Download - SG17 Chairman WTSA12 Presentation
-
5/24/2018 SG17 Chairman WTSA12 Presentation
1/29
Summary of ResultsStudy Period 2009-2012
ITU-T Study Group 17
Security
Arkadiy Kremer
-
5/24/2018 SG17 Chairman WTSA12 Presentation
2/29
International
TelecommunicationUnion
2
ITU-T Study Group 17Security
Contents
Terms of reference
Future perspective of SG17
Conclusions
___________________________________
Supplemental slides Management team
Structure
Leadership for other groups (JCAs and FGs)
Highlights of achievements / Projects
Highlights of WP1, WP2, WP3, projects Statistics
Workshops (with SG17 leadership / participation)
Acknowledgements
-
5/24/2018 SG17 Chairman WTSA12 Presentation
3/29
International
TelecommunicationUnion
3
ITU-T Study Group 17Security
Terms of ReferenceCurrent: Responsible for studies relating to security includingcybersecurity, countering spam and identity management. Alsoresponsible for the application of open system communicationsincluding directory and object identifiers, and for technical languages,the method for their usage and other issues related to the softwareaspects of telecommunication systems.
Future perspective: Responsible for building confidence and securityin the use of Information and Communication Technologies(ICTs). This includes studies relating to cybersecurity, securitymanagement, countering spam and identity management. It alsoincludes security architecture and framework, protection of personallyidentifiable information, and security of applications and services for theInternet of Things, smart grid, smartphone, IPTV, web services, socialnetwork, cloud computing, mobile financial system, and telebiometrics.Also responsible for the application of open system communications
including directory and object identifiers, and for technical languages,the method for their usage and other issues related to the softwareaspects of telecommunication systems, and for conformance testing toimprove quality of Recommendations.
-
5/24/2018 SG17 Chairman WTSA12 Presentation
4/29
International
TelecommunicationUnion
4
ITU-T Study Group 17Security
Future Perspective of SG17 (I)ICT security - Cloud computing security Cybersecurity
SG17s work on security has had continued and remarkablegrowth throughout this study period resulting in a centre ofexcellence a core competency in security.
Cybersecurity is one of the top priorities of the ITU, it iscritical that this centre of security competence in ITU-T benurtured and enhanced, and not fragmented.
SG17 pioneered cloud computing security within ITU-T andtakes a leading role for cloud computing security.Keep Q.H/17 as competence centre on cloud computingsecurity within SG17 continue coordinating with SG13 oncloud computing (via JCA-Cloud).
-
5/24/2018 SG17 Chairman WTSA12 Presentation
5/29
International
TelecommunicationUnion
5
ITU-T Study Group 17Security
Future Perspective of SG17 (II)ICT security
Information Security Management Identity Management
The work on security in SG17 (including generic securityarchitecture, mechanisms and management guidelines forheterogeneous networks/systems/services) needs to becontinued and there needs to be a lead study group forsecurity to coordinate within the ITU and with other SDOs.
new emerging security technologies such as cloud computing, smart grid,intelligent transportation systems, Internet-of-Things, IPTV security, IPv6security, technical measures to protect the personally identifiableinformation (PII)of citizens as well as technical measures to protectchildren online all demand new approaches to security and novel securityconcepts to adequately address the inherent the crucial security threats inthose technologies
IdM plays such a critical role in building confidence andsecurity in the use of ICTs, it is essential that this work beintegral to the ITU-T security centre of competence, includingbeing the lead study group for this issue to coordinate withinITU and with other SDOs.
-
5/24/2018 SG17 Chairman WTSA12 Presentation
6/29
International
TelecommunicationUnion
6
ITU-T Study Group 17Security
Future Perspective of SG17 (III)Questions Structure LSG Projects - JCAs
SG17 proposed 12 Questions for the next study period.
All Questions continue with two consolidations: R/17: Generic technologies to support secure applications
(Continuation of Q11/17, Q12/17, Q15/17 and ODP part ofQ13/17) shall remain in SG17.
S/17: Formal languages for telecommunication software andtesting (Continuation of Q14/17 and part of Q13/17).
Testing methodologies and JCA-CIT should stay within SG17Q14/17 has close links to the other language Questions and isindependent of any particular application domain.Formal languages portion of Q.S/17 should remain in SG17.
Associated with this work should be lead study group responsibilitiesfor Security, Identity management, and Languages and descriptiontechniques.
Security and ASN.1 & OID Projects as well as JCA-IdM,JCA-COP, and JCA-CIT need to continue given their importantcontributions.
-
5/24/2018 SG17 Chairman WTSA12 Presentation
7/29
International
TelecommunicationUnion
7
ITU-T Study Group 17Security
ConclusionParticipation to SG17 has increased during the studyperiod to maintain well above 155 participants.
SG17 has successfully transitioned to security as itsmain focus with a core set of security experts.
Within security work, has significantly build-upparticipation and energy in Identity Management,
Cybersecurity and Cloud Computing Security.SG17 has build strong relations with other keybodies working on security and initiated numerouscollaborative efforts.
SG17 has promoted and disseminated ITU-Tsecurity work (e.g., workshops, security manual,security roadmap); its achievements are wellrecognized.
-
5/24/2018 SG17 Chairman WTSA12 Presentation
8/29
International
TelecommunicationUnion
8
ITU-T Study Group 17Security
Supplemental Slides
Management team
Structure
Leadership for other groups (JCAs and FGs)
Highlights of achievements / Projects
Highlights of WP1, WP2, WP3, projects
Statistics
Workshops (with SG17 leadership /
participation)Acknowledgements
-
5/24/2018 SG17 Chairman WTSA12 Presentation
9/29
International
TelecommunicationUnion
9
ITU-T Study Group 17Security
Management Team (I)
Chairman Arkadiy Kremer Russian
Federation
Vice-Chairmen Jianyong CHEN China
Mohamed M.K. ELHAJ Sudan
Antonio GUIMARAES Brazil
Patrick MWESIGWA Uganda
Koji NAKAO Japan
Heung Youl YOUM Korea
-
5/24/2018 SG17 Chairman WTSA12 Presentation
10/29
International
TelecommunicationUnion
10
ITU-T Study Group 17Security
Management Team (II)
WP Chairmen
WP 1/17 Koji NAKAO Japan
WP 2/17 Heung Youl YOUM Korea
WP 3/17 Jianyong CHEN China
TSB Martin EUCHNER Advisor
Georges SEBEK (retired) Counsellor
Emma NORTON-VIARD Assistant
-
5/24/2018 SG17 Chairman WTSA12 Presentation
11/29
International
TelecommunicationUnion
11
ITU-T Study Group 17Security
Study Group StructureWP 1/17, Network and information securityITU-T security project, security architectures/frameworks,network security, telecommunications information securitymanagement, cybersecurity, countering spam.
WP 2/17, Application securityIPTV security, ubiquitous sensor network security, homenetwork security, peer-to-peer security, application securityservices, cloud computing security, SOA security,telebiometrics security, e-health security.
WP 3/17, Identity management and languagesIdM, Directory, PKI/PMI, ASN.1, OID, SDL-2010, ODP, URN,
MSC, TTCN-3, maintenance of OSI Recommendations.Joint coordination activitiesJCA-IdM, JCA-CIT, JCA-COP
-
5/24/2018 SG17 Chairman WTSA12 Presentation
12/29
International
TelecommunicationUnion
12
ITU-T Study Group 17Security
Leadership for SG 17-related othergroups (I)
JCA-IdM Co-Chairmen: Richard BRACKNEY, Microsoft/USA;
Takashi EGAWA, NEC;Jon SHAMAH, UK
Represented: SGs 2, 3, 5, 9, 12, 13, 15, 16, 17, American BarAssociation, ENISA, ETSI, ISO/IEC JTC1/SC27/WG5, ISO/IEC
JTC1/SC17, GSMA, Liberty Alliance, Kantara Initiative, OASIS,OECD,
7 meetings, 125 documents processed, 7 outgoing liaisonsstatements.
JCA-CIT
Chairman: Ostap MONKEWICH, Canada Represented: SGs 2, 3, 5, 9, 11, 12, 13, 15, 16, 17, TSAG.
11 meetings, 84 documents processed, 12 outgoing liaisonstatements.
-
5/24/2018 SG17 Chairman WTSA12 Presentation
13/29
International
TelecommunicationUnion
13
ITU-T Study Group 17Security
Leadership for SG 17-related othergroups (II)
JCA-COP Chairman: Ashley HEINEMAN, USA
Established April 2012
Represented: SGs 2, 17, GSMA; outreach to COP stakeholders
1 meeting, 9 documents processed, 2 outgoing liaisons.
-
5/24/2018 SG17 Chairman WTSA12 Presentation
14/29
International
TelecommunicationUnion
14
ITU-T Study Group 17Security
Highlights of achievements (I)
SG17 successfully transitioned into a core
competency center on security averaging 155participants
SG17 examined 751 contributions and 3200+ TDsand developed 61 new, revised 60Recommendations, and developed 11 Supplements
7Recommendations currently under AAP or TAP
86 draft new/revised Recommendations currentlyunder development for approval in the next studyperiod
3 Lead Study Group responsibilities, 3 JCAs, and 2Projects were very active
Increased collaboration with SDOs (e.g., joint texts)
-
5/24/2018 SG17 Chairman WTSA12 Presentation
15/29
International
TelecommunicationUnion
15
ITU-T Study Group 17Security
Highlights of achievements (II)
Lead study group for Telecommunication Security
Close coordination and collaboration with other SGs andSDOs on security; particular focus has been placed uponpartnerships and avoiding potential conflicts in the work.
Joint work with several SCs in ISO/IEC JTC 1.
Produced two editions of the Security Manual thatpromotes ITU-Ts security work.
Security Standards Roadmap and Security Compendiumkept up-to-date.
Establishment of a Joint Coordination Activity on ChildOnline Protection (JCA-COP).
Four workshops held on security.
Maintained an on-line listing of SG17 relationships with TCsof ISO and IEC and SCs of ISO/IEC JTC 1 (identifies natureof relation of joint work, common/twin text, cooperationmode, etc) (In response to WTSA-08 Resolution 7).
-
5/24/2018 SG17 Chairman WTSA12 Presentation
16/29
International
TelecommunicationUnion
16
ITU-T Study Group 17Security
Highlights of achievements (II)Lead study group for Identity Management
Generic IdM model developed by SG17 is complemented byspecific IdM solutions (e.g. NGN-IdM in SG13).
A WIKI with IdM Roadmap is available from the SG17 webpage - provides a compilation of existing and ongoing IdMstandards globally & reflects coordination with other bodies.
Joint work item initiated with ISO/IEC JTC 1/SC 27.
Continuation of Joint Coordination Activity of IdentityManagement (JCA-IdM).
Lead study group for Languages and DescriptionTechniques Collaboration with ETSI on TTCN-3, JTC 1/SC 7 on ODP, and
JTC 1/SC 6 on ASN.1, OIDs and registration. Supported SDL-Forum and SAM Workshop on languages.
Continuation of a Joint Coordination Activity onConformance and Interoperability Testing (JCA-CIT).
-
5/24/2018 SG17 Chairman WTSA12 Presentation
17/29
International
TelecommunicationUnion
17
ITU-T Study Group 17Security
Network and Information Security(WP 1) Highlights (I)
Telecommunications systems security project Management support of other SG17 security Questions Security coordination Security project (see separate slide)
Security architecture and framework
Network security architecture, IPv6 security, 1 new Rec, 1 revised Rec, 2 new Supplements;
5 under development.
Telecommunications information securitymanagement
In support of WTSA-08 Resolution 58 ISM framework, risk/asset/incident management, 5 new Recs, 1 new Supplement; 3 under development
N t k d I f ti S it
-
5/24/2018 SG17 Chairman WTSA12 Presentation
18/29
International
TelecommunicationUnion
18
ITU-T Study Group 17Security
Network and Information Security(WP 1) Highlights (II)
Cybersecurity In support of WTSA-8 Resolution 50. Focused on cybersecurity information exchange (CYBEX),
X.1500 series. Intense work program; many collaborations with principal
forums of the cybersecurity community. 15 new Recs, 2 in TAP, 2 Amendments,
3 new Supplements; 20 under development
Countering spam by technical means In support WTSA-08 Resolution 52 Countering spam in e-mails, IP-based multimedia, mobile
messaging, 3 new Recs, 3 Supplements (1 revised);
1 under development.
A li ti S it
-
5/24/2018 SG17 Chairman WTSA12 Presentation
19/29
International
TelecommunicationUnion
19
ITU-T Study Group 17Security
Application Security(WP 2) Highlights
Security aspects of ubiquitous
telecommunication services IPTV security, ubiquitous sensor network security, RFID
security, home network security, multicast security, 13 new Recs; 1 in TAP; 5 under development
Secure applications services Application security mechanisms, peer-to-peer security, 2 new Recs, 1 in TAP, 1 Supplement; 9 under development
Cloud computing security Security for service oriented architectures and more
recently cloud computing security 4 texts under development
Telebiometrics Telebiometrics, e-Health & telemedicines security protocols 4 new Recs, 6 Amendments; 8 under development
Id tit M t d
-
5/24/2018 SG17 Chairman WTSA12 Presentation
20/29
International
TelecommunicationUnion
20
ITU-T Study Group 17Security
Identity Management andLanguages (WP 3) Highlights (I)
Identity management architecture andmechanisms IdM capabilities, IdM terms & definitions, IdM security,
authentication assurance, PII protection for RFID, 6 new Recs, 1 Supplement; 8 under development
Directory services, Directory systems, andpublic-key/attribute certificates X.500-series on Directory including X.509 on PKI,
computerized directory assistance, 20 revised Recs, many technical corrigenda to X.500 series;
3 under development
Id tit M t d
-
5/24/2018 SG17 Chairman WTSA12 Presentation
21/29
International
TelecommunicationUnion
21
ITU-T Study Group 17Security
Identity Management andLanguages (WP 3) Highlights (II)
ASN.1, OIDs and associated registration Abstract Syntax Notation One (ASN.1), Object Identifiers
(OIDs) and associated registration authorities, ASN.1 and OID project (see separate slide) Handbook on OIDs and their registration authorities 2 new Recs, 11 revised Recs, 1 in AAP, several Corrigenda
Formal languages and telecommunicationsoftware ODP, SDL-2010, UML, MSC, URN, 4 new Recs, 14 revised Recs, 1 Amendment, 1 IG, 1 in AAP;
4 under development
Testing languages, methodologies andframework Testing and Test Control Notation (TTCN-3), 3 new Recs, 17 revised Recs; 10 under development
-
5/24/2018 SG17 Chairman WTSA12 Presentation
22/29
International
TelecommunicationUnion
22
ITU-T Study Group 17Security
Security Project(Major focus is on coordination and outreach)
Security coordination
Within SG17, with ITU-T SGs, with ITU-D and externally. Kept TSAG, IGF, ISO/IEC/ITU-T SAG-S informed on security efforts.
Made presentations to workshops/seminars and to GSC.
Maintained reference information on the LSG on security webpage.
Compendium of Security Recommendations Includes catalogs of approved security-related Recommendations
and security definitions extracted from approved Recommendations.Security Standards Roadmap
Includes searchable database of approved ICT security standardsfrom ITU-T and others (e.g., ATIS, ENISA, ETSI, IEEE, ISO/IEC JTC1, IETF, OASIS, 3GPP, 3GPP2).
ITU-T Security manual 2 updates produced, translated into 6 UN languages.
Strategic plan for SG17 (Draft) Gives mission, vision and strategic focus areas for SG17.
-
5/24/2018 SG17 Chairman WTSA12 Presentation
23/29
International
TelecommunicationUnion
23
ITU-T Study Group 17Security
ASN.1 and OID ProjectThe SG17 ASN.1 & OID project continues to assist:
Existing users of ASN.1 and object identifiers (OID), within and outside of
ITU-T (e.g., ITU-T SG 16, ISO/IEC JTC 1/SC 27, ISO TC 215, 3GPP, etc.). Countries (e.g., Bangladesh, Canada, Islamic Republic of Iran,
Liechtenstein, Oman, Republic of Panama, Tunisia, Ukraine, Uruguay), andin particular developing countries, in setting a national registrationauthority for OIDs.
This project provided speakers and tutorial material, and
coordinates the provision of tool support to users and thecontents of related websites.In cooperation with the TSB, a database is being maintainedthat contains a machine-processable copy of the currentversion of all ASN.1 modules that are included in ITU-TRecommendations.
Database: http://www.itu.int/ITU-T/asn1/database(>800 modules)A handbook on OIDs and their registration authorities wascompleted and a flyer on OIDs was produced.OID Repository: http://www.oid-info.com(>643000 OIDs).
http://www.itu.int/ITU-T/asn1/database/http://www.itu.int/ITU-T/asn1/database/http://www.oid-info.com/http://www.oid-info.com/http://www.oid-info.com/http://www.oid-info.com/http://www.itu.int/ITU-T/asn1/database/http://www.itu.int/ITU-T/asn1/database/http://www.itu.int/ITU-T/asn1/database/ -
5/24/2018 SG17 Chairman WTSA12 Presentation
24/29
International
TelecommunicationUnion
24
ITU-T Study Group 17Security
Statistics (I)
51 Rapporteur group meetings held(stand-alone, during GSI events or collaborative withISO/IEC JTC 1/SC 6, 7, 27 or 37)
751 contributions received(excluding Rapporteur meetings)
8 SG meetings held8 WP 1, 2, 3 meetings held in conjunctionwith SG17 meetings
Min/Max/Average SG participants:116/181/155.
-
5/24/2018 SG17 Chairman WTSA12 Presentation
25/29
International
TelecommunicationUnion
25
ITU-T Study Group 17Security
Statistics (II)
121 New/Revised Recommendations
approved,plus7 Recommendationsdetermined or consented.
86 draft new/revised Recommendationscurrently under development for approval
in the next study period.15 Questions assigned by WTSA-08.
1 Question revised during study period.
12 Questions proposed for next period.
-
5/24/2018 SG17 Chairman WTSA12 Presentation
26/29
International
Telecommunication
Union
26
ITU-T Study Group 17Security
Workshops (I)
SG17 organized four workshops:
New challenges for telecommunication securitystandardizationsGeneva, Switzerland, 9-10 February 2009.
Addressing security challenges on a global scaleGeneva, Switzerland, 6 7 December 2010.
Identity SummitGeneva, Switzerland, 10 December 2010.
Radioactivity safety and security threats protection
and telemedical support for irradiated peopleGeneva, Switzerland, August 30, 2011.
-
5/24/2018 SG17 Chairman WTSA12 Presentation
27/29
International
Telecommunication
Union
27
ITU-T Study Group 17Security
Workshops (II)
SG17 (through its lead study group function
on Languages) supported the followingworkshops:14thSDL Forum
Bochum University, Germany, 22-24 September 2009.
6th
System Analysis and Modeling (SAM) workshop (SAM-2010) within MODELS-2010Oslo, Norway, October 2010 in collaboration with ACM and IEEE.
15thSDL ForumToulouse, France, July 2011.
7thSAM workshopplanned with the ACM/IEEE MODELSInnsbruck, Austria, 2012.
-
5/24/2018 SG17 Chairman WTSA12 Presentation
28/29
International
Telecommunication
Union
28
ITU-T Study Group 17Security
Acknowledgements
Delegates with their many contributions
Editors in drafting texts for RecommendationsRapporteurs in leading work effortsLiaison officers in coordinating efforts with other bodiesProject leaders and JCA leadersManagement team including Working Party chairmen
TSB support Counsellors, Assistants and other staff
Great thanks are due to the many peoplewho have contributed to the enormoussuccess of SG17 during this study period:
Best wishes to all for the next study period.
Th k !
-
5/24/2018 SG17 Chairman WTSA12 Presentation
29/29
International
Telecommunication
Union
ITU-T Study Group 17Security
Thank you!Personalinformation Date of birth: 13 November 1947Marital status: Married
Nationality: RussianEducation 19651970 Moscow Technical University
of Communications and Informatics(MTUCI)
Qualifications Ph.D. on technical sciencesWorkexperience
1994 Present time - chairman of RussianAssociation for Networks and Services(RANS) Executive Committee
1997 Present time - head of RANS trainingdepartment in MTUCI
Participation inInternationalTelecommunication Union(ITU) UnitedNations agency
2004 - 2008 - Vice-Chairman of the ITU-TSG17 (Security)
2009 Present time - chairman of the ITU-TSG17 (Security)
Languages English GoodRussian Native