ATIS Cybersecurity Art Reilly, Cisco Global Standards Collaboration (GSC) 14

advertisement
Global Standards Collaboration (GSC) 14
DOCUMENT #:
GSC14-GTSC7-012
FOR:
Presentation
SOURCE:
ATIS
AGENDA ITEM:
GTSC7; 4.2
CONTACT(S):
Art Reilly (arreilly@cisco.com)
ATIS Cybersecurity
Art Reilly, Cisco
Geneva, 13-16 July 2009
Fostering worldwide interoperability
Highlight of Current Activities (1)
ATIS’ Packet Technologies and
Systems Committee (PTSC)
Completed:
UNI and NNI signalling security standards
UNI and NNI testing standards
Encourages interfaces to support logging,
thereby facilitating the creation of incident
reports
Geneva, 13-16 July 2009
Fostering worldwide interoperability
2
Highlight of Current Activities (2)
PTSC continues to focus on securityrelated topics that will ensure robust
signalling and communications standards
and network implementations that will
provide adequate protection and support
for multimedia and emergency services in
the current cybersecurity environment:
Authentication
Security Mechanisms
Location
Identity Management
Certificate Management
PTSC has also initiated an activity which
will define interconnection test suites
Geneva, 13-16 July 2009
Fostering worldwide interoperability
3
Highlight of Current Activities (3)
PTSC’s focus is on specifying security
considerations for Layers 1 through 5 for
UNIs, NNIs and SNIs
Generation of templates will:
Attempt to limit number of available
interconnection options, without
compromising the desired flexibility in
implementing the services, thereby
facilitating interoperability
Facilitate interconnection negotiations
Ensure adequate security will be provided
Geneva, 13-16 July 2009
Fostering worldwide interoperability
4
Highlight of Current Activities (4)
ATIS’ Network Performance, Reliability, and
QoS Committee (PRQC)
Approved User-Network Interface (UNI) Media
Plane Security Standard for Evolving
VoIP/Multimedia Networks (ATIS-0100024.2009)
Currently working on Standard for Media Plane
Performance Security Impairments Standard for
Evolving VoIP/Multimedia Networks (Issue A035)
Document potential QoS degradations associated
with security mechanisms
Identify potential security problems associated with
QoS mechanisms
Current/Future work:
Development of Standards extending from the work
outlined in ATIS-0100014, Information &
Communications Security for NGN Converged
Services IP Networks and Infrastructure
Geneva, 13-16 July 2009
Fostering worldwide interoperability
5
Highlight of Current Activities (5)
ATIS’ Telecom Management and
Operations Committee (TMOC)
Recently completed work:
ATIS-0300074.2009, Guidelines and Requirements
for Security Management Systems
Includes an ATIS TMOC proforma requirements
statement for security aligning with ITU-T M.3410
TMOC will continue to address:
Management aspects of security, especially
concerning NGN Carrier Interconnection
arrangements and VoIP Registry Database
Provisioning
Geneva, 13-16 July 2009
Fostering worldwide interoperability
6
Strategic Direction
ATIS continues to develop a suite of security
standards that well facilitate secure
interconnection of:
transport facilities
signalling facilities
services
ATIS is not focusing on:
Security Mechanisms for Messaging Applications
Tracking
ATIS is looking to ITU-T to address the
messaging and tracking areas in the short term.
If ITU-T does not address this subject, ATIS may
reconsider work in this area.
Geneva, 13-16 July 2009
Fostering worldwide interoperability
7
Challenges
SIP security solutions are tailored to be
end to end.
SIP/SIPPING/SIMPLE/etc. RFCs have well
written security sections that are not fully
implemented in vendor products.
Security solutions have an impact on delay
and performance.
Availability of ITU-T Recommendations
which can be used to facilitate secure
transport and service interconnection.
Geneva, 13-16 July 2009
Fostering worldwide interoperability
8
Next Steps/Actions
ATIS will continue on its current path of
generating a complete suite of standards that can
be used to facilitate interconnection negotiations
and result in interconnection scenarios that are
secure.
Geneva, 13-16 July 2009
Fostering worldwide interoperability
9
Proposed Resolution
Continued support for GSC-13 Security Related
Resolutions:
Resolution GSC-13/4 - Identity Management
Resolution GSC-13/11 - Cybersecurity
Resolution GSC-13/25 - Personally Identifiable
Information Protection
Geneva, 13-16 July 2009
Fostering worldwide interoperability
10
Supplemental Slides
Geneva, 13-16 July 2009
Fostering worldwide interoperability
11
Supplemental Slides
PTSC Issues may be found at: http://www.atis.org/0191/issues.asp
PTSC Active Issues which have a security component are:
Issue # Title
S0033
End to End User Authentication and Signaling Security
S0051
ATIS NGN Identity Management Requirements
S0052
UNI Terminal Adapter Requirements
S0053
UNI Configuration
S0055
Security Mechanisms
S0058
ATIS NGN Identity Management Framework
S0059
ATIS NGN Identity Management Use Cases
S0060
ATIS NGN Identity Management Mechanisms
S0061
Certificate Management
S0063
ATIS ETS Authentication
S0065
Enterprise Network Support in NGN
S0073
Security Guidelines for DBF Interface
S0074
Security Guidelines for Carrier Interconnection (NNI)
Geneva, 13-16 July 2009
Fostering worldwide interoperability
12
Supplemental Slides
PRQC Issues may be found at: http://www.atis.org/0010/issues.asp
PRQC Active Issues which have a security component are:
Issue # Title
A0010
User Plane Security Requirements in NGNs
A0014
Network-Network Interface (NNI) User Plane Security
A0019
ETS Authentication in Multiple IP-based Service Domains
A0029
Establishment of an ATIS Security Baseline
A0035
Impact of Security on QOS Performance in NGNs
A0045
Service-specific Security Mechanism Implementation
Options
Geneva, 13-16 July 2009
Fostering worldwide interoperability
13
Download