itu-t security standardization
DESCRIPTION
GSC10_gtsc3(05)04. Agenda Item: 5.6. ITU-T Security Standardization. Herb Bertine Chairman ITU-T Study Group 17. ITU-T World Telecommunications Standardization Assembly (WTSA). Resolution 50, Cyberscecurity - PowerPoint PPT PresentationTRANSCRIPT
GSC
Global Standards CollaborationGSC#10
28 August – 2 September 2005Sophia Antipolis, France
ITU-T Security ITU-T Security StandardizationStandardization
Herb Bertine
Chairman ITU-T Study Group 17
Agenda Item: 5.6GSC10_gtsc3(05)04
2
GSCITU-T World Telecommunications Standardization Assembly (WTSA)
Resolution 50, Cyberscecurity Evaluate existing and evolving new
Recommendations with respect to their robustness of design and potential for exploitation by malicious parties
Raise awareness of the need to defend against the threat of cyber attack
Resolution 51, Combating spam Report on international initiatives for countering
spamMember States to take steps within their national legal frameworks to ensure measures are taken to combat spam
Resolution 52, Countering spam by technical means Study Groups, in cooperation with other relevant
groups, to develop as a matter of urgency technical Recommendations on countering spam
3
GSCITU-T Study Groupswww.itu.int/ITU-T/studygroups/com17
Study Group 17 is the Lead Study Group for Telecommunication Securitywww.itu.int/ITU-T/studygroups/com17/tel-security.html Coordination/prioritization of security efforts Development of core security Recommendations
Study Group 2 is responsible for defining the security requirements on the user point-of-view
Study Group 4 covers security for the network management
Study Group 9 develops security mechanisms for cable distribution systems
Study Group 13 defines the security framework for NGN
Study Group 16 concentrates on the security issues of Multimedia applications in next generation networks.
4
GSCAwareness
SG 17 maintains a webpage providing for an overview on achievements of ITU-T on security standadization:
security manualsecurity compendium:
• catalogue of approved ITU-T Recommendations related to telecommunication security
• extract of ITU-T approved security definitions• listing of ITU-T security related Questions
www.itu.int/ITU-T/studygroups/com17/tel-security.html Many ITU-T workshops have security in their
agenda (New horizons for security standardization, NGN (in collaboration with IETF), Cybersecurity Symposiums I and II, Home networking and Home services,…)
5
GSC
ITU-T Security Manual December 2003, October 2004
Basic security architecture and dimensions
Vulnerabilities, threats and risks Security framework requirements PKI and privilege management with X.509 Applications (VoIP, IPCablecom, Fax,
Network Management, e-prescriptions) Security terminology Catalog of ITU-T security-related
Recommendations List of Study Groups and security-related
Questionswww.itu.int/itudoc/itu-t/85097.pdfwww.itu.int/itudoc/itu-t/86435.pdf
6
GSC
7
GSCSG 17 recent achievements
Security Architecture (X.805) New 2003 For end-to-end communications
Security Management System (X.1051) New 2004 For risk assessment, identification of assets and
implementation characteristics Mobile Security (X.1121 and X.1122) New 2004
For mobile end-to-end data communications Telebiometric Multimodal Model (X.1081) New
2004A framework for the specification of security and
safety aspects of telebiometrics Public Key and Attribute Certificate Frameworks
(X.509) Revision 2005 Ongoing enhancements as a result of more complex
uses and alignment with the IETF
8
GSCSG 16 recent achievements
Major restructuring of H.235v3 and annexes in stand-alone sub-series Version 4 Recommendations of H.235.x
New H.235.0 (2005) “Security framework for H-series (H.323 and other H.245-based) multimedia systems” Overview of H.235.x sub-series and common procedures and
baseline text New H.235.1 (2005) “Baseline Security Profile“
Authentication & integrity for H.225.0 signaling using shared secrets
New H.235.2 (2005) “Signature Security Profile” Authentication & integrity for H.225.0 signaling using X.509
digital certificates and signatures New H.235.3 (2005) “Hybrid Security Profile”
Authentication & integrity for H.225.0 signaling using an optimized combination of X.509 digital certificates, signatures and shared secrets key management; specification of an optional proxy-based security processor
9
GSCSG 16 recent achievements
New H.235.4 (2005) “Direct and Selective Routed Call Security” Key management procedures in corporate and
interdomain environments to obtain key material for securing H.225.0 call signaling in GK direct-routed/selective routed scenarios
New H.235.5 (2005) “Framework for secure authentication in RAS using weak shared secrets” Secured password (using EKE/SPEKE approach) in
combination with Diffie-Hellman key agreement for stronger authentication during H.225.0 signaling
New H.235.6 (2005) “Voice encryption profile with native H.235/H.245 key management” Key management and encryption mechanisms for RTP
New H.235.7 (2005) “Usage of the MIKEY Key Management Protocol for the Secure Real Time Transport Protocol (SRTP) within H.235” Usage of the MIKEY key management for SRTP
10
GSCSG 16 recent achievements
New H.235.8 (2005) “Key Exchange for SRTP using secure Signalling Channels” SRTP keying parameter transport over secured signaling
channels (IPsec, TLS, CMS) New H.235.9 (2005) “Security Gateway Support for
H.323” Discovery of H.323 Security Gateways (SG represents
an H.323 NAT/FW ALG) and key management for H.225.0 signaling
11
GSC
SG 4 recent achievements: Security of the Management
Plane (M.3016-series) Approved earlier this year (2005), the M.3016 series
is viewed as a key aspect of NGN Management; it is included in the NGN Management Roadmap to be issued by the
NGNMFG In M.3060 on the Principles of NGN Management
The M.3016 series consists of 5 parts: M.3016.0: Overview M.3016.1: Requirements M.3016.2: Services M.3016.3: Mechanisms M.3016.4: Profile proforma
The role of M.3016.4 is unique in that it provides a template for other SDOs and forums to indicate for their membership what parts of M.3016 are mandatory or optional
12
GSC
Cyber Security*Vulnerability Information Sharing…*Incident Handling Operations*Security Strategy*Countering SPAM ( proposed Q.1717)
Secure Communication Services *Mobile Secure Communications *Home Network Security *Security Web Services *X.1121, X.1122
Q.6/17
Q.9/17
Q.7/17 Q.5/1
7
Communications System Security Project *Vision, Project Roadmap, …Q.4/17
Telebiometrics *Multimodal Model Framework *System Mechanism *Protection Procedure *X.1081
Q.8/17
SecurityArchitecture& Frameworks*Architecture, Model, Concepts, Frameworks,*etc…*X.800 series*X.805
SecurityManagement*ISMS-T*Incident Management*Risk Assessment Methodology*etc…*X.1051
TelecomSystems
Telecom Systems Users
Study Group 17 Security Questions, 2005-2008
13
GSC
ITU-T Security workin development
Q.2/17: Directory services, Directory systems, and public-key/attribute certificates The Directory: Public-key and attribute certificate frameworks
(X.509)• The 5th edition entered Last Call period for approval on 1 August
2005 Consider new work on NGN directory protocol
Q.4/17: Communications systems security project Security Baseline for Network Operators Project
• Proposes a security baseline for network operators that will provide meaningful criteria against which each network operator can be assessed if required
Q.5/17: Security architecture and framework Applications of ITU-T Rec. X.805
• covering division of the security features between the networkservice provider and the user
• specifying procedures for network security assessment based on X.805 security architecture
14
GSC
ITU-T Security workin development
Q.6/17: Cybersecurity X.sno, framework for secure network operations X.vds, vulnerability data schema X.sds, spyware/deceptive software X.silc, security incident life-cycle processes X.svlc, security vulnerability life-cycle processes
Q.7/17: Security management X.ism-1, code of practice for information security management X.ism-2, ISMS requirements specification X.1051, amendments/revision
Q.8/17: Telebiometrics X.physiol, Physiological quantities, their units and letter symbols X.tsm-1, General telebiometric system models, protocol and data
contents X.tsm-2, Profile of client verification model on TSM X.tpp, Guideline on technical and managerial countermeasures for
biometric data security
15
GSC
ITU-T Security workin development
Telebiometric database ITU is constructing a database of safe limit value
pertaining to interfaces between telebiometric equipment and humans
This work is being done in collaboration with ISO TC 12 and IEC TC 25
We would appreciate the help of PSOs in populating the database.
The telebiometric database will be publicly available on the ITU-T website:www.itu.int/BiometricDB/Home
16
GSC
ITU-T Security workin development
Q.9/17: Secure communication services X.homesec-1, Framework for security technologies for home
network X.homesec-2, Certificate profile for the device in the home network X.msec-3, General security value added service (policy) for mobile
data communication X.msec-4, Authentication architecture in mobile end-to-end data
communication X.crs, Correlative reacting system in mobile network X.websec-1, based on OASIS standard SAML, Security Assertion
Markup Language X.websec-2, based on OASIS standard XACML, eXtensible Access
Control Markup Language Proposed Q.17/17: Countering SPAM
X.gcs, Guideline on countering SPAM X.fcs, Technical framework for countering SPAM X.tcs, Technical means for countering SPAM
17
GSC
ITU-T Security workin development
Q.11/4 – Protocols for management interfaces Security Management System Requirements (M.xxxx)
Q.1513 – NGN security Ensure that the developed NGN architecture is consistent with
established security principles. Will further process the security-related FGNGN deliverables
18
GSC
ITU-T Security workin development
Security Deliverables from NGN Focus Group
Deliverable Title
Current Draft Target Date
Security Requirements for NGN Release 1
FGNGN-OD-00132
November 2005
Guidelines for NGN Security
FGNGN-OD-00173
November 2005
Both draft specifications are planned to be moved to SG 13 for processing as new ITU-T Recommendations
19
GSC
ITU-T Security workin development
Q.25/16 - Multimedia Security in Next-Generation Networks (NGN-MM-SEC)Standardizes MM Security for H.323 systems and for Advanced multimedia (MM) applications including NGN Anti-DDOS countermeasures for Multimedia and for
(H.323-based) NAT/FW proxy Federated Security Architecture for Internet-based
Conferencing (H.FSIC) Security for MM-QoS (H.mmqos.security) Negotiate security protocols (IPsec or TLS) for H.323
signaling (H.460.spn) MM security aspects of Vision H.325
“Next-generation Multimedia Terminals and Systems”
20
GSCConcluding Observations
Security is everybody's business Collaboration with other SDOs is necessary Security needs to be designed in upfront Security must be an ongoing effort Systematically addressing vulnerabilities
(intrinsic properties of networks/systems)is key so that protection can be provided independent of what the threats (which are constantly changing and may be unknown) may be – X.805 is helpful here
GSC
Global Standards CollaborationGSC#10
28 August – 2 September 2005Sophia Antipolis, France
Thank you !Thank you !
22
GSC
Additional material on recently approved security
Recommendations in Study Group 17
23
GSC
Three main issues that X.805 addresses
The security architecture addresses three essential issues:What kind of protection is needed and against
what threats?What are the distinct types of network
equipment and facility groupings that need to be protected?
What are the distinct types of network activities that need to be protected?
X.805
24
GSCX.805: Security Architecture
for End-to-End Communications
Vulnerabilities can exist in each Layer, Plane and Dimension 72 Security Perspectives (3 Layers Ò 3 Planes Ò 8 Dimensions)
Acc
ess
Man
agem
ent
Infrastructure Security
Applications Security
Services Security
End User SecurityControl/Signaling Security
Management Security8 Security Dimensions
Dat
a C
onfid
entia
lity
Com
mun
icat
ion
Secu
rity
Inte
grity
Ava
ilabi
lity
Priv
acy
Aut
hent
icat
ion
Non
-rep
udia
tion
Security Layers
Security Planes
Acc
ess
Con
trol
Infrastructure Security
Applications Security
Services Security
End User SecurityControl/Signaling Security
Management Security
THREATS
VULNERABILITIES
8 Security Dimensions
ATTACKS
Dat
a C
onfid
entia
lity
Com
mun
icat
ion
Secu
rity
Dat
a In
tegr
ity
Ava
ilabi
lity
Priv
acy
Aut
hent
icat
ion
Non
-rep
udia
tion
Security Layers
Security Planes
Destruction
Disclosure
Corruption
Removal
Interruption
X.805
25
GSCX.805: Three security layers
• Each Security Layer has unique vulnerabilities, threats• Infrastructure security enables services security enables applications security
Infrastructure Security
Applications Security
Services Security
THREATS
VULNERABILITIES
ATTACKS
Destruction
Disclosure
CorruptionRemoval
Infrastructure Security
Applications Security
Services SecurityVULNERABILITIES
InterruptionVulnerabilities Can ExistIn Each Layer
1 - Infrastructure Security Layer:• Fundamental building blocks of networks
services and applications• Examples:
– Individual routers, switches, servers– Point-to-point WAN links– Ethernet links
2 - Services Security Layer:• Services Provided to End-Users• Examples:
– Frame Relay, ATM, IP– Cellular, Wi-Fi,– VoIP, QoS, IM, Location services– Toll free call services
3 - Applications Security Layer:• Network-based applications accessed by
end-users• Examples:
– Web browsing– Directory assistance– Email– E-commerce
X.805
26
GSC
• Security Planes represent the types of activities that occur on a network.• Each Security Plane is applied to every Security Layer to yield nine security
Perspectives (3 x 3)• Each security perspective has unique vulnerabilities and threats
X.805: Three security planes
Infrastructure Security
Applications Security
Services Security
End User Security
Control/Signaling Security
Management Security
VULNERABILITIES
Security Layers
Security Planes
Infrastructure Security
Applications Security
Services Security
End User Security
Control/Signaling Security
Management Security
VULNERABILITIES
Security Layers
Security Planes
Vulnerabilities Can ExistIn Each Layer and Plane
THREATS
ATTACKS
Destruction
Disclosure
CorruptionRemoval
Interruption
1 - End-User Security Plane:• Access and use of the network by the
customers for various purposes:– Basic connectivity/transport– Value-added services (VPN, VoIP,
etc.)– Access to network-based applications
(e.g., email)
2 - Control/Signaling Security Plane:• Activities that enable efficient functioning
of the network• Machine-to-machine communications
3 - Management Security Plane:• The management and provisioning of
network elements, services and applications
• Support of the FCAPS functions
X.805
27
GSCX.805 Approach
Advanced Technologies Lucent Technologies - Proprietary 21
Access Control
Authentication
Non-repudiation
Data Confidentiality
Module NineModule SixModule ThreeUser Plane
Module EightModule FiveModule TwoControl/Signaling Plane
Module SevenModule FourModule OneManagement Plane
Applications LayerServices LayerInfrastructure Layer
Communication Security
Data Integrity
Availability
Privacy
The 8 Security DimensionsAre Applied to Each Security Perspective
Execute– Top Row for Analysis of Management Network
–Middle Column for Analysis of Network Services
– Intersection of Each Layer and Plane for analysis of Security
X.805
28
GSCX.805
Provides A Holistic Approach: Comprehensive, End-to-End Network View of Security Applies to Any Network Technology
Wireless, Wireline, Optical Networks Voice, Data, Video, Converged Networks
Applies to Any Scope of Network Function Service Provider Networks Enterprise Networks Government Networks Management/Operations, Administrative Networks Data Center Networks
Can Map to Existing Standards Completes the Missing Piece of the Security Puzzle of
what to do next
X.805
29
GSCSecurity Management
Information security management system – Requirements for telecommunications(ISMS-T) specifies the requirements for establishing,
implementing, operating, monitoring, reviewing, maintaining and improving a documented ISMS within the context of the telecommunication’s overall business risks
leverages ISO/IEC 17799:2000, Information technology, Code of practice for information security management
based on BS 7799-2:2002, Information Security Management Systems — Specifications with Guidance for use
X.1051
30
GSC
3. Asset classification& control
2. Organizational Security
1. Security policy
5. Physical & environmental security
4. Personnel security
7. Access control
10. Compliance
9. Business continuitymanagement
8. Systems development &maintenance
Information Assetsfor Telecom
6. Communications &operations management
Information Security Management Domains defined in
ISO/IEC 17799
31
GSC
Organizational security Asset management Personnel security Physical and environmental security Communications and operations
management Access control System development and maintenance
ISMSInformation
SecurityManagement System
X.1051
32
GSCMobile Security
Multi-part standard Framework of security
technologies for mobile end-to-end data communications describes security threats, security
requirements, and security functions for mobile end-to-end data communication
from the perspectives of the mobile user and application service provider (ASP)
Guideline for implementing secure mobile systems based on PKI describes considerations of implementing
secure mobile systems based on PKI, as a particular security technology
X.1121
X.1122
33
GSC
Mobile Network Open Network
Data communicationApplication Server(ASP)
MobileTerminal
(Mobile User)
Datacommunication
Application Server(ASP)
MobileTerminal
(Mobile User)
Datacommunication
General communication Framework
Gateway Framework Security threats
Relationship of security threats and models Security requirements Relationship of security requirements and threats Security functions for satisfying requirements
X.1121
Security framework for mobileend-to-end data communications
Mobile Securit
yGatew
ay
34
GSC
Mobile Network
Open Network
Application Server(ASP)
MobileTerminal(Mobile User)
MobileUser VA
ASP’s VA
Mobile user’sside CA
CA
RA
Repository
Repository
ASP’s side CA
Mobile Network
Open Network
Application Server(ASP)
MobileTerminal(Mobile User)
MobileUser VA
ASP’s VA
Mobile user’sside CA
CA
RA
Repository
Repository
ASP’s side CA
Gateway Model
General Model
X.1122
Secure mobile systems basedon PKI
ASP Application Service Provider CA Certification AuthorityRA Registration AuthorityVA Validation Authority
35
GSCTelebiometrics
A model for security and public safety in telebiometrics that can assist with the derivation of safe limits for the operation
of telecommunications systems and biometric devices provide a framework for developing a taxonomy of
biometric devices; and facilitate the development of authentication
mechanisms, based on both static (for example finger-prints) and dynamic (for example gait, or signature pressure variation) attributes of a human being
A taxonomy is provided of the interactions that can occur where the human body meets devices capturing biometric parameters or impacting on the body
X.1081
36
GSC
Telebiometric Multimodal Model:A Three Layer Model
the scientific layer5 disciplines: physics, chemistry, biology,
culturology, psychology the sensory layer – 3 overlapping
classifications of interactionsvideo (sight), audio (sound), chemo (smell, taste),
tango (touch); radio (radiation) - each with an out (emitted) and in (received) state
behavioral, perceptual, conceptualpostural, gestural, facial, verbal, demeanoral, not-
a-sign the metric layer
7 SI base units (m, kg, s, A, K, mol, cd)X.108
1