1 / 18

ITU-T Study Group 17 Security

ITU Workshop on “ICT Security Standardization for Developing Countries” (Geneva, Switzerland, 15-16 September 2014). ITU-T Study Group 17 Security. Arkadiy Kremer ITU-T SG17 chairman kremer@rans.ru. Strategic Goal of ITU-T*.

bernieces
Télécharger la présentation

ITU-T Study Group 17 Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. ITU Workshop on “ICT Security Standardizationfor Developing Countries” (Geneva, Switzerland, 15-16 September 2014) ITU-T Study Group 17 Security Arkadiy Kremer ITU-T SG17 chairman kremer@rans.ru

  2. Strategic Goal of ITU-T* • To develop interoperable, non-discriminatory international standards (ITU-T Recommendations) • To assist in bridging the standardization gap between developed and developing countries • To extend and facilitate international cooperation among international and regional standardization bodies *ITU Plenary Plenipotentiary Conference Resolution 71

  3. ITU-T Study Group 17, Security Primary focus is to build confidence and security in the use of Information and Communication Technologies (ICTs) cybersecurity, CYBEX,cloud computing security, identity management, protection of PII,PKI and PMI, Information security management, countering spam, security architecture, security of applications, telebiometrics, security of services for: - the Internet of things,- smart grid, - mobile, smartphone, - IPTV, home network- web services, - social network, - mobile financial system,- transportation systems, also directory, OIDs, technical languages

  4. ITU-T Study Group 17, Security • Lead Study Group in ITU-T for: • Security • Identity management • Languages and description techniques With responsibilities for the study of the appropriate core Questions and to define and maintain the overall framework and to coordinate, assign and prioritize the studies with others • Parent Study Group for two JCAs: • Identity management • Child online protection Joint Coordination Activities aim mainly at improving coordination and planning.

  5. ITU-T Study Group 17, Security • Meets twice a year; last meeting had 145 participants • Responsible for 325 Recommendations, 20 Supplements and 3 Implementer’s Guides • 76 new or revised Recommendations and other texts are under development for approval in September 2014 or later • Manual on Security in Telecommunications and Information Technology provides a broad introduction to the security work of ITU-T. http://www.itu.int/pub/T-HDB-SEC.05-2011 • Work organized into 5 Working Parties with 12 Questions

  6. SG17, Security WP 3/17 IdM + Cloud computing security WP 2/17 Network and information security WP 4/17 Application security WP 5/17 Formal languages WP 1/17 Fundamental security Q8/17 Cloud Computing Security Q11/17 Directory, PKI, PMI, ASN.1, OID, ODP, OSI Q1/17 Telecom./ICT security coordination Q4/17 Cybersecurity Q6/17 Ubiquitousservices Q10/17 IdM Q2/17 Security architecture & framework Q5/17 Countering spam Q7/17 Secure applications services Q12/17 Languages & Testing Q9/17 Telebiometrics Q3/17 Information security management

  7. Examples of SG17 Standards • Security • Rec. ITU-T X.509 – Public key and attribute certificate frameworks • Rec. ITU-T X.805 – Security architecture for systems providing end-to-end communications • Rec. ITU-T X.1037 – IPv6 technical security guidelines • Rec. ITU-T X.1205 – Overview of Cybersecurity • Rec. ITU-T X.1303bis – Common alerting protocol • Rec. ITU-T X.1500-series – Cybersecurity Information exchange (CYBEX)

  8. Examples of SG17 Standards • Identity Management (IdM) • Rec. ITU-T X.1252 – Baseline identity management terms and definitions • Rec. ITU-T X.1255 – Framework for discovery of identity management information • Languages and description techniques • Rec. ITU-T X.660 - General procedures and top arcs of the international object identifier tree • Rec. ITU-T X.680 – Abstract Syntax Notation One

  9. Standardization Challenges • The primary challenges are the time it takes to develop a standard (compared to the speed of technological change and the emergence of new threats) and the shortage of skilled and available resources. • We must work quickly to respond to the rapidly-evolving technical and threat environment but we must also ensure that the standards we produce are given sufficient consideration and review to ensure that they are complete and effective.

  10. Coordination with other bodies ITU-TStudy Group 17Security ITU-D, ITU-R,

  11. Examples of Collaboration • With ISO/IEC JTC 1/SC 27: • EAAF: ITU-T X.1254 | ISO/IEC 29115 • ISMS-T: ITU-T X.1051 | ISO/IEC 27011 • With OASIS: • CAP: ITU-T X.1303bis | OASIS CAP v1.2 • XACML: ITU-T X.1144 | OASIS XACML 3.0 • With IETF: • IODEF: ITU-T X.1541 | IETF RFC 5070 • RID: ITU-T X.1580 | IETF RFC 6545

  12. Examples of Collaboration • With ISO/IEC JTC 1/SC 6: • PKI: ITU-T X.509 | ISO/IEC 9594-8 • USN: ITU-T X.1311 | ISO/IEC 29180 • OID: ITU-T X.660 | ISO/IEC 9834-1 • ASN.1: ITU-T X.680 | ISO/IEC 8824-1 • With ETSI TC MTS: • TTCN-3: ITU-T Z.161 | ETSI ES 201873-1 • With ISO/IEC JTC 1/SC 37: • BIO-API: ITU-T X.1083 | ISO/IEC 24708

  13. Collaboration Study Group 17 has a strong record of collaboration with other bodies. We are interested in extending our cooperation and collaboration with other standards bodies in security areas of common interest We welcome identification of specific topics for collaboration

  14. Developing Countries We must recognize and respect the differences in developing countries respective environments: their telecom infrastructures may be at different levels of development from those of the developed countries; their ability to participate in, and contribute directly to the security standards work may be limited by economic and other considerations; and their needs and priorities may be quite different

  15. Study Group 17 * Average over last 7 meetings

  16. Study Group 17 Leadership

  17. Summary Study Group 17, with its strong engagement of developing countries, is pleased to collaborate on ICT security standardization with other bodies in areas of common interest for mutual benefit

  18. Reference links • Webpage for ITU-T Study Group 17 • http://itu.int/ITU-T/studygroups/com17 • Webpage on ICT security standard roadmap • http://itu.int/ITU-T/studygroups/com17/ict • Webpage for JCA on identity management • http://www.itu.int/en/ITU-T/jca/idm • Webpage for JCA on child online protection • http://www.itu.int/en/ITU-T/jca/COP • Webpage on lead study group on security • http://itu.int/en/ITU-T/studygroups/com17/Pages/telesecurity.aspx • Webpage on lead study group on identity management • http://itu.int/en/ITU-T/studygroups/com17/Pages/idm.aspx • Webpage on lead study group on languages and description techniques • http://itu.int/en/ITU-T/studygroups/com17/Pages/ldt.aspx • ITU Security Manual: Security in Telecommunications and Information Technology • http://www.itu.int/pub/T-HDB-SEC.05-2011

More Related