International Telecommunication Union ITU-T Seminar – Lisbon, 25 June 2002 ITU-T Activities ITU-T Activities on Security on Security Greg Jones ITU Telecommunication Standardization Sector (ITU-T) [email protected]
Mar 27, 2015
International Telecommunication Union
ITU-T Seminar – Lisbon, 25 June 2002
ITU-T ActivitiesITU-T Activitieson Securityon Security
Greg JonesITU Telecommunication Standardization
Sector (ITU-T)[email protected]
225 June 2002
ITU-T Seminar – Lisbon, 25 June 2002
ITU-ITU-TT
ITU-T Study Groups
o SG 2 Operational aspects of service provision, networks and performance
o SG 3 Tariff and accounting principles including related telecommunications economic and policy issues
o SG 4 Telecommunication management, including TMN o SG 5 Protection against electromagnetic environment effects o SG 6 Outside plant o SG 9 Integrated broadband cable networks and television and sound
transmission o SG 11 Signalling requirements and protocols o SG 12 End-to-end transmission performance of networks and terminals o SG 13 Multi-protocol and IP-based networks and their internetworking o SG 15 Optical and other transport networks o SG 16 Multimedia services, systems and terminals o SG17 Data networks and software for Telecommunicationo SSG Special Study Group "IMT-2000 and beyond" o TSAG Telecommunication Standardization Advisory Group
325 June 2002
ITU-T Seminar – Lisbon, 25 June 2002
ITU-ITU-TT
Lead Study Groups
o SG 2 Service definition, numbering and routing o SG 4 TMN o SG 9 Integrated broadband cable and television
networkso SG 11 Intelligent networks o SG 12 Quality of Service and performanceo SG 13 IP related matters, B-ISDN, Global Information
Infrastructure and satellite matterso SG 15 Access network transport and optical technologyo SG 16 Multimedia services, systems and terminals and on
e-business and e-commerceo SG17 Communication system security, frame relay,
languages and description techniqueso SSG IMT 2000 and beyond and for mobility
425 June 2002
ITU-T Seminar – Lisbon, 25 June 2002
ITU-ITU-TT
Communication system security
o WTSA & TSAG• Request to all study groups to coordinate on
telecommunication reliability and securityo SG 17 – Coordination of ITU-T security studies
• X.509, X.842, X.843o SG 16 – Multimedia services
• ETS – Emergency Telecommunication Serviceso SG 13 – Network reliability
• Network requirements and capabilities to support emergency services
o SG 2 – Service aspects• Security requirements and incident handling
525 June 2002
ITU-T Seminar – Lisbon, 25 June 2002
ITU-ITU-TT
ITU-T SG 17 security focus
o Authentication (X.509/X.842/X.843)• Public Key Infrastructure
o Security Management• Risk assessment, identification of assets
and implementation characteristics o Telebiometrics
• Telebiometric methods, devices and solutions for security purposes
o Mobile Security • For low power, small memory size and
small display devices
625 June 2002
ITU-T Seminar – Lisbon, 25 June 2002
ITU-ITU-TT
Key studies in ITU-T SG 16
o Question G - “Multimedia Security”o Secure H.323-based IP Telephonyo H.235 and associated security profileso H.248 Media Gateway Decomposition
Securityo Secure H.320 Audio/Video and T.120
Data Conferencingo Emergency Telecommunications
Services
725 June 2002
ITU-T Seminar – Lisbon, 25 June 2002
ITU-ITU-TT
Key studies in ITU-T SG 9
o IPCablecom project• Interactive services over cable TV
networks using IP protocol• ITU-T Rec. J.170
IPCablecom security specification• Types of threat in IPCablecom:
• Network attacks• Theft of service• Eavesdropping• Denial of Service
825 June 2002
ITU-T Seminar – Lisbon, 25 June 2002
ITU-ITU-TT
Other studies in SG 2 and 13
o Draft new ITU-T Rec. E.sec.1 (SG 2)• Telecommunication networks security
requirements
o Draft new ITU-T Rec. E.sec.2 (SG 2)• Incident Organisation and Security
Incident Handling (Guidelines)• Guidelines on threats and countermeasures
o Draft new ITU-T Rec. Y.roec (SG 13) • Network reliability
925 June 2002
ITU-T Seminar – Lisbon, 25 June 2002
ITU-ITU-TT
Special Projectso IMT-2000 Network Aspects (SSG)o Call Back (SG 3)o Accounting Rate Reform (SG 3)o TMN (SG 4)o IP Cablecom (SG 9)o Quality of service and performance (SG 12) o IP (SG 13)o Global Information Infrastructure (SG 13)o Access Networks (SG 15)o Optical Networks (SG 15)o Mediacom 2004 (SG 16)o JVT – Joint Video Team (SG 16)o E-commerce and E-business (SG 16)o ASN.1 & Language coordination (SG 17)o Communication system security (SG 17)
1025 June 2002
ITU-T Seminar – Lisbon, 25 June 2002
ITU-ITU-TT
Key products
o Catalogue of ITU-T security Recommendations• (see
www.itu.int/itudoc/itu-t/com17/activity/cat003_ww9.doc)
o Compendium of security terms• (see
www.itu.int/itudoc/itu-t/com17/activity/def003.html)
1125 June 2002
ITU-T Seminar – Lisbon, 25 June 2002
ITU-ITU-TT
security definitions
o Example: Definitions of public-key• 3.3.43/X.509
• (In a public key cryptosystem) that key of a user’s key pair which is publicly known.
• 3.3.11/X.810• A key that is used with an asymmetric
cryptographic algorithm and that can be made publicly available.
(See itu.int/ITU-T/studygroups/com17/cssecurity.html)
1225 June 2002
ITU-T Seminar – Lisbon, 25 June 2002
ITU-ITU-TT
Recommendations related to communication systems
security
o Example: ITU-T Rec. X.509• Information technology - Open Systems
Interconnection - The directory: Public-key and attribute certificate frameworks (03/00 – version 4)
• This Recommendation defines a framework for public-key certificates and attribute certificates…
• Uses Abstract Syntax Notation 1 (ASN.1)
(See itu.int/ITU-T/studygroups/com17/cssecurity.html)
1325 June 2002
ITU-T Seminar – Lisbon, 25 June 2002
ITU-ITU-TT
ITU-T publications
o Recommendationso WTSA Resolutionso Appendiceso Supplementso Handbookso Directiveso ITU Operational Bulletin
1425 June 2002
ITU-T Seminar – Lisbon, 25 June 2002
ITU-ITU-TT
Worshops and seminars planned
o IPv6Geneva, 6 May 2002
o SecuritySeoul, Republic of Korea, 13-14 May 2002
o IMT-2000 and Systems BeyondOttawa, Canada, 28 May 2002
o IP/OpticalChitose, Japan, 9-11 July 2002
o Workshop on Use of Description TechniquesGeneva, 23 November 2002
o Role of Satellites in IP-based and Multimedia Networks and ServicesGeneva, 9-11 December 2002
1525 June 2002
ITU-T Seminar – Lisbon, 25 June 2002
ITU-ITU-TT
Seoul, May 2002
o ITU-T Workshop on Security13-14 May 2002
o Security World Expo 200215-18 May 2002 (www.secuexpo.com)
o ITU workshop - Creating trust in critical network Infrastructures20-22 May 2002
1625 June 2002
ITU-T Seminar – Lisbon, 25 June 2002
ITU-ITU-TT
Cooperation
o A.4 – Communication with forums/consortiao A.5 – Organizations qualified for referencingo A.6 – Communication with SDOso MoUs
• MoU ICANN Protocol Supporting Organization, 14 July 1999
• MoU between IEC, ISO, ITU and UN/ECE Concerning Standardization in the Field of Electronic Business, 24 March 2000
• MoU between ITU and ETSI, 14 June 2000o Informal Forum summito “ITU-T and Forums” web page
1725 June 2002
ITU-T Seminar – Lisbon, 25 June 2002
ITU-ITU-TT
Security collaboration
o ISO/IEC JTC1 SC 6 & SC 27o IETFo OASIS
1825 June 2002
ITU-T Seminar – Lisbon, 25 June 2002
ITU-ITU-TT
Freely accessible web resources
o ITU-T patent databaseo International numbering resources
o A.4, A.5 and A.6 recognized
organizationso Terms and definitionso List of ITU-T Recommendationso ITU-T Work programmeo ASN.1 module database – new
1925 June 2002
ITU-T Seminar – Lisbon, 25 June 2002
ITU-ITU-TT
ITU-T Databases on ITU-T website
o ASN.1 Module Database o ITU-T Patents Databaseo International Numbering Resources o Recognized SDOs for Recs. A.4, A.5 & A.6 o Terms & Definitions Databaseo List of ITU-T Recommendationso ITU-T Work Programme Database
• ITU-T Work Programme Database Search• Standardization Areas, Domains and their
Codes
2025 June 2002
ITU-T Seminar – Lisbon, 25 June 2002
ITU-ITU-TT
Ensuring global interoperability
o Quality of Service (QOS)o Numbering and routingo Communication Systems Securityo Tariffs and Accounting rateso Interworking
International Telecommunication Union
ITU-T Seminar – Lisbon, 25 June 2002
Thank You!Thank You!
ITU-T Contacts:ITU-T Communication & promotion:
Greg Jones - [email protected] Androuchko -
[email protected] Study Group 17 Secretariat:Georges Sebek – [email protected]