1 / 23

Arkadiy Kremer Chairman ITU-T Study Group 17

Session 2: Role of Standardization in Cybersecurity. Arkadiy Kremer Chairman ITU-T Study Group 17. ITU Open Forum on Cybersecurity, 6 December 2008.

klittle
Télécharger la présentation

Arkadiy Kremer Chairman ITU-T Study Group 17

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Session 2: Role of Standardization in Cybersecurity Arkadiy Kremer Chairman ITU-T Study Group 17

  2. ITU Open Forum on Cybersecurity, 6 December 2008 • “We have received a strong message from our members that ITU is, and will remain the world’s pre-eminent global telecommunication and ICT standards body. And we hear also, and very clearly, that ITU should continue on its mission to connect the world, and that bringing the standardization gap, by increasing developing country participation in our work, is an essential prerequisite to achieve this goal”. • Malcolm Johnson, TSB Director • (Closing speech at the WTSA-08)

  3. ITU Open Forum on Cybersecurity, 6 December 2008 • WSIS Action Line C5, Building confidence and security in use of ICTs • WTSA-08 Resolution 50, Cybersecurity – Resolves “that ITU-T continue to evaluate existing and evolving new Recommendations, and especially signaling and telecommunication protocol Recommendations, with respect to their robustness of design and potential for exploitation by malicious parties to interfere destructively with their deployment in the global information and telecommunication infrastructure”. • WTSA-08 Resolution 52, Countering and combating spam – Instructs ITU-T study groups “to continue collaboration with the relevant organizations (e.g., IETF), in order to continue developing, as a matter of urgency, technical Recommendations with a view to exchanging best practices and disseminating information through joint workshops, training sessions, etc.“ Strategic direction

  4. ITU Open Forum on Cybersecurity, 6 December 2008 • Plenipotentiary Resolution 130, Strengthening the role of ITU in building confidence and security in the use of information and communication technologies – Instructs Director of TSB to intensify work in study groups, address threats & vulnerabilities, collaborate, and share information • Plenipotentiary Resolution 149, Study of definitions and terminology relating to building confidence and security in the use of information and communication technologies - Instructs Council to study terminology • ITU Global Cybersecurity Agenda. Key work areas: Legal Measures, Technical and Procedural Measures, Organizational Structures, Capacity Building, International Cooperation. World renowned Group of High-Level Experts report to ITU Secretary General contains recommendations in each of the five areas Strategic direction (cont.)

  5. ITU Open Forum on Cybersecurity, 6 December 2008 • ISO/IEC/ITU-T Strategic Advisory Group Security • Oversees standardization activities in ISO, IEC and ITU-T relevant to security; provides advice and guidance relative to coordination of security work; and, in particular, identifies areas where new standardization initiatives may be warranted (portal established, workshops conducted) • Global Standards Collaboration • ITU and participating standards organizations exchange information on the progress of standards development in the different regions and collaborate in planning future standards development to gain synergy and to reduce duplication. GSC-13 resolutions concerning security include Cybersecurity (13/11), Identity Management (13/04), Network aspects of identification systems (13/03), Personally Identifiable Information protection (13/25). Coordination

  6. ITU Open Forum on Cybersecurity, 6 December 2008 • Study Group 17 is the lead study group in the ITU-T for security – responsible for: • Coordination of security work • Development of core Recommendations • Most of the other study groups have responsibilities for standardizing security aspects specific to their technologies (TMN security, IPCablecom security, NGN security, Multimedia security, etc.) ITU-T security activities

  7. ITU Open Forum on Cybersecurity, 6 December 2008 • Security Coordination • Within SG 17, with ITU-T SGs, with ITU-D and externally • Kept others informed - TSAG, IGF, ISO/IEC/ITU-T SAG-S… • Made presentations to workshops/seminars and to GSC • Maintained reference information on LSG security webpage • Security Compendium • Includes catalogs of approved security-related Recommendations and security definitions extracted from approved Recommendations • Security Standards Roadmap • Includes searchable database of approved ICT security standards from ITU-T and others (e.g., ISO/IEC, IETF, ETSI, IEEE, ATIS) • ITU-T Security Manual – assisted in its development SG 17 Security Project

  8. ITU Open Forum on Cybersecurity, 6 December 2008 • Strong ramp-up on developing core security Recommendations in SG 17 • 14 approved in 2007 • 27 approved in 2008 • 44 under development for approval next study period • Subjects include: • Architecture and Frameworks  Web services  Directory • Identity management  Risk management  Cybersecurity • Incident management  Mobile security  Countering spam • Security management  Secure applications  Telebiometrics • Ubiquitous Telecommunication services  SOA security • Ramping up on: • Multicast  Traceback  Ubiquitous sensor networks • Collaboration with others on many items Core Security Recommendations

  9. ITU Open Forum on Cybersecurity, 6 December 2008 ITU-T Recommendation X.1205 Overview of Cybersecurity Summary This Recommendation provides a definition for Cybersecurity. The Recommendation provides taxonomy of security threats from an organization point of view. Cybersecurity threats and vulnerabilities including the most common hacker’s tools of the trade are presented. Threats are discussed at various network layers. Various Cybersecurity technologies that are available to remedy the threats are discussed including: routers, firewalls, antivirus protection, intrusion detection systems, intrusion protection systems, secure computing and audit and monitoring. Network protection principles such as defence in depth, access management with application to Cybersecurity are discussed. Risk management strategies and techniques are discussed including the value of training and education in protecting the network. Examples for securing various network based on the discussed technologies are also discussed. Core Security Recommendations (cont.)

  10. ITU Open Forum on Cybersecurity, 6 December 2008 ITU-T Recommendation X.1206 A vendor-neutral framework for automatic notification of security related information and dissemination of updates Summary This Recommendation provides a framework for automatic notification of security related information and dissemination of updates. The key point of the framework is that it is a vendor-neutral framework. Once an Asset is registered, updates on vulnerabilities information and patches or updates can be automatically made available to the users or directly to applications regarding the Asset. Core Security Recommendations (cont.)

  11. ITU Open Forum on Cybersecurity, 6 December 2008 Recommendation ITU-T X.1207 Guidelines for telecommunication service providers for addressing the risk of spyware and potentially unwanted software Summary Recommendation ITU-T X.1207 provides guidelines for telecommunication service providers (TSPs) for addressing the risks of spyware and potentially unwanted software. This Recommendation promotes best practices around principles of clear notices and user's consents and controls for TSP web hosting services. This Recommendation develops and promotes best practices to users on personal computer (PC) security, including use of anti-spyware, anti-virus, personal firewall and security software updates on client systems. Core Security Recommendations (cont.)

  12. ITU Open Forum on Cybersecurity, 6 December 2008 ITU-T Recommendation X.1231 Technical Strategies on Countering Spam Summary This Recommendation emphasizes technical strategies on countering spam, and includes general characteristics of spam and main objectives of countering spam as well. Furthermore, recognizing that there is no single solution to resolve the spam problem, this Recommendation also provides a checklist to evaluate promising tools for countering Spam. Core Security Recommendations (cont.)

  13. ITU Open Forum on Cybersecurity, 6 December 2008 ITU-T Recommendation X.1240 Technologies involved in countering email spam Summary This Recommendation specifies basic concepts, characteristics, and effects of email spam, and technologies involved in countering email spam. It also introduces the current technical solutions and related activities from various standard development organizations and relevant organizations on countering email spam. It provides guidelines and information to the users who want to develop technical solutions on countering email spam. This Recommendation will be used as a basis for further development of technical Recommendations on countering email spam. Core Security Recommendations (cont.)

  14. ITU Open Forum on Cybersecurity, 6 December 2008 ITU-T Recommendation X.1241 Technical framework for countering email spam Summary This Recommendation provides a technical framework for countering email spam. The framework describes one recommended structure of an anti-spam Processing Domain, and defined function of major modules in it. The key point of the framework is that it establishes a mechanism to share information about email spam between different email servers. Systems follow the framework would improve efficiency through interconnection Core Security Recommendations (cont.)

  15. ITU Open Forum on Cybersecurity, 6 December 2008 Recommendation ITU-T X.1244 Overall aspects of countering spam in IP-based multimedia applications Summary This Recommendation specifies the basic concepts, characteristics, and technical issues related to countering spam in IP multimedia applications such as IP telephony, instant messaging, etc. The various types of IP multimedia application spam are categorized, and each categorized group is described according to its characteristics. This Recommendation describes various spam security threats that can cause IP multimedia application spam. There are various techniques developed to control the email spam which has become a social problem. Some of those techniques can be used in countering IP multimedia application spam. This Recommendation analyzes the conventional spam countering mechanisms and discusses their applicability to countering IP multimedia application spam. This Recommendation concludes by mentioning various aspects that should be considered in countering IP multimedia application spam. Core Security Recommendations (cont.)

  16. ITU Open Forum on Cybersecurity, 6 December 2008 • Networks are increasingly distributed, converged, and packet based where access to services can be based on identity contexts and roles and accessed anywhere, anytime. • Security and trust of identity information in this environment is significantly more complex. • Users may have multiple, context dependent “identities” • Network services may require different identity trust levels • Identity information is distributed throughout the network • Old methods of managing of identity information are inadequate, may limit services, and cause significant cybersecurity problems • Consequently, a new, robust set of secure and trusted capabilities is needed i.e IdM Identity Management

  17. ITU Open Forum on Cybersecurity, 6 December 2008 • Attach identity data to a person, device, or application. • Facilitate the secure storage, retrieval and secure exchange of identity data. • Provide significantly better identity lifecycle management. • Can allow user control of personally identifiable information (PII). IdM is a set of capabilities that

  18. ITU Open Forum on Cybersecurity, 6 December 2008 • Managing digital identities and personally identifiable information key aspect for improving security of networks and cyberspace • Effort jump started by IdM Focus Group which produced 6 substantial reports (265 pages) in 9 months • JCA-IdM and IdM-GSI established by TSAG in December 2007 • Main work is in SGs 17 and 13 • Intense work program, difficult • First IdM Recommendations determined under TAP: • X.1250, Capabilities for global identity management trust and interoperability • X.1251, A framework for user control of digital identity • Y.2720, NGN identity management framework • Many additional IdM Recommendations are under development • Working collaboratively with other key bodies including: ISO/IEC JTC 1/SC 27, Liberty Alliance, FIDIS, OASIS ITU-T work on IdM

  19. ITU Open Forum on Cybersecurity, 6 December 2008 • Addressing security to enhance trust and confidence of users in networks, applications and services • Balance between centralized and distributed efforts on developing security standards • Legal and regulatory aspects of cybersecurity, spam, identity/privacy • Address full cycle – vulnerabilities, threats and risk analysis; prevention; detection; response and mitigation; forensics; learning • Uniform definitions of cybersecurity terms and definitions • Effective cooperation and collaboration across the many bodies doing cybersecurity work – within the ITU and with external organizations • Keeping ICT security database up-to-date Challenges

  20. ITU Open Forum on Cybersecurity, 6 December 2008 • There are a number of standards in field of security of telecommunication and information security. But a standard is the real standard when it is used in real world applications. Business and governmental bodies need to learn more about standards from their business applications rather than from a technical point of view. • Report for the next IGF on the business use of the main security standards • Who does this standard effect? • Status and summary of standard. • Business benefits • Technologies involved • Technical implications Challenges (cont.)

  21. ITU Open Forum on Cybersecurity, 6 December 2008 • WTSA-08 Resolution 76, Studies related to conformance and interoperability testing, assistance to developing countries, and a possible future ITU mark programme • Interoperability of international telecommunication networks was the main reason to create ITU in the year 1865 • Conformance testing would increase the chance of interoperability of equipment conforming to ITU standards • Technical training and institutional capacity development for testing and certification are essential issues for countries to improve their conformity assessment processes, to promote the deployment of advanced telecommunication networks and to increase global connectivity • ITU-T study groups will develop the necessary conformance testing Recommendations as soon as possible • ITU-T Recommendations to address interoperability testing shall be progressed as quickly as possible Challenges (cont.)

  22. ITU Open Forum on Cybersecurity, 6 December 2008 • ITU Global Cybersecurity Agenda (GCA) http://www.itu.int/osg/csd/cybersecurity/gca/ • ITU-T Home page http://www.itu.int/ITU-T/ • Study Group 17 http://www.itu.int/ITU-T/studygroups/com17/index.asp • e-mail: tsbsg17@itu.int • LSG on Security http://www.itu.int/ITU-T/studygroups/com17/tel-security.html • Security Roadmap http://www.itu.int/ITU-T/studygroups/com17/ict/index.html • Security Manual http://www.itu.int/publ/T-HDB-SEC.03-2006/en • Cybersecurity Portal http://www.itu.int/cybersecurity/ • Cybersecurity Gateway http://www.itu.int/cybersecurity/gateway/index.html • ITU-T Recommendations http://www.itu.int/ITU-T/publications/recs.html • ITU-T Lighthouse http://www.itu.int/ITU-T/lighthouse/index.phtml • ITU-T Workshops http://www.itu.int/ITU-T/worksem/index.html Some useful web resources

  23. ITU Open Forum on Cybersecurity, 6 December 2008 Thank you! Arkadiy Kremer kremer@rans.ru

More Related