Presentation is loading. Please wait.

Presentation is loading. Please wait.

Committed to Connecting the World 1 February 2010 SG 17 input for a joint ITU-T | ISO/IEC JTC 1 leadership meeting (4-5 February 2010) Chairman: Arkadiy.

Similar presentations


Presentation on theme: "Committed to Connecting the World 1 February 2010 SG 17 input for a joint ITU-T | ISO/IEC JTC 1 leadership meeting (4-5 February 2010) Chairman: Arkadiy."— Presentation transcript:

1 Committed to Connecting the World 1 February 2010 SG 17 input for a joint ITU-T | ISO/IEC JTC 1 leadership meeting (4-5 February 2010) Chairman: Arkadiy Kremer Counsellor: Georges Sebek Joint ITU-T/ISO IEC JTC 1 Leadership meeting

2 Committed to Connecting the World 2 February 2010 ITU-T SG 17 role and mandate Responsible for studies relating to security including cybersecurity, countering spam and identity management. Also responsible for the application of open system communications including directory and object identifiers, and for technical languages, the method for their usage and other issues related to the software aspects of telecommunication systems Lead study group on telecommunication security, identity management (IdM) and languages and description techniques

3 Committed to Connecting the World 3 February 2010 SG 17 structure WP 1WP 2WP 3 Network and information security Application security Identity management and languages Q10 IdM Q11 Directory Q12 ASN.1, OID Q13 Languages Q14 Testing Q15 OSI Q8 SOA Q9 Telebiometrics Q7 Applications Q6 Ubiquitous services Security project Q1 Q2 Architecture Q3 ISM Q4 Cybersecurity Q5 Countering spam

4 February 2010 Committed to Connecting the World 4 Collaboration on ICT Security Standards Roadmap (Q.1/17 Telecommunications systems security project) An important on-line security standards resource developed in collaboration with ISO/IEC, ENISA, ETSI, IETF and other SDOs Comprises 5 parts: Part 1 contains information about organizations working on ICT security standards Part 2 is a searchable database of existing security standards from 9 SDOs and consortia Part 3 lists (or links to) current projects and standards in development Part 4 identifies future needs and proposed new standards Part 5 lists security best practices Publicly available under Special Projects and Issues at: Need to establish a process for regular updating of the Roadmap

5 February 2010 Committed to Connecting the World 5 Collaboration on telecommunication information security management (Q.3/17 Telecommunications information security management) Close collaboration and liaison with JTC 1/SC 27/WG1 - Information security management systems (ISMS) Developing common Recommendations | International Standards ITU-T X.1051 | ISO/IEC 27011, Information security management guidelines for telecommunications organizations based on ISO/IEC (Published 2008) ITU-T X.isgf | ISO/IEC 27014, Information security governance framework (Currently under development as a joint project) Enhancing ISMS related documents in Q.3/17 Information security management guidelines for small and medium telecommunication organizations Information asset maintenance guidelines

6 February 2010 Committed to Connecting the World 6 Collaboration on cybersecurity information exchange (Q.4/17 Cybersecurity) Q.4/17 cybersecurity information exchange (CYBEX) links ISO/IEC JTC 1 SC 27/WG1 Information security management system requirements (ISO/IEC 27001) Information security management code of practice (ISO/IEC 27002) Information security governance (ISO/IEC 27014) Information security management for inter-sector and inter-organizational communication (ISO/IEC 27010) ISO/IEC JTC 1 SC 27/WG 3 Evaluation criteria for IT security, international common criteria project (ISO/IEC 15408, 18045) Protection profile registration procedures (ISO/IEC 15292) Security assessment of operational systems (ISO/IEC 19791) Responsible vulnerability disclosure (ISO/IEC 27047) ISO/IEC JTC 1 SC 27/WG 4 Cybersecurity (ISO/IEC 27032) Network security (ISO/IEC 27033) Application security (ISO/IEC 27034) Information security incident management (ISO/IEC 27035) Security of outsourcing (ISO/IEC 27036) Guidelines for digital evidence (ISO/IEC 27037) ISO/IEC JTC 1 SC 27/WG 5 Entity authentication assurance (ITU-T X.eaa | ISO/IEC 29115)

7 February 2010 Committed to Connecting the World 7 Collaboration on ubiquitous sensor network security (Q.6/17 Security aspects of ubiquitous telecommunication services) Close collaboration and liaison with JTC 1/SC 6/WG 7 - ubiquitous sensor network (USN) security Developing common Recommendations | International Standards ITU-T X.usnsec-1 | ISO/IEC CD 29180, Security framework for ubiquitous sensor network (Currently under development as a joint project) Advance authorization for Final Committee Draft ballot on ITU-T X.usnsec-1 | ISO/IEC CD in January 2010 JTC 1/SC 6/WG 7 meeting Further consideration for inclusion of joint works on Recommendations X.usnsec-2, Ubiquitous sensor network (USN) middleware security guidelines X.usnsec-3 Secure routing mechanisms for wireless sensor network

8 February 2010 Committed to Connecting the World 8 Collaboration on biometrics related technology (Q.9/17 Telebiometrics) ISO/IEC JTC 1/SC 37 Biometrics ISO/IEC JTC 1/SC 27 IT Security Techniques ITU-T/SG 17 WP 2/Q.9 Telebiometrics Vocabulary Biometrics data format Application interfaces Application profiles Testing scenario Biometric sample protection Biometric template protection Private information protection Threats & Countermeasures Data & System protection Authentication protocol for Biometrics applications in Telecommunication Biometric data used in e-health applications ISO TC 12 IEC TC 25 Quantities and Units

9 February 2010 Committed to Connecting the World 9 ITU-T RecommendationsCollaboration with ISO, IEC or ISO/IEC JTC1 Projects X.1083 BioAPI Interworking ProtocolJoint collaboration with ISO/IEC JTC1/SC37 (IS BioAPI Interworking Protocol) X.1086 Telebiometrics Protection Procedures - Part1: A Guideline to Technical and Managerial Countermeasures for Biometric Data Security Collaboration with ISO/IEC JTC1/SC27 (IS Security evaluation of biometrics) X.1089 Telebiometrics Authentication Infrastructure Collaboration with ISO/IEC JTC1/SC27 (IS Authentication context for biometrics) X.gep A guideline for evaluating telebiometric template protection techniques Collaboration with ISO/IEC JTC1/SC27 (IS Biometric template protection ) X.th1 Generic ASN.1 definitions for telebiometrics related to health communications. X.th2 to X.th6 Telebiometrics related to physics, chemistry, biology, culturology and psychology Collaboration with ISO TC 12 and IEC TC 25 Collaboration on biometrics related technology (Q.9/17 Telebiometrics)

10 February 2010 Committed to Connecting the World 10 Collaboration on identity management (Q.10/17 Identity management architecture and mechanisms) Collaboration with ITU-T SGs 2, 11, 13 and 16; ITU-D SG 1, ISO/IEC JTC 1 SCs 6, 27 and 37; IETF; ATIS; ETSI/TISPAN; OASIS; Kantara Initiative; OMA; NIST; 3GPP; 3GPP2, Eclipse; InCommon; PRIME; OpenID Foundation; Shibboleth; etc. Eclipse; InCommon; PRIME; OpenID Foundation; Shibboleth; etc. JCA-IdM designed to minimize duplication of coordinate IdM Standardization work by exchanging information about on- going projects. 7 meetings held during the period basic coordination tool is an IdM Roadmap that provides abstracts and relationships of IdM projects in major IdM SDO's, consortiums, and fora Significant progress has been made in developing a set of baseline IdM terms and definitions that were initiated by ITU-T SC 27 is a regular participant and contributor to the JCA-IdM

11 February 2010 Committed to Connecting the World 11 Collaboration on entity authentication assurance, X.eaa with ISO/IEC JTC 1/SC 27/WG 5 (Q.10/17) ITU-T X.eaa ISO/IEC th WD sessions held in September (ITU-T) and November 2009 (ISO/IEC JTC 1/SC 27) ITU-T proposed change in scope a proposal to establish a Collaborative Team with Terms of Reference (ToR) submitted to ISO/IEC JTC 1/SC 27/WG5 SC 27 accepted a 6th WD with a significantly changed format and new material. ToR were reviewed, modified and sent to the ISO national bodies. ToR should be approved in April 2010 In January 2010 the 6th WD, representing major improvements was sent to the ISO Secretariat for distribution to national bodies WG 5 requested a one year extension for ITU-T X.eaa ISO/IEC It is anticipated that with the establishment of the Collaborative Team, progress should improve

12 February 2010 Committed to Connecting the World 12 Collaboration on the Directory (Q.11/17 Directory services, Directory systems, and public- key/attribute certificates) Two Directory projects: ITU-T X.500-series | ISO/IEC 9594–All Parts ITU-T E Computerized directory assistance ITU-T X.500 | ISO/IEC 9594 in fruitful cooperation with ISO/IEC JTC 1/SC 6 X.500 is a specification for a highly secure, versatile and distributed directory The specification is under continuous enhancement support for RFID an important new work item ITU-T X.509 | ISO/IEC , the most important standard: Basis for eGovernment, eBusiness, etc. all over the world Is the base specification for many other groups (IETF PKIX, ETSI ESI, CA Browser Forum, etc.)

13 February 2010 Committed to Connecting the World Five main projects: Abstract Syntax Notation 1 (ASN.1) ASN.1 encoding rules Object identifiers Registration of tag-based applications and services The Object Identifier Resolution System ITU-T X.680-series | ISO/IEC 8824 in collaboration with ISO/IEC JTC 1/SC 6 (and earlier with SC 16) These are the base ASN.1 standards – a widely used notation for abstract syntax definition ITU-T X.690-series | ISO/IEC 8825 in collaboration with ISO/IEC JTC 1/SC 6 (and earlier with SC 16) Specification of encoding rules, including XML encodings for ASN.1 Collaboration on ASN.1 and Object Identifiers (Q.12/17 Abstract Syntax Notation One (ASN.1), Object Identifiers (OIDs) and associated registration)

14 February 2010 Committed to Connecting the World ITU-T X.660-series | ISO/IEC 9834 in collaboration with ISO/IEC JTC 1/SC 6 The Object Identifier Standards. OIDs form a major part of world-wide unambiguous identification schemes for security and other purposes ITU-T X.668 | ISO/IEC in collaboration with ISO/IEC JTC 1/SC 6 Registration of tag-based identification schemes ITU-T X.oid-res | ISO/IEC CD in collaboration with ISO/IEC JTC 1/SC 6 Provides for on-line access using DNS to multi-media information associated with and International OID node Collaboration on ASN.1 and Object Identifiers (Q.12/17 Abstract Syntax Notation One (ASN.1), Object Identifiers (OIDs) and associated registration)

15 February 2010 Committed to Connecting the World 15 Collaboration on formal languages (Q.13/17 Formal languages and telecommunication software) ODP Recommendations developed jointly with SC 7 are now in maintenance phase To some extent SDL overlaps the domain of JTC 1/SC 7 LOTOS and E-LOTOS, however (at least for telecommunications) SDL is more widely used. Work plan covers the UML profiles for SDL, MSC, URN and (possibly) Testing and Test Control Notation (TTCN). UML profiles integrate the ITU-T languages using UML as a framework. Thus (like JTC 1/SC 7) Q.13/17 has interest in OMG UML, though Q.13/17 uses OMG UML 2.n (not UML as in ISO/IEC 19501:2005). Q.13/17 has in its scope (though no work is planned): the CHILL programming language – Z.200, quality issues – Z.400 and Z.450, architecture – Z.600 and Z.601.

16 February 2010 Committed to Connecting the World ISO/IEC/ITU-T Strategic Advisory Group on Security Terms of reference To oversee standardization activities in ISO, IEC and ITU-T relevant to the field of security To provide advice and guidance to the ISO Technical Management Board, the IEC Standardization Management Board and the ITU-T Telecommunication Standardization Advisory Group (TSAG) relative to the coordination of work relevant to security, and in particular to identify areas where new standardization initiatives may be warranted To monitor the implementation of the recommendations of the SAG-S Web site: ITU-T SG 17 provides representatives to SAG-S 16

17 Committed to Connecting the World 17 February 2010 Summary ITU-T SG 17 has a long experience of collaboration with ISO, IEC TCs/SCs and JTC 1 SCs ITU-T SG 17 hosts collaborative meetings with SC 6 on ASN.1 and OID, Directory, ubiquitous sensor networks (USN) security (new). Collaborative meetings are planned with SC 27 on Entity Authentication assurance Details on collaboration are given at T/studygroups/com17/refdocs/relationships.html T/studygroups/com17/refdocs/relationships.html SG 17 is maintaining reference documents: Listing of common text and technically aligned Recommendations | International Standards Listing of common text and technically aligned Recommendations | International Standards Mapping between ISO/IEC Standards and ITU-T Recommendations Mapping between ISO/IEC Standards and ITU-T Recommendations


Download ppt "Committed to Connecting the World 1 February 2010 SG 17 input for a joint ITU-T | ISO/IEC JTC 1 leadership meeting (4-5 February 2010) Chairman: Arkadiy."

Similar presentations


Ads by Google