>> Study Group 13 : Next Generation Networks
Question 15/13 - NGN security
- Motivation
While the public switched telephone networks (PSTNs) that use circuit based technology are relatively secure, security threats on the evolving telecommunications infrastructure are on
the increase – both in frequency and in complexity. Efforts over the years to secure packet infrastructures have been
somewhat fragmented and event-driven and so far have failed to produce the desired level of protection against threats.
This issue is complicated by the large number of organizations working on various aspects of security, making coordination
and cooperation difficult and challenging.
Recognizing that security is one of the defining features of NGN, it is essential to put in place a set of standards
that will guarantee, to the maximum degree possible, the security of the telecommunications infrastructure as PSTNs
evolve to NGNs.
In addition, as NGNs evolve and new security vulnerabilities appear, for which there is no known immediate automatic
remedy, such vulnerabilities must be properly documented so as to enable the network administrators and end users to
mitigate them. The NGN Security studies must address and develop network architectures that:
- Provide for maximal network and end-user resource protection
- Allow for highly-distributed intelligence end-to-end
- Allow for co-existence of multiple networking technologies
- Provide for end-to-end security mechanisms
- Provide for security solutions that apply over multiple administrative domains
The complexity of the issue necessitates a systematic study of general security mechanisms and
applications developed in ITU-T SG 17, the lead study group on security, ISO/IEC JTC 1 SC 27, 3G Partnerships,
IETF, and other applicable SDOs as well as interface and protocol specific mechanisms developed in the
relevant ITU-T Study Groups and the IETF working groups. To this end, the ITU-T Recommendation X.805 provides the framework for network security studies in ITU-T, and this Recommendation must be systematically applied to the NGN work.
- Question
Study items to be considered include, but are not limited to:
- What new Recommendations, enhancements to existing Recommendations or guidance to other Study Groups are needed
to standardize identification and cataloguing NGN threats and vulnerabilities?
- What are the security requirements of NGNs to effectively counter these threats? Which of these requirements
should be included in all NGNs and which could be offered as an optional service?
- What new Recommendations or guidance are necessary to enable comprehensive, end-to-end security in NGNs that span
across multiple heterogeneous administrative domains?
- What new Recommendations or guidance are necessary to enable attachment of terminals in a secure fashion, including Authentication, Authorization, and Accounting (AAA) considerations, to
NGNs?
- Tasks
Tasks include, but are not limited to:
- Lead the NGN-specific security project-level issues within SG 13 and with other Study Groups. Recognizing
SG 17’s overall role as the Lead Study Group for Telecommunication Security, advise and assist SG 17 on NGN security
coordination issues.
- Determine how to apply Recommendation X.805 Security architecture for systems providing endto
end communication within the context of an NGN environment.
- Ensure the developed NGN architecture is consistent with accepted security principles.
- Ensure AAA principles are integrated as required throughout the NGN.
- Relationships
Recommendations: X.800-series, viz.X.805, Y-series
Questions: Relevant Questions on NGN networking, architecture, and QoS (where authentication and authorization are required for access to resources)
Study Groups: ITU-T Study Groups 2, 4, 9, 11, 15, 16, 17, 19
Standardisation bodies, fora, and consortia: ITU-R; IETF Internet, Security, and Transport Areas; 3GPP and 3GPP2; DSL Forum
» List of Questions «
|
|
