Cybersecurity Standards Coordination and Deployment Strategies: CITEL Initiatives

Similar documents
Cyber Security in ICT Networks: CITEL Perspectives

CITEL s s Focus on Cybersecurity and Critical Infrastructure Protection CITEL

Cybersecurity and Vulnerability Assessment

ITU-APT Workshop on NGN Planning March 2007, Bangkok, Thailand

What is NGN? Hamid R. Rabiee Mostafa Salehi, Fatemeh Dabiran, Hoda Ayatollahi Spring 2011

Assisting Developing Countries for developing an NGN strategy

CSE571 Project Selection CSE571S

Services and Related Issues of NGN Standards Activities

Challenges of Global Roaming

Overview of related ITU Activities on NGN

ETSI TISPAN Vision on Convergence. FMCA Convergence & Customer Experience 26 June 2008 Sophia-Antipolis, France

ITU-T Y PSTN/ISDN evolution to NGN

Status of IMS-Based Next Generation Networks for Fixed Mobile Convergence

Evolution and Migration to IMT-2000 & Systems beyond

IP multimedia in 3G. Structure. Author: MartinHarris Orange. Understanding IP multimedia in 3G. Developments in 3GPP. IP multimedia services

Outcomes of the ITU Regional Workshop on the Internet of Things (IoT) and Future Networks. (19-20 June 2017, Saint Petersburg, Russia)

Multi-Service Access and Next Generation Voice Service

ITU-T Y Next generation network evolution phase 1 Overview

Regulator's involvement in and skills for ITU standardization: an example of Suisse OFCOM

CDMA Evolution Delivering Real-time & Multimedia Services

Challenges in Developing National Cyber Security Policy Frameworks

ITU-T Y Overview of ubiquitous networking and of its support in NGN

ITU-T Study Group 13 Overview

ITU-T Q.1706/Y.2801 (11/2006) Mobility management requirements for NGN

Requirements and capabilities for. NGN services Marco Carugi Nortel Networks March 2005 Jeju Island, South Korea

ORGANIZACION DE LOS ESTADOS AMERICANOS ORGANIZATION OF AMERICAN STATES

Overview and Status of NGN Standardization Activities. Naotaka Morita Vice Chairman of SG13, ITU-T NTT Service Integration Laboratories

Signaling Architecture and Protocols for the Next Generation Network

Alliance for Telecommunications Industry Solutions (ATIS)

ITU-T Standardization on Countering Spam

ORGANIZACION DE LOS ESTADOS AMERICANOS ORGANIZATION OF AMERICAN STATES

Introduction to ITU and ITU-T activities. ITU-T, the Standardization Sector of ITU.

standards and so the text is not to be used for commercial purposes, gain or as a source of profit. Any changes to the slides or incorporation in

Security+ SY0-501 Study Guide Table of Contents

TISPAN. Defining the Next Generation Network

Security Standardization

Telecommunications and Internet converged Services and Protocols for Advanced Networking (TISPAN):

Future and Emerging Threats in ICT

International Standardization of IPTV at ITU-T IPTV-GSI

Standardization Trends of the Next Generation Network in ETSI TISPAN

ITU-T Q Signalling architecture and requirements for IP-based short message service over ITU-T defined NGN

Next Generation Networks (NGN): Quality of Service Issues & Consumer Protection. Session No 6 (Day 2)

Experiences and hopes of an IMS based approach to FMC

4G: Convergence, Openness for Excellence and Opportunity Cisco Systems, Inc

Evolutionary steps towards NGN communications services in Australia

Key Features of ITU-T T NGN and Future Vision

ETSI TR V1.1.1 ( )

MR-186 BroadbandSuite 3.0 Companion Guide

3G Network Convergence

NGN interconnection: technology challenges. Dr. Rochdi ZOUAKIA.

FT ETSI STANDARDS FOR PUBLIC COMMENT

About Issues in Building the National Strategy for Cybersecurity in Vietnam

Mobile Network Evolution to NGN

Introducing Avaya SDN Fx with FatPipe Networks Next Generation SD-WAN

Architectural Overview of NGN (including IPTV)

Committed to connecting the world

Breaking the Silos Access and Service Convergence over the Mobile Internet

SAINT PETERSBURG DECLARATION Building Confidence and Security in the Use of ICT to Promote Economic Growth and Prosperity

Overview of ITU-T Study Group 13

NGN Presentation. Four buzzwords in the air 2/8/2015 2

IP Possibilities Conference & Expo. Minneapolis, MN April 11, 2007

Workshop Report. ETSI TISPAN The Home of NGN Standards. Beijing, China, 28 May, 2008

I n t e r n a t i o n a l T e l e c o m m u n i c a t i o n U n i o n

Promoting Global Cybersecurity

ITU Activities Related to the Internet and IP-based Networks

ITU-T SG 17 Achievements in ICT Security Standardization

ITU-D Regional Development Forums 2010 on NGN and Broadband for the Arab Region. NGN and Broadband, Opportunities and Challenges.

The 6DEPLOY Project for IPv6 Training and Support for Deployments

NGN Standards overview and Workshop Objective

IP MULTIMEDIA SUBSYSTEM (IMS) SECURITY MODEL

IMS in the Next Generation Network

IMT-2020 NETWORK HIGH LEVEL REQUIREMENTS, HOW AFRICAN COUNTRIES CAN COPE

ENUM in the UK..and the NGN standards arena

ITU-T standardization and coordination

Nairobi (Kenya), 9-12 May 2005 Session 1.2 "International Framework"

Gerald McQuaid, Chairman ETSI TC LI. ETSI All rights reserved

Current Status of Standardization on Digital Signage in ITU. Masahito Kawamori Rapporteur ITU-T SG16 Q13

COURSE DESCRIPTION UMTS INFRASTRUCTURE & OPERATION (WITH HSPA) Format: Classroom. Duration: 4 Days

Talk 4: WLAN-GPRS Integration for Next-Generation Mobile Data Networks

IEEE Standards Activities in the Smart Grid Space (ICT Focus)

Convergence and Future Networks

Trends and Developments in Telecommunication Security

MED: Voice over IP systems

CompTIA Security+ Study Guide (SY0-501)

BcN. PART?. BcN Overview PART?. Realization of BcN PART?. Broadband of Wireless Access. PART?. Standard Model of BcN

IP-Telephony Introduction

Information Security Management Systems Standards ISO/IEC Global Opportunity for the Business Community

ITU-T standardization and coordination

ITU-APT Regional Seminar. BcN. (Broadband Convergence Network) Inje University, Rep. Korea ChulSoo Kim 10 Sep INJE univ.

COURSE DESCRIPTION IP IN MODERN NETWORKS. Format: Classroom. Duration: 2 Days

Mobile Converged Networks

SERIES Q: SWITCHING AND SIGNALLING Testing specifications Testing specifications for next generation networks

ITU and IPv6. ARIN October, Los Angeles by Richard Hill

The Migration to Ipv6

OUTLINE. I Overview: the Challenge of NGNs for regulation. Outline

IPV6 THE NEXT GENERATION INTERNET PROTOCOL. Oulu, March 2006

Mobile Networks Evolution: Economic Aspects of Evolution towards IMT2000


ITU-D Study Group 2, Question 19-1/2: Strategies for Migration from existing networks to NGN for developing countries

ETSI NGN Work: TISPAN Status

Transcription:

Cybersecurity Standards Coordination and Deployment Strategies: CITEL Initiatives Wayne Zeuch Rapporteur: Standards, Conformance, and Interoperability CITEL PCC.I ITU /CITEL Regional Cybersecurity Workshop for the Americas Salta Argentina Nov 1 2010

Information and Communication Technologies are now an integral part of our lives. Network and service integration and convergence is ever increasing. Energy/ electricity Stores and services Banking and finance National defense Life sciences and biotechnology Automotive Industry & Manufacturing ICTs Health Water/sanitation Education Transportatio n/air traffic control Home/ workplace Oil and gas Public security/ law enforcement 2

ICT Networks Convergence Wireline/Wireless PSTN / IP-based Networks Information Technology / Telephony Network-based services / 3 rd Party Applications Next Generation Networks Migration toward IP-based backbone networks is taking place from single-service to multiservice, client/server-based networks Full deployment of NGNs requires a flexible (software) architecture for service delivery based on IP Multimedia Subsystem (IMS) Interoperability Interconnection of networks and Interoperability of Services NGN Infrastructure Technical Notebook, CITEL PCC.I Network convergence and the proliferation of end-user applications creates new security challenges for ICT Networks 3

Service Oriented Networks CHALLENGE: SON implementations must be secure and reliable NGN Standards Technical Notebook, CITEL PCC.I A Service Oriented Network (SON) is one in which service providers use agile methods to rapidly create new products and services from re-usable components (known as Service Enablers) 4

Hyperconnectivity is Real and Happening Now: P2P/P2M/M2M Anything that can be connected and would benefit from being connected will be connected 5 Source Nortel-2008

6

Phases CITEL Work Process Technologies (Security,...) Relevant Standards Policy/Regulatory Case Studies Discussion/Debate Awareness Raising Issue Identification Resolutions Best Practices Proposals Endorsements 7

Standards Coordination ITU /CITEL Regional Cybersecurity Workshop for the Americas Salta Argentina Nov 1 2010

Standards Coordination Process CITEL does not develop standards. PCC.I Standards Coordination CITEL identifies relevant standards and endorses their use in the Americas Region. Technology and Standards Presentations, Discussions Standards Coordination Document (SCD) Standards Development (ITU, IETF, ) NGN Technical Notebook (if applicable) PCC.I Resolution Endorsing Standard Raising awareness by socializing technology standardization activities/progress. Archiving standards descriptions in anticipation of future endorsement. 9

Standards Coordination Standards topics identified: Communication system security (security framework, protocols, lawful intercept, identity management, fraud prevention) Multimedia service definition and architectures Signaling requirements and protocols (converged networks) IP-based services (VOIP, IPTV) Emergency services Interworking between traditional telecommunication networks and evolving networks Cloud computing Service Oriented Networks Home Networking Access network transport (LANs, Wireless LANs, xdsl, Ethernet, cable modem, fiber, etc.) Terminals (PC, TV, PDA, phone, codecs, etc.) Management of communications services, networks and equipment Network aspects of IMT-2000 and beyond (wireless internet, harmonization and convergence, network control, mobility, roaming, etc.) Numbering, Naming and Addressing (ENUM) Performance and QoS 10

CITEL PCC.I Technical Notebook DESCRIPTION Provides a formalized means of maintaining an archive of technologies, best practices, policies, or regulatory information made available to the OAS Member States and CITEL telecom industry members Documents relevant activities, completed or in progress As a living document, it is updated on an ongoing basis with relevant information from contributions submitted to the Working Groups Identifying issues and archiving valuable information for the use of the ICT community and in anticipation of future CITEL recommendations 11

CITEL PCC.I Technical Notebooks Cybersecurity Critical Telecom Infrastructure Protection NGN Standards Convergence NGN Infrastructure Broadband Access Technologies NGN Networks Best Practices and Case Studies Fraud in the Provision of Telecom Services IPTV Best Practices VOIP Technology Aspects Number Portability Regulatory Best Practices Power Line Communication Technologies Economic Aspects of Universal Services 12

Next Generation Networks: Standards Overview Technical Notebook Identifies NGN related standards that the Standards Coordination Group is studying Provides an archive of NGN technical information (including security-related topics) that is available to the telecom industry and the Member States Documents NGN standards, completed or in progress, which may be considered for future development into an SCD in accordance with the CITEL approval procedures Identifying issues and archiving valuable standards information for the use of the ICT community and in anticipation of future CITEL endorsement 13

Next Generation Networks: Standards Overview Technical Notebook The NGN Standards Technical Notebook identifies NGN related standards including relevant services, architectures and protocols. (e.g., Signaling, Access, Transport, Management, Service Creation, QoS, Internet Protocol, Numbering). In particular,... Chapter 2 Emergency Telecommunications Service (ETS) ETS Types Standardization Activities (ITU, IETF, ETSI, ATIS, others) Chapter 6 Security Standards (active) ITU T T Security Standards (SG 17, SG 13) Identity Management Chapter 15 Security Standards (archive) 14 Internet Protocol Security (IPsec) Internet Key Exchange (IKE) Security Architecture for End to to End Communication Systems

The weakest links across boundaries Effective security requires that a common and consistent approach be applied to: Telecommunications & network security Security management practices Physical security Operations security Business continuity & disaster recover planning Access control systems & methodology Cryptography Application & systems development methodology Legal requirements including incident management 15

ITU T Security Architecture ITU T Rec. X.805 Applications Security VULNERABILITIES Services Security Infrastructure Security Access Control Authentication Non-repudiation Data Confidentiality Communication Security Data Integrity Availability Privacy THREATS Interruption Interception Modification Fabrication ATTACKS End User Plane Control Plane Management Plane 8 Security Dimensions Security Architecture for End-to to-end Network Security NGN Standards Technical Notebook, CITEL PCC.I 16

ITU T Security Architecture Security Program Consists of policies and procedures in addition to technology Includes three phases: Definition and Planning phase Implementation phase Maintenance phase Security Architecture can guide the development of: comprehensive security policy incident response and recovery plans technology architectures Security Architecture ensures that Security Program addresses each Security Dimension for each Security Layer and Plane For security standards and programs to be of value, they must first be deployed and then constantly maintained and re-assessed 17

CITEL PCC.I Resolutions Endorsing Standards for the Americas Region (1) Standard Date Gateway Control Protocol March 2001 Intelligent Networks Capability Set 3 March 2001 Intelligent Networks Capability Set 4 Dec 2002 ITU-T Y.2000-Series Recs for NGN (SG13) Sept 2003 ANSI-41 Evolved Core Network with CDMA2000 Access Network Sept 2003 GSM Evolved UMTS Core Network with UTRAN Access Network Sept 2003 Security Architecture for the Internet Protocol (IPsec) March 2004 Security Architecture for Systems Providing End-to-End Communications (ITU-T Rec. X.805) March 2004 18

CITEL PCC.I Resolutions Endorsing Standards for the Americas Region (2) Standard Date Packet-Based Multimedia Communications Systems (ITU-T March 2004 Rec. H.323) Interworking Between SIP and BICC Protocols or ISUP (Rec. Sept 2004 Q.1912.5) SIP: Session Initiation Protocol April 2005 ITU-T Rec. G.993.2, VDSL2: Very High Speed DSL-2 Transceivers ITU-T Rec. J.122, Second-Generation Transmission Systems for Interactive Cable Television Services IP Cable Modems Sept 2006 Sept 2006 Internet Protocol Version 6 (IPv6) Sept 2006 E.164 to Uniform Resource Identifiers (URI) Dynamic Delegation Discovery System (DDDS) Application (ENUM) Sept 2007 19

CITEL PCC.I Resolutions Endorsing Standards for the Americas Region (3) Standard ITU-T Rec. E.106, International Emergency Preference Scheme for Disaster Relief Operations ITU-T Rec. E.107, Emergency Telecommunications Service (ETS) and Interconnection Framework for National Implementations of ETS Date March 2008 March 2008 ITU-T Rec. Y.1910, IPTV Functional Architecture May 2009 ITU-T Rec. Y.2270, NGN Identity Management May 2009 ITU-T Recommendation L.75 Test acepptance and maintenance methods of copper subscriber pairs May 2010 20

ITU T Security Standards ITU T Study Group 17 Telecommunications systems security project Security architecture and framework Information security management Cybersecurity Countering spam by technical means Secure aspects of ubiquitous telecommunication services Secure application services Service Oriented Architecture Security Study Group 17 is the Lead Telebiometrics ITU T T Study Group for Security and Identity Identity Management architecture and Management mechanisms 21

IETF Security Standards IETF Standards Development The IETF Security Area has the following active Working Groups developing Internet standards: abfab Application Bridging for Federated Access Beyond web dkim Domain Keys Identified Mail emu EAP Method Update hokey Handover Keying ipsecme IP Security Maintenance and Extensions isms Integrated Security Model for SNMP keyprov Provisioning of Symmetric Keys kitten Kitten (GSS-API Next Generation) krb-wg Kerberos ltans Long-Term Archive and Notary Services msec Multicast Security nea Network Endpoint Assessment pkix Public-Key Infrastructure (X.509) tls Transport Layer Security The Internet Engineering Task Force is a major developer of Internet standards 22

Summary CITEL continues to address Cybersecurity and Security standards has initiated new studies in several key areas CITEL is utilizing Standards Coordination Documents to increase awareness of relevant security standards and to endorse the use of those standards in the Region CITEL is utilizing workshops and Technical Notebooks to increase awareness of cybersecurity standards issues and to assess best practices and strategies in order to increase security and mitigate the effects of cyber crime Continued cooperation within the Americas Region and continued input from its members on cybersecurity experiences and strategies will allow CITEL to remain focused on the most relevant security issues so as to provide recommendations for the Region and provide value to other bodies internationally 23

g{tç~ léâ4 Wayne Zeuch Vice Chair: Working Group on Deployment of Technologies and Services Rapporteur: Standards, Conformance, and Interoperability waynezeuch@aol.com 24 citel@oas.org

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback