70 likes | 87 Views
Security activities in ETSI. Presenter: Mike Sharpe, ETSI VP ESP (ETSI Standardization Projects). Security activities (1). Next Generation Networks (NGN) To comply with regulation (including privacy, LI, DR) To protect the core and its services (e.g. IPTV, IMS (with 3GPP))
E N D
Security activities in ETSI Presenter: Mike Sharpe, ETSI VP ESP (ETSI Standardization Projects)
Security activities (1) • Next Generation Networks (NGN) • To comply with regulation (including privacy, LI, DR) • To protect the core and its services (e.g. IPTV, IMS (with 3GPP)) • To protect access technologies (e.g. for RFID, IoT) • GSM/UMTS • IMEI (International Mobile Equipment Identity) against theft • FIGS (Fraud Information Gathering System) against fraud • Priority access - Location services • 3GPP • Evolved Packet Core / Long Term Evolution (EPC/LTE) • Common IP Multimedia Subsystem (IMS) • Femtocell
Security activities (2) • TETRA (Trunked Radio) • Mobile radio communications for specialist users (e.g. Public safety services (bluelight services)) • Featureset combining Mutual Authentication, Encryption, Anonymity for any terminal service • Lawful Interception and Data Retention • Delivery of intercepted and retained data: • to support criminal investigation, counter terrorism • Supported by “how to intercept”, “how to retain” activity in NGN [see also under GTSC9 Cybersecurity presentation] • Electronic Signatures • Digital accounting, Registered EMail (REM) • Electronic signatures in PDF documents • Extended Validation Certificates
Security activities (3) • Algorithms • Security algorithms for GSM, GPRS, EDGE, UMTS, TETRA, DECT, 3GPP … • Confidentiality and integrity algorithms (UMTS, LTE) • ZUC (ZuChongzhi) algorithm for LTE • RFID • RFID Security and Privacy by design • RFID as gateway for the future “Internet of Things” (IoT) • Intelligent Transport Systems • Collaboration of vehicles to improve safety, economy • Work in areas of privacy and integrity • Smart Cards • Work extended with USIM Card and UICC Platform • Global roaming, Secure financial transactions, M2M communications
Security activities (4) • Quantum Key Distribution (QKD) • Quantum Cryptography environment for ICT networks • Security assurance requirements • Emergency Communications/Public Safety • GSM onboard aircraft • GSM eCalls • GSM Direct Mode Operations (DMO)
Future Challenges • Open issues • Privacy / Identity Management, Cyber security, Metrics,… • Critical importance for human society! • Role of security standardization within the global picture • Critical importance for security organisations • Technical, operational and human interoperability (across borders) • Innovation to foster interoperability of security solutions
ETSI Security Workshop • Yearly event hosted at ETSI HQ Next: 7th Workshop: 18-19 January 2012 www.etsi.org/securityworkshop ETSI Security White Paper • 3rd Edition (December 2009) available at: • www.etsi.org/securitywhitepaper • 4th Edition to be published end 2011