130 likes | 255 Views
Global Standards Collaboration (GSC) 14. ATIS Cybersecurity. Art Reilly, Cisco. Highlight of Current Activities (1). ATIS’ Packet Technologies and Systems Committee (PTSC) Completed: UNI and NNI signalling security standards UNI and NNI testing standards
E N D
Global Standards Collaboration (GSC) 14 ATIS Cybersecurity Art Reilly, Cisco
Highlight of Current Activities (1) ATIS’ Packet Technologies and Systems Committee (PTSC) • Completed: • UNI and NNI signalling security standards • UNI and NNI testing standards • Encourages interfaces to support logging, thereby facilitating the creation of incident reports
Highlight of Current Activities (2) • PTSC continues to focus on security-related topics that will ensure robust signalling and communications standards and network implementations that will provide adequate protection and support for multimedia and emergency services in the current cybersecurity environment: • Authentication • Security Mechanisms • Location • Identity Management • Certificate Management • PTSC has also initiated an activity which will define interconnection test suites
Highlight of Current Activities (3) • PTSC’s focus is on specifying security considerations for Layers 1 through 5 for UNIs, NNIs and SNIs • Generation of templates will: • Attempt to limit number of available interconnection options, without compromising the desired flexibility in implementing the services, thereby facilitating interoperability • Facilitate interconnection negotiations • Ensure adequate security will be provided
Highlight of Current Activities (4) ATIS’ Network Performance, Reliability, and QoS Committee (PRQC) • Approved User-Network Interface (UNI) Media Plane Security Standard for Evolving VoIP/Multimedia Networks (ATIS-0100024.2009) • Currently working on Standard for Media Plane Performance Security Impairments Standard for Evolving VoIP/Multimedia Networks (Issue A035) • Document potential QoS degradations associated with security mechanisms • Identify potential security problems associated with QoS mechanisms • Current/Future work: • Development of Standards extending from the work outlined in ATIS-0100014, Information & Communications Security for NGN Converged Services IP Networks and Infrastructure
Highlight of Current Activities (5) ATIS’ Telecom Management and Operations Committee (TMOC) • Recently completed work: • ATIS-0300074.2009, Guidelines and Requirements for Security Management Systems • Includes an ATIS TMOC proforma requirements statement for security aligning with ITU-T M.3410 • TMOC will continue to address: • Management aspects of security, especially concerning NGN Carrier Interconnection arrangements and VoIP Registry Database Provisioning
Strategic Direction • ATIS continues to develop a suite of security standards that well facilitate secure interconnection of: • transport facilities • signalling facilities • services • ATIS is not focusing on: • Security Mechanisms for Messaging Applications • Tracking • ATIS is looking to ITU-T to address the messaging and tracking areas in the short term. If ITU-T does not address this subject, ATIS may reconsider work in this area.
Challenges • SIP security solutions are tailored to be end to end. • SIP/SIPPING/SIMPLE/etc. RFCs have well written security sections that are not fully implemented in vendor products. • Security solutions have an impact on delay and performance. • Availability of ITU-T Recommendations which can be used to facilitate secure transport and service interconnection.
Next Steps/Actions • ATIS will continue on its current path of generating a complete suite of standards that can be used to facilitate interconnection negotiations and result in interconnection scenarios that are secure.
Proposed Resolution • Continued support for GSC-13 Security Related Resolutions: • Resolution GSC-13/4 - Identity Management • Resolution GSC-13/11 - Cybersecurity • Resolution GSC-13/25 - Personally Identifiable Information Protection
Supplemental Slides • PTSC Issues may be found at: http://www.atis.org/0191/issues.asp • PTSC Active Issues which have a security component are: Issue # Title S0033 End to End User Authentication and Signaling Security S0051 ATIS NGN Identity Management Requirements S0052 UNI Terminal Adapter Requirements S0053 UNI Configuration S0055 Security Mechanisms S0058 ATIS NGN Identity Management Framework S0059 ATIS NGN Identity Management Use Cases S0060 ATIS NGN Identity Management Mechanisms S0061 Certificate Management S0063 ATIS ETS Authentication S0065 Enterprise Network Support in NGN S0073 Security Guidelines for DBF Interface S0074 Security Guidelines for Carrier Interconnection (NNI)
Supplemental Slides • PRQC Issues may be found at: http://www.atis.org/0010/issues.asp • PRQC Active Issues which have a security component are: Issue # Title A0010 User Plane Security Requirements in NGNs A0014 Network-Network Interface (NNI) User Plane Security A0019 ETS Authentication in Multiple IP-based Service Domains A0029 Establishment of an ATIS Security Baseline A0035 Impact of Security on QOS Performance in NGNs A0045 Service-specific Security Mechanism Implementation Options