[フレーム] [フレーム]

ITU ITU's 160 anniversary

Connecting the world and beyond

WTDC 2025

Advanced Search

Executive Summary

Rollup Image

Page Content 20

Executive Summary

Study Group 17 meeting

(17 - 26 September 2014, Geneva/Switzerland)

Participation:

166 participants (21 more than at the previous SG17 meeting, +14%); 31 Member States, 17 Sector Members, 4 Associates, and 2 Academia participating. Several invited experts. Increased participation of Member States including of Developing Countries.

Organization of the meeting:

Busy and productive 4^th meeting in the middle of this study period having 8 working days.

Many parallel meetings per quarter each day. Many sessions were equipped with AdobeConnect or GotoMeeting teleconferencing.
Two SG17 open, extended management team meetings held (one late afternoon prior to the opening plenary and the other during the weekend), complemented by the SG17 security coordination meeting.
Contributions: 80 (63 last time, +27% increase) - from Asia/Pacific: 67 (22 from Korea, 13 from China Unicom, 6 each from China Telecom and China Mobile), USA/CAN: 4, Africa: 1, LAM: 0, CIS: 1, Europe: 6, Arab: 1.
TDs: 405 (55 more than in the previous meeting). This includes 45 incoming liaison statements, and 66 outgoing liaison statements.
Two of the nine SG17 vice chairmen again did not attend (unexcused); 6 Associate Rapporteurs also did not attend. The SG17 management team meeting developed a plan for action to contact them.

Recommendations approved (TAP – WTSA-12 Resolution 1):

The SG17 plenary meeting approved the text announced for TAP in accordance with WTSA-12 Resolution 1, Section 9. There is one new Recommendation as listed below:

Q Acronym Title New / Revised Editor(s) Location of text Equivalent
e.g., ISO/IEC Start of work

4/17 X.1211
(X.eipwa) Techniques for preventing web-based attacks New Xie Wei,
Heung Youl Youm TD 1293 Rev.5 2009-09

Amendment approved, Supplements and Technical Report agreed:

The SG17 plenary meeting approved one new Amendment, agreed two new Supplements to the X-series, and one new Technical Report.

Q⁽¹⁾ Acronym Title New / Revised Editor(s) Location of Text Equivalent
e.g., ISO/IEC Start of work

2/17, (3/17) X.mgv6 Supplement 23 to ITU-T X-series Recommendations – ITU-T X.1037 – Supplement on Security management guideline for the implementation of an IPv6 environment in telecommunications organizations New Masashi Eto,
Koji Nakao TD 1399 Rev.3 2011-04

4/17 X.1500
Amd.6 Overview of cybersecurity information exchange – Amendment 6 – Revised structured cybersecurity information exchange techniques Note (2) Youki Kadobayashi TD 1353 2013-09

6/17 X.msec-8 Supplement 24 to ITU-T X-series Recommendations – ITU-T X.1120-X.1139 series – Supplement on a secure application distribution framework for communication devices New Mijoo Kim,
Yutaka Miyake,
Heung Youl Youm TD 1369 Rev.1 2012-03

11/17 TR HBPKI Technical Report: Current and new challenges for public-key infrastructure standardization New Eric Andersen TD 1336 2013-09

Notes:

(1) In case of joint Question activity, the lead Question is given without parentheses and other Questions are shown in parentheses; such entries are only shown in the table against the lead Question.

(2) Amendment 6 supersedes Amendment 5.

Recommendations determined (TAP – WTSA-12 Resolution 1):

The SG17 plenary meeting determined (TAP) the following draft new ITU-T Recommendation in accordance with WTSA-12 Resolution 1, Section 9.

Q Acronym Title New / Revised Editor(s) Location of text Equivalent
e.g., ISO/IEC Start of work

4/17 X.1525
(X.cwss) Common weakness scoring system New Robert A. Martin TD 1337 2009-09

Recommendations consented for Last Call (AAP – Recommendation ITU-T A.8):

The SG17 plenary meeting gave consent (AAP) to six draft new ITU-T Recommendations, ten draft revised ITU-T Recommendations, and four Technical Corrigenda for Last Call according to Recommendation ITU-T A.8:

Q⁽¹⁾ Acronym Title New / Revised Editor(s) Location of Text Equivalent
e.g., ISO/IEC Start of work

6/17 X.1311 Cor.1 Information technology – Security framework for ubiquitous sensor networks – Technical Corrigendum 1 Heung-Youl Youm TD 1296 Rev.1 ISO/IEC 29180 Cor.1 2014-09

6/17 X.1314
(X.unsec-1) Security requirements and framework of ubiquitous networking New Junjie Xia,
Shilin You TD 1349 2010-12

7/17 X.1157
(X.sap-7) Technical capabilities of fraud detection and response for services with high assurance level requirements New Tae Kyun Kim,
Hyung-Jin Lim TD 1351 Rev1. 2011-09

7/17 X.1158
(X.sap-8) Multi-factor authentication mechanisms using a mobile device New Keun Ok Kim,
Seong-Hyeon Song,
Heung-Youl Youm TD 1335 Rev.4 2012-09

7/17 X.1159
(X.sap-9) Delegated non-repudiation architecture based on ITU-T X.813 New Keun-ok Kim,
Hee-won Shim,
Seong-Hyeon Song TD 1332 Rev.1 2012-09

11/17 X.520 Cor.1 Information technology – Open Systems Interconnection – The Directory: Selected Attribute Types – Technical Corrigendum 1 Eric Andersen TD 1287 ISO/IEC 9594-6 Cor.1 2014-01

11/17 X.691 Cor.3 Information technology – Specification of Packed Encoding Rules (PER) – Technical Corrigendum 3 Paul. E. Thorpe TD 1346 Rev.1 ISO/IEC 8825-2 Cor.3 2014-01

11/17 X.691 Cor.4 Information technology – Specification of Packed Encoding Rules (PER) – Technical Corrigendum 4 Paul. E. Thorpe TD 1347 Rev.1 ISO/IEC 8825-2 Cor.4 2014-01

11/17, (7/17) X.1341
(X.cmail) Certified mail transport and certified post office protocols New David Keller,
Laura Prin

TD 1259 Rev.2

Note (3)

2013-04

12/17 Z.100
Annex F1 Specification and Description Language - Overview of SDL-2010 – SDL formal definition: General overview Revised Rick Reed TD 1281 2013-04
Note (2)

12/17 Z.100
Annex F2 Specification and Description Language - Overview of SDL-2010 – SDL formal definition: Static semantics Revised Rick Reed TD 1282 Rev.3 2013-04
Note (2)

12/17 Z.100
Annex F3 Specification and Description Language - Overview of SDL-2010 – SDL formal definition: Dynamic semantics Revised Rick Reed TD 1283 Rev.1 2013-04
Note (2)

12/17 Z.161 Testing and Test Control Notation version 3: TTCN-3 core language Revised Dieter Hogrefe

TD 1308 Rev.1

Note (4)

ETSI ES 201 873-1 2013-04

12/17 Z.161.1 Testing and Test Control Notation version 3: TTCN-3 language extensions: Support of interfaces with continuous signals Revised Dieter Hogrefe

TD 1309 Rev.1

Note (5)

ETSI ES 202 786 2013-04

12/17 Z.161.2 Testing and Test Control Notation version 3: TTCN-3 language extensions: Configuration and deployment support Revised Dieter Hogrefe

TD 1310 Rev.1

Note (6)

ETSI ES 202 781 2013-04

12/17 Z.161.3 Testing and Test Control Notation version 3: TTCN-3 language extensions: Advanced parameterization Revised Dieter Hogrefe

TD 1311 Rev.1

Note (7)

ETSI ES 202 784 2013-04

12/12 Z.161.5 Testing and Test Control Notation version 3: TTCN-3 Language extensions: Performance and real time testing New Dieter Hogrefe

TD 1312 Rev.1

Note (8)

ETSI ES 202 782 2014-01

12/17 Z.165 Testing and Test Control Notation version 3: TTCN-3 runtime interface (TRI) Revised Dieter Hogrefe

TD 1313 Rev.1

Note (9)

ETSI ES 201 873-5 2013-04

12/17 Z.165.1 Testing and Test Control Notation version 3: TTCN-3 extension package: Extended TRI Revised Dieter Hogrefe

TD 1314 Rev.1

Note (10)

ETSI ES 202 789 2013-04

12/17 Z.166 Testing and Test Control Notation version 3: TTCN-3 control interface (TCI) Revised Dieter Hogrefe

TD 1315 Rev.1

Note (11)

ETSI ES 201 873-6 2013-04

Notes:

(2) AAP Last Call to be delayed.

(3) COM 17 – R 36 Annex A Attachment 2 contains the A.5 justification information for draft new Rec. ITU-T X.1341.

(4) COM 17 – R 36 Annex B Attachment 1 contains the A.5 justification information for draft revised Rec. ITU-T Z.161.

(5) COM 17 – R 36 Annex B Attachment 2 contains the A.5 justification information for draft revised Rec. ITU-T Z.161.1.

(6) COM 17 – R 36 Annex B Attachment 3 contains the A.5 justification information for draft revised Rec. ITU-T Z.161.2.

(7) COM 17 – R 36 Annex B Attachment 4 contains the A.5 justification information for draft revised Rec. ITU-T Z.161.3.

(8) COM 17 – R 36 Annex B Attachment 5 contains the A.5 justification information for draft new Rec. ITU-T Z.161.5.

(9) COM 17 – R 36 Annex B Attachment 6 contains the A.5 justification information for draft revised Rec. ITU-T Z.165.

(10) COM 17 – R 36 Annex B Attachment 7 contains the A.5 justification information for draft revised Rec. ITU-T Z.165.1

(11) COM 17 – R 36 Annex B Attachment 8 contains the A.5 justification information for draft revised Rec. ITU-T Z.166.

New work items:

The following 20 new work items were agreed to be added to the SG17 work programme:

Q⁽¹⁾ Acronym Title New/ Revised AAP/TAP/ Agreement Editor(s) Documents

Equivalent

e.g., ISO/IEC

Timing***

1/17 X.TRSM6ed

Technical Report

Security in telecommunications and information technology – An overview of issues and the deployment of existing ITU-T Recommendations for secure telecommunications; 6^th edition

New Agreement Michael Harrop NWI template:
TD 1232 Rev.1 2015-09

2/17 X.sgmvno

Supplement to ITU-T X.805

Security guideline for mobile virtual network operator (MVNO)

New Agreement

Hongwei Luo, China;

Laifu Wang, China Telecom

NWI template:
TD 1317 Rev.2 2016-03

2/17 X.tigsc Technical implementation guidelines for ITU-T X.805 New AAP Heung Youl Youm, Korea (Republic of)

NWI template:
TD 1359 Rev.3

Base text:
TD 1359 Rev.3 Annex 2

2017-03

3/17 X.sup-gpim

Supplement to ITU-T X.gpim

Code of practice for personally identifiable information protection for telecommunications organizations

New Agreement

Lijun Liu, China Mobile;

Heung Youl Youm, Korea (Republic of)

NWI template:
TD 1328 Rev.4 2016-03

4/17 X.cogent Design considerations for improved end-user perception of trustworthiness indicators New TAP

Youki Kadobayashi, NICT;

Daisuke Miyamoto, University of Tokyo

NWI template:
TD 1340 Rev.2 2015-09

4/17 X.simef Session information message exchange format (SIMEF) New TAP

Ik-Kyun Kim, ETRI, Korea (Republic of);

Jong-Hyun Kim, ETRI, Korea (Republic of)

NWI template:
TD 1364 Rev.2 Annex 1

Base text:
TD 1364 Rev.2 Annex 2

2015-09

5/17 X.gcspi

Supplement to ITU-T X.1242

Guideline for countermeasures against short message service (SMS) phishing incidents

New Agreement

Lijun Liu, China Mobile, China (People's Rep. of);

Jae Hoon Nah, ETRI/ KISSF, Korea (Republic of);

Deawoo Park, Korea (Republic of)

NWI template:
TD 1391 Rev.3

Base text:
C 0255

2017

5/17 X.ticsc

Supplement to ITU-T X.1245

Technical measures and mechanism on countering the spoofed call in the visited network of VoLTE

New Agreement

Bo Yu, China Unicom;

Jie Yuan, China Mobile;

Chen Zhang, China Mobile

NWI template:
TD 1359 Rev.2

Base text:
C 0289

2016-03

6/17 X.iotsec-1 Simple encryption procedure for IoT device security New TAP Hirotaka Yoshida, Hitachi

NWI template:
TD 1437 Rev.1

Base text:
C 0286 Rev.1

2016-03

6/17 X.itssec-1 Software update capability for ITS communications devices New TAP

Masashi Eto, NICT

Koji Nakao, NICT / KDDI

NWI template:
TD 1409 Rev.3 Annex 1

Base text:
TD 1409 Rev.3 Annex 2

2016-03

6/17 X.itssec-2 Security guidelines for V2X communication systems New TAP

Sang-Woo Lee, ETRI;

Jae-Hoon Nah, ETRI

NWI template:
TD 1405 Rev.1 2016-03

6/17 X.sgsec-2 Security guidelines for home area network (HAN) devices in smart grid systems New TAP

Woong Go, KISA;

Haeryong Park, KISA;

Jeong-Jun Suh, KISA

NWI template:
TD 1386 Rev.2

Base text:
TD 1386 Rev.2

2017-03

6/17 X.msec-9 Functional security requirements and architecture for mobile phone anti-theft measures New TAP

Xia Junjie, China Unicom;

Heung Youl Youm, Korea (Republic of)

NWI template:
TD 1348 Rev.4

Base text:
TD 1348 Rev.4 Annex 1

2017-03

6/17 X.sdnsec-1 Requirements for security services based on software-defined networking New TAP

Hyoungshick Kim, Korea (Republic of);

JungSoo Park, ETRI

NWI template:
TD 1371

Base text:
TD 1371 Annex 1

2017-03

7/17 X.websec-6 Security framework and requirements for open capabilities of telecommunication services New AAP

Feng Gao, China Unicom;

Jae Hoon Nah, ETRI;

Junjie Xia, China Unicom

NWI template:
TD 1368 Rev.1

Base text:
C 0303 Rev.2

2016-09

7/17 X.websec-7 Reference monitor for online analytics services New AAP

Hyungjin Lim, Korea (Republic of);

Jongyoul Park, ETRI;

Junjie Xia, China Unicom

NWI template:
TD 1327 Rev.2

Base text:
C 0253

2017

8/17 X.CSCDataSec Guidelines for cloud service customer data security New TAP Nan Meng, MIIT/China

NWI template:
TD 1422 Rev.2

Base text:
TD 1422 Rev.2 Annex I

2017

10.17, (7/17) X.eaaa Enhanced entity authentication based on aggregated attributes New TAP

Tae Kyung Kim, Korea (Republic of)

Jae Hoon Nah, ETRI, Korea (Republic of);

Junjie Xia, China Unicom, P.R.China

NWI template: TD 1350 Rev.3 2016

10/17 X.1255sup

Supplement to Recommendation ITU-T X.1255

Proposed conceptual models based on ITU-T X.1255 frameworks

New Agreement Abbie Barbir, MBNA NWI template:
TD 1411 Rev.2 2015-04

11/17 X.oiddev Information technology – Use of object identifiers to identify devices in the Internet of Things New AAP Jun Seob LEE, ETRI

NWI template:
TD 1427 Rev.1

Base text:
TD 1363 Rev.2

yes 2016

Notes:

*** Target date for consent or determination of Recommendations or for approval of appendices,
supplements or implementers' guides.

Work items discontinued:

The following two work items were agreed to be deleted from the work programme:

Q Acronym Title Action

4/17 X.cybex-beep Use of BEEP for cybersecurity information exchange delete

10/17 X.giim Mechanisms to support interoperability across different IdM services delete

Coordination and promotion activities:

A fruitful joint meeting between SG17 and ITU-D SG2 Question 3/2 took place, which mutually envisioned further strengthened collaboration.
SG17 reviewed the established liaison relationships between ITU-T and ISO TCs, SCs and JTC1/SCs, and checked if the Category A, B, C, or D designations still apply (for SG17).
Two Joint Coordination Activity meetings under the SG17 parent-ship were held, JCA-IdM and JCA-COP.
Updates were made to the Security Compendium, and to the ICT Security Roadmap.

Correspondence Groups:

Three new Correspondence Groups and one continued CG were agreed.

CG-investigate: New Correspondence Group on investigation for new topics for SG17 standardization; convened by all 8 session chairmen of the ITU security workshop.
The CG will investigate any considerable topics from the results of the workshop, and to collect and analysis the further information related to the new topics for the purpose of identifying a set of new work items for SG17 near future. Envisioned topics are for example: Big Data security, IoT security, smart home/city (including smart-grid), CII resilience (CIIR)).
CG-rapp-guidelines, New Correspondence Group on guidelines for organizing Rapporteur Group meetings and meetings of Questions; convened by Mr. Jiang Hua. This CG will discuss a) review and provide comments to SG17 on the ITU-T SG16 guidelines for organizing Rapporteur Group meetings (TSAG TD 150); and b) provide to SG17 a proposal for unifying the agendas of meetings of Questions held during working party or study group meetings, in particular unifying the time table for taking up agendas items.
CG-coll-strengthening, New Correspondence Group on strengthening collaboration between ITU-T SG17 and ITU-D SG2 Q3/2 on security. This new ITU intersectoral CG between the T- and the D- Sectors will identify areas for collaboration. Exact details of the technical implementation and convernership of this CG are subject for further coordination between TSB and BDT.
CG-CYBEX, Continued Correspondence Group on cybersecurity information exchange capabilities.

Other highlights:

Four special sessions were held to off-load the plenaries from debates: on bridging the standardization gap (with live interpretation); on outcomes of the ITU-T security workshop; on preparing for the joint meeting between SG17 and D-Q3/2; and the joint meeting with D-3/2. The meeting confirmed to continue organizing a BSG session at every SG17 meeting.
SG17 agreement on the A.4 and A.5 qualification of the OpenID Foundation with SG17's expectation to receive their IdM specifications for standardization in SG17.
SG17 agreement on the A.4 or A.6 qualification of GSMA for X.msec-9.
SG17 invited the Fast Identity Online (FIDO) alliance to consider initiating a qualification according to Recs. ITU-T A.4 and A.5.
SG17 initiated collaboration with OASIS TC IBOPS (Identity Based Attestation and Open Exchange Protocol Specification, i.e. IdM using telebiometrics).
Due to procedural constraints imposed by Rec. ITU-T A.7 (12 days deadline for submission of proposals), a new Focus Group on Critical Infrastructure Protection and ICT Security (FG-CIPIS) with proposed terms of reference could not be established at this meeting.
WP2/17 considered the few (2), non-representative responses to the questionnaire on spam and agreed that some other means should be tried instead to gather the desired information than using questionnaires.

Associated events:

Associated events below assisted in identifying new actions for the study group and leverage the collaboration with other organizations and hopefully attract new experts to the ITU-T and SG17 community.

A successful, well attended ITU workshop on ICT Security Standardization Challenges for Developing Countries - Geneva, Switzerland, 15 – 16 September 2014 took place before the SG17 meeting.
Mentoring programme for newcomers: Comprehensive programme through tutorials (see below), welcome, feedback session and guided tour, all attended with interest.
Reception and social networking event sponsored by RANS with live harp music performance by artist Mr. Alexander Boldachev.

Tutorial presentations:

Seven tutorial presentations were given at this Study Group 17 meeting and found quite some positive interest.

"SG17 orientation session for newcomers",
Arkadiy Kremer, SG17 Chairman.
"ENISA and standards",
Mr. Slawomir Gorniak, ENISA.
"Security aspects on Intelligent Transportation Systems (ITS) and how to keep cars secure",
Mr. Juergen Frank, Freescale Halbleiter Deutschland GmbH.
"Multinational Alliance for Collaborative Cyber Situational Awareness (MACCSA): Accelerating Information Sharing for Collaborative Cyber Situational Awareness (CCSA)",
Mr. Patrick Curry, CEO of MACCSA
This tutorial was further discussed by Q4/17.
"New SharePoint collaboration site created for SG17 work",
Mr. Al Dayao, TSB.
"Massive PII leak incident and national-level countermeasures in Korea",
Mr. Heung-Youl Youm, Soonchunhyang University, Korea.
"ITU's engagement in the Internet Governance Forum (IGF)",
Ms. Jeoung Hee Kim, ITU GenSec SPM; Mr. Chengetai Masango, IGF Secretariat.

Next SG17 meeting:

WED 8 – FRI 17 April 2015, Geneva, Switzerland.
Eight interim Rapporteur Group meetings (some of them virtual e-meetings) are planned until April 2015.

Page Content 9

Page Content 10

Page Content 18

Page Content 19

Page Content 6

Page Content 7

Page Content 11

Page Content 12

Page Content 2

Page Content 3

Page Content 4

Page Content 5

Page Content 13

Page Content 14

Page Content 15

Page Content 16