NGN - Network Security

1
NGN - Network Security

• Art Reilly, Cisco
• ATIS GSC Delegation

2
Technology and OPerationS (TOPS)Council

• Established in 2002 by the ATIS Board
• Identifies and assesses industry's technical and
  operational initiatives of strategic importance,
  including its technical and operational
  priorities
• Reached consensus on the industry's 16 most
  critical priorities, including five deemed most
  critical.
• Network Security
• VoIP
• Data Interchange
• Mobile Wireless Service
• Wide Area Ethernet
• Established ATIS Board Focus Groups on each of
  the above

3
TOPS Network Security Focus Group

• The Focus Group (18 senior level members)
• Has examined the priority issues and, identified
  which standards bodies are addressing (or could
  address) these issues,
• Has developed a work-plan for the industry,
• Has set actions milestones and timelines, and
• Is facilitating relationships with standards
  organizations to coordinate deliverables for
  standards development.

4
Network Security Issues Overview

• Security and its relevant sub-issues have been
  categorized under 3 main topics
• Transport Issues SS7 Firewalls, Packet
  Filtering, Optical Control, and 802.11-related
  issues
• Application Issues Voice Application, Messaging,
  Firewall/NT Translation Transparency. There are
  two subcategories Signaling and Control, and
  Bearer Traffic.
• Overall Security Management Security Event
  Management and Attack Determination/Mitigation,
  Security Verification and Validation, and Element
  Management System Interface

5
Network Security Issues

• Overall Security Management
• Identifies the functions and information
  necessary to manage security-related services
• Provides an evolutionary path for security
  methodology (e.g. Event Management,
  Vulnerabilities, Security Verification
  Validation).
• Proposed Actions
• ATIS Committee T1M1 to develop a set of Security
  Operational Guidelines
• T1M1 existing standard (T1.276) could provide the
  foundation
• T1M1 to initiate standards development in 2Q04

6
Network Security Issues

• Firewall/NAT
• Opening and closing of holes in firewalls is a
  major security issue.
• Several approaches to dynamically negotiated
  ports were assessed.
• Proposed Actions
• ATIS will convene a symposium (3Q04) to discuss
  and agree on an approach for an interoperable
  protocol access control mechanism. Such a
  mechanism could result in cost savings, ease
  interworking of security systems, and improved
  user interfaces.
• ATIS will work with the IETF to accelerate the
  IETFs midcom work

7
Network Security Issues

• Messaging
• Defined as e-mail, instant messaging, short
  message (SMS), etc.
• A proliferation of messaging exists and, if
  triggered, becomes a security risk.
• Security related interoperability between various
  messaging systems
• Proposed Actions
• ATIS will facilitate an industry roundtable
  (3Q04) of communications service providers to
  determine
• What is considered acceptable behavior for
  electronic infrastructures?
• Mechanisms are necessary to instantiate the
  agreed to policies

8
Network Security Issues

• Lawful Intercept (LI)
• LI Security focuses on the prevention of
  unauthorized access and abuse of authorized
  access within the context of communications
  service providers support to CALEA.
• Current standards do not address how
  unauthorized access and abuse of authorized
  access will be prevented.
• Proposed Action
• ATIS Committee T1S1 to prepare a companion
  standard that addresses requirements necessary to
  comply.
• The Security Focus Group will prepare a
  contribution for T1S1 with inputs about
  developing an addendum to existing standard

9
Network Security Issues

• Next Steps
• Coordination between TOPS Focus Groups to ensure
  security-related issues are addressed.
• ATIS Board discussions with SDOs to establish
  timely deliverables related to all the priority
  security issues identified.
• Monitor the actions taken by SDOs