ITU-T Study Group 17 Security

1
ITU-T Study Group 17Security

• Arkadiy Kremer

2
Contents

• Terms of reference
• Future perspective of SG17
• Conclusions
• ___________________________________
• Supplemental slides
• Management team
• Structure
• Leadership for other groups (JCAs and FGs)
• Highlights of achievements / Projects
• Highlights of WP1, WP2, WP3, projects
• Statistics
• Workshops (with SG17 leadership / participation)
• Acknowledgements

3
Terms of Reference

• Current Responsible for studies relating to
  security including cybersecurity, countering spam
  and identity management. Also responsible for the
  application of open system communications
  including directory and object identifiers, and
  for technical languages, the method for their
  usage and other issues related to the software
  aspects of telecommunication systems.
• Future perspective Responsible for building
  confidence and security in the use of Information
  and Communication Technologies (ICTs). This
  includes studies relating to cybersecurity,
  security management, countering spam and identity
  management. It also includes security
  architecture and framework, protection of
  personally identifiable information, and security
  of applications and services for the Internet of
  Things, smart grid, smartphone, IPTV, web
  services, social network, cloud computing, mobile
  financial system, and telebiometrics. Also
  responsible for the application of open system
  communications including directory and object
  identifiers, and for technical languages, the
  method for their usage and other issues related
  to the software aspects of telecommunication
  systems, and for conformance testing to improve
  quality of Recommendations.

4
Future Perspective of SG17 (I)ICT security -
Cloud computing security Cybersecurity

• SG17s work on security has had continued and
  remarkable growth throughout this study period
  resulting in a centre of excellence a core
  competency in security.
• Cybersecurity is one of the top priorities of the
  ITU, it is critical that this centre of security
  competence in ITU-T be nurtured and enhanced, and
  not fragmented.
• SG17 pioneered cloud computing security within
  ITU-T and takes a leading role for cloud
  computing security.Keep Q.H/17 as competence
  centre on cloud computing security within SG17
  continue coordinating with SG13 on cloud
  computing (via JCA-Cloud).

5
Future Perspective of SG17 (II)ICT
securityInformation Security Management
Identity Management

• The work on security in SG17 (including generic
  security architecture, mechanisms and management
  guidelines for heterogeneous networks/systems/serv
  ices) needs to be continued and there needs to be
  a lead study group for security to coordinate
  within the ITU and with other SDOs.
• new emerging security technologies such as cloud
  computing, smart grid, intelligent transportation
  systems, Internet-of-Things, IPTV security, IPv6
  security, technical measures to protect the
  personally identifiable information (PII) of
  citizens as well as technical measures to protect
  children online all demand new approaches to
  security and novel security concepts to
  adequately address the inherent the crucial
  security threats in those technologies
• IdM plays such a critical role in building
  confidence and security in the use of ICTs, it is
  essential that this work be integral to the ITU-T
  security centre of competence, including being
  the lead study group for this issue to coordinate
  within ITU and with other SDOs.

6
Future Perspective of SG17 (III)Questions
Structure LSG Projects - JCAs

• SG17 proposed 12 Questions for the next study
  period.All Questions continue with two
  consolidations
• R/17 Generic technologies to support secure
  applications (Continuation of Q11/17, Q12/17,
  Q15/17 and ODP part of Q13/17) shall remain in
  SG17.
• S/17 Formal languages for telecommunication
  software and testing (Continuation of Q14/17 and
  part of Q13/17).? Testing methodologies and
  JCA-CIT should stay within SG17Q14/17 has close
  links to the other language Questions and is
  independent of any particular application
  domain.Formal languages portion of Q.S/17 should
  remain in SG17.
• Associated with this work should be lead study
  group responsibilities for Security, Identity
  management, and Languages and description
  techniques.
• Security and ASN.1 OID Projects as well as
  JCA-IdM,JCA-COP, and JCA-CIT need to continue
  given their important contributions.

7
Conclusion

• Participation to SG17 has increased during the
  study period to maintain well above 155
  participants.
• SG17 has successfully transitioned to security as
  its main focus with a core set of security
  experts.
• Within security work, has significantly build-up
  participation and energy in Identity Management,
  Cybersecurity and Cloud Computing Security.
• SG17 has build strong relations with other key
  bodies working on security and initiated numerous
  collaborative efforts.
• SG17 has promoted and disseminated ITU-T security
  work (e.g., workshops, security manual, security
  roadmap) its achievements are well recognized.

8
Supplemental Slides

• Management team
• Structure
• Leadership for other groups (JCAs and FGs)
• Highlights of achievements / Projects
• Highlights of WP1, WP2, WP3, projects
• Statistics
• Workshops (with SG17 leadership / participation)
• Acknowledgements

9
Management Team (I)
Chairman Arkadiy Kremer Russian Federation Russian Federation
Vice-Chairmen Jianyong CHEN China China
Mohamed M.K. ELHAJ Sudan Sudan
Antonio GUIMARAES Brazil Brazil
Patrick MWESIGWA Uganda Uganda
Koji NAKAO Japan Japan
Heung Youl YOUM Korea Korea


10
Management Team (II)
WP Chairmen
WP 1/17 Koji NAKAO Japan
WP 2/17 Heung Youl YOUM Korea
WP 3/17 Jianyong CHEN China

TSB Martin EUCHNER Advisor
Georges SEBEK (retired) Counsellor
Emma NORTON-VIARD Assistant
11
Study Group Structure

• WP 1/17, Network and information security
• ITU-T security project, security
  architectures/frameworks, network security,
  telecommunications information security
  management, cybersecurity, countering spam.
• WP 2/17, Application security
• IPTV security, ubiquitous sensor network
  security, home network security, peer-to-peer
  security, application security services, cloud
  computing security, SOA security, telebiometrics
  security, e-health security.
• WP 3/17, Identity management and languages
• IdM, Directory, PKI/PMI, ASN.1, OID, SDL-2010,
  ODP, URN, MSC, TTCN-3, maintenance of OSI
  Recommendations.
• Joint coordination activities
• JCA-IdM, JCA-CIT, JCA-COP

12
Leadership for SG 17-related other groups (I)

• JCA-IdM
• Co-Chairmen Richard BRACKNEY, Microsoft/USA
  Takashi EGAWA, NEC Jon SHAMAH, UK
• Represented SGs 2, 3, 5, 9, 12, 13, 15, 16, 17,
  American Bar Association, ENISA, ETSI, ISO/IEC
  JTC1/SC27/WG5, ISO/IEC JTC1/SC17, GSMA, Liberty
  Alliance, Kantara Initiative, OASIS, OECD,
• 7 meetings, 125 documents processed, 7 outgoing
  liaisons statements.
• JCA-CIT
• Chairman Ostap MONKEWICH, Canada
• Represented SGs 2, 3, 5, 9, 11, 12, 13, 15, 16,
  17, TSAG.
• 11 meetings, 84 documents processed, 12 outgoing
  liaison statements.

13
Leadership for SG 17-related other groups (II)

• JCA-COP
• Chairman Ashley HEINEMAN, USA
• Established April 2012
• Represented SGs 2, 17, GSMA outreach to COP
  stakeholders
• 1 meeting, 9 documents processed, 2 outgoing
  liaisons.

14
Highlights of achievements (I)

• SG17 successfully transitioned into a core
  competency center on security averaging 155
  participants
• SG17 examined 751 contributions and 3200 TDs and
  developed 61 new, revised 60 Recommendations, and
  developed 11 Supplements
• 7 Recommendations currently under AAP or TAP
• 86 draft new/revised Recommendations currently
  under development for approval in the next study
  period
• 3 Lead Study Group responsibilities, 3 JCAs, and
  2 Projects were very active
• Increased collaboration with SDOs (e.g., joint
  texts)

15
Highlights of achievements (II)

• Lead study group for Telecommunication Security
• Close coordination and collaboration with other
  SGs and SDOs on security particular focus has
  been placed upon partnerships and avoiding
  potential conflicts in the work.
• Joint work with several SCs in ISO/IEC JTC 1.
• Produced two editions of the Security Manual
  that promotes ITU-Ts security work.
• Security Standards Roadmap and Security
  Compendium kept up-to-date.
• Establishment of a Joint Coordination Activity on
  Child Online Protection (JCA-COP).
• Four workshops held on security.
• Maintained an on-line listing of SG17
  relationships with TCs of ISO and IEC and SCs of
  ISO/IEC JTC 1 (identifies nature of relation of
  joint work, common/twin text, cooperation mode,
  etc) (In response to WTSA-08 Resolution 7).

16
Highlights of achievements (II)

• Lead study group for Identity Management
• Generic IdM model developed by SG17 is
  complemented by specific IdM solutions (e.g.
  NGN-IdM in SG13).
• A WIKI with IdM Roadmap is available from the
  SG17 web page - provides a compilation of
  existing and ongoing IdM standards globally
  reflects coordination with other bodies.
• Joint work item initiated with ISO/IEC JTC 1/SC
  27.
• Continuation of Joint Coordination Activity of
  Identity Management (JCA-IdM).
• Lead study group for Languages and Description
  Techniques
• Collaboration with ETSI on TTCN-3, JTC 1/SC 7 on
  ODP, and JTC 1/SC 6 on ASN.1, OIDs and
  registration.
• Supported SDL-Forum and SAM Workshop on
  languages.
• Continuation of a Joint Coordination Activity on
  Conformance and Interoperability Testing
  (JCA-CIT).

17
Network and Information Security (WP 1)
Highlights (I)

• Telecommunications systems security project
• Management support of other SG17 security
  Questions
• Security coordination
• Security project (see separate slide)
• Security architecture and framework
• Network security architecture, IPv6 security,
• 1 new Rec, 1 revised Rec, 2 new Supplements5
  under development.
• Telecommunications information security
  management
• In support of WTSA-08 Resolution 58
• ISM framework, risk/asset/incident management,
• 5 new Recs, 1 new Supplement 3 under development

18
Network and Information Security (WP 1)
Highlights (II)

• Cybersecurity
• In support of WTSA-8 Resolution 50.
• Focused on cybersecurity information exchange
  (CYBEX), X.1500 series.
• Intense work program many collaborations with
  principal forums of the cybersecurity community.
• 15 new Recs, 2 in TAP, 2 Amendments,3 new
  Supplements 20 under development
• Countering spam by technical means
• In support WTSA-08 Resolution 52
• Countering spam in e-mails, IP-based multimedia,
  mobile messaging,
• 3 new Recs, 3 Supplements (1 revised)1 under
  development.

19
Application Security(WP 2) Highlights

• Security aspects of ubiquitous telecommunication
  services
• IPTV security, ubiquitous sensor network
  security, RFID security, home network security,
  multicast security,
• 13 new Recs 1 in TAP 5 under development
• Secure applications services
• Application security mechanisms, peer-to-peer
  security,
• 2 new Recs, 1 in TAP, 1 Supplement 9 under
  development
• Cloud computing security
• Security for service oriented architectures and
  more recently cloud computing security
• 4 texts under development
• Telebiometrics
• Telebiometrics, e-Health telemedicines security
  protocols
• 4 new Recs, 6 Amendments 8 under development

20
Identity Management and Languages (WP 3)
Highlights (I)

• Identity management architecture and mechanisms
• IdM capabilities, IdM terms definitions, IdM
  security, authentication assurance, PII
  protection for RFID,
• 6 new Recs, 1 Supplement 8 under development
• Directory services, Directory systems, and
  public-key/attribute certificates
• X.500-series on Directory including X.509 on PKI,
  computerized directory assistance,
• 20 revised Recs, many technical corrigenda to
  X.500 series3 under development

21
Identity Management and Languages (WP 3)
Highlights (II)

• ASN.1, OIDs and associated registration
• Abstract Syntax Notation One (ASN.1), Object
  Identifiers (OIDs) and associated registration
  authorities,
• ASN.1 and OID project (see separate slide)
• Handbook on OIDs and their registration
  authorities
• 2 new Recs, 11 revised Recs, 1 in AAP, several
  Corrigenda
• Formal languages and telecommunication software
• ODP, SDL-2010, UML, MSC, URN,
• 4 new Recs, 14 revised Recs, 1 Amendment, 1 IG, 1
  in AAP 4 under development
• Testing languages, methodologies and framework
• Testing and Test Control Notation (TTCN-3),
• 3 new Recs, 17 revised Recs 10 under development

22
Security Project(Major focus is on coordination
and outreach)

• Security coordination
• Within SG17, with ITU-T SGs, with ITU-D and
  externally.
• Kept TSAG, IGF, ISO/IEC/ITU-T SAG-S informed on
  security efforts.
• Made presentations to workshops/seminars and to
  GSC.
• Maintained reference information on the LSG on
  security webpage.
• Compendium of Security Recommendations
• Includes catalogs of approved security-related
  Recommendations and security definitions
  extracted from approved Recommendations.
• Security Standards Roadmap
• Includes searchable database of approved ICT
  security standards from ITU-T and others (e.g.,
  ATIS, ENISA, ETSI, IEEE, ISO/IEC JTC 1, IETF,
  OASIS, 3GPP, 3GPP2).
• ITU-T Security manual
• 2 updates produced, translated into 6 UN
  languages.
• Strategic plan for SG17 (Draft)
• Gives mission, vision and strategic focus areas
  for SG17.

23
ASN.1 and OID Project

• The SG17 ASN.1 OID project continues to assist
• Existing users of ASN.1 and object identifiers
  (OID), within and outside of ITU-T (e.g., ITU-T
  SG 16, ISO/IEC JTC 1/SC 27, ISO TC 215, 3GPP,
  etc.).
• Countries (e.g., Bangladesh, Canada, Islamic
  Republic of Iran, Liechtenstein, Oman, Republic
  of Panama, Tunisia, Ukraine, Uruguay), and in
  particular developing countries, in setting a
  national registration authority for OIDs.
• This project provided speakers and tutorial
  material, and coordinates the provision of tool
  support to users and the contents of related
  websites.
• In cooperation with the TSB, a database is being
  maintained that contains a machine-processable
  copy of the current version of all ASN.1 modules
  that are included in ITU-T Recommendations.Databa
  se http//www.itu.int/ITU-T/asn1/database (gt800
  modules)
• A handbook on OIDs and their registration
  authorities was completed and a flyer on OIDs was
  produced.
• OID Repository http//www.oid-info.com (gt643000
  OIDs).

24
Statistics (I)

• 51 Rapporteur group meetings held(stand-alone,
  during GSI events or collaborative with ISO/IEC
  JTC 1/SC 6, 7, 27 or 37)
• 751 contributions received(excluding Rapporteur
  meetings)
• 8 SG meetings held
• 8 WP 1, 2, 3 meetings held in conjunction with
  SG17 meetings
• Min/Max/Average SG participants 116/181/155.

25
Statistics (II)

• 121 New/Revised Recommendations approved, plus 7
  Recommendations determined or consented.
• 86 draft new/revised Recommendations currently
  under development for approval in the next study
  period.
• 15 Questions assigned by WTSA-08.
• 1 Question revised during study period.
• 12 Questions proposed for next period.

26
Workshops (I)

• SG17 organized four workshops
• New challenges for telecommunication security
  standardizationsGeneva, Switzerland, 9-10
  February 2009.
• Addressing security challenges on a global
  scaleGeneva, Switzerland, 6 7 December 2010.
• Identity SummitGeneva, Switzerland, 10 December
  2010.
• Radioactivity safety and security threats
  protection and telemedical support for irradiated
  peopleGeneva, Switzerland, August 30, 2011.

27
Workshops (II)

• SG17 (through its lead study group function on
  Languages) supported the following workshops
• 14th SDL ForumBochum University, Germany, 22-24
  September 2009.
• 6th System Analysis and Modeling (SAM) workshop
  (SAM-2010) within MODELS-2010Oslo, Norway,
  October 2010 in collaboration with ACM and IEEE.
• 15th SDL ForumToulouse, France, July 2011.
• 7th SAM workshop planned with the ACM/IEEE
  MODELSInnsbruck, Austria, 2012.

28
Acknowledgements
Great thanks are due to the many people who have
contributed to the enormous success of SG17
during this study period

• Delegates with their many contributions
• Editors in drafting texts for Recommendations
• Rapporteurs in leading work efforts
• Liaison officers in coordinating efforts with
  other bodies
• Project leaders and JCA leaders
• Management team including Working Party chairmen
• TSB support Counsellors, Assistants and other
  staff

Best wishes to all for the next study period.
29
Thank you!
Personal information   Date of birth 13 November 1947 Marital status Married Nationality Russian
Education   19651970 Moscow Technical University of Communications and Informatics (MTUCI)
Qualifications   Ph.D. on technical sciences
Work experience     1994 Present time - chairman of Russian Association for Networks and Services (RANS) Executive Committee 1997 Present time - head of RANS training department in MTUCI
Participation in International Telecommunication Union (ITU) United Nations agency   2004 - 2008 - Vice-Chairman of the ITU-T SG17 (Security) 2009 Present time - chairman of the ITU-T SG17 (Security)
Languages   English Good Russian Native