|
Work item:
|
Q.3062 (ex Q.Pro-Trust)
|
|
Subject/title:
|
Signalling procedures and protocols for enabling interconnection between trustable network entities in support of existing and emerging networks
|
|
Status:
|
Approved on 2022-09-29 [Issued from previous study period]
|
|
Approval process:
|
AAP
|
|
Type of work item:
|
Recommendation
|
|
Version:
|
New
|
|
Equivalent number:
|
-
|
|
Timing:
|
-
|
|
Liaison:
|
ITU-T SG13, ITU-T SG17, ITU-T SG20, 3GPP TSG SA3
|
|
Supporting members:
|
Vaulto Communication Technologies Ltd. (Israel), China Telecom, China Mobile
|
|
Summary:
|
Signaling System No. 7 (SS7) is a stack of signaling protocols, which was initially developed by ITU (CCITT) in the 1980s. Since then, SS7 standards has become a generic stack which are widely applied in public switched telephone network (PSTN) all over the globe. With the growth of mobile telecommunications and appearance of the MAP and CAP protocols, SS7 stack has become suitable for public land mobile network (PLMN), e.g., 2G, 3G networks. Later, SS7 migrated to SIGTRAN stack developed by IETF which allows operators to setup interconnection of SS7-based networks over IP networks. Furthermore, the SS7 logic migrated to DIAMETER which is currently widely used for interconnection of IMS-based networks, including 4G (VoLTE/ViLTE).
At the development stage, SS7 was designed to be managed by operators with the understanding that anyone connected to SS7 network was considered trustworthy. With the current network environment, including interconnection over the Internet, SS7-based networks have become vulnerable and can be easily attacked. Moreover, the latest move to Diameter protocol has not solved any of the basic vulnerabilities found in SS7.
Presently, there have been multiple cases where SS7 vulnerabilities have been used for different hackers’ attacks. Amongst well-known attacks on SS7 networks include telephone spam, spoofing numbers, location tracking, subscriber fraud, intercept calls and messages, DoS, infiltration attacks, routing attacks, etc.
The goal of this Recommendation is to define the signalling requirements for authentication of signalling messages, in order for operators to be able to verify the authenticity of signalling exchange based on an accepted trust anchor. This Recommendation includes codes and signalling procedures based on ITU-T Q.3057.
|
|
Comment:
|
-
|
|
Reference(s):
|
|
|
Historic references:
|
|
Contact(s):
|
|
| ITU-T A.5 justification(s): |
|
|
|
|
First registration in the WP:
2020-08-25 10:57:51
|
|
Last update:
2022-07-25 12:16:40
|
|
