Introduction
Scope of the Project
Background
Achievements and actions
Introduction
The Plenipotentiary Conference (Marrakesh, 2002) considered
that, with the application and development of Information and Communication
Technologies (ICT), information and communication
networks have given rise to ever-growing security challenges.
ITU-T Study Group 17 has been designated by the WTSA-2000 as the lead Study Group
for security issues. Question 10/17, "Security requirements,
models and guidelines for communication systems and services"
performs the lead Study Group function given to Study Group 17. As
such, it provides assistance to other Study Groups embedding
security requirements in their Recommendations. Q.10/17 is also developing
framework recommendations on security.
During its November 2002 meeting, Study Group 17 agreed to
establish a new project entitled "Security
Project" under the leadership of Q.10/17 to coordinate the
ITU-T standardization effort on security. An analysis of the
status on ITU-T Study Group action on information and
communication network security may be found in TSB Circular 147 of
14 February 2003.
Scope of the Project
- Develop standards of network security for global use.
- Develop awareness on best practices and standards applicable to
security threats.
- Identify standardization activities on network security within
ITU-T, coordinate them as the focal point on security within ITU-T.
- Identify user and system requirements on network security and prioritize
them.
- Provide careful consideration to potential impact of security
standards.
- Promote understanding of security actives within ITU-T by
1) Drawing a technology map on network security based on our
Compendia
2) Opening workshops on securities
3) Building a portal site on security activities
- With all those efforts, we will propose a future direction of
security technologies for ITU-T.
- Identify standardization activities and organizations addressing
network security around the world and provide a focal point for
liaison and coordination.
Background
The IP-based networks have been growing explosively, changing
human life, so a number of people are blessed with the
conveniences such as telecommunication, ATM, SS7, FR, POTS, ISDN,
IMT2000, Cable, electric commerce, distance learning, multimedia,
information retrieval and so on. Since the IP-based networks have
been a social infrastructure, new infrastructures have been
emerging over the IP-based networks.
However, we hear cyber crimes such as DDoS (Distributed Denial of
Service) attacks, worm viruses, illegal access, spoofing etc.
happening daily all over the world. And cyber attack weapons have
been developing in various countries.
Under these circumstances, a lot of standardization bodies have
developed international standardization related to information
security issues. ISO/IEC JTC1/SC27 has developed IS017799
information security management system based on BS7799, ISO15408
common criteria, and so on. IETF has developed S/MIME, SSL, IPsec
etc. related to the IP-based security. And ITU-T has contributed
great number of security standardizations, especially X.509 PKI
Public Key Infrastructure certificate standard are used as de
facto standard as basis of digital signature.
Nowadays, security technologies has been more complex and larger
in its scale, so all of the study groups of ITU-T have
relationships among security issues. Therefore Q.10/17 leads study
group of security and it has received a lot of liaison statement
from other study groups.
Achievements and actions
a. Compendia of Security Technologies:
Feb. 2003 --
We will identify standardization activities on security within and outside ITU-T and develop a compendia based on a draft compendia.
b. Technology Map on Security
We will draw a present and future technology map on security for promoting common understanding and up-to-date them .
c. Recommendations under development
d. Workshops:
(Next workshop: before or after November 2004 TSAG meeting)
We will hold workshops periodically in order to exchange information on recent and advanced security technologies, and propose a future strategy and direction of ITU-T security activities
|