Title: ITU-T Activities on Security
1ITU-T Activitieson Security
- Greg Jones
- ITU Telecommunication Standardization Sector
(ITU-T) - greg.jones_at_itu.int
2ITU-T Study Groups
- SG 2 Operational aspects of service provision,
networks and performance - SG 3 Tariff and accounting principles including
related telecommunications economic and
policy issues - SG 4 Telecommunication management, including
TMN - SG 5 Protection against electromagnetic
environment effects - SG 6 Outside plant
- SG 9 Integrated broadband cable networks and
television and sound transmission - SG 11 Signalling requirements and protocols
- SG 12 End-to-end transmission performance of
networks and terminals - SG 13 Multi-protocol and IP-based networks and
their internetworking - SG 15 Optical and other transport networks
- SG 16 Multimedia services, systems and terminals
- SG17 Data networks and software for
Telecommunication - SSG Special Study Group "IMT-2000 and beyond"
- TSAG Telecommunication Standardization Advisory
Group
3Lead Study Groups
- SG 2 Service definition, numbering and routing
- SG 4 TMN
- SG 9 Integrated broadband cable and television
networks - SG 11 Intelligent networks
- SG 12 Quality of Service and performance
- SG 13 IP related matters, B-ISDN, Global
Information Infrastructure and satellite
matters - SG 15 Access network transport and optical
technology - SG 16 Multimedia services, systems and terminals
and on e-business and e-commerce - SG17 Communication system security, frame relay,
languages and description techniques - SSG IMT 2000 and beyond and for mobility
4Communication system security
- WTSA TSAG
- Request to all study groups to coordinate on
telecommunication reliability and security - SG 17 Coordination of ITU-T security studies
- X.509, X.842, X.843
- SG 16 Multimedia services
- ETS Emergency Telecommunication Services
- SG 13 Network reliability
- Network requirements and capabilities to support
emergency services - SG 2 Service aspects
- Security requirements and incident handling
5ITU-T SG 17 security focus
- Authentication (X.509/X.842/X.843)
- Public Key Infrastructure
- Security Management
- Risk assessment, identification of assets and
implementation characteristics - Telebiometrics
- Telebiometric methods, devices and solutions for
security purposes - Mobile Security
- For low power, small memory size and small
display devices
6Key studies in ITU-T SG 16
- Question G - Multimedia Security
- Secure H.323-based IP Telephony
- H.235 and associated security profiles
- H.248 Media Gateway Decomposition Security
- Secure H.320 Audio/Video and T.120 Data
Conferencing - Emergency Telecommunications Services
7Key studies in ITU-T SG 9
- IPCablecom project
- Interactive services over cable TV networks using
IP protocol - ITU-T Rec. J.170IPCablecom security
specification - Types of threat in IPCablecom
- Network attacks
- Theft of service
- Eavesdropping
- Denial of Service
8Other studies in SG 2 and 13
- Draft new ITU-T Rec. E.sec.1 (SG 2)
- Telecommunication networks security requirements
- Draft new ITU-T Rec. E.sec.2 (SG 2)
- Incident Organization and Security Incident
Handling (Guidelines) - Guidelines on threats and countermeasures
- Draft new ITU-T Rec. Y.roec (SG 13)
- Network reliability
9Special Projects
- IMT-2000 Network Aspects (SSG)
- Call Back (SG 3)
- Accounting Rate Reform (SG 3)
- TMN (SG 4)
- IP Cablecom (SG 9)
- Quality of service and performance (SG 12)
- IP (SG 13)
- Global Information Infrastructure (SG 13)
- Access Networks (SG 15)
- Optical Networks (SG 15)
- Mediacom 2004 (SG 16)
- JVT Joint Video Team (SG 16)
- E-commerce and E-business (SG 16)
- ASN.1 Language coordination (SG 17)
- Communication system security (SG 17)
10Key products
- Catalogue of ITU-T security Recommendations
- itu.int/itudoc/itu-t/com17/activity/cat003_ww9.doc
- Compendium of security terms
- itu.int/itudoc/itu-t/com17/activity/def003.html
11security definitions
itu.int/ITU-T/studygroups/com17/cssecurity.html
- Example Definitions of public-key
- 3.3.43/X.509
- (In a public key cryptosystem) that key of a
users key pair which is publicly known. - 3.3.11/X.810
- A key that is used with an asymmetric
cryptographic algorithm and that can be made
publicly available.
12Recommendations related to communication systems
security
itu.int/ITU-T/studygroups/com17/cssecurity.html
- Example ITU-T Rec. X.509
- Information technology - Open Systems
Interconnection - The directory Public-key and
attribute certificate frameworks (03/00 version
4) - This Recommendation defines a framework for
public-key certificates and attribute
certificates - Uses Abstract Syntax Notation 1 (ASN.1)
13ITU-T publications
- Recommendations
- WTSA Resolutions
- Appendices
- Supplements
- Handbooks
- Directives
- ITU Operational Bulletin
14Workshops and seminars2002
- IPv6Geneva, 6 May 2002
- SecuritySeoul, Republic of Korea, 13-14 May 2002
- IMT-2000 and Systems BeyondOttawa, Canada, 28
May 2002 - IP/OpticalChitose, Japan, 9-11 July 2002
- Workshop on Use of Description TechniquesGeneva,
23 November 2002 - Role of Satellites in IP-based and Multimedia
Networks and ServicesGeneva, 9-11 December 2002
15Seoul, May 2002
- ITU-T Workshop on Security13-14 May 2002
- Security World Expo 200215-18 May 2002
(www.secuexpo.com) - ITU workshop - Creating trust in critical network
Infrastructures20-22 May 2002
16Cooperation
- A.4 Communication with forums/consortia
- A.5 Organizations qualified for referencing
- A.6 Communication with SDOs
- MoUs
- MoU ICANN Protocol Supporting Organization, 14
July 1999 - MoU between IEC, ISO, ITU and UN/ECE Concerning
Standardization in the Field of Electronic
Business, 24 March 2000 - MoU between ITU and ETSI, 14 June 2000
- Informal Forum summit
- ITU-T and Forums web page
17Security collaboration
- ISO/IEC JTC1 ? SC 6 SC 27
- IETF
- OASIS
18Freely accessible web resources
itu.int/ITU-T/dbase
- ITU-T patent database
- International numbering resources
- itu.int/ITU-T/inr
- A.4, A.5 and A.6 recognized organizations
- Terms and definitions
- List of ITU-T Recommendations
- ITU-T Work programme
- ASN.1 module database new
19ITU-T Databases on ITU-T website
- ASN.1 Module Database
- ITU-T Patents Database
- International Numbering Resources
- Recognized SDOs for Recs. A.4, A.5 A.6
- Terms Definitions Database
- List of ITU-T Recommendations
- ITU-T Work Programme Database
- ITU-T Work Programme Database Search
- Standardization Areas, Domains and their Codes
20Ensuring global interoperability
- Quality of Service (QOS)
- Numbering and routing
- Communication Systems Security
- Tariffs and Accounting rates
- Interworking
21Thank You!
- ITU-T Contacts
- ITU-T Communication promotion service
- Greg Jones - greg.jones_at_itu.int
- ITU-T Study Group 17 Secretariat
- Georges Sebek sebek_at_itu.int