1 / 9

Update on ETSI Cyber Security work

Update on ETSI Cyber Security work. Charles Brookson OCG Security Chairman Largely based on presentations given by Judith E. Y. Rossebø ETSI TISPAN WG7 Chairman Telenor R&I. Submission Date: June 27, 2008 . ETSI TISPAN WG7.

yamin
Télécharger la présentation

Update on ETSI Cyber Security work

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Update on ETSI Cyber Security work Charles Brookson OCG Security Chairman Largely based on presentations given by Judith E. Y. Rossebø ETSI TISPAN WG7 Chairman Telenor R&I Submission Date:June 27, 2008

  2. ETSI TISPAN WG7 • NGN concept: fixed-mobile network convergence to packet-switched technology delivering multimedia services • ETSI TISPAN is extending the 3GPP IMS concepts in designing NGN • TISPAN Working Group 7 is the NGN competence centre for security with a group of security experts standardizing NGN security www.tispan.org

  3. TISPAN NGN • ETSI TISPAN proposes an architecture basis consisting of a range of subsystems: • Access network attachment subsystem (NASS) • Resource and admission control sub-system (RACS) • PSTN-ISDN emulation subsystem (PES) • IP Multimedia Subsystem (IMS) (3GPP) • IPTV Subsystem • TISPAN is adopting standards from other bodies where appropriate • Aspects relating to common IMS are not standardized by TISPAN, but if identified shall be transferred to the responsibility of 3GPP TelecommunicationandInternetconvergedServicesandProtocolsforAdvancedNetworking

  4. 3GPP IMS TISPAN NGN Architecture

  5. TISPAN NGN R1 security: • NGN Security requirements (TS 187 001) • NGN eTVRA (TR 187 002) • Threat and risk analyses for specific NGN use cases • NGN Security architecture (TS 187 003) • NGN Lawful Interception functional entities, information flow and reference points (TS 187 005)

  6. TISPAN NGN R2 security (1/2): • NGN Security requirements (TS 187 001) • Builds on the R1 version of the TS • Defines also security requirements for IPTV, Business Communication, Media Security, Home Networking, and for countering UC • NGN eTVRA (TR 187 002) • Threat and risk analyses for specific NGN use cases such as NAT traversal, RACS, Media Security, and Unsolicited Communication; • NGN Security architecture (TS 187 003) • Work is ongoing on defining the security architecture for IPTV, Home Networking, FMC, Media Security, H.248, Corporate Networks • NGN Lawful Interception functional entities, information flow and reference points (TS 187 005) • Builds on the R1 version of the TR

  7. TISPAN NGN R2 security (2/2): • Generalized NAT traversal feasibility study (TR 187 007) • TB approved December, 2007 • Media security (TR 187 008) • Impact of unsolicited communication in the NGN • New work item on data retention and its impact on the NGN

  8. NGN Feasibility Studies Feed into TISPAN Core Security Documents:

  9. Topics for future work • TISPAN NGN security beyond Release 2 • IPTV security (enhancement of stage 2, definition of stage 3) • Adding UC prevention as a feature (stage 1, stage 2, stage 3) • Media security provisioning (stage 1, stage2) • Additional work on NAT-T (e.g. interaction with RACS, interaction with IPTV, security analysis of use of STUN) • Enhanced security for NASS, RACS • Security for CNG/CND (stage 1, stage 2, stage 3) • Implications for AGCF security • Security for NGCN • FMC (taking into account requirements of the FMCA) • Diameter and Radius AVP profiling • Application layer security on the NGN (e.g. TELCO 2.0) • Analyse the inter-relation between security features and architecture of the NGN (IPTV, NAT-T, NASS, RACS etc.) in terms of how to employ consistent security architecture and mechanisms • Develop general rules, patterns, and templates to ease the employment of the NGN in practice and to facilitate risk control

More Related