Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Information Security

ITU-T Activities on Security Greg Jones ITU Telecommunication Standardization Sector

advertisement 
International Telecommunication Union
ITU-T Activities
on Security
Greg Jones
ITU Telecommunication Standardization Sector
(ITU-T)
greg.jones@itu.int
ITU-T Seminar – Kasane 25 July 2002
ITU-T Study Groups
o
o
ITU-T
SG 2
SG 3
o
o
o
o
SG
SG
SG
SG
4
5
6
9
o
o
o
o
o
o
o
o
SG 11
SG 12
SG 13
SG 15
SG 16
SG17
SSG
TSAG
25 July 2002
Operational aspects of service provision, networks and performance
Tariff and accounting principles including related
telecommunications economic and policy issues
Telecommunication management, including TMN
Protection against electromagnetic environment effects
Outside plant
Integrated broadband cable networks and television and sound
transmission
Signalling requirements and protocols
End-to-end transmission performance of networks and terminals
Multi-protocol and IP-based networks and their internetworking
Optical and other transport networks
Multimedia services, systems and terminals
Data networks and software for Telecommunication
Special Study Group "IMT-2000 and beyond"
Telecommunication Standardization Advisory Group
2
Lead Study Groups
ITU-T
o
o
o
o
o
o
SG 2
SG 4
SG 9
SG 11
SG 12
SG 13
o SG 15
o SG 16
o SG17
o SSG
25 July 2002
Service definition, numbering and routing
TMN
Integrated broadband cable and television networks
Intelligent networks
Quality of Service and performance
IP related matters, B-ISDN, Global Information
Infrastructure and satellite matters
Access network transport and optical technology
Multimedia services, systems and terminals and on
e-business and e-commerce
Communication system security, frame relay,
languages and description techniques
IMT 2000 and beyond and for mobility
3
ITU-T
25 July 2002
Communication system
security
o WTSA & TSAG
• Request to all study groups to coordinate on
telecommunication reliability and security
o SG 17 – Coordination of ITU-T security studies
• X.509, X.842, X.843
o SG 16 – Multimedia services
• ETS – Emergency Telecommunication Services
o SG 13 – Network reliability
• Network requirements and capabilities to
support emergency services
o SG 2 – Service aspects
• Security requirements and incident handling
4
ITU-T SG 17 security focus
ITU-T
o Authentication (X.509/X.842/X.843)
• Public Key Infrastructure
o Security Management
• Risk assessment, identification of assets
and implementation characteristics
o Telebiometrics
• Telebiometric methods, devices and
solutions for security purposes
o Mobile Security
• For low power, small memory size and small
display devices
25 July 2002
5
Key studies in ITU-T SG 16
ITU-T
o Question G - “Multimedia Security”
o Secure H.323-based IP Telephony
o H.235 and associated security profiles
o H.248 Media Gateway Decomposition
Security
o Secure H.320 Audio/Video and T.120 Data
Conferencing
o Emergency Telecommunications Services
25 July 2002
6
Key studies in ITU-T SG 9
ITU-T
o IPCablecom project
• Interactive services over cable TV networks
using IP protocol
• ITU-T Rec. J.170
IPCablecom security specification
• Types of threat in IPCablecom:
•
•
•
•
25 July 2002
Network attacks
Theft of service
Eavesdropping
Denial of Service
7
Other studies in SG 2 and 13
ITU-T
o Draft new ITU-T Rec. E.sec.1 (SG 2)
• Telecommunication networks security
requirements
o Draft new ITU-T Rec. E.sec.2 (SG 2)
• Incident Organization and Security Incident
Handling (Guidelines)
• Guidelines on threats and countermeasures
o Draft new ITU-T Rec. Y.roec (SG 13)
• Network reliability
25 July 2002
8
Special Projects
ITU-T
25 July 2002
o
o
o
o
o
o
o
o
o
o
o
o
o
o
o
IMT-2000 Network Aspects (SSG)
Call Back (SG 3)
Accounting Rate Reform (SG 3)
TMN (SG 4)
IP Cablecom (SG 9)
Quality of service and performance (SG 12)
IP (SG 13)
Global Information Infrastructure (SG 13)
Access Networks (SG 15)
Optical Networks (SG 15)
Mediacom 2004 (SG 16)
JVT – Joint Video Team (SG 16)
E-commerce and E-business (SG 16)
ASN.1 & Language coordination (SG 17)
Communication system security (SG 17)
9
Key products
ITU-T
o Catalogue of ITU-T security
Recommendations
itu.int/itudoc/itu-t/com17/activity/cat003_ww9.doc
o Compendium of security terms
itu.int/itudoc/itu-t/com17/activity/def003.html
25 July 2002
10
security definitions
ITU-T
itu.int/ITU-T/studygroups/com17/cssecurity.html
o Example: Definitions of public-key
• 3.3.43/X.509
• (In a public key cryptosystem) that key
of a user’s key pair which is publicly
known.
• 3.3.11/X.810
• A key that is used with an asymmetric
cryptographic algorithm and that can be
made publicly available.
25 July 2002
11
ITU-T
Recommendations related to
communication systems
security
itu.int/ITU-T/studygroups/com17/cssecurity.html
o Example: ITU-T Rec. X.509
• Information technology - Open Systems
Interconnection - The directory: Public-key
and attribute certificate frameworks
(03/00 – version 4)
• This Recommendation defines a framework
for public-key certificates and attribute
certificates…
• Uses Abstract Syntax Notation 1 (ASN.1)
25 July 2002
12
ITU-T publications
ITU-T
o Recommendations
o WTSA Resolutions
o Appendices
o Supplements
o Handbooks
o Directives
o ITU Operational Bulletin
25 July 2002
13
ITU-T
Workshops and seminars
2002
o IPv6
Geneva, 6 May 2002
o Security
Seoul, Republic of Korea, 13-14 May 2002
o IMT-2000 and Systems Beyond
Ottawa, Canada, 28 May 2002
o IP/Optical
Chitose, Japan, 9-11 July 2002
o Workshop on Use of Description Techniques
Geneva, 23 November 2002
o Role of Satellites in IP-based and Multimedia
Networks and Services
Geneva, 9-11 December 2002
25 July 2002
14
Seoul, May 2002
ITU-T
o ITU-T Workshop on Security
13-14 May 2002
o Security World Expo 2002
15-18 May 2002 (www.secuexpo.com)
o ITU workshop - Creating trust in
critical network Infrastructures
20-22 May 2002
25 July 2002
15
Cooperation
ITU-T
o
o
o
o
A.4 – Communication with forums/consortia
A.5 – Organizations qualified for referencing
A.6 – Communication with SDOs
MoUs
• MoU ICANN Protocol Supporting Organization,
14 July 1999
• MoU between IEC, ISO, ITU and UN/ECE
Concerning Standardization in the Field of
Electronic Business, 24 March 2000
• MoU between ITU and ETSI, 14 June 2000
o Informal Forum summit
o “ITU-T and Forums” web page
25 July 2002
16
Security collaboration
ITU-T
o ISO/IEC JTC1  SC 6 & SC 27
o IETF
o OASIS
25 July 2002
17
ITU-T
Freely accessible web resources
itu.int/ITU-T/dbase
o ITU-T patent database
o International numbering resources
• itu.int/ITU-T/inr
o A.4, A.5 and A.6 recognized organizations
o Terms and definitions
o List of ITU-T Recommendations
o ITU-T Work programme
o ASN.1 module database – new
25 July 2002
18
ITU-T Databases on ITU-T
website
ITU-T
o
o
o
o
o
o
o
ASN.1 Module Database
ITU-T Patents Database
International Numbering Resources
Recognized SDOs for Recs. A.4, A.5 & A.6
Terms & Definitions Database
List of ITU-T Recommendations
ITU-T Work Programme Database
• ITU-T Work Programme Database Search
• Standardization Areas, Domains and their
Codes
25 July 2002
19
ITU-T
Ensuring global
interoperability
o Quality of Service (QOS)
o Numbering and routing
o Communication Systems Security
o Tariffs and Accounting rates
o Interworking
25 July 2002
20
International Telecommunication Union
Thank You!
ITU-T Contacts:
ITU-T Communication & promotion service:
Greg Jones - greg.jones@itu.int
ITU-T Study Group 17 Secretariat:
Georges Sebek – sebek@itu.int
ITU-T Seminar – Kasane 25 July 2002
Related documents
Document No ___ 21-22 May 2008 Original:________ TELECOMMUNICATION
Document No ___ 21-22 May 2008 Original:________ TELECOMMUNICATION
SE– x October 2012 English only Original: English
SE– x October 2012 English only Original: English
FG-FN TD/C-XXX F G O
FG-FN TD/C-XXX F G O
Download
advertisement