Sep22-summary
|
Page Content
Executive Summary Meeting of ITU-T SG17 'Security', Geneva, 23 August - 2 September 2022 Hot topics - Intelligent transport system security
- Revised TTCN-3 standards
- 5G security
- Cloud security
- DLT based security services
- IoT security
1 Meeting Output (meeting statistics see Annex E below)- Output standards (29, see Annex A):
- TAP approval (3): Details are in Annex A a).
- TAP determined (11): 11 new Recommendations. Details are in Annex A b).
- AAP consented (13): 12 revised and one new Recommendations for AAP Last Call. Details are in Annex A c).
- Agreed (2): 2 new Supplements. Details are in Annex A d).
- New work items (9, see Annex C).
- Work item discontinued (0).
- ITU Workshop on "Security for 5G and beyond" was held successfully on 22 August 2022
- New national OID registration authority for Kenya: {joint-iso-itu-t(2) country(16) ke(404)}
- A.5 qualification of SIA (Secure Identity Alliance)
- 4 SG17 specific TD templates (Q meeting agenda; Q, WP and CG meeting reports)
- Replacement of SG17 Vice-Chair from Argentina
- SG17 subgroups
- JCAs:
- JCA-COP: terminated
- JCA-IdM: continued with revised ToR, and held its 30th meeting on Friday 26 August 2022
- Correspondence Groups
- CG-SG17-wtsa24-prep: new (ToR in TD567)
- CG-secapa (Correspondence Group on Security Capability and Architecture): continued with revised ToR
- CG-SG17-meeting (Correspondence Group on effective SG17 meeting): terminated
- Advisory group on X.509: new (ToR in TD639)
2 Next SG17 meetings
2.1 3rd SG17 meeting: Geneva, Tuesday 21 February - Friday 3 March 2023 (9 working days, physical meeting with remote participation)- Joint ITU-T SG17/ISO TC 307 workshop on "DLT security, identity management and privacy", Monday 20 February 2023, 09:30-17:30
- Open and extended management team meeting on Monday 20 February 2023, 19:00-21:00.
- 31st JCA-IdM meeting on Friday 24 February 2023, 14:30-16:00
- 25 Candidate texts for action, details see Annex B.
2.2 4th SG17 meeting: Korea, exact dates and venue to be decided by Dec 2022
2.3 Interim RGMs 8 Questions plan to hold the following 9 RGMs before next SG17 meeting: #
| Q | Date | Place/Host | Subject/objective | 1. | 2/17 | 8 Dec 2022 | e-meeting | - prepare texts for action in next SG17 meeting: X.5Gsec-message.
- review all work items and identify future topics for Q2/17.
| 2. | 3/17 | 20 Sept 2022 | e-meeting | | 3. | 3/17 | 3rd week Nov 2022 | e-meeting | | 4. | 4/17 | 19 Jan 2023 | e-meeting | | 5. | 8/17 | 13-14 Jan, 2023 | e-meeting | - progress Q8 work items that are planned for approval or determination in the next SG17 meeting
| 6. | 10/17 | Nov 2022 | e-meeting | - progress all the work of Q10/17
| 7. | 11/17 | 12-13 Dec 2022 | Luxembourg | - Progression of X.pki-em (Public-key infrastructure: Establishment and maintenance)
- Progression of X.510 (Information technology – Open Systems Interconnection – The Directory: Protocol specifications for secure operations)
| 8. | 13/17 | 24-25 Nov 2022 | e-meeting | - address all work items and future topic.
| 9. | 15/177 | Nov 2022 | Singapore | - progress all the work of Q15/17
|
Annex A Actions taken on Recommendations, and other texts at SG17 closing plenary on 2 September 2022a) TAP Recommendations approved (WTSA-20 Resolution 1)# | Q | Acronym | Title | New / Revised | Editor(s) | Location of text | Equivalent e.g., ISO/IEC | Start of work | Timing | 1. | 2/17 | X.1813 (X.5G-vs) | Security and monitoring requirements for operation of vertical services supporting ultra-reliable and low latency communication (URLLC) in IMT-2020 private network | New
| Jae Eon Oh, Seongki Shin, Heung Youl Youm | TD554 | | 2020-09 | 2022-05 | 2. | 2/17 | X.1814 (X.5Gsec-guide) | Security guidelines for IMT-2020 communication system | New | Mee Yeon Kim, Keundug Park, Heung Youl Youm | TD351 | | 2019-01 | 2022-05 | 3. | 6/17 | X.1352 (X.iotsec-4) | Security requirements for IoT device and gateway | New | Jiho Bang, Wonsuk Chung, Sanggeol Lee, Hosoek Ryu | TD549 | | 2018-09 | 2022-05 |
b) TAP Recommendations determined (WTSA-20 Resolution 1)# | Q | Acronym | Title | New / Revised | Editor(s) | Location of Text | Equivalent e.g., ISO/IEC | Start of work | Timing | 1 | 2/17 | X.1815 (X.5Gsec-ecs) | Security guidelines and requirements for IMT-2020 edge computing services | New | Feng Gao, Jae Hoon Nah, Junjie Xia, Bo Yu, Xiaojun zhuang
| TD578 A.5 in TD605 | | 2019-01 | 2022-09 | 2 | 2/17 | X.1816 (X.5Gsec-ssl) | Guidelines and requirements for classifying security capabilities in IMT-2020 network slice | New | Ke Wang, Li Su, Bo Yang, Zhiyuan Hu
| TD555 A.5 in TD552
| | 2020-09 | 2022-09 | 3 | 6/17 | X.1353 (X.ztd-iot) | Security methodology for zero-touch deployment in massive IoT based on blockchain | New | Xin Kang, Haiguang Wang, Weidong Wang | TD584
|
| 2020-09 | 2022-09 | 4 | 7/17 | X.1454 (X.sles) | Security measures for location enabled smart office service | New | Hao Dong, Feng Gao, Jae Hoon Nah, Junjie Xia | TD576 | | 2019-09 | 2022-09 | 5 | 8/17, (14/17) | X.1411 (X.BaaS-sec) | Guidelines on blockchain as a service (BaaS) security | New | Nan Meng, Kyeong Hee Oh, Zixiang Wang, Xuan Zha | TD622
| | 2019-09 | 2022-09 | 6 | 8/17 | X.1644 (X.sgdc) | Security guidelines for distributed cloud | New | Ye Tao, Lei Xu, Mark McFadden, Laifu Wang
| TD618 | | 2019-01 | 2022-09 | 7 | 13/17 | X.1380 (X.edr-sec) | Security guidelines for cloud-based data recorders in automotive environments | New | Sang-Woo Lee, Seungwook Park | TD596 | | 2018-03 | 2022-09 | 8 | 13/17 | X.1381 (X.eivn-sec) | Security guidelines for Ethernet-based In-Vehicle networks | New | Sang-Woo Lee, You-Sik Lee | TD613 | | 2018-09 | 2022-09 | 9 | 13/17 | X.1382 (X.fstiscv) | Guidelines for sharing security threat information on connected vehicles | New | Min Shu, Wenlei Wang, Yunwei Zhao, Xiaochun Yun
| TD614 A.5 TD510 | | 2018-09 | 2022-09 | 10 | 13/17 | X.1383 (X.srcd) | Security requirements for categorized data in vehicle-to-everything (V2X) communication | New | Yaping Sun, Huirong Tian, Nan Meng, Takamasa Isohara
| TD603
| | 2018-09 | 2022-09 | 11 | 14/17 | X.1410 (X.sa-dsm) | Security architecture for data-sharing management based on the distributed ledger technology | New | Feng Gao, Zhiyuan Hu, Min Shu, Yunwei Zhao
| TD553
| | | 2022-09 |
c) AAP Recommendations consented (Recommendation ITU-T A.8)# | Q(1) | Acronym | Title | New / Revised | Editor(s) | Location of Text | Equivalent e.g., ISO/IEC | Start of work | Timing | 1 | 11/17 | Z.161 | Testing and Test Control Notation version 3: TTCN-3 core language | Rev
| Dieter Hogrefe
| TD515 A.5 in TD516
| ETSI ES 201 873-1 | 2022-09 | 2022-09
| 2 | 11/17 | Z.161.1 | Testing and Test Control Notation version 3: TTCN-3 language extensions: Support of interfaces with continuous signals | Rev
| Dieter Hogrefe
| TD515 A.5 in TD516
| ETSI ES 202 786
| 2022-09
| 2022-09
| 3 | 11/17 | Z.161.2 | Testing and Test Control Notation version 3: TTCN-3 language extensions: Configuration and deployment support | Rev
| Dieter Hogrefe
| TD515 A.5 in TD516
| ETSI ES 202 781 | 2022-09
| 2022-09
| 4 | 11/17 | Z.161.3 | Testing and Test Control Notation version 3: TTCN-3 language extensions: Advanced parameterization | Rev
| Dieter Hogrefe
| TD515 A.5 in TD516
| ETSI ES 202 784 | 2022-09
| 2022-09
| 5 | 11/17 | Z.161.4 | Testing and Test Control Notation version 3: TTCN-3 language extensions: Behaviour types | Rev
| Dieter Hogrefe
| TD515 A.5 in TD516
| ETSI ES 202 785 | 2022-09
| 2022-09
| 6 | 11/17 | Z.161.5 | Testing and Test Control Notation version 3: TTCN-3 language extensions: Performance and real time testing | Rev
| Dieter Hogrefe
| TD515 A.5 in TD516
| ETSI ES 202 782 | 2022-09
| 2022-09
| 7 | 11/17 | Z.161.6 | Testing and Test Control Notation version 3: TTCN-3 language extensions: Advanced Matching | Rev
| Dieter Hogrefe
| TD515 A.5 in TD516
| ETSI ES 203 202 | 2022-09
| 2022-09
| 8 | 11/17 | Z.161.7 | Testing and Test Control Notation version 3: TTCN-3 Language Extensions: Object-Oriented Features | Rev
| Dieter Hogrefe
| TD515 A.5 in TD516
| ETSI ES 230 790 | 2022-09
| 2022-09
| 9 | 11/17 | Z.165 | Testing and Test Control Notation version 3: TTCN-3 runtime interface (TRI) | Rev
| Dieter Hogrefe
| TD515 A.5 in TD516
| ETSI ES 201 873-5 | 2022-09
| 2022-09
| 10 | 11/17 | Z.165.1 | Testing and Test Control Notation version 3: TTCN-3 extension package: Extended TRI | Rev
| Dieter Hogrefe
| TD515 A.5 in TD516
| ETSI ES 202 789 | 2022-09
| 2022-09
| 11 | 11/17 | Z.166 | Testing and Test Control Notation version 3: TTCN-3 control interface (TCI) | Rev
| Dieter Hogrefe
| TD515 A.5 in TD516
| ETSI ES 201 873-6 | 2022-09
| 2022-09
| 12 | 11/17 | Z.167 | Testing and Test Control Notation version 3: Using ASN.1 with TTCN-3 | Rev
| Dieter Hogrefe
| TD515 A.5 in TD516
| ETSI ES 201 873-7 | 2022-09
| 2022-09
| 13 | 13/17 | X.1377 (X.ipscv) | Guidelines for an intrusion prevention system for connected vehicles | New | Seonghoon Jeong, HuyKang Kim, Sang-Woo Lee, Seungwook Park
| TD593 | | 2019-09
| 2022-09 |
d) Non-normative texts (Technical Report, Supplement, Implementers' Guide, etc) agreed# | Q | Acronym | Title | New / Revised | Editor(s) | Location of text | Equivalent e.g., ISO/IEC | Start of work | Timing | 1. | 4/17 | X.Suppl.37 (X.sup.cs-ML) | Supplement to X.1231: Countering spam based on machine learning | New | Wei Liu, Ye Tao
| TD563 | | 2019-09 | 2022-09 | 2. | 7/17 | X.Suppl.38 (X.Sup.cta) | Supplement to X.1152: Use cases for contact tracing applications to prevent spread of infectious diseases | New | Mee Yeon Kim, Sungchae Park, Heung Youl Youm
| TD642 | | 2020-09
| 2022-09
|
Annex B Recommendations planned for action in SG17 Feb/Mar 2023 meetinga) TAP Recommendations planned for TAP approval (WTSA-20 Resolution 1) 11 determined texts as shown in b) of Annex A. b) TAP Recommendations planned for TAP determination (WTSA-20 Resolution 1)# | Q(1) | Acronym | Title | New / Revised | Editor(s) | Location of Text | Equivalent e.g., ISO/IEC | Start of work | Timing | 1. | 2/17 | X.5Gsec-message | Security requirements for 5G message service | New | Hang Dong, Le Yu, Hongyang Zhang
| TD607 |
| 2021-04 | 2023-03 | 2. | 4/17 | X.stie | Structured Threat Information Expression | New | Michael Rosa, Duncan Sparrell
| TD546 | OASIS STIX Version 2.1 | 2022-09 | 2023-03 | 3. | 4/17 | X.taeii | Trusted Automated Exchange of Intelligence Informa | New | Michael Rosa, Duncan Sparrell
| TD546 | OASIS TAXII Version 2.1 | 2022-09 | 2023-03 | 4. | 6/17 | X.sc-iot | Security Controls for Internet of Things (IoT) system | New | Liu Lijun, Koji Nakao
| TD616 | | 2018-09 | 2023-03 | 5. | 7/17 | X.rdda | Requirements for data de-identification assurance | New | Feng Gao, I Seok Kang, Soonseok Kim, Jihun Kim, Byunghoon Lee, Hyungjin Lim, Yunsik Park, Heung Youl Youm
| TD659 | | 2019-01 | 2023-03 | 6. | 8/17 | X.nssa-cc | Requirements of network security situational awareness platform for cloud computing
| New | Maofei Chen, Huamin Jin, Zhaoji Lin, Laifu Wang, Yi Zhang
| TD595 | | 2019-09 | 2023-03 |
Notes: (1) In case of joint Question activity, the lead Question is given without parentheses and other Questions are shown in parentheses; such entries are only shown in the table against the lead Question. c) AAP Recommendations planned for AAP consent (Recommendation ITU-T A.8)# | Q(1) | Acronym | Title | New / Revised | Editor(s) | Location of Text | Equivalent e.g., ISO/IEC | Start of work | Timing | 1. | 3/17 | X.1051-rev2 | Information security, cybersecurity and privacy protection - Information security controls based on ISO/IEC 27002 for telecommunications organizations | Rev | Hang Dong, Jinghua Min, Thaib Mustafa | TD544 | ISO/IEC 27011 | 2020-03 | 2023-03 | 2. | 4/17 | X.arc-ev | Functional requirements for a secured process to evaluate technical vulnerabilities | New | Wei Li, Shan Xue, Chen Zhang | TD571 | | 2019-08 | 2023-03 | 3. | 7/17 | X.websec-7 | Reference monitor for online analytics services | New | Hyungjin Lim, Jah Hoon Nah, Jongyoul Park, Junjie Xia
| TD573 | | 2014-09 | 2023-03 | 4. | 11/17 | X.pki-em | Public-key infrastructure: Establishment and maintenance | New | Erik Andersen | TD671 | | 2012-08 | 2023-03 | 5. | 11/17 | X.510 Amd.1 | Information technology – Open Systems Interconnection – The Directory: Protocol specifications for secure operations | New | Erik Andersen | TD670 | | 2020-08 | 2023-03 | 6. | 14/17 | X.srscm-dlt | Security Requirements for Smart Contract Management based on distributed ledger technology | New | Tietao Guo, Li Li, Kyeong Hee Oh, Min Shu, Yang Wu | TD558 | | 2020-09 | 2023-03 |
d) Non-normative texts (Technical Report, Supplement, Implementers' Guide, etc) planned for agreement # | Q | Acronym | Title | New / Revised | Editor(s) | Location of text | Start of work | Timing | 1. | 3/17 | X.sup-cdc | Supplement to X.1060: X.1060 Tutorial material | Rev | Shigenori Takei, Hiroshi Takechi | TD653 | 2022-09 | 2023-03 | 2. | 6/17 | TR.ibc-cd | Technical report: Guideline for identity-based cryptosystems used for cross-domain secure communications | New | Fuwen Liu, Li Su, Junzhi Yan, Bo Yang | TD583 | 2021-04 | 2023-03 |
Annex C New work itemsThe following new work items were agreed to be added to the SG17 Work Programme: # | Question | NWI | Approval | TD | Title | C | 1. | 2/17 | X.5Gsec-ctrl | TAP | TD577
| Security controls for operation and maintenance of 5G network systems
| C176 | 2. | 3/17 | X.sup-cdc | Agreement | TD653 | Supplement to X.1060: X.1060 Tutorial material | -
| 3. | 4/17 | X.stie
| TAP
| TD546 | OASIS STIX Version 2.1 | TD546 | 4. | 4/17 | X.taeii
| TAP | TD546 | OASIS TAXII Version 2.1 | TD546 | 5. | 8/17 | X.sg-scmr | AAP | TD620
| Security guidelines for selecting computing methods and resources from Cloud Service Providers | C192 | 6. | 11/17 | XSTR.x509ac4sc | Agreement | TD638 | Technical Report: A use case of X.509 Attribute Certificate for Supply Chain | C172 | 7. | 13/17 | X.sup.cv2x-sec | Agreement | TD570 | Supplement to X.1813: Security deployment models and requirements for the operation of C-V2X services supporting ultra-reliable and low latency communication (URLLC) | C131 | 8. | 13/17 | X.evpnc-sec | TAP | TD590 | Security guidelines for electric vehicle plug and charge (PnC) service using vehicle identity (VID) | C152 | 9. | 15/17 | X.sec_QKDNi | AAP | TD588
| Security requirements for Quantum Key Distribution Network interworking (QKDNi) | C126 |
Annex D Work items discontinued
Annex E SG17 meeting Statistics · Participants (TD333R1) | participants | countries | Member States | Sector Members | SG17 Associates | Academia | Invited Experts | Announced | 292 | 52 | | | | | | Final | 282 | 45 | 39 | 30 | 1 | 4 | 7 |
· Meeting input and organizationTable of SG17 statistics of this and some past meetings | 2022-09 | 2022-05* | 2021-09* | 2021-04* | 2020-09* | 2020-03* | 2019-09 | 2019-01 | 2018-09 | 2018-03 | 2017-09 | 2017-03 | 2016-09 | 2016-03 | 2015-09 | 2015-04 | C | 104 | 101 | 98 | 104 | 110 | 121 | 151 | 118 | 144 | 113 | 106 | 78 | 81 | 66 | 74 | 80 | LS/i | 55 | 72 | 46 | 57 | 58 | 49 | 67 | 58 | 47 | 40 | 45 | 43 | 38 | 47 | 56 | 60 | LS/o | 20 | 20 | 26 | 17 | 28 | 29 | 40 | 39 | 37 | 38 | 46 | 38 | 23 | 32 | 42 | 42 | TD | 344 | 331 | 336 | 307 | 434 | 438 | 508 | 380 | 420 | 395 | 426 | 368 | 391 | 418 | 371 | 386 |
Note * - fully virtual meeting · Contributions: 104 – stable, DDP: 98%. - APT 94 (90%) [China 42.5 + Korea 38.5 + Japan 10 + India 2 + Singapore 1]
- Americas 7 (7%) [US 4]
- AFR 2 (2%) [Comoros, Mali & Senegal]
- EUR 1 (1%) [Denmark 1]
- RCC (0), ARAB (0), LAM (0)
- incoming 55 - stable
- Outgoing 20 - stable
· TDs: 344 - stable
|
|
|
|
|