1 / 15

Infrastructure Security: The impact on Telecommunications

Infrastructure Security: The impact on Telecommunications. Charles Brookson Department of Trade & Industry, UK. Network and Information Security: NIS Report.

fears
Download Presentation

Infrastructure Security: The impact on Telecommunications

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Infrastructure Security: The impact on Telecommunications Charles Brookson Department of Trade & Industry, UK

  2. Network and Information Security: NIS Report • Response from European Standards Bodies to the "Communication from the Commission to the Council, the European Parliament, the European Economic and Social Committee and the Committee of the Regions: Network and Information Security: Proposal for a European Policy Approach”

  3. NIS threats • Electronic communication can be intercepted and data copied or modified. • Unauthorised access with malicious intent to copy, modify or destroy data and is likely to include systems and automatic equipment in the home. • Disruptive attacks on the Internet have become quite common and in future the telephone network may be threatened...

  4. NIS threats • Malicious software, such as viruses, can disable computers, delete or modify data or reprogram home equipment. • Misrepresentation of people or entities can cause substantial damages, • Many security incidents are due to unforeseen and unintentional events such as natural disasters, hardware or software failures, human error.

  5. Infrastructure security Assets -> Threats-> Services

  6. European Initiatives • eEurope – An information Society for All • europa.eu.int • ETSI – European Telecommunications Standards Institute www.etsi.org • CENELEC www.cenelec.org • CEN – European Committee for Standardisation • ISSS Information Society Standardisation System • www.cenorm.be/isss • ENISA - European Network and Information Security Agency • www.enisa.eu.int • NISSG NIS Steering Group to act as interface to standards activities

  7. European Network and InformationSecurity Agency • ENISA aims at ensuring particularly high levels of network and information security within the Community... contribute to the development of a culture of network and information security for the benefit of the citizens, consumers, enterprises and public sector organisations of the European Union. • assists the Commission, the Member States and, consequently, the business community in meeting the requirements of network and information security... • serve as a centre of expertise for both Member States and EU Institutions to seek advice on...

  8. Some areas of relevant standardisation • Lawful Interception • Algorithms • Electronic Signatures • Smart Cards • E-Authentication • Personal data protection • Security on the move

  9. Lawful Interception (LI) • Technical standards to facilitate LI • Telecommunications, Internet and Mobile • Help law enforcement combat crime • Supporting electronic commerce • 2002 produced updated standard for handover. • Technology specific for 3G mobile, Multimedia IP, IP Cablecom

  10. Algorithms and ElectronicSignatures • Algorithms for: • Mobile: 3G, DECT, GSM, TETRA • Authentication and encryption of traffic • Smart cards • CEN and ETSI co-operating on the European Electronic Signature • Goal to provide Europe with reliable electronic signatures

  11. Smart cards and authentication • Smart cards • Machine readable cards • Access tokens in public transport • Banking and payment • Healthcare • SCP – Smart Card Platform • E-authentication • European and standards • e-Authentication, e-Government • Co-operate with worldwide standards

  12. Personal data protection • IPSE – Initiative for Privacy Standardisation in Europe • Personal data protection • Related to the European Data Protection Directive

  13. Security on the move • 3rd Generation and GSM standards • Including Digital Cordless Phones (DECT), • Trunked Radio (TETRA) and • Railways (GSM-R) • EMTEL and MESA • Emergency Telecommunications

  14. Latest developments • 30 Recommendations being addressed • Co-ordination between worldwide standards bodies • Official liaisons, minimising duplication of effort • Information for important users, current and live

  15. Conclusions • Initiatives in the process of coming together • Working together • Rapidly evolving technology • Recognition of the need for security issues • Privacy, Protection, Preparedness • Existing standards and new standards required • Requirements in new standards • Citizen, Business and Government

More Related