Presentation is loading. Please wait.

Presentation is loading. Please wait.

ETSI SECURITY WORK UPDATE Dr. Carmine Rizzo CISA, CISM, CMP, ITIL, PRINCE2 © ETSI 2015 All rights reserved ITU-T SG17 Meeting – 8 April 2015.

Published byDylan Hubert Lawson Modified over 8 years ago

Similar presentations

Presentation on theme: "ETSI SECURITY WORK UPDATE Dr. Carmine Rizzo CISA, CISM, CMP, ITIL, PRINCE2 © ETSI 2015 All rights reserved ITU-T SG17 Meeting – 8 April 2015."— Presentation transcript:

1 ETSI SECURITY WORK UPDATE Dr. Carmine Rizzo CISA, CISM, CMP, ITIL, PRINCE2 © ETSI 2015 All rights reserved ITU-T SG17 Meeting – 8 April 2015

2 ETSI: European roots, Global outreach 2 ETSI is a world-leading standards developing organization for Information and Communication Technologies (ICT) Founded initially to serve European needs, ETSI has become highly-respected as a producer of technical standards for worldwide use

3 ETSI: some facts 3 Created in 1988 Recognised ESO by the EU and EFTA ESO: European Standard Organisation EFTA: European Free Trade Association Independent, non for profit Governed by (worldwide) ETSI Members ETSI Members participate directly in the standardization process

4 Products & services 4 Technical specifications and standards with global application Support to industry and European regulation Specification & testing methodologies Interoperability testing

5 Membership 5 Over 800 companies, big and small, from 64 countries on 5 continents A powerful and dynamic mix of skills, resources and ambitions Manufacturers, network operators, service and content providers, national administrations, ministries, universities, research bodies, consultancies, user organizations

6 Innovations 6 Efficient and speedy standards-making Agreement by consensus !!! Free download of all our standards Electronic working to boost efficiency and reduce cost and environmental impact Quality certified to ISO 9001:2008

7 ETSI Clusters 7 http://www.etsi.org/technologies-clusters/clusters

8 Areas of security standardization Cyber Security Mobile/Wireless Comms (GSM/UMTS, TETRA, DECT…) Lawful Interception and Data Retention Electronic Signatures Smart Cards Machine-to-Machine (M2M) Methods for Testing and Specification (MTS) Emergency Communications / Public Safety RFID Intelligent Transport Systems Information Security Indicators Quantum Key Distribution (QKD) Quantum –Safe Cryptography (QSC) Algorithms In 3GPP 8

9 Major security work over the last year Maintenance of published deliverables In all areas as necessary New publications in various areas including: Electronic Signatures Intelligent Transport Systems Smart Cards Information Security Indicators New security algorithm UMTS authentication and key generation 9

10 Creation of new ETSI groups Creation in 2014 of TC CYBER Cybersecurity standardization Very active! Creation in 2015 of ISG QSC Quantum-Safe Cryptography 1 st meeting 24-26 March TC: Technical Committee ISG: Industry Specification Group 10

11 ETSI TC CYBER – Terms of Reference Cyber Security Standardization Security of infrastructures, devices, services and protocols Security advice, guidance and operational security requirements to users, manufacturers and network and infrastructure operators Security tools and techniques to ensure security Creation of security specifications and alignment with work done in other TCs and ISGs Coordinate work with external groups such as the CSCG with CEN, CENELEC, the NIS Platform and ENISA Collaborate with other SDOs (ISO, ITU, NIST, ANSI...) Answer to policy requests on Cyber Security and ICT security in broad sense

12 TC CYBER meetings TC CYBER met 3 times face-to-face Around 50 participants at each meeting Progress made on 9 documents Participating organizations Industry: Manufacturers, Operators, SMEs... Administrations European Commission ENISA Universities / Research Bodies Service Providers Micro Enterprises Consultancy

13 TC CYBER documents 9 open documents 8 Technical Reports 1 ETSI Guide Full scope of them all as annexes at the end of these slides TR 103 303, Protection measures for ICT in the context of Critical Infrastructure TR 103 304, PII Protection and Retention TR 103 305, Security Assurance by Default; Critical Security Controls for Effective Cyber Defence TR 103 306, Global Cyber Security Ecosystem TR 103 307, Security Aspects for LI and RD interfaces TR 103 308, A security baseline regarding LI for NFV and related platforms TR 103 309, Secure by Default adoption – platform security technology TR 103 331, Structured threat information sharing EG 203 310, Post Quantum Computing Impact on ICT Systems

14 Areas of work and related guidance Critical Infrastructure protection Guidance for the deployment of security technologies and security management to deliver and maintain effective Critical Infrastructures that are reliant on ICT technology Resilience, M2M/IoT security, eHealth security Structured threat information sharing Guidance for exchanging cyber threat information in a standardized and structured manner Provide technical indicators of adversary activity, contextual information, exploitation targets, and courses of action 14

15 Areas of work and related guidance Security assurance by design/default Guidance to detect, prevent, respond, and mitigate damage from the most common to the most advanced of cyber attacks Measures reflecting the combined knowledge of actual attacks and effective defenses Guidance to business decision makers for the development and adoption of secure by default platform security technologies - how they can be used to effectively solve real business problems, and improve the usability of secure services Encourage industry to adopt device hardware security features – show that there is a market need 15

16 Areas of work and related guidance Security for LI and RD interfaces Guidance to protect information flows and interfaces from a security perspective (confidentiality, integrity and authenticity) including implementation details (technologies, algorithms, options, minimum requirements on keys etc) in a context of provision of Lawful Interception (LI) and Retained Data (RD) functionalities LI in the NFV context Guidance related to the legal and physical challenges to ensure LI functionalities in a Network Functions Virtualization context Focus on the infrastructure of NFV rather than the functions themselves 16

17 Areas of work and related guidance Privacy measures Guidance for the protection and retention of PII (Personally Identifiable Information) Enable the secure portability of data transferred from one service provider to another Post quantum computing impact on ICT Review nature and vulnerabilities of security algorithms when subjected to quantum computing attacks Evaluate characteristics required of algorithms in order to be invulnerable under such attacks Global Cyber Security Ecosystem Constantly updated overview of cyber security work being undertaken in multiple forums worldwide 17

18 ISG QSC – Terms of Reference Identification of proposals from industry and academia for quantum safe cryptographic primitives, and the development of a framework for quantum safe algorithms High-level characterization of these primitives and assessment of their suitability with respect to the quantum safe requirements and applications Threat and risk assessment for real-world use cases Providing evidence of the need for new standards and technological guidance, and building related roadmap Dissemination of guidance and standards documents, and later maintenance of the standardized algorithms under the custodianship of the ETSI SC Security Algorithms Group of Experts (SAGE) Defining criteria for, and assessment of, the suitability of cryptographic primitives 18

19 ISG QSC (Quantum-Safe Cryptography) 1 st meeting held 24-26 March 2015 5 Group Specifications adopted: GS QSC 001, Quantum safe algorithmic framework GS QSC 002, Cryptographic primitive characterization GS QSC 003, Cryptographic primitive suitability assessment GS QSC 004, Quantum safe threat assessment GS QSC 005, Quantum safe standards assessment 19

20 20 Workshop, Technical Streams, Meetings Including TC CYBER#4 Meeting Workshop/Streams free and open to everyone TC CYBER meeting open to non ETSI Members upon invitation (see website to apply) Networking opportunity every day! Free lunches and networking cocktails www.etsi.org/securityweek Agendas and registrations Separate registrations to events Networking opportunities throughout the week Security Week Security Week (22-26 June 2015, ETSI)

21 Security Week Security Week (22-26 June 2015, ETSI) 21 M2M/IoT: Machine-to-Machine / Internet of Things ITS: Intelligent Transport Systems eIDAS: Electronic identification and trust services HF: Human Factors USER: User Group eHealth: Health ICT Separate registrations to events Networking opportunities throughout the week Mon 22Tue 23Wed 24Thu 25Fri 26 AMAM Workshop CYBER#4 ISI#23 eIDAS CYBER#4 PMPM Workshop Streams: M2M/IoT ITS eIDAS HF/USER/ eHealth CYBER#4 ISI#23 eIDAS CYBER#4

22 ETSI Security White Paper 22 Achievements and current work List of all security publications 6 th Edition published January 2014 7 th will be published before Security Week www.etsi.org/securitywhitepaper

23 Please keep in touch! Contact Details: carmine.rizzo@etsi.org Full scope of all TC CYBER documents to follow as annexes © ETSI 2015. All rights reserved 23 Thank you! Available for your questions ITU-T SG17 Meeting – 8 April 2015

24 TR 103 303, Protection measures for ICT in the context of Critical Infrastructure Scope: The critical infrastructure protection addressed in the EU’s published directive is essentially Power and Transport. It is clear to most casual observers that the global economic infrastructure is now composed of a huge set of ICT networks and services. It would not be a stretch to say that ICT capabilities now underpin all of the other critical infrastructures. This means food security, economic activity security, citizen safety and just about everything else. The purpose of the TR to be delivered by this work item is to identify the role of ICT protections through the deployment of security technologies and security management to deliver effective Critical Infrastructures that are reliant on ICT technology. The topics to be addressed by the work item include: Resilience (taking as input the ENISA reports on this topic and work from related national programmes); M2M communications (in close liaison with oneM2M and smartM2M); eHealth (in order to give assurance of access to ICT enabled eHealth systems). The report is intended to highlight aspects of CI and ICT that have to be addressed to ensure that CI maintains its infrastructure role.

25 TR 103 304, PII Protection and Retention Scope: Essentially different than any previous telco scenario where user data was accessible from network functional elements only, today even sensitive PII is directly accessible from terminals. Server-based data access control technologies are becoming less effective for PII protection. This new WI is intended to describe novel access control technologies that enable 1) data protection, based on policy rules, as soon as data leaves the boundary of terminal’s OS and 2) portability of protection settings when data moves from one service provider to another.

26 TR 103 305, Security Assurance by Default; Critical Security Controls for Effective Cyber Defence Scope: This Technical Report describes a specific set of technical measures available to detect, prevent, respond, and mitigate damage from the most common to the most advanced of cyber attacks developed and maintained by the Council of Cybersecurity. The measures reflect the combined knowledge of actual attacks and effective defenses.

27 TR 103 306, Global Cyber Security Ecosystem Scope: This proposed NWI provides a structured overview of cyber security work occurring in multiple other technical forums worldwide. The overview includes global identification of Cyber Security Centres of Excellence, heritage sites, historical collections, and reference libraries. It is intended to be continuously updated to account for the dynamics of the sector.

28 TR 103 307, Security Aspects for LI and RD interfaces Scope: It is envisaged that TC Cyber would assess the information flows and interfaces (as identified by TC LI) from a security (confidentiality, integrity and authenticity) perspective and provide guidance on the implementation details (technologies, algorithms, options, minimum requirements on keys etc).

29 TR 103 308, A security baseline regarding LI for NFV and related platforms Scope: The lawful interception capability is capable of being virtualised but the legal and physical challenges of doing so must be taken into account. The initial study is focused on the LI aspects. The challenge for both Lawful Interception and NFV as a community is that it is necessary to establish the fundamental security principles for generic platforms upon which the related groups can build. There is an urgent requirement to establish a minimum set of security principles for generic telecommunications platforms that will allow the virtualised network functions to utilise the features necessary to afford them appropriate protection and at the same time allow to undertake appropriate activities (LI, fraud management, cyber defense). Establishing such a baseline will help the industry as a whole to be better protected against Cyber threats. There is no overlap with other work e.g. SECAM – in fact the work is intended to be complementary. The focus of this work item is on the NFV infrastructure and not virtual network functions.

30 TR 103 309, Secure by Default adoption – platform security technology Scope: A proposed TR to describe the following: An approach to encourage development and adoption of 'secure by default' platform security technologies by showing how they can be used to effectively solve real business problems, and improve the usability of secure services. The intended audience is decision makers rather than engineering teams. These could be deciding which features to include in a new platform, or which are required as part of a procurement activity. We will first produce a structure for describing identified business requirements/issues for a particular set of users; detailing the characteristics required of possible solutions, and finally identifying existing or emerging standards which provide those characteristics. The last two activities require technical expertise, hence the production of this TR within TC-CYBER. A particular example is to identify challenges relating to end user devices for large organisations. Currently adoption of device hardware security features is low, despite widespread agreement within the technical community that they are needed. This example will aim to show that a market for these features does exist, and that a strong case can be made for organisations to actively seek them out.

31 TR 103 331, Structured threat information sharing Scope: This work item will produce a Technical Report on means for describing and exchanging cyber threat information in a standardized and structured manner. Such information includes include technical indicators of adversary activity, contextual information, exploitation targets, and courses of action.

32 EG 203 310, Post Quantum Computing Impact on ICT Systems Scope: The intent of the work item is to address business continuity arising from the concern that quantum computing is likely to invalidate the problems that lie at the heart of both RSA and ECC asymmetric cryptography. The current assumptions that underpin the security strength of RSA and ECC are that the solution to the prime factoring, and the discrete logarithm problems are infeasible without prior knowledge. It has been widely suggested that the application of quantum computing to these problems removes the assertion of infeasibility. Whilst it is not known when quantum computing will arrive or how long it will be until the factorisation and discrete logarithm problems are themselves solved the report will review the nature of the algorithms when subjected to QC attack and why they become vulnerable. In addition the report will highlight the characteristics required of algorithms in order to be invulnerable under QC attack. The report will consider a number of sub topics to be covered in considering the transition to the post- quantum era and they are not all algorithmic but many of the necessary considerations apply to business continuity. For example how to re-assert CAs in a PKI? How to distribute new algorithms? How to distribute new keys?

Download ppt "ETSI SECURITY WORK UPDATE Dr. Carmine Rizzo CISA, CISM, CMP, ITIL, PRINCE2 © ETSI 2015 All rights reserved ITU-T SG17 Meeting – 8 April 2015."

Similar presentations

Potential Smart Grid standardisation work in ETSI Security and privacy aspects Carmine Rizzo on behalf of Scott CADZOW, C3L © ETSI 2010. All rights reserved.

Potential Smart Grid standardisation work in ETSI Security and privacy aspects Carmine Rizzo on behalf of Scott CADZOW, C3L © ETSI All rights reserved.
Supporting National e-Health Roadmaps WHO-ITU-WB joint effort WSIS C7 e-Health Facilitation Meeting 13 th May 2010 Hani Eskandar ICT Applications, ITU.

Supporting National e-Health Roadmaps WHO-ITU-WB joint effort WSIS C7 e-Health Facilitation Meeting 13 th May 2010 Hani Eskandar ICT Applications, ITU.
NOTE: To change the image on this slide, select the picture and delete it. Then click the Pictures icon in the placeholde r to insert your own image. Cybersecurity.

NOTE: To change the image on this slide, select the picture and delete it. Then click the Pictures icon in the placeholde r to insert your own image. Cybersecurity.
High-Performance Computing

High-Performance Computing
SAFE Blueprint and the Security Ecosystem. 2 Chapter Topics  SAFE Blueprint Overview  Achieving the Balance  Defining Customer Expectations  Design.

SAFE Blueprint and the Security Ecosystem. 2 Chapter Topics  SAFE Blueprint Overview  Achieving the Balance  Defining Customer Expectations  Design.
DR MACIEJ JUNKIERT PRACOWNIA BADAŃ NAD TRADYCJĄ EUROPEJSKĄ Guide for Applicants.

DR MACIEJ JUNKIERT PRACOWNIA BADAŃ NAD TRADYCJĄ EUROPEJSKĄ Guide for Applicants.
Improving Cybersecurity Through Research & Innovation Dr. Steve Purser Head of Technical Competence Department European Network and Information Security.

Improving Cybersecurity Through Research & Innovation Dr. Steve Purser Head of Technical Competence Department European Network and Information Security.
Geneva, Switzerland, 15-16 September 2014 ETSI TC Cyber Charles Brookson Chairman ETSI TC Cyber Zeata Security Ltd and Azenby Ltd ITU.

Geneva, Switzerland, September 2014 ETSI TC Cyber Charles Brookson Chairman ETSI TC Cyber Zeata Security Ltd and Azenby Ltd ITU.
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
ITU-T Forum Geneva, 13 October 2014 Monica Ibido,

ITU-T Forum Geneva, 13 October 2014 Monica Ibido,
Geneva, Switzerland, 15-16 September 2014 ENISA role in ICT standardization Sławomir Górniak, ENISA ITU Workshop on “ICT.

Geneva, Switzerland, September 2014 ENISA role in ICT standardization Sławomir Górniak, ENISA ITU Workshop on “ICT.
Www.enisa.europa.eu European Union Agency for Network and Information Security Follow ENISA: ENISA and standards Sławomir Górniak European Union Agency.

European Union Agency for Network and Information Security Follow ENISA: ENISA and standards Sławomir Górniak European Union Agency.
Standards for Shared ICT Jeju, 13 – 16 May 2013 Gale Lightfoot Senior Staff Program Manager, Office of the CTO, SPB Cisco ATIS Cybersecurity Standards.

Standards for Shared ICT Jeju, 13 – 16 May 2013 Gale Lightfoot Senior Staff Program Manager, Office of the CTO, SPB Cisco ATIS Cybersecurity Standards.
Opportunities & Implications for Turkish Organisations & Projects

Opportunities & Implications for Turkish Organisations & Projects
Resiliency Rules: 7 Steps for Critical Infrastructure Protection.

Resiliency Rules: 7 Steps for Critical Infrastructure Protection.
A Common Immigration Policy for Europe Principles, actions and tools June 2008.

A Common Immigration Policy for Europe Principles, actions and tools June 2008.
Giandonato CAGGIANO ENISA MANAGEMENT BOARD REPRESENTATIVE LEGAL ADVISER ON EUROPEAN AFFAIRS OF THE MINISTRY OF COMMUNICATIONS U. OF ROMA TRE LAW FACULTY.

Giandonato CAGGIANO ENISA MANAGEMENT BOARD REPRESENTATIVE LEGAL ADVISER ON EUROPEAN AFFAIRS OF THE MINISTRY OF COMMUNICATIONS U. OF ROMA TRE LAW FACULTY.
1 ENISA’s contribution to the development of Network and Information Security within the Community By Andrea PIROTTI Executive Director ENISA Cyprus, 28.

1 ENISA’s contribution to the development of Network and Information Security within the Community By Andrea PIROTTI Executive Director ENISA Cyprus, 28.
PRESENTATION OF ETSI © ETSI 2014. All rights reserved Sophia Antipolis, 22 May 2014 Luis Jorge Romero Director General, ETSI.

PRESENTATION OF ETSI © ETSI All rights reserved Sophia Antipolis, 22 May 2014 Luis Jorge Romero Director General, ETSI.
Jeju, 13 – 16 May 2013Standards for Shared ICT CYBERSECURITY-RELATED STANDARDS ACTIVITY IN THE TELECOMMUNICATIONS INDUSTRY ASSOCIATION Eric Barnhart, Fellow.

Jeju, 13 – 16 May 2013Standards for Shared ICT CYBERSECURITY-RELATED STANDARDS ACTIVITY IN THE TELECOMMUNICATIONS INDUSTRY ASSOCIATION Eric Barnhart, Fellow.

Similar presentations

Ads by Google