4High Level Security Drivers ITU Plenipotentiary Conference (PP-02)Intensify efforts on securityWorld Telecommunications Standardization Assembly (WTSA-04)Security robustness of protocolsCombating/Countering spamWorld Summit on the Information Society (WSIS-05)Cyber security
5ITU-T Organizational Structure WORKINGPARTYQWORLD TELECOMMUNICATIONSTANDARDIZATION ASSEMBLYTELECOMMUNICATIONSTANDARDIZATIONADVISORY GROUPSTUDY GROUPWorkshops,Seminars,Symposia, …Focus GroupsJoint Rapporteurs GroupsIPR ad hoc
6ITU-T Study GroupsITU-T work is divided up between Study Groups (SGs).SG 2: Operational aspects of service provision, networks and performanceSG 4: Telecommunication managementSG 5: Protection against electromagnetic environment effectsSG 6 Outside Plant and related indoor installationsSG 9 Integrated broadband cable networks and television and sound transmissionSG 11 Signaling requirements and protocolsSG 12 Performance and quality of serviceSG 13 Next Generation NetworksSG 15: Optical and other transport networksSG 16: Multimedia services, systems and terminalsSG 17: Security, languages and telecommunication softwareSG 19: Mobile Telecommunications NetworksNote: SG17 has overall security responsibility but almost all SGs have work with security implications and requirements.
8Study Group 17: Security, languages and telecommunication software SG 17 is the Lead Study Group on telecommunication security - It is responsible for coordination of security across all Study Groups.Subdivided into three Working Parties (WPs)WP1 - Open systems technologies;WP2 - Telecommunications security; andWP3 - Languages and telecommunications softwareMost (but not all) security Questions are in WP2
9Current SG 17 security-related Questions Working Party 1:1/17 End-to-end Multicast Communications with QoS Managing Facility2/17 Directory services, Directory systems, and public- key/attribute certificates3/17 Open Systems Interconnection (OSI)Working Party 2:4/17 Communications Systems Security Project5/17 Security Architecture and Framework6/17 Cyber Security7/17 Security Management8/17 Telebiometrics9/17 Secure Communication17/17 Countering spam by technical meansNote: a short description of the work of each of these Questions is contained under the ITU-T SG17 section of the Security Roadmap (see later slide).
10SG 17 WP2 Security Questions (2005-2008) Telecom Systems UsersQ8/17Telebiometrics*Multimodal Model Fwk*System Mechanism*Protection Procedure*X.1081Telecom SystemsQ5/17Q7/17Secure Communication Services*Mobile Secure Communications *Home Network Security*Security Web Services *X.1121, X.1122Security Management*ISM Guideline for Telecom*Incident Management*Risk Assessment Methodology*etc…*X.1051Security Architecture & Framework*Architecture, Model, Concepts, Frameworks, *etc…*X.800 series *X.805Q9/17Cyber Security *Overview of Cyber-security *Vulnerability Information Sharing * Incident Handling OperationsQ6/17NewCountering SPAM*Technical anti-spam measuresQ17/17NewQ4/17NewCommunications System Security *Vision, Coordination, Roadmap, Compendia…
11Overview of ITU-T Security Standardization -Collaboration is key factor-
12Overview of current security Questions and Recommendations under development
13SG 17 Security Recommendations under development - 1 Q4 Communications Systems Security ProjectX.sbno, Security baseline for network operatorsSecurity RoadmapSecurity in Telecommunications and Information Security ManualQ5 Security Architecture and FrameworkX.805+, Division of the security features between the network and the usersX.805nsa, Network security certification based on ITU-T Recommendation X.805X.ngn-akm, Framework for authentication and key management for link layer security of NGNX.pak, Password-authenticated key exchange (PAK)X.spn, Framework for creation, storage, distribution and enforcement of security policies for networks
14SG 17 Security Recommendations under development - 2 Q6 Cyber SecurityX.cso, Overview of cybersecurityX.sds, Guidelines for Internet Service Providers and End-users for Addressing the Risk of Spyware and Deceptive SoftwareX.cvlm, Guidelines on Cybersecurity Vulnerability Life-cycle ManagementX.vds, A vendor-neutral framework for automatic checking of the presence of vulnerabilities information updateQ7 Security ManagementX.1051 (R), Information security management guidelines for telecommunications based on ISO/IEC 27002X.rmg, Risk management guidelines for telecommunicationsX.sim, Security incident management guidelines for telecommunicationsQ8 TelebiometricsX.bip, BioAPI interworking protocolX.physiol, Telebiometrics related to human physiologyX.tai, Telebiometrics authentication infrastructureX.tpp-1, A guideline of technical and managerial countermeasures for biometric data securityX.tpp-2, A guideline for secure and efficient transmission of multi-modal biometric dataX.tsm-1, General biometric authentication protocol and profile on telecommunication systemsX.tsm-2, Profile of telecomunication device for Telebiometrics System Mechanism (TSM)
15SG 17 Security Recommendations under development - 3 Q9 Secure Communication ServicesX.crs, Correlative reacting system in mobile networkX.homesec-1, Framework of security technologies for home networkX.homesec-2, Certificate profile for the device in the home networkX.homesec-3, User authentication mechanisms for home network serviceX.msec-3, General security value added service (policy) for mobile data communicationX.msec-4, Authentication architecture in mobile end-to-end data communicationX.p2p-1, Requirements of security for peer-to-peer and peer-to-multi peer communicationsX.p2p-2, Security architecture and protocols for peer to peer networkX.sap-1, Guideline on secure password-based authentication protocol with key exchangeX.sap-2, Secure communication using TTP serviceX.websec-1, Security Assertion Markup Language (SAML) – X.1141 now in AAP Last CallX.websec-2, eXtensible Access Control Markup Language (XACML) – X.1142 now in AAP Last CallX.websec-3, Security architecture for message security in mobile web servicesQ17 Countering spam by technical meansX.csreq, Requirement on countering spamX.fcs, Technical framework for countering spamX.gcs, Guideline on countering spamX.ocsip, Overview of countering spam for IP multimedia applicationX.tcs, Technical means for countering spam
16SG 17 Security Recommendations under development - 4 Summaries of all Study Group 17 Recommendations under development are available on the Study Group 17 web page at:
18New Horizons for Security Standardization Workshop Security Workshop held in Geneva 3-4 October 2005Hosted by ITU-T SG17 as part of security coordination responsibilitySpeakers, panelists, chairs from ATIS, ETSI, ITU, ISO/IEC, IETF, OASIS, RAIS , 3GPP
19Workshop ObjectivesProvide an overview of key international security standardization activities;Seek to find out from stakeholders their primary security concerns and issues (including possible issues of adoption or implementation of standards);Try to determine which issues are amenable to a standards-based solution and how the SDOs can most effectively play a role in helping address these issues;Identify which SDOs are already working on these issues or are best equipped to do so; andConsider how SDOs can collaborate to improve the timeliness and effectiveness of security standards and avoid duplication of effort.
20Results Excellent discussions, feedback and suggestions Documented in detail in the Workshop reportResults are reported under following topics:What are the crucial problems in ICT security standardization?Meta issues and need for a global framework;Standards Requirements and Priorities;Liaison and information sharing;User issues;Technology and threat issues;Focus for future standardization work;Process issues;Follow-on issuesThe report is available on-line at:
21Workshop on Digital Identity for Next Generation Networks Joint ITU-T/EU IST Daidalos Project workshopHeld on 5th December 2006Objectives:To investigate approaches and analyze gaps in current standardsTo identify future challenges and find common goals to provide direction to the current work in different projects and SDOs
22Digital Identity Focus Group Focus Group on Digital Identity established December 2006Aims to facilitate the development of a generic Identity Management FrameworkParticipation open to other SDOsMeeting in Geneva February 2007
23Workshop on Interoperability and Testing Held as part of WP3 meeting on 8th Dec. 2006Aimed to raise awareness of conformance and interoperability testing issues, with particular focus on testing needs for Next Generation Networks
25Q.15/13 – NGN SecurityAims to assure the security of the telecommunications infrastructure as PSTNs evolve to NGNs.Must address and develop network architectures that:- Provide for maximal network and end-user resource protection- Allow for highly-distributed intelligence end-to-end- Allow for co-existence of multiple networking technologies- Provide for end-to-end security mechanisms- Provide for security solutions that apply over multiple administrative domains
26Q.17/17 – Combating spam by technical means Study items to be considered include:What risks does spam pose to the telecommunication network?What technical factors associated with the telecommunication network contribute to the difficulty of identifying the sources of spam?How can new technologies lead to opportunities to counter spam and enhance the security of the telecommunication network?Do network technologies such as SMS, instant messaging & VoIP) offer unique opportunities for spam that require unique solutions?What technical work is already being undertaken in other fora, and the private sector to address the problem of spam?How does spam impact the stability and robustness of the telecommunication network and what network standardization work, if any, is needed to effectively counter spamSpam has become a widespread problem causing a complex range of problems to users, service providers, and network operators around the globe. While spam was originally used to send unsolicited commercial messages, increasingly spam messages are being used to spread viruses, worms, and other malicious code that negatively impact the security and stability of the global telecommunication network. Spam may include the delivery of phishing and spyware. It is a global problem that requires a multifaceted, comprehensive approach.
27Focus Group: Security Baseline for Network Operators Established October 2005 by SG 17Objectives:Define a security baseline against which network operators can assess their network and information security posture in terms of what security standards are available, which of these standards should be used to meet particular requirements, when they should be used, and how they should be appliedDescribe a network operator’s readiness and ability to collaborate with other entities (operators, users and law enforcement authorities) to counteract information security threatsProvide meaningful criteria that can be used by network operators against which other network operators can be assessed, if required.Survey network operators and service providers conducted in November 2006 by means of a questionnaireDevelopment of first draft Recommendations began in December 2006
28ICT Security Standards Roadmap (An SG 17 Work-in-progress) Part 1 contains information about organizations working on ICT security standardsPart 2 is database of existing security standardsPart 3 lists (or links to) current projects and standards in developmentPart 4 will identify future needs and proposed new standards
29Roadmap accessPart 2 now includes ITU-T, ISO/IEC JTC1, IETF, ETSI IEEE and OASIS standards.It will also be converted to a Database format to allow searching and to allow organizations to manage their own dataPublicly available under Special Projects and Issues at:We invite you to use the Roadmap, provide feedback and help us develop it to meet your needs
30Other SG17 projectsSecurity in Telecommunications and Information Technology – an overview of existing ITU-T recommendations for secure telecommunications.Available in hard copy and on the SG 17 part of the ITU-T web site atWe are in the process of establishing a Security Experts Network (SEN) to maintain on-going dialogue on key issues of security standardization.
31The ITU Global Cybersecurity Gateway LIVE at:Provides an easy-to-use information resource on national, regional and international cybersecurity-related activities and initiatives worldwide.
32Structure of the Cybersecurity Gateway The portal is geared towards four specific audiences: “Citizens”; “Businesses”; “Governments”, “International Organizations”Database information collected within five main themes:Information sharing of national approaches, good practices and guidelines;Developing watch, warning and incident response capabilities;Technical standards and industry solutions;Harmonizing national legal approaches and international legal coordination and enforcement;Privacy, data and consumer protection.Additional information resources on the following topics: spam, spyware, phishing, scams and frauds, worms and viruses, denial of service attacks, etc.
33What about the future?The threat scenario will continue to evolveAttacks are widespread and innovativeBroad collaboration is needed to understand and respond to the threatsSecurity needs to be designed in upfront and to be an on-going effortSDOs need to collaborate (eliminate duplication)SDOs should aim to develop solutions that can support robust, secure, standards-based implementations that can provide protection regardless of the nature of the evolving threats
34Some useful web resources ITU-T Home pageStudy Group 17RecommendationsITU-T LighthouseITU-T WorkshopsRoadmapCybersecurity Portal