190 likes | 349 Views
NGN- Regulatory and Security Issues. S. K. Gupta, Advisor (CN&IT) Telecom Regulatory Authority of India. Agenda. Background. NGN Regulatory Imperatives. NGN Security Imperatives. Background. Why Regulate NGN ?. Why NGN? Convergence of Telecom, Information Technology & Broadcasting
E N D
NGN- Regulatory and Security Issues S. K. Gupta, Advisor (CN&IT) Telecom Regulatory Authority of India
Agenda • Background • NGN Regulatory Imperatives • NGN Security Imperatives TRAI
Background Why Regulate NGN ? • Why NGN? • Convergence of Telecom, Information Technology & Broadcasting • Digitization of Content • Miniaturization of devices and increasing computing power • Multi functional Devices TRAI
NGN- Regulatory Approaches • Wait and Watch • Facilitate NGN • Promote NGN TRAI
NGN- Essentials • High Internet /Broadband Penetration • Converged Regulatory approach • Killer Applications • Availability of suitable content Source: www.internetworldstats.com TRAI
NGN- Regulatory Imperatives • Increasing Internet/ Broadband Penetration • Low wireline penetration • Spectrum- scarce resources, may not be able to cater for huge BW required in future • High cost of subs premises equipment • Harmonization of spectrum utilization • Increase optical fibre penetration Source : OECD TRAI
NGN- Regulatory Imperatives • Killer Applications • Encourage developments of user friendly applications • Development of content in local language • Support for e-gov, e-commerce, e-education, e-health etc • Ensure market availability and reduce barriers to access subscribers Source: IMRB TRAI
NGN- Regulatory Imperatives • Unified licensing Vs. Service specific licensing • Entry barriers • Competitions issues • Ensuring Regulatory compliance • Time and distance based pricing to volume and hits based pricing • Death of time & distance • Paradigm shift in commercial agreements among service providers • Unified Licensing : • Entry fee is high • Full control on network and subscribers access • Small operators/ content developers totally depend on them for subscriber access • Good regulatory compliance TRAI
NGN- Regulatory Imperatives • Changed Interconnection Model • Shift from circuit switched to packet switched interconnection • Shift from dedicated interconnection to the class and QoS based interconnection • Shift from hierarchical interconnection to zonal interconnection • RIO • Existing framework of RIO will change • IUC • Change from per call basis termination charges to some new pattern • Interconnection: • Well defined hierarchical interconnection • Well defined separate NLD/ILD • Full availability of BW at interconnect point • Well defined IUC for per call basis termination and carriage charges TRAI
NGN- Regulatory Imperatives • Management of Numbering Resources • Shift form primarily P2P voice calls to P2M and M2M calls • Allocations of numbers to IP devices and machines • Migration from IPv4 to IPv6 • Shift from service specific number allocation to service neutral number allocation • Shift from large number of small capacity switches in a network to limited very high capacity switches • Number allocation: • Different numbering series for fixed and mobile number allocation • Different series of numbers for different operators • Numbering resource utilization efficiency < 60% • Allocation of city specific network access codes (STD Codes) • Implementation of mobile number portability TRAI
NGN- Regulatory Imperatives • Content Regulation and enforcement • Monitoring issues – large number of content providers • Enforcement issue- IPR, prohibition of vulgar content • Community sites on internet- content generation by individuals • Likely impact on upcoming generation • Net neutrality • Ensure non-discriminative treatment to all contents by network providers • Content providers (Dec. 08) • Free to air channels – 180 • Pay Channels – 110 • FM Radio Stations – 245 • Community Radio- 60 • MSOs - 6000 • LCOs – 60000 • Large numbers of community sites TRAI
NGN- Regulatory Imperatives • Standardization • Ensure end to end service availability • Interface approvals will be required • Need for regional cooperation to define zone specific NGN specifications • Emergency Number Dialing • Facility to dial emergency numbers with accurate location details of the subscriber will be desirable • It may be a challenge in 3G and BWA scenario to exactly indicate subscriber location TRAI
NGN- Regulatory Imperatives • Lawful Interception (LI) • Widely dispersed network - Monitoring Challenge • Huge Volume of data - Analysis challenge • Complex Multilayer dynamic encryption - Challenge to retrieve data • Fast technological innovation - Upgradation of monitoring equipments - Adequate training of manpower • Need for LI • Monitoring data flow in Network • Effective, transparent, online Interception • Data / Message specific to a particular • Originator • Person/ location • Interception of traffic based on • Content • Class • Need to preserve huge data TRAI
NGN- Security Imperatives • NGN is expected to replace telecom networks considered as critical infrastructure • Foolproof security is of utmost importance • Vulnerabilities of IP based network • Identity theft • Person in middle • Spoofing • Phishing • Effective legal framework to handle violations • Enactment of relevant legal provisions • Policy framework to handle cross border violations • Prevention and punishment of defaulter Source: CERT-in TRAI
NGN- Security Imperatives • Concerns of subscribers • Identity theft • Cracking of username/PIN • Attacks by Virus, Worms, spyware etc. • Flooding attack on user device • Tele-spam • Loss of personal data, privacy etc. • Importance of network Security • Control theft of services/ unauthorized use • Restrict denial of services • Ensure guaranteed quality of service to subscriber • Appropriate charging to actual users • Ensuring due payment to application / content providers TRAI
NGN- Security Imperatives • Wireless IP network • Misuse of Wi-Fi signals- need for protections • Subscriber awareness issues • Securing subscriber devices • Misuse of IP Ports • Attacks using open IP Ports • Hardening of servers • Hardware /Software vulnerabilities • Network security Breaches (2008) • Biggest malware threats – SQL injection attacks against websites and the rise of scareware • New web infections – one new infected webpage every 4.5 seconds • Malicious email attachments – increased five times by 2008 end • Spam-related web pages – one new webpage every 15 seconds • New scareware websites – five per day • Top malware-hosting country – US with 37 percent • Top spam-relaying continent – Asia with 36.6 percent • Amount of business email that is spam – 97 percent Source: www.sophos.com TRAI
NGN- Security Imperatives • Component of NGN security • Network domain security • IMS access security • Application security • Security of open services/ application frameworks TRAI
Way Forward • Regulatory framework shall smoothen the complex emerging issues in NGN facilitating the easy deployment of networks and services. • Promotion of competitive environment shall be key regulatory concern • Security in all IP environment will require collaborative and coercive efforts from different countries across the globe • Information sharing and mutual cooperation will be the key to success TRAI
Thank You S K Gupta , Advisor, TRAI Mahanagar Doorsanchar Bhawan, J.L. Nehru Marg, New Delhi – 110002 Ph. +91-11- 23217914 (O) +91-11- 23211998 (Fax) advcn@trai.gov.in TRAI