Presentation is loading. Please wait.

Presentation is loading. Please wait.

ITU-T activity in ICT security Dr. Jianyong Chen (Vice-Chairman, ITU-T SG17)

Similar presentations

Presentation on theme: "ITU-T activity in ICT security Dr. Jianyong Chen (Vice-Chairman, ITU-T SG17)"— Presentation transcript:


2 ITU-T activity in ICT security Dr. Jianyong Chen (Vice-Chairman, ITU-T SG17)

3 ITU-T activity and collaboration in ICT security ITU-T SG17 Security----leading study group on security – WP1 Network and information security Q. 1 Telecommunications systems security project Q. 2 Security architecture and framework Q. 3 Telecommunications information security management Q. 4 Cybersecurity Q. 5 Countering spam by technical means – WP2 Application security Q.6 Security aspects of ubiquitous telecommunication services Q. 7 Secure application services Q. 8 service oriented architecture security Q. 9 Telebiometrics – WP3 Identity management Q.10 Identity management architecture and mechanism Q. 11 Directory services, directory system, and public-key/attribute certificates Q. 12 Abstract syntax notation one (ASN.1), objective identifiers (OIDs) and associated registration – Other SGs SG13 Future network---Q.16 Security and identity management for NGN SG 16---multimedia security

4 Major accomplishment Security Infrastructure – Public key infrastructure (PKI) X.500 series (X. 509 etc.) – Telebiometrics X (framework, interworking protocol, biometric authentication protocol, biometric digital key and biometric data security, etc.) – Identity management X Baseline capabilities for enhanced global identity management trust and interoperability X A framework for user control of digital identity X Baseline identity management terms and definitions Y NGN identity management framework Y NGN identity management requirements and use cases

5 Major accomplishment Cybersecurity – X.1205Overview of cybersecurity X.1205 – X.1206A vendor-neutral framework for automatic notification of security related information and dissemination of updates X.1206 – X.1207Guidelines for telecommunication service providers for addressing the risk of spyware and potentially unwanted software X.1207 Countering spam – X.1231Technical strategies on countering spam X.1231 – X.1240Technologies involved in countering spam X.1240 – X.1241Technical framework for countering spam X.1241 – X.1242Short message service (SMS) spam filtering system based on user-specified rules X.1242 – X.1244Overall aspects of countering spam in IP-based multimedia applications X.1244

6 Major accomplishment Security framework – X.805Security architecture for systems providing end-to- end communications X.805 Security management – X.1051Information technology - Security techniques - Information security management guidelines for telecommunications organizations based on ISO/IEC X.1051 – X.1055Risk management and risk profile guidelines for telecommunication organizations X.1055 – X.1056Security incident management guidelines for telecommunications organizations X.1056

7 Major accomplishment IPTV security – X.1191Functional requirements and architecture for IPTV security aspects X.1191 Mobile security – X.1121 Framework of security technologies for mobile end-to-end data communications X.1121 – X.1122 Guideline for implementing secure mobile systems based on PKI X.1122 – X.1123 Differentiated security service for secure mobile end-to-end data communication X.1123 – X.1124 Authentication architecture for mobile end-to-end data communication X.1124 – X.1125 Correlative reacting system in mobile data communication X.1125 Secure application security – X.1143 Security architecture for message security in mobile web services X.1143 – X.1151 Guideline on secure password-based authentication protocol with key exchange X.1151 – X.1152 Secure end-to-end data communication techniques using trusted third party services X.1152 Peer-to-peer security – X.1161 Framework for secure peer-to-peer communications X.1161 – X.1162 Security architecture and operations for peer-to-peer networks X.1162 RFID/PII security – X.1171 Threats and requirements for protection of personally identifiable information in applications using tag-based identification X.1171

8 Future direction-Identity management Interoperability of identity management – X.giim, Generic IdM interoperability mechanisms – X.idm-ifa, Framework architecture for interoperable identity management systems – X.1250, Baseline capabilities for enhanced global identity management trust and interoperability Trust of identity management – X.authi, Authentication integration in IDM – X.EVcert, Extended validation certificate – X.eaa, Information technology – Security techniques – Entity authentication assurance – X. OITF, Open identity trust framework Discovery of of identity management information – X.discovery, Discovery of identity management information protection of personally identifiable information – X.1275, Guidelines on protection of personally identifiable information in the application of RFID technology – X.priva, Criteria for assessing the level of protection for personally identifiable information in identity management

9 Future direction--Cybersecurity Cybersecurity Information Exchange (CYBEX) – Facilitate standardized global exchange of vulnerability and incident information – making security measurable – X.sisfreqCapabilities and their context scenarios for cybersecurity information sharing and exchange X.cybexCybersecurity information exchange framework X.cveCommon Vulnerabilities and Exposures X.cvssCommon vulnerability scoring system X.gopwGuideline on preventing malicious code spreading in a data communication network X.alertingProcedures for the registration of arcs under the Alerting object identifier arc X.1205 Supplement 8 Draft Supplement to X.series Recommendation - ITU-T X.1205 – Supplement on best practices against botnet threats

10 Future direction-- Cloud computing security Recommendations in developing – X.srfctse, Security requirement and framework of cloud based telecommunication service environment – X.ccsec, Security guideline for cloud computing in telecommunication area PKI and identity management in cloud computing ITU-T Focus Group on Cloud Computing (FG-Cloud)

11 Future direction-- Ubiquitous network and service security Recommendations in developing – X.usnsec-1, Security framework for ubiquitous sensor network – X.usnsec-2, Ubiquitous sensor network (USN) middleware security guidelines – X.usnsec-3, Secure routing mechanisms for wireless sensor network M2M communication, Internet of things, etc.

12 Future direction– IPTV Recommendations in developing – X.iptvsec-2, Functional requirements and mechanisms for secure transcodable scheme of IPTV – X.iptvsec-3, Key management framework for secure IPTV services – X.iptvsec-4, Algorithm selection scheme for service and content protection (SCP) descrambling – X.iptvsec-5, Service and content protection (SCP) interoperability scheme – X.iptvsec-6, Framework for the downloadable service and content protection (SCP) system in mobile IPTV environment – X.iptvsec-7, Guidelines on criteria for selecting cyptographic algorthms for the IPTV service and content protection (SCP)

13 Future direction – Secure application security Recommendations in developing – X.websec-4, Security framework for enhanced web based telecommunication services X.websec-4 –, Management framework for one time password based authentication service –, The general framework of combined authentication on multiple identity service provider environment –, A guideline on anonymous authentication for e-commerce service – X.p2p-3, Security requirements and mechanisms of peer-to-peer-based telecommunication network X.p2p-3

14 Collaboration Webpage on ICT security standard roadmap – T/studygroups/com17/ict/index.html T/studygroups/com17/ict/index.html Webpage on ICT cybersecurity organizations – T/studygroups/com17/nfvo/index.html T/studygroups/com17/nfvo/index.html Joint coordination activity on various areas (e.g. JCA-IdM)

Download ppt "ITU-T activity in ICT security Dr. Jianyong Chen (Vice-Chairman, ITU-T SG17)"

Similar presentations

Ads by Google