3GPP, 3GPP2 • Rapporteur: Patrick Mwesigwa

  18. Question 3/17Telecommunications information security management • Responsible for information security management - X.1051, etc. • Recommendations approved April 2011: • X.1052, Information security management framework • X.1057, Asset management guidelines in telecommunication organizations • Developing specific guidelines including: • X.gpim, Guideline for management of personallyidentifiable information for telecommunication org. • X.isgf, Governance of information security (w/SC 27) • X.rmsm, Reference model for small and medium sizedtelecommunication organizations • X.sgsm, Security management guidelines for smalland medium-sized telecommunication organizations • X.mgv6, Security management guideline forimplementation of IPv6 environment • Supplement - User guide for X.1051 • Information security incident management for developing countries • Close collaboration with ISO/IEC JTC 1/SC 27 • Rapporteur: Miho Naganuma

  19. Question 4/17 Cybersecurity • Cybersecurity by design no longer possible; a new paradigm: • know your weaknesses  minimize the vulnerabilities • know your attacks  share the heuristics within trust communities • Current work program (28 Recommendations under development) • X.1500 suite: Cybersecurity Information Exchange (CYBEX) – non-prescriptive, extensible, complementary techniques for the new paradigm • Weakness, vulnerability and state • Event, incident, and heuristics • Information exchange policy • Identification, discovery, and query • Identity assurance • Exchange protocols • Non-CYBEX deliverables include compendiums and guidelines for • SIP server protection • Abnormal traffic detection • Botnet mitigation • Attack source attribution (including traceback) • Trusted standards availability • Extensive relationships with many external bodies

  20. Question 4/17 (cnt’d)Cybersecurity • Key achievements • X.1205, Overview of cybersecurity   • X.1206, A vendor-neutral framework for automatic notification of security related information and dissemination of updates   • X.1207, Guidelines for telecommunication service providers for addressing the risk of spyware and potentially unwanted software • X.1209,Capabilities and their context scenarios for cybersecurity information sharing and exchange • X.1303, Common alerting protocol • X.1500, Overview of cybersecurity information exchange (CYBEX) • X.1520, Common vulnerabilities and exposures (CVE) • X.1521, Common vulnerability scoring system (CVSS) • X.1570, Discovery mechanisms in the exchange of cybersecurity information • X.Sup.8, Supplement on best practices against botnet threats • X.Sup.9, Guidelines for reducing malware in ICT networks • X.Sup.10, Usability of network traceback • Recommendations in approval process • X.1500.1, Procedures for the registration of arcs under OID arc for CYBEX • X.1524, Common weakness enumeration (CWE) • X.1541,Incident object description exchange format • Rapporteur: Anthony Rutkowski

  21. Question 5/17Countering spam by technical means • Lead group in ITU-T on countering spam by technical means in support of WTSA-08 Resolution 52 (Countering and combating spam) • 7 Recommendations and 2 Supplements approved. 3 draft texts under development (see structure in next slide): • X.oacms, Overall aspects of countering messaging spam in mobile networks • X.ticvs, Technologies involved in countering voice spam in telecommunication organizations • Supplement, Functions and interfaces for countering e-mail spam using botnet information • Effective cooperation with ITU-D, IETF, ISO/IEC JTC 1, 3GPP, OECD, MAAWG , ENISA and other organizations • Rapporteur: Hongwei Luo

  22. Question 5/17 (cnt’d)Countering spam by technical means

  23. Working Party 2/17Application Security Chairman: Heung Youl Youm Q6 Security aspects of ubiquitous telecommunication services Q7Secure application services Q8 Service oriented architecture security Q9Telebiometrics

  24. Question 6/17Security aspects of ubiquitous telecommunication services • Multicast security • X.1101, Security requirements and framework for multicast communication • Home network security • X.1111, Framework for security technologies for home network • X.1112, Device certificate profile for the home network • X.1113, Guideline on user authentication mechanism for home network services • X.1114, Authorization framework for home network • Mobile security • X.1121, Framework of security technologies for mobile end-to-end data communications   • X.1122, Guideline for implementing secure mobile systems based on PKI   • X.1123, Differentiated security service for secure mobile end-to-end data communication   • X.1124, Authentication architecture for mobile end-to-end data communication   • X.1125, Correlative reacting system in mobile data communication • X.msec-5, Security requirements and mechanism for reconfiguration of mobile device with multiple communication interfaces • X.msec-6, Security aspects of mobile phones • Networked ID security • X.1171, Threats and requirements for protection of personally identifiable information in applications using tag-based identification • X.1175, Guidelines on protection of personally identifiable information in the application of RFID technology

  25. Question 6/17 (cnt’d)Security aspects of ubiquitous telecommunication services • IPTV security • X.1191, Functional requirements and architecture for IPTV security aspects • X.1192, Functional requirements and mechanisms for secure transcodable scheme of IPTV • X.1193,Key management framework for secure IPTV services • X.1195, Service and content protection (SCP) interoperability scheme • X.iptvsec-4, Algorithm selection scheme for service and content protection (SCP) descrambling • X.iptvsec-6, Framework for the downloadable service and content protection (SCP) system in the mobile IPTV environment • X.iptvsec-7, Guidelines on criteria for selecting cryptographic algorithms for the IPTV service and content protection (SCP) • X.iptvsec-8, Virtual machine-based security platform for renewable service and content protection (SCP) • Ubiquitous sensor network security  • X.1311, Information technology – Security framework for ubiquitous sensor network (w/SC 6) • X.1312, Ubiquitous sensor network (USN) middleware security guidelines • X.usnsec-3, Secure routing mechanisms for wireless sensor network • X.unsec-1, Security requirements and framework of ubiquitous networking • Close relationship with JCA-IPTV and ISO/IEC JTC 1/SC 6/WG 7 • Rapporteur: Jonghyun Baek

  26. Question 7/17Secure application services • Web security • X.1141,Security Assertion Markup Language (SAML 2.0) • X.1142, eXtensible Access Control Markup Language (XACML 2.0) • X.1143, Security architecture for message security in mobile web services • X.websec-4,Security framework for enhanced web based telecommunication services • Security protocols • X.1151, Guideline on secure password-based authentication protocol with key exchange • X.1152, Secure end-to-end data communication techniques using trusted third party services • X.1153, A management framework of an one time password-based authentication service • X.sap-4, The general framework of combined authentication on multiple identity service provider environment • X.sap-5, Guideline on anonymous authentication for e-commerce service • X.sap-6, An One Time Password-based non-repudiation framework • X.sap-7, The requirements of fraud detection and response services for sensitive Information Communication Technology • Peer-to-peer security • X.1161,Framework for secure peer-to-peer communications   • X.1162,Security architecture and operations for peer-to-peer networks • X.p2p-3, Security requirements and mechanisms of peer-to-peer-based telecommunication network • X.p2p-4, Use of service providers’ user authentication infrastructure to implement PKI for peer-to-peer networks • Relationships include: OASIS, OMA, W3C, ISO/IEC JTC 1/SCs 27 & 38, Kantara Initiative • Rapporteur: Jae Hoon Nah

  27. Question 8/17Service oriented architecture security • Current focus: • Security aspects of cloud computing • X.ccsec, Security guideline for cloud computing in telecommunication area • X.srfctse, Security requirements and framework of cloud based telecommunication service environment • Security aspects of service oriented architecture • X.fsspvn, Framework of the secure service platform for virtual network • X.sfcsc, Security functional requirements for software as a service (SaaS) application environment • Working closely with FG on Cloud computing • Rapporteur: Liang Wei

  28. Question 9/17Telebiometrics • Current focus: • Security requirements and guidelines for applications of telebiometrics • Requirements for evaluating security, conformance and interoperability with privacy protection techniques for applications of telebiometrics • Requirements for telebiometric applications in a high functionality network • Requirements for telebiometric multi-factor authentication techniques based on biometric data protection and biometric encryption • Requirements for appropriate generic protocols providing safety, security, privacy protection, and consent “for manipulating biometric data” in applications of telebiometrics, e.g., e-health, telemedicine • Approved Recommendations • X.1080.1,e-Health and world-wide telemedicines - Generic telecommunication protocol • X.1081,The telebiometric multimodal model – A framework for the specification of security and safety aspects of telebiometrics • X.1082,Telebiometrics related to human physiology • X.1083,Information technology – Biometrics – BioAPI interworking protocol (w/SC 37) • X.1084,Telebiometrics system mechanism – Part 1: General biometric authentication protocol and system model profiles for telecommunications systems • X.1086,Telebiometrics protection procedures – Part 1: A guideline to technical and managerial countermeasures for biometric data security

  29. Question 9/17 (cnt’d)Telebiometrics • Approved Recommendations (continued) • X.1088,Telebiometrics digital key framework (TDK) – A framework for biometric digital key generation and protection • X.1089,Telebiometrics authentication infrastructure (TAI) • X.1090,Authentication framework with one-time telebiometric templates • Recommendations under development: • X.bhsm, Telebiometric authentication framework using biometric hardware • X.gep, A guideline for evaluating telebiometric template protection • X.tam, Guideline to technical and operational countermeasurers for telebiometric applications using mobile devices • X.th-series, e-Health and world-wide telemedicines • X.th2,Telebiometrics related to physics (with ISO TC 12) • X.th3,Telebiometrics related to chemistry (with ISO TC 12) • X.th4,Telebiometrics related to biology (with IEC TC 25) • X.th5,Telebiometrics related to culturology (with IEC TC 25) • X.th6,Telebiometrics related to psychology (with IEC TC 25) • X.tif, Integrated framework for telebiometric data protection • Close working relationship with ISO/IEC JTC 1/SCs 17, 27 and 37, ISO TCs 12, 68 and 215, IEC TC 25, IETF, IEEE • Rapporteur: Hale Kim

  30. Working Party 3/17Identity management and languages Chairman: Jianyong Chen Q10 Identity management architecture and mechanisms Q11 Directory services, Directory systems, and public-key/attribute certificates Q12 ASN.1, Object Identifiers (OIDs) and associated registration Q13 Formal languages and telecommunication software Q14 Testing languages, methodologies and framework Q15 Open Systems Interconnection (OSI)

  31. Question 10/17Identity Management (IdM) • Identity Management (IdM) • IdM is a security enabler by providing trust in the identity of both parties to an e-transaction • IdM also provides network operators an opportunity to increase revenues by offering advanced identity-based services • The focus of ITU-T’s IdM work is on global trust and interoperability of diverse IdM capabilities in telecommunication. • Work is focused on leveraging and bridging existing solutions • This Question is dedicated to the vision setting and the coordination and organization of the entire range of IdM activities within ITU-T • Approved Recommendations • X.1250, Baseline capabilities for enhanced global identity management trust and interoperability • X.1251, A framework for user control of digital identity • X.1252, Baseline identity management terms and definitions • X.1253,Security guidelines for identity management systems • X.1275,Guidelines on protection of personally identifiable information in the application of RFID technology • X.Sup.7, Overview of identity management in the context of cybersecurity

  32. Question 10/17 (cnt’d)Identity Management (IdM) • Key focus • Adoption of interoperable federated identity frameworks that use a variety of authentication methods with well understood security and privacy • Encourage the use of authentication methods resistant to known and projected threats • Provide a general trust model for making trust-based authentication decisions between two or more parties • Ensure security of online transactions with focus on end-to-end identification and authentication of the participants and components involved in conducting the transaction, including people, devices, and services • Engagement • JCA-IdM • 11 Recommendations under development • Collaborative work with JTC 1/SC27 on X.eaa, Entity authentication assurance framework • Collaborative work with CA/Browser Forum on X.EVcert, Extended validation certificate framework • Related standardization bodies: ISO/IEC JTC 1 SCs 6, 27 and 37; IETF; ATIS; ETSI/TISPAN; OASIS; Kantara Initiative; OMA; NIST; 3GPP; 3GPP2; Eclipse; OpenID Foundation; OIX etc. • Rapporteur: Abbie Barbir

  33. Question 11/17Directory services, Directory systems, and Public-key/attribute certificates • Three Directory Projects: • ITU-T X.500 Series of Recommendations | ISO/IEC 9594 - all parts – The Directory • ITU-T F.5xx - Directory Service - Support of tag-based identification services • ITU-T E.115 - Computerized directory assistance • X.500 series is a specification for a highly secure, versatile and distributed directory • The X.500 series is under continuous enhancement • Password policy • Support of RFID • Interworking with LDAP • Support for Identity Management • X.500 work is collaborative with ISO/IEC JTC 1/SC 6/WG 8

  34. Question 11/17 (cnt’d)Directory services, Directory systems, andPublic-key/attribute certificates • ITU-T X.509 on public-key/attribute certificates is the cornerstone for security: • Base specification for public-key certificates and for attribute certificates • Has a versatile extension feature allowing additions of new fields to certificates • Basic architecture for revocation • Base specification for Public-Key Infrastructure (PKI) • Base specifications for Privilege Management Infrastructure (PMI) • ITU-T X.509 is used in many different areas: • Basis for eGovernment, eBusiness, etc. all over the world • Used for IPsec, cloud computing, and many other areas • Is the base specification for many other groups (PKIX in IETF, ESI in ETSI, CA Browser Forum, etc.) • Rapporteur: Erik Andersen

  35. Question 12/17Abstract Syntax Notation One (ASN.1), Object Identifiers (OIDs) and associated registration • Developing and maintaining the heavily used Abstract Syntax Notation One (ASN.1) and Object Identifier (OID) specifications • Giving advice on the management of OID Registration Authorities, particularly within developing countries, through the ASN.1 and OID Project Leader Olivier Dubuisson • Approving new top arcs of the Object Identifier tree as necessary • Promoting use of OID resolution system by other groups such asSG 16 • Repository of OID allocations and a database of ASN.1 modules • Recommendations are in the X.680 (ASN.1), X.690 ( ASN.1 Encoding Rules), X.660/X.670 (OID Registration), and X.890 (Generic Applications, such as Fast Infoset, Fast Web services, etc) series • ASN.1 Packed Encoding Rules reduces the bandwidth required for communication thus conserving energy (e.g., compared with XML) • Work is collaborative with ISO/IEC JTC 1/SC 6/WG 9 • Rapporteur: John Larmouth

  36. Question 13/17Formal languages and telecommunication software • Languages and methods for requirements, specification implementation, and Open Distributed Processing (ODP) • Recommendations for ODP (X.900 series in collaboration with JTC 1/SC 7/WG 19), Specification and Description Language (Z.100 series), Message Sequence Chart (Z.120 series), User Requirements Notation (Z.150 series), framework and profiles for Unified Modeling Language, as well as use of languages (Z.110, Z.111, Z.400, Z.450). • Updates of Z.100 and Z.150 series are being progressed • These techniques enable high quality Recommendations to be written from which formal tests can be derived, and products to be cost effectively developed. • Relationship with SDL Forum Society • Rapporteur: Rick Reed

  37. Question 14/17Testing languages, methodologies and framework • Interoperability and conformance testing languages, methodologies and framework • Responsible for Testing and Test Control Notation version 3 (TTCN-3) Recommendations: Z.161, Z.162, Z.163, Z.164, Z.165, Z.166, Z.167, Z.168, Z.169, Z.170 • Further updates on the Z.160-170 series will be produced in 2012 • Also responsible for conformance testing methodology and framework for protocol Recommendations: X.290, X.291, X.292, X.293, X.294, X.295, X.296, X.Sup4 and X.Sup5 • Provides support for WTSA-08 Resolution 78 on conformance and interoperability testing • Close liaisons with ETSI, SG 11, JCA-CIT • Rapporteur: Dieter Hogrefe

  38. Question 15/17Open Systems Interconnection (OSI) • Ongoing maintenance of the OSI X-series Recommendations and the OSI Implementer’s Guide: • OSI Architecture • Message Handling • Transaction Processing • Commitment, Concurrency and Recovery (CCR) • Remote Operations • Reliable Transfer • Quality of Service • Upper layers – Application, Presentation, and Session • Lower Layers – Transport, Network, Data Link, and Physical • 109 approved Recommendations • Work is carried out in collaboration with ISO/IEC JTC 1

  39. Contents • Study Group 17 mandate and overview • Study Group 17 work programme • Security Coordination • Future meetings • Useful references • Summary - Suggestions for further dialog

  40. Security CoordinationSecurity activities in other ITU-T Study Groups ITU-T SG 2 Operation aspects & TMN Q3 International Emergency Preference Scheme , ETS/TDR Q5 Network and service operations and maintenance procedures , E.408 Q11 TMN security, TMN PKI ITU-T SG 9 Integrated broadband cable and TV Q3 Conditional access, copy protection, HDLC privacy, Q7, Q8 DOCSIS privacy/security Q9 IPCablecom 2 (IMS w. security), MediaHomeNet security gateway, DRM, ITU-T SG 11 Signaling Protocols Q7 EAP-AKA for NGN ITU-T SG 13 Future network Q16 Security and identity management for NGN Q17 Deep packet inspection ITU-T SG 15 Optical Transport & Access Reliability, availability, Ethernet/MPLS protection switching ITU-T SG 16 Multimedia Secure VoIP and multimedia security (H.233, H.234, H.235, H.323, JPEG2000)

  41. Coordination with other bodies Study Group 17 ITU-D, ITU-R, xyz…

  42. Contents • Study Group 17 mandate and overview • Study Group 17 work programme • Security Coordination • Future meetings • Useful references • Summary – Suggestions for further dialog

  43. Future Study Group 17 Meetings • Monday, 20 February – Friday, 2 March 2012(10 days), Geneva, Switzerland • Monday, 3 September – Friday 7, September 2012(5 days), Geneva, Switzerland.Note: may be extended to 8 days The next study period starts following WTSA-12

  44. Contents • Study Group 17 mandate and overview • Study Group 17 work programme • Security Coordination • Future meetings • Useful references • Summary – Suggestions for further dialog

  45. References on collaboration between ITU-T and JTC 1 • Guide for ITU-T and ISO/IEC JTC 1 Cooperation • http://www.itu.int/rec/T-REC-A.23-201002-I!AnnA • Listing of common text and technically aligned Recommendations | International Standards • http://www.itu.int/oth/T0A0D000011/en • Mapping between ISO/IEC International Standards and ITU-T Recommendations • http://www.itu.int/oth/T0A0D000012/en • Relationships of SG 17 Questions with JTC 1 SCsthat categorizes the nature of relationships as: • joint work (e.g., common texts or twin texts) • technical collaboration by liaison mechanism • informational liaison • http://www.itu.int/en/ITU-T/studygroups/com17/Pages/relationships.aspx

  46. SG 17 Reference links • Webpage for ITU-T Study Group 17 • http://www.itu.int/ITU-T/studygroups/com17/index.asp • Webpage on ICT security standard roadmap • http://www.itu.int/ITU-T/studygroups/com17/ict/index.html • Webpage on ICT cybersecurity organizations • http://www.itu.int/ITU-T/studygroups/com17/nfvo/index.html • Webpage for JCA on Identity management • http://www.itu.int/en/ITU-T/jca/idm/Pages/default.aspx • Webpage for JCA on Conformance and interoperability testing • http://www.itu.int/en/ITU-T/jca/cit/Pages/default.aspx • Webpage on lead study group on telecommunication security • http://www.itu.int/en/ITU-T/studygroups/com17/Pages/telesecurity.aspx • Webpage on lead study group on identity management • http://www.itu.int/en/ITU-T/studygroups/com17/Pages/idm.aspx • Webpage on lead study group on languages and description techniques • http://www.itu.int/en/ITU-T/studygroups/com17/Pages/ldt.aspx • Webpage for security workshop on Addressing security challenges on a global scale • http://www.itu.int/ITU-T/worksem/security/201012/index.html

  47. Contents • Study Group 17 mandate and overview • Study Group 17 work programme • Security Coordination • Future meetings • Useful references • Summary – Suggestions for further dialog

  48. Summary – Suggestions for further dialog • There are numerous examples of highly successful collaborations between ITU-T and JTC 1; these experiences should be leveraged in other areas. • The increasing overlap in security work between ITU-T SG 17 and JTC 1/SC 27 needs to be seriously addressed jointly with some urgency. • Increased use of collaborative teams would beneficial for joint projects. • Better coordination of meeting schedules before they are set would improve common participation which is vital for effective collaboration.

More Related