[フレーム] [フレーム]

Connecting the world and beyond

1809-summary

Page Content

Executive Summary

Meeting of ITU-T SG17 'Security', Geneva, 29 August – 7 September 2018

Hot topics:

  • Transformation of Security Study – incubation trial in SG17
  • Revision of Question texts
  • PKI
  • TTCN-3
  • IoT security
  • 5G security
  • Big Data security
  • Intelligent Transport System (ITS) security
  • Distributed Ledger Technology (DLT) security
  • Distributed identity management
  • Software-defined networking security
  • Personally identifiable information protection
  • Quantum key distribution

ITU workshop on Advanced Cybersecurity Attacks and Ransomware 

The event was announced by TSB Circular 97 and was attended by 105 participants (including remote participation) from 27 countries.  Outcome of this workshop identified next step advices for SG17 is found at: https://www.itu.int/en/ITU-T/Workshops-and-Seminars/20180828/Documents/Outcomes_final.pdf

Meeting Output:

  • Approved (TAP) 1 new ITU-T Recommendations. Details are in Annex A a).
  • Agreed 3 new Supplement/Implementer's Guide. Details are in Annex A c).
  • (re-)Determined (TAP) 3 draft new ITU-T Recommendations. Details are in Annex A d).
  • Consented (AAP) 19 new/revised texts for Last Call. Details are in Annex A e).
  • 25 new work items were agreed to be added to the SG17 work programme. Details are in Annex B.
  • 7 existing work items to be removed. Details are in Annex C.
  • 4 Question Texts revised.

Next SG17 meeting:

  • Tuesday 22 – Wednesday 30 January 2019, Geneva, Switzerland (8 working days including Sunday 27 Jan 2019).
    • Workshop on AI, ML and security on Monday 21 January 2019, Geneva, Switzerland.
  • Tuesday 27 August – Thursday 5 September 2019 (To be confirmed), Geneva, Switzerland.
    • Workshop on FinTech (To be confirmed) security on Monday 26 August 2019, Geneva, Switzerland.
  • 8 texts are candidate for action in next SG17 meeting, see in Annex A f).
  • Interim RGM meetings: 3 Questions plan to hold 3 RGMs.
  1.  
Q Date Place/Host Subject/objective
1.                 

10/17

(collocate with 14/17)

3rd week in November 2018 (tbc)
Tokyo, Japan
  • tbd
2.                  13/17 Nov 2018 tbc
  • To address all items.
3.                  14/17
(collocate with 10/17) 3rd week in November 2018 (tbc) Tokyo, Japan
  • To address all items

Bridging the Standardization Gap (BSG):

  • Welcome and guided tour for newcomers;
  • SG17 orientation session with SG17 overview presentation given by SG17 Chairman;
  • BSG hands-on training session for 11 participants from 7 developing countries.
  • Informal gathering of SG17RG-AFR and SG17RG-ARB

Tutorial presentations:

Six tutorials (TD1244) on thematic subjects including AI/ML for Cybersecurity, 3GPP SA3 work on 5G Security, Security Control Expressions & the Universal Security Control Syntax Language,  Technical applications of blockchain to UN/CEFACT, and GDPR Overview.

Participation:

  • 168 participants (188 announced): 37 Member States (39 countries), 21 Sector Members, (4 Associates), and 2 Academia. 8 invited experts.
  • 9 partial fellowships granted: Afghanistan, Bangladesh, Benin, Burundi, Central Africa, Comoros, Gambia, Senegal, Sudan
  • 1 new associate (IDQ(Switzerland))
  • 2 new academia (Florida Atlantic Univ (US), IRT SystemX(France))
  • 4 New Member States participation: Angola, El Salvador, Gambia, Qatar
  • SG17 vice chairmen absent: Patrick-Kennedy KETTIN ZANGA (Central Africa), Gökhan EVREN (Turkey), Hugo Darío MIGUEL (Argentina) and Wala Latrous (Tunisia).

Other highlights:

  • SG17 plenary organized 3 sessions to discuss transformation of security study, and on trial bases held 2 incubation discussion sessions on NWI proposals related to secure quantum communication.
  • JCA-IdM held its 25th meeting on 31 August 2018. ITU-T SG17 received updates from FIDO Alliance, Sovrin Fondation, ISO/IEC JTC 1/SC 27/WG5 and Q10/17.

Correspondence Groups:

  • CG-cybex was terminated.
  • CG-xss (correspondence group on transformation of security study) will continue.

Meeting input and organization:

Contributions: 144 - ever increasing (past meetings: 113, 106, 78, 81, 66, 74, 80)

Contribution# from: APT (100 (69%) (= China 55 (38%), Korea 33, Japan 7, India 2, Iran 3)), Americas (10), EUR (28), AFR (6), ARAB (1), LAM (0). 

TDs: 420 (previous meeting: 395, 426, 368, 391, 418, 371, 386), including 40 incoming liaison statements and 37 outgoing liaison statements; 79 prepared by SG17 secretary.

252 sessions (previous meeting: 249, 204) were organized, up to 12 parallel meetings per quarter.

27 sessions (previous meeting: 25, 11) used remote participation

Annex A
Actions taken on Recommendations, and other texts at the 7 September 2018 SG17 plenary

a) TAP Recommendations approved (WTSA-16 Resolution 1):

The SG17 plenary meeting approved (TAP) the following draft new/revised ITU-T Recommendations in accordance with WTSA-16 Resolution 1, Section 9.

Q Acronym Title New / Revised Editor(s) Location of text Equivalent
e.g., ISO/IEC Start of work Timing
6/17 X.1361
(X.iotsec-2) Security framework for Internet of Things based on the gateway model New Xia Junjie,
Heung-Youl Youm TD1529   2015-04 2018-09

Approval of the above Recommendations will be announced by TSB Circular in Sept 2018.

b) TAP Recommendations not approved (WTSA-16 Resolution 1):

None.

c) Amendment approved, Corrigendum approved, Supplements agreed:

The SG17 plenary meeting agreed or approved the following texts.

  Q Acronym Title New / Revised Editor(s) Location of Text Equivalent
e.g., ISO/IEC Start of work Timing
1.              3/17 X.sup13-rev Revision of Supplement 13
Rev

Yutaka Miyake

Kyeong Hee Oh

TD1524R3   2016-09 2018-09
2.      5/17 X.Supl.33 (X.sup-ctss) Supplement to ITU-T X.1231 Technical framework for countering telephone service scam New

Gao Feng

Nan Jiang

Junjie Xia

Chen Zhang

Yanbin Zhang

TD1472   2016-09 2018-09
3.                  12/17 Z.Imp100rev Z.Imp100 Specification and Description Language implementer's guide - Version 3.0.2 Rev Rick Reed TD1378   2017-09 2018-09

d) Recommendations determined (TAP – WTSA-16 Resolution 1):

The SG17 plenary meeting determined (TAP) the following draft new/revised ITU-T Recommendations in accordance with WTSA-16 Resolution 1, Section 9.

  Q Acronym Title New / Revised Editor(s) Location of text Equivalent
e.g., ISO/IEC Start of work Timing
1.        4/17 X.1215
(X.ucstix) Use cases for Structured Threat Information Expression New Jong-Hyun Kim, Jihye Kim,
Heung Youl Youm,
Ik-Kyun Kim TD1541R2     2018-09
2.        5/17 X.1249
(X.tfcma) Technical Framework for Countering Mobile in-application Advertising Spam New Hongwei Luo,
Laifu Wang,
Xin Wang TD1450R1   2015-09 2018-09
3.        6/17 X.1042 (X.sdnsec-1) Security services using the Software-defined networking New Hyoungshick Kim,
JungSoo Park TD1543R2   2014-09 2018-09

Member States consultation will be launched by TSB Circular in Oct 2018 after editorial checking. Further updates will be posted at http://www.itu.int/ITU-T/studygroups/com17

e) AAP Recommendations consented for Last Call (Recommendation ITU-T A.8):

The SG17 plenary meeting gave consent (AAP) to the following draft new/revised ITU-T Recommendations and Technical Corrigenda for Last Call according to Recommendation ITU-T A.8:

  Q Acronym Title New / Revised Editor(s) Location of text Equivalent
e.g., ISO/IEC Start of work Timing
1.                  7/17
X.1450 (X.hakm) Guidelines on hybrid authentication and key management mechanisms in client-server model New Jung Yeon Hwang,
Kyu Young Choi,
Sangrae Cho TD1490R1   2015-04 2018-09
2.                  7/17 X.1147 (X.srfb) Security Requirements and Framework for Big Data Analytics in Mobile Internet Services New Junjie Xia,
Feng Gao,
Jongyoul Park,
Nan Jiang TD1477R4   2016-08 2018-09
3.                  9/17 X.1093 (X.tac) Telebiometric Access Control with smart ID Card New Myung Geun Chun TD1504R1   2017-03 2018-09
4.                  10/17 X.1277 (X.uaf) FIDO Universal Authentication Framework (UAF) New Abbie Barbir, David Turner TD1572R1 FIDO 2018-09 2018-09
5.                  10/17 X.1278 (X.ctap) Client To Authenticator Protocol/Universal 2-factor authentication framework. New Abbie Barbir, David Turner TD1557R1 FIDO 2018-09 2018-09
6.                  11/17 X.894 (X.cms-prof) Cryptographic Message Syntax (CMS) profile New Jean-Paul Lemaire TD1442R2

ISO24-4

2018

2017-09 2018-09
7.                  11/17 X.676 (X.orf-gs) Object identifier-based resolution framework for IoT grouped services New

Younghwan Choi

JungSoo Park

TD1563R2

 

    2018-09
8.                  12/17 Z.100 Annex F1 Specification and Description Language - Overview of SDL-2010 - SDL formal definition: General overview Rev Rick Reed, Edel Sherratt TD1374R2   2017-03 2018-09
9.                  12/17 Z.100 Annex F2 Specification and Description Language - Overview of SDL-2010 - SDL formal definition: Static semantics Rev Rick Reed, Edel Sherratt TD1375R2   2017-03 2018-09
10.               12/17 Z.100 Annex F3 Specification and Description Language - Overview of SDL-2010 - SDL formal definition: Dynamic semantics Rev Rick Reed, Edel Sherratt TD1376   2017-03 2018-09
11.               12/17 Z.151 User Requirements Notation (URN) - Language definition Rev Gunter Mussbacher C347   2015-09 2018-09
12.               12/17 Z.161rev Testing and Test Control Notation version 3: TTCN-3 core language Rev Dieter Hogrefe TD1456 ETSI ES 201 873-1 2017-09 2018-09
13.               12/17 Z.161.2rev Testing and Test Control Notation version 3: TTCN-3 language extensions: Configuration and deployment support Rev Dieter Hogrefe TD1453 ETSI ES 202 781 2017-09 2018-09
14.               12/17 Z.161.4rev Testing and Test Control Notation version 3: TTCN-3 language extensions: Behaviour types Rev Dieter Hogrefe TD1454 ETSI ES 202 785 2017-09 2018-09
15.               12/17 Z.161.6rev Testing and Test Control Notation version 3: TTCN-3 language extensions: Advanced Matching Rev Dieter Hogrefe TD1455 ETSI ES 203 022 2017-09 2018-09
16.               12/17 Z.166rev Testing and Test Control Notation version 3: TTCN-3 control interface (TCI) Rev Dieter Hogrefe TD1457 ETSI ES 201 873-6 2017-09 2018-09
17.               12/17 Z.167rev Testing and Test Control Notation version 3: Using ASN.1 with TTCN-3 Rev Dieter Hogrefe TD1458 ETSI ES 201 873-7 2017-09 2018-09
18.               12/17 Z.169rev Testing and Test Control Notation version 3: Using XML schema with TTCN-3 Rev Dieter Hogrefe TD1459 ETSI ES 201 873-9 2017-09 2018-09
19.               12/17 Z.171rev Testing and Test Control Notation version 3: Using JSON with TTCN-3 Rev Dieter Hogrefe TD1460 ETSI ES 201 873-11 2017-09 2018-09

These Recommendations will enter AAP Last call in Sept-Oct 2018.

f) Work items planned for action in next SG17 meeting:

 

  Q Acronym Title New / Revised Editor(s)​​ Location of text Equivalent
e.g., ISO/IEC Start of work Timing
1.        2/17 X.sdnsec-3 Security guideline of Service Function Chain based on software defined network New

Feng Zhang,
Min Zuo,
Junjie Xia,
Zhiyuan HU,
JungSoo Park

TD1527R1     2019-01
2.                  3/17 X.grm Risk management implementation guidance on the assets of telecommunication organizations accessible by global IP-based networks New Chen Zhang,
Bo Yu
Yunbo Feng
TD1491R1   2014-09 2019-01
3.                  6/17 X.secup-iot * Secure Software Update Procedure for IoT Devices New

Takeshi Takahashi,
Koji Nakao,
Yunchul Choi

TD1547   2017-09 2019-01
4.                  6/17 X.iotsec-3* Technical framework of PII (Personally Identifiable Information) handling system in IoT environment New Yutaka Miyake,
Bo Yu TD1500R2   2017-03 2019-01
5.                  9/17 X.tab Telebiometric authentication using bio-signals New Jason Kim TD1494R1     2019-01
6.                  10/17 X.Sup-1254rev** Supplement to X.1254rev on use cases and high level abstract implementations New

Junjie Xia,
Bo Yu,
Feng Zhang

TD1070   2018-03 2019-01
7.                  12/17 Z.109rev Specification and Description Language - Unified modeling language profile for SDL-2010 Rev Alexander Kraas
      2019-01
8.                  13/17 X.stcv* security threats in connected vehicles New

Koji Nakao,
Seungwook ​Park,
Sang-Woo Lee,
ChangOh Kim

TD1605R1   2018-03 2019-01


 

 

Annex B
New work items

The following new work items were agreed to be added to the SG17 work programme:

  Q Acronym Title New/ Revised AAP/TAP/ Agreement Editor(s) Location of text Equivalent
e.g., ISO/IEC Timing(1)
1.                  3/17 X.sup-csc** Supplement on critical security controls for telecommunications organizations information and network security management in support of ITU-T X.1051 New Agreement Payen Patrice,
Taddei Arnaud,
Mustafa Thaib TD1469 R2
2020-09
2.                  4/17 X.qrng-a Quantum noise random number generator architecture New AAP Sean Kwak,
Charles Harvey,  Warner Miller, TD1495R4
2019-09
3.                  4/17 TR.sec-qkd** Technical report on security framework for quantum key distribution in telecom network New Agreement Sean Kwak TD1496R4
2020-09
4.                  5/17 X.tfcmms* Technical framework for countering multimedia messaging service spam New TAP Wei Liu, Jinfeng Kou, Tao Ye, Zhaoji Lin TD1564R1
2021-09
5.                  6/17 X.elf-iot * Standard format of IoT error logs for security incident operations New TAP

Koji Nakao,

Kiyotaka ATSUMI

TD15 50R3
2020-03
6.                  6/17 X.amas-iot* Aggregate Message Authentication Scheme with Group Authentication Capability for IoT environment New TAP Koji Nakao TD15 51R1
2020-03
7.                  6/17 X.sc-iot* Security Controls for Internet of Things (IoT) system New TAP

Koji Nakao,

Liu Lijun

TD15 52R1
2020-03
8.                  6/17 X.iotsec-4* Security Requirements for IoT devices and gateway New TAP

Hosoek Ryu,

Miyeon Yoon, Wonsuk Chung

TD15 68R1
2021-09
9.                  6/17 X.5Gsec-t* Security framework based on trust relationship in 5G ecosystem New TAP

Junzhi Yan,

Jin PengMinpeng Qi, HeungYoul Youm

TD15 06R3
2021-03
10.               7/17 X.tfrca Technical framework of risk control to support authentication New AAP Min Zuo,
Xin Wang TD1493R3
2020-10
11.               8/17 X.sgcc Security Guidelines for Container in cloud computing environment New AAP Ye Tao,
Lei Xu,
Laifu Wang,
Lanfang Ren TD1537R1
2020-10
12.               9/17 X.b2m Biology to Machine Protocol New AAP John Caras,
Erik Andersen, Myung Geun Chun TD1558
2020-03
13.               11/17 X.500 Amd.1 Proposed draft 1st amendment to Rec. ITU-T X.500 (2016) | ISO/IEC 9594-1:2017  Amd AAP Erik Anderson C312
2019
14.               11/17 X.501 Amd.1 Proposed draft 1st amendment to Rec. ITU-T X.501 (2016) | ISO/IEC 9594-2:2017  Amd AAP Erik Anderson C314
2019
15.               11/17 X.509Amd.1 Proposed draft 1st amendment to Rec. ITU-T X.509 (2016) | ISO/IEC 9594-8:2017  Amd AAP Erik Anderson C316r1
2019
16.               11/17 X.511 Amd.1 Proposed draft 1st amendment to Rec. ITU-T X.511 (2016) | ISO/IEC 9594-3:2017  Amd AAP Erik Anderson C318
2019
17.               11/17 X.518 Amd.1 Proposed draft 1st amendment to Rec. ITU-T X.518 (2016) | ISO/IEC 9594-4:2017  Amd AAP Erik Anderson C320
2019
18.               11/17 X.519 Amd.1 Proposed draft 1st amendment to Rec. ITU-T X.519 (2016) | ISO/IEC 9594-5:2017  Amd AAP Erik Anderson C323
2019
19.               11/17 X.520 Amd.1 Proposed draft 1st amendment to Rec. ITU-T X.520 (2016) | ISO/IEC 9594-6:2017  Amd AAP Erik Anderson C325
2019
20.               11/17 X.521 Amd.1 Proposed draft 1st amendment to Rec. ITU-T X.521 (2016) | ISO/IEC 9594-7:2017  Amd AAP Erik Anderson C327 2019
21.               11/17 X.525 Amd.1 Proposed draft 1st amendment to Rec. ITU-T X.500 (2016) | ISO/IEC 9594-1:2017  Amd AAP Erik Anderson C312
2019
21.     13/17 X.edrsec* Security guidelines for cloud-based event data recorders in automotive environment New TAP

Sang-Woo Lee,

Whapyeong Lim

Aram Cho,

Seungwook Park

TD1520R1
2021-09
22.     13/17 X.eivnsec* Security guideline for Ethernet-based In-Vehicle networks New TAP

Sang-Woo Lee,

You-Sik Lee

TD1519R1
2021-09
23.     13/17 X.fstiscv* Framework of security threat information sharing for connected vehicles New TAP

Min Shu, Yunwei Zhao, Xiaochun Yun,

Wenlei Wang

 

TD1522R1
2021-09
24.     13/17 X.1373rev* Secure software update capability for intelligent transportation system communication devices Rev TAP Koji Nakao,
Sang-Woo Lee,
Aram Cho, Seungwook Park TD1523
2019-09
25.               14/17 X.srip-dlt* Security requirements for intellectual property management based on distributed ledger technology New TAP Min Shu, Yunwei Zhao, Yuhee Ki, Wenlei Wang, Yang Wu, Jung Yeon Hwang TD1479R3
2020-09

Notes:

  1. Target date for consent or determination of Recommendations or for agreement of Supplements or non-normative text.
    *: for determination, **: for agreement
     
     

Annex C
Work items Removed

The following 7 work items were agreed to be deleted from the SG17 work programme:

  Q Acronym Title
1.        3/17 X.cins Information technology - Security techniques - Guidelines for cyber insurance
2.        4/17 X.metric Metrics for evaluating threat and resilience in cyberspace
3.        9/17 X.th2 Telebiometrics related to physics
4.        9/17 X.th3 Telebiometrics related to chemistry
5.        9/17 X.th4 Telebiometrics related to biology
6.        9/17 X.th5 Telebiometrics related to culturology
7.        9/17 X.th6 Telebiometrics related to  psychology

AltStyle によって変換されたページ (->オリジナル) /