1 / 17

High Interest Subject: NGN – Cyber Security ATIS, ETSI and ITU (T and D)

GSC11_GTSC4_27. High Interest Subject: NGN – Cyber Security ATIS, ETSI and ITU (T and D). Prime PSO: ATIS Presenter: Art Reilly. Security TOPS* Focus Group Key Findings. 14 key topics in 3 categories with 3 priority levels: Transport

ccotton
Download Presentation

High Interest Subject: NGN – Cyber Security ATIS, ETSI and ITU (T and D)

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. GSC11_GTSC4_27 High Interest Subject: NGN – Cyber SecurityATIS, ETSI and ITU (T and D) Prime PSO: ATIS Presenter: Art Reilly GSC: Standardization Advancing Global Communications

  2. Security TOPS* Focus Group Key Findings 14 key topics in 3 categories with 3 priority levels: • Transport • Packet filtering, SS7 firewall & interface, Wireless security, Secure transport control & signaling … • Management • EMS interface, configuration management, security event management and attack determination and mitigation, security management system framework … • Application • Audio, video, messaging, firewall/NAT transparency * TOPS – ATIS Technology and OPerationS Council GSC: Standardization Advancing Global Communications

  3. Inter-Committee Security Review Group (ISRG) Purpose • Serve as a venue where all security work conducted by ATIS committees is discussed to: • Identify possible synergies, • Identify & discuss potential new issues, • Dependencies, and • Timelines for completing existing and potential new network security issues. GSC: Standardization Advancing Global Communications

  4. GSC: Standardization Advancing Global Communications

  5. PTSC’s suite of security documents In Letter Ballot Completed GSC: Standardization Advancing Global Communications

  6. IP to IP Interconnection Documents with security components Completed Completed GSC: Standardization Advancing Global Communications

  7. WG7 security: TISPAN Working Group (WG) 7 is responsible for the management and co-ordination of the development of security specifications for TC TISPAN. • For TISPAN NGN Release 1, TISPAN WG7, assisted by the specialist task force STF292, has: • Defined security requirements; • Defined a security architecture for NGN R1; • Conducted threat and risk analyses for specific NGN use cases; • Proposed countermeasures. WG7 security standardisation is risk-based: Using the STF292 methodology for Systematic threat, vulnerability and risk analysis (TVRA) GSC: Standardization Advancing Global Communications

  8. ETSI TISPAN WG7 - Challenges • New threats and risks landscape • Authentication issues and identity management • Continued work on authentication to NASS and to IMS services: • HW-based ISIM (UICC/USIM) and/or • Equivalent and/or • SW-based ISIM authentication, • Single-sign on/ID Management • Various, unique identities in the NGN environment • Emergency services issues • (authentication, authorisation, location ID) • Interworking of various security mechanisms • Challenges addressed in Cooperation with other bodies: • 3GPP SA3 • Harmonization of access security solutions • Media security and SSO • AT NGN@Home • Residential gateways • Home networking security • NGN Terminal security • ECMA • Corporate network NGCN security interactions with NGN GSC: Standardization Advancing Global Communications

  9. Status of WG7 Security Work • Release 1: • NGN Lawful Intercept (LI), WI 07013 • Ongoing cooperation with TC LI and liaison with 3GPP SA3 LI • WG7 approval expected in June, 2006 • Release 2 : • Continued focus on threat, vulnerability and risk analysis, requirements, and architecture • NGN security countermeasures • New work planned: SSO, media security • Security standardisation methods • Threat, vulnerability, and risk analysis (STF292) • Assurance techniques (STF292) • Security guidelines • Deployment (STF292) • IPsec (STF292) • Keying (STF292) GSC: Standardization Advancing Global Communications

  10. For more information ATIS www.atis.org ATIS - PTSC • PTSC work program may be extended to accept tasking from the ATIS NGN Focus Group Results • ATIS PTSC current work program can be found at: http://www.atis.org/0191/issues.asp GSC: Standardization Advancing Global Communications

  11. For more information ATIS – Performance, Reliability, Quality of Service Committee (PRQC) • Technical Report on Security For Next Generation Networks -- An End User Perspective http://contributions.atis.org/upload/PRQC/PRQC/PRQC-2005-127.doc • Update Security Terms within T1.523-2001, TELECOM GLOSSARY http://contributions.atis.org/upload/PRQC/PRQC/PRQC-2006-029R1.doc GSC: Standardization Advancing Global Communications

  12. For more information ETSI • European Telecommunication Standardisation Institute • www.etsi.org • TISPAN security specialist task force leader • scott.cadzow@etsi.org • TISPAN security working group chair • judith.rossebo@telenor.com GSC: Standardization Advancing Global Communications

  13. For more information ITU • ITU-T SG 17 www.itu.int/ITU-T/studygroups/com17/index.asp • ITU-D Question 11/1 on Creating a Culture of Cybersecurity www.itu.int/md/Do6-DAP.1.1.1-060307-TD-0030/en • Meeting on WSIS Plan of Action Line C5 ; Building Confidence and Security in the use of ICTs www.itu.int/osg/spu/cybersecurity • Global Cybersecurity Gateway www.itu.int/cybersecurity/index.html GSC: Standardization Advancing Global Communications

  14. BACKUPS GSC: Standardization Advancing Global Communications

  15. Background – ATIS Security • ATIS Technical OPerationS (TOPS) Council Security Focus Group established in 2003 • Security Focus Group (FG) has provided outstanding work with the completion of Work Plan Addendums I & II • Security remains “high-priority” within the industry • Essential to continue to fulfill objectives in Addendums and identify new security concerns for the industry • Inter-Committee Security Review Group (ISRG) established in 2006 GSC: Standardization Advancing Global Communications

  16. ATIS Packet Technologies and Systems Committee (PTSC) • Security treated with a multi-pronged approach: • A suite of U.S. security standards will be developed; and • Every standard produced will have a security section • The PTSC will channel its applied security work into the ITU-T, particularly SG 11 & 13 GSC: Standardization Advancing Global Communications

  17. ATIS Packet Technologies and Systems Committee (PTSC) PTSC Active Issues with a major security component: • S0003 Create a Security Roadmap Standard   • S0005 Create an SS7/BICC Network NNI Interconnection Security Standard   • S0006 Create a VoP/Multimedia Control and Signaling Standard   • S0007 Create a UNI Access and Signaling Security Standard   • S0009 Create a standard defining the NNI for IP-IP Network Interconnection Supporting Multimedia Services • S0023 Vertical Signaling Interface to Communicate QoS and Reliability/Priority Parameters Between the Application Layer and the User Plane in IP Networks • S0024 Session/Border Control Function Definition and Requirements • S0025 NNI Numbering and Routing Capabilities and Procedures • S0026 SIP History-Info • S0027 IP Device (SIP UA) to Network Interface Standard • S0030 Signaling to Support Call Admission Control and Traffic Management PTSC SAC   • S0031 Packet Priority and Priority Call Processing • S0032 Minimum Security Mechanisms for Messaging Applications • S0033 End to End User Authentication and Signaling Security • S0039 Packet Priority and Priority Call Processing - Phase 2 • S0040 IP-NNI for VoIP and Multimedia Services in NGN GSC: Standardization Advancing Global Communications

More Related