Add to collection(s) Add to saved
  1. Business
  2. Management

Arkadiy Kremer ITU-T Study Group 17 Security

advertisement 
ITU Workshop on “ICT Security Standardization
for Developing Countries”
(Geneva, Switzerland, 15-16 September 2014)
ITU-T Study Group 17
Security
Arkadiy Kremer
ITU-T SG17 chairman
kremer@rans.ru
Geneva, Switzerland, 15-16 September 2014
Strategic Goal of ITU-T*
To develop interoperable, nondiscriminatory international standards
(ITU-T Recommendations)
To assist in bridging the standardization
gap between developed and developing
countries
To extend and facilitate international
cooperation among international and
regional standardization bodies
*ITU Plenary Plenipotentiary Conference Resolution 71
Geneva, Switzerland, 15-16 September 2014
2
ITU-T Study Group 17, Security
Primary focus is to build confidence and
security in the use of Information and
Communication Technologies (ICTs)
cybersecurity, CYBEX,
cloud computing security,
identity management,
protection of PII,
PKI and PMI,
Information security
management,
countering spam,
security architecture,
security of applications,
telebiometrics,
Geneva, Switzerland, 15-16 September 2014
security of services for:
- the Internet of things,
- smart grid,
- mobile, smartphone,
- IPTV, home network
- web services,
- social network,
- mobile financial system,
- transportation systems,
also directory, OIDs,
technical languages
3
ITU-T Study Group 17, Security

Lead Study Group in ITU-T for:
Security

Identity management

Languages and description techniques
With responsibilities for the study of the
appropriate core Questions and to define and
maintain the overall framework and to
coordinate, assign and prioritize the studies with
others


Parent Study Group for two JCAs:
Identity management
 Child online protection
Joint Coordination Activities aim mainly at
improving
and planning.
Geneva, Switzerland,
15-16 Septembercoordination
2014

4
ITU-T Study Group 17, Security





Meets twice a year; last meeting had 145
participants
Responsible for 325 Recommendations, 20
Supplements and 3 Implementer’s Guides
76 new or revised Recommendations and
other texts are under development for
approval in September 2014 or later
Manual on Security in Telecommunications
and Information Technology provides a
broad introduction to the security work of
ITU-T. http://www.itu.int/pub/T-HDB-SEC.05-2011
Work organized into 5 Working Parties
with 12 Questions
Geneva, Switzerland, 15-16 September 2014
5
SG17, Security
WP 1/17
WP 2/17
WP 3/17
WP 4/17
WP 5/17
Fundamental
security
Network and
information
security
IdM + Cloud
computing
security
Application
security
Formal
languages
Q1/17
Q4/17
Q8/17
Q6/17
Q11/17
Telecom./ICT
security
coordination
Cybersecurity
Cloud
Computing
Security
Ubiquitous
services
Directory, PKI,
PMI, ASN.1,
OID, ODP, OSI
Q2/17
Q5/17
Q10/17
Q7/17
Q12/17
Security
architecture &
framework
Countering
spam
IdM
Secure
applications
services
Languages &
Testing
Q3/17
Information
security
management
Q9/17
Telebiometrics
Examples of SG17 Standards
Security
Rec. ITU-T X.509 – Public key and attribute
certificate frameworks
Rec. ITU-T X.805 – Security architecture for
systems providing end-to-end communications
Rec. ITU-T X.1037 – IPv6 technical security
guidelines
Rec. ITU-T X.1205 – Overview of Cybersecurity
Rec. ITU-T X.1303bis – Common alerting
protocol
Rec. ITU-T X.1500-series – Cybersecurity
Information exchange (CYBEX)
Geneva, Switzerland, 15-16 September 2014
7
Examples of SG17 Standards
Identity Management (IdM)
Rec. ITU-T X.1252 – Baseline identity
management terms and definitions
Rec. ITU-T X.1255 – Framework for discovery of
identity management information
Languages and description techniques
Rec. ITU-T X.660 - General procedures and top
arcs of the international object identifier tree
Rec. ITU-T X.680 – Abstract Syntax Notation One
Geneva, Switzerland, 15-16 September 2014
8
Standardization Challenges


The primary challenges are the time it
takes to develop a standard (compared to
the speed of technological change and the
emergence of new threats) and the
shortage of skilled and available resources.
We must work quickly to respond to the
rapidly-evolving technical and threat
environment but we must also ensure that
the standards we produce are given
sufficient consideration and review to
ensure that they are complete and
effective.
Geneva, Switzerland, 15-16 September 2014
9
Coordination with other bodies
ITU-T
Study Group 17
Security
ITU-D,
ITU-R,
10/93
Examples of Collaboration
With ISO/IEC JTC 1/SC 27:
EAAF: ITU-T X.1254 | ISO/IEC 29115
ISMS-T: ITU-T X.1051 | ISO/IEC 27011
With OASIS:
CAP: ITU-T X.1303bis | OASIS CAP v1.2
XACML: ITU-T X.1144 | OASIS XACML 3.0
With IETF:
IODEF: ITU-T X.1541 | IETF RFC 5070
RID: ITU-T X.1580 | IETF RFC 6545
Geneva, Switzerland, 15-16 September 2014
11
Examples of Collaboration
With ISO/IEC JTC 1/SC 6:
PKI: ITU-T X.509 | ISO/IEC 9594-8
USN: ITU-T X.1311 | ISO/IEC 29180
OID: ITU-T X.660 | ISO/IEC 9834-1
ASN.1: ITU-T X.680 | ISO/IEC 8824-1
With ETSI TC MTS:
TTCN-3: ITU-T Z.161 | ETSI ES 201873-1
With ISO/IEC JTC 1/SC 37:
BIO-API: ITU-T X.1083 | ISO/IEC 24708
Geneva, Switzerland, 15-16 September 2014
12
Collaboration
Study Group 17 has a strong record
of collaboration with other bodies.
We are interested in extending our
cooperation and collaboration with
other standards bodies in security
areas of common interest
We welcome identification of specific
topics for collaboration
Geneva, Switzerland, 15-16 September 2014
13
Developing Countries
We must recognize and respect the
differences in developing countries
respective environments: their telecom
infrastructures may be at different levels of
development from those of the developed
countries; their ability to participate in, and
contribute directly to the security standards
work may be limited by economic and other
considerations; and their needs and
priorities may be quite different
Geneva, Switzerland, 15-16 September 2014
14
Study Group 17
Geneva, Switzerland, 15-16 September 2014
* Average over last 7 meetings
15
Study Group 17 Leadership
25
20
15
Developing
Countries
Developed
Countries
10
5
0
2009-2012
Geneva, Switzerland, 15-16 September 2014
2013-2016
16
Summary
Study Group 17, with its strong
engagement of developing
countries, is pleased to
collaborate on ICT security
standardization with other bodies
in areas of common interest for
mutual benefit
Geneva, Switzerland, 15-16 September 2014
17
Reference links








Webpage for ITU-T Study Group 17
•
http://itu.int/ITU-T/studygroups/com17
Webpage on ICT security standard roadmap
•
http://itu.int/ITU-T/studygroups/com17/ict
Webpage for JCA on identity management
•
http://www.itu.int/en/ITU-T/jca/idm
Webpage for JCA on child online protection
•
http://www.itu.int/en/ITU-T/jca/COP
Webpage on lead study group on security
•
http://itu.int/en/ITU-T/studygroups/com17/Pages/telesecurity.aspx
Webpage on lead study group on identity management
•
http://itu.int/en/ITU-T/studygroups/com17/Pages/idm.aspx
Webpage on lead study group on languages and description techniques
•
http://itu.int/en/ITU-T/studygroups/com17/Pages/ldt.aspx
ITU Security Manual: Security in Telecommunications and Information
Technology
•
http://www.itu.int/pub/T-HDB-SEC.05-2011
Geneva, Switzerland, 15-16 September 2014
18
Related documents
Document No ___ 21-22 May 2008 Original:________ TELECOMMUNICATION
Document No ___ 21-22 May 2008 Original:________ TELECOMMUNICATION
SE– x October 2012 English only Original: English
SE– x October 2012 English only Original: English
ITU-T Workshop “Opportunities and Challenges in Home Networking” Abstract
ITU-T Workshop “Opportunities and Challenges in Home Networking” Abstract
FG-FN TD/C-XXX F G O
FG-FN TD/C-XXX F G O
Download
advertisement