ATIS Cybersecurity DOCUMENT #: GSC13-GTSC6-12

advertisement
DOCUMENT #:
GSC13-GTSC6-12
FOR:
Presentation
SOURCE:
ATIS
AGENDA ITEM:
GTSC; 4.2
CONTACT(S):
Art Reilly (arreilly@cisco.com)
ATIS
Cybersecurity
Submission Date:
July 1, 2008
Highlight of Current Activities (1)
ATIS Packet Technologies and Systems Committee (PTSC)
• Completed:
– UNI and NNI signalling security standards
– NNI testing standard
• Finalized:
– UNI testing Standard
• Require all standards support logging to facilitate creation of
incident reports
• Focus is now on other security related topics that will ensure
robust signalling and communications standards and network
implementations that will provide adequate protection in the
current cyber security environment:
– NGN Authentication
– Security mechanisms
– Certificate Management
2
Highlight of Current Activities (2)
• Focus is on specifying security considerations for Layers 1
through 5 for NNIs on a per service basis
– Generation of templates will:
•
•
•
•
Facilitate interconnection negotiations
Enable adequate security to be provided
Identify options available
Facilitate interoperability
ATIS Network Performance, Reliability and Quality of Service
Committee (PRQC)
• Issue A029, Establishment of an ATIS Security Baseline
– Technical Report: Information & Communications Security for NGN
Converged Services IP Networks and Infrastructure
• PRQC-SEC’s major work item completed in 2007
• Developed jointly in Ad-Hoc Group with TMOC and PTSC participants
• TR defines applicability of existing security related standards, best practices,
regulations, and identifies gaps within industry specifications
• 220 pages containing extensive data on communications and information security
3
Strategic Direction
ATIS PTSC is focusing on:
– Creation of a suite of security standards that well facilitate secure
interconnection of:
• transport facilities
• signalling facilities
• services
• ATIS PTSC is not focusing on:
– Security Mechanisms for Messaging Applications
– Tracking
• ATIS is looking to ITU-T SG 17 and other Study Groups to
address the messaging and tracking areas
4
Challenges
• SIP security solutions are tailored to be end to end. Link by link
security solutions do not provide the same level of security.
• SIP/SIPPING/SIMPLE/etc. RFCs have well written security
sections that are not fully implemented in vendor products.
• Security solutions have an impact on delay and performance.
5
Next Steps/Actions
• The PTSC will continue on its current path generating a complete
suite of standards that can be used to facilitate interconnection
negotiations and result in interconnection scenarios that are
secure.
• PRQC will continue to address:
– Standards extending work outlined in the TR
– Impact of Security on QOS Performance in Next Generation
Networks
• Document potential QoS degradations associated with security
mechanisms
• Identify potential security problems associated with QoS mechanisms
– User-Network Interface (UNI) User Plane Security Standard
6
Proposed Resolution
• The text of the current Resolution on cybersecurity, i.e.,
Resolution GSC-12/19: (GTSC) Cybersecurity (Revised), is still
appropriate and no modifications are called for at this time.
7
Supplemental Slides
8
Supplemental Slides
•
•
•
•
•
•
•
•
•
•
•
•
•
PTSC Issues may be found at: http://www.atis.org/0191/issues.asp
PTSC Active Issues which have a security component are:
Issue # Title
S0027
IP Device (SIP UA) to Network Interface Standard
S0033
End to End User Authentication and Signaling Security
S0046
ATIS NGN Security Requirements
S0050
VoIP (SIP) UNI Testing Framework
S0052
UNI Terminal Adapter Requirements
S0053
UNI Configuration
S0055
Security Mechanisms
S0061
Certificate Management
S0063
ATIS ETS Authentication
S0065
Enterprise Network Support in NGN
9
Download