290 likes | 316 Views
Explore the achievements and future directions of ITU-T Study Group 17 (SG17) focusing on telecommunication security, languages, and software aspects. Highlights include security recommendations, language coordination, and collaboration with SDOs.
E N D
ITU-T Study Group 17Security, Languages and Telecommunication Software Herbert Bertine
Contents • Terms of reference • Highlights of achievements • Projects • Future work • Conclusions • Supplemental slides
Terms of Reference • Responsible for studies relating to security, the application of open system communications including networking and directory, and for technical languages, the method for their usage and other issues related to the software aspects of telecommunication systems. • Lead Study Group for: • Telecommunication security • Languages and description techniques
Highlights of achievements (I) • SG 17 successfully transitioned into a core competency center on security averaging 114 participants • SG 17 examined 641 contributions and 2800+ TDs and drew up 88 new or revised Recommendations • 43 Recommendations currently under AAP or TAP • 66 draft new/revised Recommendations currently under development for approval in the next study period • 2 Lead Study Group responsibilities, 3 Focus Groups, 2 JCAs, and 2 Projects were very active • Increased collaboration with SDOs (eg, joint texts)
Highlights of achievements (II) • Lead study group for Telecommunication Security • Close coordination with other SGs and SDOs on security; Security Standards Roadmap developed • Establishment of a Joint Coordination Activity on Identity Management (JCA-IdM) • Lead study group for Languages and Description Techniques • Progress on ITU-T languages driven by Language Coordination entity • Establishment of a Joint Coordination Activity on Conformance and Interoperability Testing (JCA-CIT) • Study Group 17 has managed Focus Groups on • User Requirements Notation (URN) • Security Baseline for Network Operators (SBNO) • Identity Management (IdM)
Security (WP 2) Highlights (I) • Security Architecture and Frameworks • 4 Recs and 1 Supplement on aspects of network security • Cybersecurity • In support WTSA-04 Resolution 50 • Overview of Cybersecurity (X.1205) • X.1206 (spyware) and X.1207 (dissemination of updates) • Extended and adopted OASIS CAP for emergency services • Identity Management (IdM) • Leveraging significant deliverables from FG-IdM • 2 Recs (X.1250, X.1251) in TAP, many under development • Intense work program; many collaborations; difficult • Countering Spam • In support WTSA-04 Resolution 52 • 3 Recs approved, 1 in TAP, 4 under development
Security (WP 2) Highlights (II) • Information Security Management • Guidelines for telecommunications organizations (X.1051) with JTC1/SC27 (part of ISO/IEC 27000-series on ISMS) • Incident Management and Risk Management Guidelines • Secure applications and services • Security for home network, mobile communications, peer-to-peer communications, web services, IPTV, NID, … • Markup languages SAML and XACML with OASIS • Telebiometrics • Interworking protocol, authentication protocol, digital key framework, data security, safety aspects with ISO & IEC • Communications systems security • In support WTSA-04 Resolution 50 • Security baseline for network operators (from FG-SBNO) • Security project (see separate slide)
Language (WP 3) Highlights • ASN.1 and OIDs • New edition of ASN.1 (X.680/690-series) with JTC1/SC6 • New edition of Registration Authorities for OIDs (X.660/X.670-series) with JTC1/SC6 • ASN.1 and OID project (see separate slide) • SDL, MSC, URN, UML • Deliverable from FG-URN basis for Z.151 on URN • Z.100, Z.109 on SDL, Z.111 on notations, Z.119 on UML, Z.120 Appendix on Application of MSC • SDL update planned for 2009 • Updated Z.110 on FDTs and Z.140 on quality of Recs • Open Distributed Processing (ODP) • New X.906 and revised X.911 with JTC1/SC7 • Testing languages and methodologies • New edition of TTCN (Z.160/170-series) with ETSI • Two Supplements on interoperability testing
Open Systems (WP 1) Highlights • End-to-end Multicast with QoS • Relayed multicast and multicast transport with JTC1/SC6 • Directory • New edition of X.500-series Directory Recommendations including widely implemented X.509 with JTC1/SC6 • E.115 was kept up-to-date to serve the increasing requirements for directory assistance service providers • OSI • Implementers’ Guide issued • Internationalized Domain Names (IDN) • In support WTSA-04 Resolution 48 • Questionnaire issued and responses analyzed • Webpage on IDN created and maintained
Security Project(Major focus is on coordination and outreach) • Security coordination • Within SG 17, with ITU-T SGs, with ITU-D and externally • Kept TSAG, IGF, ISO/IEC/ITU-T SAG-S informed on security efforts • Made presentations to workshops/seminars and to GSC • Maintained reference information on the LSG on security webpage • Security Compendium • Includes catalogs of approved security-related Recommendations and security definitions extracted from approved Recommendations • Security Standards Roadmap • Includes searchable database of approved ICT security standards from ITU-T and others (e.g., ISO/IEC, IETF, ETSI, IEEE, ATIS) • ITU-T Security manual– assisted in its development • Survey of developing countries ICT security needs • The overall level of concern about cyber security is high • There is a high level of interest in the possibility of obtaining advice and/or assistance on ICT security from the ITU • The ITU needs to do a better in promoting its ICT security products
ASN.1 and OID Project • ASN.1 (Abstract Syntax Notation One) • A formal notation that is widely used for describing (binary or XML-encoded) data transmitted by telecommunications protocols • Project provides speakers and tutorial material to assist users of ASN.1 within and outside of the ITU • Project maintains a freely accessible database of error-free, compilable ASN.1 modules contained in ITU-T Recommendations and some additional modules from ISO/IEC and IETF to facilitate accurate implementation of protocols • Database: http://www.itu.int/ITU-T/asn1/database (>650 modules) • Object identifiers (OIDs) and associated registration • Many standards define objects for which unambiguous identification is required (e.g., PKI, network management, directories, …); the OID tree is a hierarchical naming structure for these objects that is managed in a decentralized way • Recently extended to include identifiers in any natural language • Project helps people and organizations to set up a Registration Authority for their OIDs (>25 Member States have been helped) • OID Repository: http://www.oid-info.com (gathers >93000 OIDs)
Future Work (I) • Improving security and trust in networks is a top imperative for the ITU-T • It is essential to a have a SG focused on security with a substantial and critical work program that will attract technical security experts needed to advance the work • Need the right balance between centralized and distributed work on security with effective coordination • Strengthened relationships and coordinated actions are needed on cybersecurity with ITU-D and Secretary General • Excellent collaboration with other bodies on security has been established (e.g., ISO/IEC JTC 1, OASIS, Liberty Alliance, ...) and needs to be strengthened and broadened • Improved awareness is needed of SG 17 security material and tools (highlighted by security Questionnaire responses) • SG 17 would benefit by increased participation from under-represented regions
Future Work (II) • SG 17 proposed 16 Questions for the next study period, including 1 new on service oriented architecture security • Associated with this work should be lead study group responsibilities for Security, Identity management, and Languages and description techniques • 66 draft Recommendations are already under preparation for approval in the next study period • All SG 17 leaders (except for IDN) are continuing their responsibilities uninterrupted during the interregnum period • Security and ASN.1 & OID Projects as well as JCA-IdM and JCA-CIT need to continue given their important contributions • Breakthrough is needed for the essential security work on Identity, Identity management and Personally identifiable information • Restructuring of WPs is essential to achieve stronger integration of ASN.1, OID and Directory with core security
Conclusion • Participation to SG 17 has increased during the study period to maintain well above 100 participants • SG 17 has successfully transitioned this study period to security as its main focus with a core set of security experts • Within security work, has significantly build-up participation and energy in Identity Management • SG 17 has build strong relations with other key bodies working on security and initiated numerous collaborative efforts • SG 17 has promoted and disseminated ITU-T security work (e.g., workshops, security roadmap); its achievements are well recognized
Supplemental Slides • Management team • Structure • Leadership for other groups (JCAs and FGs) • Statistics • Workshops (with SG 17 leadership / participation) • Acknowledgements
Study Group Structure • WP 1/17, Open Systems Technology Multicast communications, directories, internationalized domain names and maintenance of OSI Recommendations • WP 2/17, Telecommunication Security ITU-T security project, development of the generic security-related Recommendations including Identity Management (IdM) in support of ITU-T’s work • WP 3/17, Languages and Telecommunication software ASN.1 and OID project, development of ITU-T formal languages, support of ITU-T activities on conformance and interoperablity testing (CIT) • Joint coordination activities (JCA-IdM, JCA-CIT) • Focus groups (FG URN, FG SBNO, FG IdM)* * all terminated
Leadership for SG 17-related other groups (I) • JCA-IdM • Co-Conveners: Richard BRACKNEY, Chae-Sub LEE, Olivier DUBUISSON • Represented: TSAG, SGs 2, 3, 4, 5, 6, 9, 11, 12, 13, 15, 16, 17, 19, ATIS, FIDIS, GSMA, ISO/IEC JTC1/SC6, ISO/IEC JTC1/SC27/WG5, ISO/IEC JTC1/SC17, Liberty Alliance, OECD, Eclipse (Higgins Project), Concordia • JCA-CIT • Convener: Ostap MONKEWICH • Represented: SGs 4, 11, 13, 16, 17, 19
Leadership for SG 17-related other groups (II) • FG URN (Established 11 2000; Terminated 04 2005) • Chairman: Daniel AMYOT • FG SBNO (Established 10 2005; Terminated 09 2007) • Chairman: Arkadiy KREMER • Vice-Chairman: Luis Sousa CARDOSO • FG IdM (Established 12 2006; Terminated 09 2007) • Chairman: Abbie BARBIR • Vice-Chairman: Antony NADALIN, Richard BRACKNEY
Focus Group URN - Key Facts • Focus Group URN established: 11 2000 • Work electronically emailwikiworkshops • Members: Practitioners Researchers User communities • Deliverables: 5 • Language requirements and framework Z.150 • Language definition Z.151 • Use case map notation draft • Methodological approach draft • UML profile for URN draft • Terminated: 04 2005 • Work continues within: Question 12/17
Focus Group SBNO - Key Facts • FG SBNO established: 10 2005 • Meetings: Associated to regional events • Members: Network operators, Administrations, ICT companies, Academia • Deliverables: 2 • Survey on security baseline fornetwork operators2006-2007 • Proposed draft Recommendation X.sbnoX.Sup2 (09 2007) • Terminated: 09 2007 • Work continues within: Question 4/17
Focus Group IdM - Key Facts • FG IdM established: 12 2006 • Meetings: 5 • face-to-faceevery 1,5 month • Electronic email, wiki • Members: ITU-T and other SDO members, ICT experts • Deliverables: 6 reports on • Activities completed and proposed • Deliverables • Identity management ecosystem and lexicon • Identity management use cases and gap analysis • Requirements for global interoperable identity management • Identity management framework for global interoperability • Terminated: 09 2007 • Work continues within: IdM-GSI
Statistics (I) • 45 rapporteur group meetings held (stand-alone, during GSI events or collaborative with ISO/IEC JTC 1/SC 6, 7, 27 or 37) • 641 contributions received (excluding Rapporteur meetings) • 7 SG meetings held • 5 WP 1, 2, 3 meetings held • 2 IdM-GSI events held (rapporteur groups) • Min/Max/Average SG participants: 88/141/114
Statistics (II) • 88New/Revised Recommendations approved, plus 43 Recommendations determined or consented • 66 draft new/revised Recommendations currently under development for approval in the next study period • 15 Questions assigned by WTSA-04 • 2 New Questions added during study period • 16 Questions proposed for next period
Workshops (I) • Advancing public-private partnerships for e-business standardsGeneva, Switzerland, 18 – 19 September 2008 • Joint ITU-T and SDL Forum Society workshop on "ITU System Design Languages"Geneva, Switzerland, 15 – 16 September 2008 • Regional Workshop on Frameworks for Cybersecurity and Critical Information Infrastructure ProtectionBuenos Aires, Argentina, 16-18 October 2007 • WSC - Workshop on Transit SecurityGaithersburg, USA, 4-5 October 2007 • Joint ITU-T SG 17, ISO/IEC JTC 1/SC 27/WG 5 and FIDIS Workshop on Identity Management StandardsLucerne, Switzerland, 30 September 2007 • ITU Workshop on Frameworks for National Action: Cybersecurity and Critical Information Infrastructure ProtectionGeneva, 17 September 2007 • Regional Workshop on Frameworks for Cybersecurity and Critical Information Infrastructure ProtectionHanoi, Vietnam, 28-31 August 2007 • Second Informal Workshop on Conformance and Interoperability TestingGeneva, 08 December 2006
Workshops (II) • ITU-T Workshop on Digital Identity for NGNGeneva, 05 December 2006 • Telecommunication Standardization WorkshopMaputo, Mozambique 25-27 October 2006 • Joint ITU-T/ OASIS Workshop and Demonstration of Advances in ICT Standards for Public WarningGeneva, 19-20 October 2006 • SAM 06Kaiserslautern, Germany, 31 May - 02 June 2006 • ITU and UNESCO Global Symposium on Promoting the Multilingual InternetGeneva, 9-11 May 2006 • Informal Workshop on Conformance and Interoperability TestingGeneva, 25 January 2006 • Workshop on “New Horizons for Security Standardization”Geneva, 3 - 4 October 2005 • SDL'05 Forum20-23 June, 2005, Grimstad, Norway • ITU-T Workshop on NGN in collaboration with IETFITU Headquarters, Geneva, 1 - 2 May 2005 • Cybersecurity Symposium IIMoscow, Russian Federation, 29 March 2005
Acknowledgements • Delegates with their many contributions • Editors in drafting texts for Recommendations • Rapporteurs in leading work efforts • Liaison officers in coordinating efforts with other bodies • Project leaders, Focus Group leaders, JCA leaders • Management team including Working Party chairmen • TSB support – Counsellors, Assistants and other staff Great thanks are due to the many people who have contributed to the enormous success of SG 17 during this study period: Best wishes to all for the next study period
Thank you! • Herbert Bertine is chairman of ITU-T Study Group 17. He has been actively involved in the standards work of the ITU since 1975 and has held senior leadership positions since 1980. He has devoted extensive efforts in facilitating cooperation with SDOs. He represents the ITU-T in ISO/IEC/ITU-T SAG on security and is the ITU-T liaison officer to ISO/IEC JTC 1. • Herb also has been active in other arenas dealing with ICT standards including ISO/IEC JTC 1/SC 6 and ANSI. He was instrumental in developing the collaborative procedures between ITU-T and JTC 1 (reflected in Rec. A.23) and in establishing the cooperative procedures with the IETF. • Herb retired in November 2007. He was Director, Standards at Lucent Technologies where he led Lucent’s standards efforts worldwide. He joined Bell Laboratories in June 1965 and spent his career in communication technologies. This included systems engineering work on modems, digital data systems, X.25 packet networks, open systems, and advanced communication systems. Since 1982, he had various responsibilities for corporate-wide standards management. • In October 2006, Herb was awarded the American National Standards Institute (ANSI) Edward Lohse Information Technology Medal for outstanding technical and managerial leadership in establishing international information technology and telecommunications standards and the methods by which they are produced. • Herb has a Bachelor of Electrical Engineering degree and a Master of Electrical Engineering degree from Rensselaer Polytechnic Institute. He is a member Eta Kappa Nu (EE Honor Society) and Tau Beta Pi (Engineering Honor Society) and of the Institute of Electrical and Electronic Engineers (IEEE).