International Telecommunication Union
ICT Security Standards
Roadmap: an Update
Mike Harrop
Rapporteur ITU-T, Study Group 17 Q4
3rd ETSI Security Workshop
15/16 January 2008 Sophia-Antipolis, France
Objective of Presentation
ITU-T
o To review the objectives and status of the ICT
Security Standards Roadmap
o To provide an update on progress made since the
last ETSI Security Workshop in January 2007
o To highlight next steps
Roadmap Objectives
ITU-T
o To assist in the development of security
standards by bringing together information about
existing standards and about work in progress
o To provide information that will help potential
users and other standards stakeholders to
understand what security standards are available
(or under development) and to provide
information about the organizations working on
these standards.
o To help identify gaps where standards are needed
Key developments over past year
ITU-T
o ENISA and NISSG joined ITU-T as partners in
developing the Roadmap
o Part 2 (Database of standards) was upgraded to a
searchable database (It was previously a flat file)
o Part 5 (Best Practices) was introduced and
initially populated.
Roadmap Structure
ITU-T
o Part 1 contains information about organizations
working on ICT security standards
o Part 2 is database of existing security standards
o Part 3 lists (or links to) current projects and
standards in development
o Part 4 identifies future needs and proposed new
standards
o Part 5 (new) provides pointers to non-proprietary
security best practices
Some Key Points
ITU-T
o Part 2 now includes ITU-T, ISO/IEC JTC1, ATIS, ETSI,
ENISA, IETF, IEEE and OASIS
o We have added ISO JTC1 SC37 biometrics standards
to the data base plus the Harmonized Biometric
Vocabulary to the Vocabulary section of Part 1.
o The database format allows organizations to manage
their own data
o The database allows searching by organization or by
topic (but full text parametric searching is not yet
available).
Next steps
ITU-T
o Upgrade database to full parametric
search
o Resolve questions and issues discovered
during the first updates to the database
Outstanding Issues/Challenges
ITU-T
o Taxonomy (always a challenge!)
o Finding out about new standards and when to
post them
o Appearance of the database
o Technical and process issues
o Need to develop a short guide to the update
process
Roadmap Access
ITU-T
o The Roadmap is available under on the ITU-T
SG17 page under Special Projects and Issues
o The direct URL is:
www.itu.int/ITU-T/studygroups/com17/ict/index.html
Some useful web resources
ITU-T
o
ITU-T Home page
www.itu.int/itu-t
o
Study Group 17
e-mail:
www.itu.int/itu-t/studygroups/com17
tsbsg17@itu.int
o
Recommendations
www.itu.int/ITU-T/publications/recs.html
o
ITU-T Lighthouse
www.itu.int/ITU-T/lighthouse
o
ITU-T Workshops
www.itu.int/ITU-T/worksem
o
Roadmap
o
Cybersecurity Portal
www.itu.int/ITU-T/studygroups/com17/ict/index.html
http://www.itu.int/cybersecurity
ITU-T
Thank you.
Any questions?