Upload File

etsi security presentation

24
ETSI Security Workshop January 2007 1 ETSI Security Activities Overview Charles Brookson ETSI OCG Sec Chairman, UK DTI [email protected] Dionisio Zumerle ETSI Secretariat [email protected]

Upload: others

Post on 19-Mar-2022

3 views

Category:

Documents


0 download

Report

TRANSCRIPT

Page 1: ETSI Security Presentation

ETSI Security Workshop January 2007

1

ETSI Security Activities OverviewCharles Brookson

ETSI OCG Sec Chairman, UK [email protected]

Dionisio ZumerleETSI Secretariat

[email protected]

Page 2: ETSI Security Presentation

ETSI Security Workshop January 2007 2

Agenda

Overview and OCG SecurityMobile and Wireless SecurityAlgorithmsSmart CardsNext Generation Networks SecurityLawful InterceptionElectronic SignaturesFuture Challenges

Page 3: ETSI Security Presentation

ETSI Security Workshop January 2007 3

ETSI Committees per Security AreasMobile/Wireless Algorithms

Information TechnologyInfrastructure

Fixed and Convergent Networks

2G/3G Mobile3GPP*

ElectronicSignatures

(ESI)Next Generation

Networks(TISPAN)

LawfulInterception

(LI)

SmartCardPlatform

(SCP)

SecurityAlgorithms Group

of Experts(SAGE)

TETRA

MESA*

EMTEL

Emergency Telecommunications

Smart Cards

Mobile

Com

mer

ce**

DECT

AT

SES

* ETSI is a founding partner for this partnership project** Closed Committee

Page 4: ETSI Security Presentation

ETSI Security Workshop January 2007 4

OCG Security

Operational Co-ordination ad hoc Group on SecurityHorizontal co-ordination structure for security issues

Ensuring security is properly considered in each ETSI Technical Body (TB)Detecting any conflicting or duplicate work

Participation:TBs are free to nominate Members to participate in the work of the group

Working methods:Via email When necessary co-sited “joint security” technical working meetingsIssues sent to [email protected] list: [email protected]

mailto:[email protected]
mailto:[email protected]
Page 5: ETSI Security Presentation

ETSI Security Workshop January 2007 5

Agenda

Overview and OCG Security

Mobile and Wireless SecurityAlgorithmsSmart CardsNext Generation Networks SecurityLawful InterceptionElectronic SignaturesFuture Challenges

Page 6: ETSI Security Presentation

ETSI Security Workshop January 2007 6

GSM and 3G

IMEI (International Mobile Equipment Identity)Protection against theftPhysical marking of the terminalBlacklisted by operator if stolen

FIGS (Fraud Information Gathering System)Monitors activities of roaming subscribersHome network informedFraudulent calls identified terminated

PriorityPublic safety service Allows for high priority access

Location

Page 7: ETSI Security Presentation

ETSI Security Workshop January 2007 7

TETRA

TErrestrial Trunked RadioMobile radio communications

Used for public safety services Security features include:

Mutual AuthenticationEncryptionAnonymity

Page 8: ETSI Security Presentation

ETSI Security Workshop January 2007 8

Agenda

Overview and OCG SecurityMobile and Wireless Security

AlgorithmsSmart CardsNext Generation Networks SecurityLawful InterceptionElectronic SignaturesFuture Challenges

Page 9: ETSI Security Presentation

ETSI Security Workshop January 2007 9

Algorithms

ETSI is a world leader in creating cryptographic algorithms and protocols to prevent fraud and unauthorised access to ICT and broadcast networks, and to protect customers’ privacyETSI SAGE (Security Algorithm Group of Experts)

Centre of competence for algorithms in ETSIAlgorithms for:

DECTGSM, GPRS, EDGETETRAUMTS…

Page 10: ETSI Security Presentation

ETSI Security Workshop January 2007 10

GSM and UMTS Algorithms

GSM and EDGEA3, A5 and A8 – used in most GSM networks all over the world

GPRSGEA3 – encryption algorithms used

UMTS radio interface (UTRA)UEA1 and UIA1Providing Encryption and IntegrityUEA2 and UIA2 just releasedFor more info: ETSI TR 133 908

Page 11: ETSI Security Presentation

ETSI Security Workshop January 2007 11

Agenda

Overview and OCG SecurityMobile and Wireless SecurityAlgorithms

Smart CardsNext Generation Networks SecurityLawful InterceptionElectronic SignaturesFuture Challenges

Page 12: ETSI Security Presentation

ETSI Security Workshop January 2007 12

Smart cardsSmart cards

Micro-processor equipped TokensAble to store and process information

• Private key• Biometric template• …

Provide Strong AuthenticationUsed in:

• Banking• Healthcare• Telecoms• IT• …

Page 13: ETSI Security Presentation

ETSI Security Workshop January 2007 13

Smart Card Standardization

ETSI Smart Card StandardizationETSI Technical Committee Smart Card Platform (TC SCP)GSM SIM Cards: among most widely deployed smart cards everWork extended with UMTS USIM Card and UICC Platform

Current challengesExpand the smart card platform Implement Extensible Authentication Protocol (EAP) in Smart CardsAllow users access to global roamingUICC platform in secure financial transactions over mobile communications systems

Page 14: ETSI Security Presentation

ETSI Security Workshop January 2007 14

Agenda

Overview and OCG SecurityMobile and Wireless SecurityAlgorithmsSmart Cards

Next Generation Networks SecurityLawful InterceptionElectronic SignaturesFuture Challenges

Page 15: ETSI Security Presentation

ETSI Security Workshop January 2007 15

ETSI TISPAN WG7

NGN concept: fixed-mobile network convergence to packet-switched technology delivering multimedia servicesETSI extending the 3GPP IMS concepts in TISPAN Committee designing NGN

(TISPAN = TTelecommunication and IInternet converged SServices and PProtocols for AAdvanced NNetworking)

Working Group 7 NGN competence centre for security with a group of security expertsWG7 standardizes NGN security

www.tispan.org

Page 16: ETSI Security Presentation

ETSI Security Workshop January 2007 16

NGN R1 Security Standards

NGN Release 1Threat, Vulnerabilities, Risk Analysis

TR 187 002

NGN Architecture (NASS, RACS, …) IMS Security Architecture

NGN Release 1Security Requirements

TR 187 001

NGN Release 1 Security Architecture TS 187 003

Security Components and Building Blocks

CountermeasuresSecurity FunctionsSecurity Services

Security Domains

NGN Release 2 Security Architecture

Page 17: ETSI Security Presentation

ETSI Security Workshop January 2007 17

Agenda

Overview and OCG SecurityMobile and Wireless SecurityAlgorithmsSmart CardsNext Generation Networks Security

Lawful InterceptionElectronic SignaturesFuture Challenges

Page 18: ETSI Security Presentation

ETSI Security Workshop January 2007 18

What is Lawful Interception?

Delivery of intercepted communications to Law Enforcement Authorities

To support criminal investigationTo counter terrorism

Applies to data in transitnot a search of records

Applied to any data in transitSignallingSpeechVideoEmailWeb

Page 19: ETSI Security Presentation

ETSI Security Workshop January 2007 19

Simple architecture

Correspondent

Handover interface

Interception interface

target

Monitor

Page 20: ETSI Security Presentation

ETSI Security Workshop January 2007 20

Agenda

Overview and OCG SecurityMobile and Wireless SecurityAlgorithmsSmart CardsNext Generation Networks SecurityLawful Interception

Electronic SignaturesFuture Challenges

Page 21: ETSI Security Presentation

ETSI Security Workshop January 2007 21

Electronic Signatures

ETSI and CEN co-operation on the European Electronic SignatureGoal: provide Europe with a reliable electronic signatures framework

Enabling electronic commerceSupporting eSignature EC Directive

Current challengeseInvoicingRegistered EMail (REM)

International collaborationCertificate Policy mapped and aligned with US policyXML Signature Standard adopted in Japan

Page 22: ETSI Security Presentation

ETSI Security Workshop January 2007 22

Agenda

Overview and OCG SecurityMobile and Wireless SecurityAlgorithmsSmart CardsNext Generation Networks SecurityLawful InterceptionElectronic Signatures

Future Challenges

Page 23: ETSI Security Presentation

ETSI Security Workshop January 2007 23

Future Challenges

A number of issues are openProduct ProofingDRMNGN Retained Data…

Security Standards for the Future Technologies are the Next ChallengeETSI can meet that challenge

Page 24: ETSI Security Presentation

ETSI Security Workshop January 2007

24

Thank you for your attention

[email protected]@etsi.org

[email protected]


TS 103 097 - V1.3.1 - Intelligent Transport Systems (ITS ...€¦ · Security; Security header and certificate formats TECHNICAL SPECIFICATION . ETSI 2 ETSI TS 103 097 V1.3.1 (2017-10)

3rd Security Workshop Report - ETSI

Update on ETSI Cyber Security work

Telecommunications security; Lawful Interception - ETSI

TS 103 523-3 - V1.2.1 - CYBER; Middlebox Security Protocol ...€¦ · ETSI 2 ETSI TS 103 523-3 V1.2.1 (2019-03) Reference RTS/CYBER-0027-3v121 Keywords cyber security ETSI 650 Route

OIPF Presentation for EBU / ETSI Hybrid Broadcast / Broadband

3GPP and ETSI Security Standards MWC 2010 SECURITY.pdf · 3GPP and ETSI Security Standards ... For core network (NAS) signalling, ... AES and SNOW 3G chosen as basis

ETSI Security Week 2020 goes virtual!...– Security management framework that follows the ETSI Zero touch network and Service Management (ZSM). – Trusted Execution Environment (TEE)

MOBILITY SERVICES PLUGTEST - ETSI...ETSI provided Wireshark dissector for all ITS protocols including Security to assist the debugging Security PKI framework provided for Conformance

3GPP and ETSI Security Standards · Mobile World Congress –Barcelona February 2010 2 3GPP and ETSI Security Standards 3GPP Mobile security: GSM, UMTS, LTE ETSI in other Security

ETSI TS 119 461 ETSI... · 2020. 12. 21. · ETSI . 2 Draft ETSI TS 119 461 V0.0.5 (2020-12) Reference DTS/ESI-0019431-2 . Keywords electronic signature, security, trust services

ThingPark Wireless - ETSI€¦ · ThingPark Wireless & ETSI M2M M2M cloud: • ETSI M2M NCS broker • Sync/Async/PubSub interactions • Big Data storage • Security M2M GW reference

STORK 2.0 ETSI Security Week 2015€¦ · ETSI Security Week 2015 Thematic Stream eIDAS Arvid Welin (SE) Adam Cooper (UK) ... • Open source reference implementations Stork 2.0 is

Update on ETSI Security work

ETSI Security Week June 11 – June 15, 2018 Marcus …€¦ · HUAWEI TECHNOLOGIES CO., LTD. HUAWEI Confidential Page 1 IoT Security Considerations in 5G ETSI Security Week June

ETSI Security week eIDAS Thematic stream€¦ · ETSI Security week eIDAS Thematic stream Open source for creation and validation of signatures Sophia Antipolis, France 25/06/2015

Security at POS - ETSI

ISO Security Standardization An update on ISO/IEC - Docbox - ETSI

REVIEW OF ITS WG5 PROGRAMME (SECURITY) - ETSI · 1 review of its wg5 programme (security) scott w cadzow, chairman of etsi tc its wg5

ETSI TS 136 331 V10.7 - ETSI - Welcome to the World of ... TS 36.331 version 10.7.0 Release 10 ETSI 4 ETSI TS 136 331 V10.7.0 (2012-11) 5.3.1.2 Security 34 5.3.1.2a RN security

ETSI EADS Presentation

TS 102 940 - V1.1.1 - Intelligent Transport Systems (ITS ... ITS communications security architecture and security management Technical Specification ETSI 2 ETSI TS 102 940 V1.1.1

Security ETSI · Security @ ETSI S. Compans ETSI Security Week ... more than 5 billion pieces going into the market every year just as SIM cards The UICC as a platform provides application

DELIVERABLE D3.1 Security Information Storage and Analytics … · 2019-09-22 · ESB Enterprise Service Bus ... ETSI CIM ETSI Context Information Management ETSI NGSI-LD ETSI Next

ETSI Security Week 2020 goes virtual!

TISPAN NGN Security standards - ETSI

Security in 5G inter network SiGnallinG - ETSI

5G Security Challenges for Verticals - a Standards …...Ali Rezaki & Anja Jerichow, Nokia Bell Labs June 20, 2019 ETSI Security Week 2019 Disclaimer: This presentation includes the

ETSI TR 102 038 V1.1 · 2002. 4. 12. · ETSI 2 ETSI TR 102 038 V1.1.1 (2002-04) Reference DTR/SEC-004011 Keywords electronic signature, security ETSI 650 Route des Lucioles F-06921

How secure is LTE? - ETSI secure is LTE presenta… · LTE –building on UMTS Security UMTS is stronger than GSM in some ways: ... How secure is LTE presentation at ETSI stand during

4th ETSI SECURITY WORKSHOP - Directory Listingdocbox.etsi.org/Workshop/2009/200901_SECURITYWORKSHOP/00...4th ETSI SECURITY WORKSHOP ETSI 13 – 14 January 2009 ... in support of EU

ETSI GS QKD 008 V1.1 · ETSI 2 ETSI GS QKD 008 V1.1.1 (2010-12) Reference DGS/QKD-0008 Keywords analysis, protocols, Quantum Key Distribution, security, system ETSI 650 Route des

PRESENTATION OF ETSI © ETSI 2014. All rights reserved Sophia Antipolis, 22 May 2014 Luis Jorge Romero Director General, ETSI

ETSI GS NFV-SEC 003 V1.1 · ETSI GS NFV-SEC 003 V1.1.1 (2014-12) Network Functions Virtualisation (NFV); NFV Security; Security and Trust Guidance Disclaimer This …

TS 103 097 - V1.3.1 - Intelligent Transport Systems (ITS ... Transport Systems (ITS); Security; Security header and certificate formats TECHNICAL SPECIFICATION ETSI 2 ETSI TS 103 097