[フレーム] [フレーム]

Connecting the world and beyond

Executive Summary, March 2023

Rollup Image
Page Content 20

​​​​​​ ​Executive Summary

Meeting of ITU-T SG17 'Security', Geneva, 21 February – 3 March 2023

Hot topics ​

  • Intelligent transport system security
  • ​5G security
  • IoT security
  • Cloud security
  • ​Cybersecurity
  • Quantum based security
  • Simulation for security

1.  ​Meeting outputs (meeting statistics see Annex E below)

  • Output standards (20, see Annex A):
    • ​TAP approval (9): Details are in Annex A a).
    • TAP not approved (2): Details are in Annex A b).​
    • TAP (re-)determined (6): 5 new Recommendations and 1 Technical Corrigendum. Details are in Annex A c).
    • AAP consented (4): 4 new Recommendations for AAP Last Call. Details are in Annex A d).
    • Agreed (1): 1 new Technical Report. Details are in Annex A e).
  • New work items (23, see Annex C).
  • Discontinued work items (1, see Annex D).
  • ITU Workshop on "DLT security, identity management and privacy" was held successfully on 20 February 2023
  • Replacement of the SG17 vice-chairman from Algeria
  • Replacement of WP3/17 vice-chairman by Afnan Alromi (Saudi Arabia)
  • Survey on countering spam fraud ​launched
  • SG17 sub-groups:
    • JCAs:
      • ​JCA-COP: remains dormant
      • JCA-IdM: continued with revised ToR, and held its 31st meeting on Friday 24 February 2023
      • (JCA-DCC: meeting on Friday 24 February 2023)
    • Correspondence Groups
      • CG-SG17-wtsa24-prep: continued
      • CG-secapa (Correspondence Group on Security Capability and Architecture): continued
      • CG-FIDO (Correspondence Group on FIDO standards): terminated
    • ​Advisory group on X.509: continued

2.  ​​Next SG17 meetings 

  • WP3/17 plenary, Fully virtual, 8 May 2023 to consent revised ITU-T X.1051 |ISO/IEC 27011 
  • 2n​​d ITU X.509 Day event, Fully virtual, 9 May 2023
  • 4th SG17 meeting,Korea, Tuesday 29 August - Friday 8 September 2023 (9 working days, physical meeting with remote participation)
    • ITU workshop on "Zero trust and identity management security", Monday 28 August 2023, 09:30-17:30
    • Open and extended management team meeting, Monday 28 August 2023, 19:00-21:00.
    • 32nd JCA-IdM meeting, Friday 1 September 2023, 14:30-16:00
    • 24 Candidate texts for action, details see Annex B.
  • (ITU-WHO workshop on DCC (TBD) on 11 September 2023 followed by 5th JCA-DCC meeting on 12 September 2023.)
  • 5th SG17 meeting: Feb/Mar 2024, Malaysia (tbc)

3.  ​​Interim RGMS 

7 Questions plan to hold the following 9 RGMs before next SG17 meeting:

#
Q/17 Date Place/Host Subject/objective

1

2/17

18-19 May 2023

​Seoul, Korea
​(Hosted by SCH University)

 

  • ​​To prepare texts for action in next SG17 meeting: X.5Gsec-ctrl and TR.cpn-col-sec.
  • To review all work items and identify future topics for Q2/17

 

2
3/17
13 April 2023

e-meeting
  • ​X.1​051rev2

3
3/17 13 -14 June 2023 e-meeting

X.sup-cdc (Clause 7: Context: CDC in the bigger context of operational security)


4
4/17 29 June 2023 e-meeting
  • To address and discuss X.stie and X.taeii
5
10/17 6 June 2023 e-meeting
  • progress all the work of Q10/17
6
11/17 ​20 - 24 March 2023

 

Wien, Austria
  • Generic technologies (such as Directory, PKI, formal languages, object identifiers) to support secure applications.
7
13/17
14 - 15 June 2023
e-meeting
  • prepare the final texts for X.itssec-5, X.1373rev
  • address all work items and future topics.
8
15/17 30 May - 1 June 2023
Singapore
(Hosted by IMDA/NUS)
  • QKD related WIs
9   15/17 7 June 2023 e-meeting
  • X.icd-schemas


Annex A

Actions taken on Recommendations, and other texts at SG17 closing plenary on 3 March 2023

a)    TAP Recommendations approved (WTSA-20 Resolution 1)

# Q Acronym Title New / Revised Editor(s​) Location of text Equivalent
e.g., ISO/IEC Start of work Timing
1.       
2/17 X.1815 (X.5Gsec-ecs) Security guidelines and requirements for IMT-2020 edge computing services New Feng GAO, Jae Hoon NAH, Junjie XIA, Bo YU, Xiaojun ZHUANG TD1015   2019-01 2022-09
2.        2/17 X.1816 (X.5Gsec-ssl) Guidelines and requirements for classifying security capabilities in IMT-2020 network slice New Zhiyuan HU, Li SU, Ke WANG, Bo YANG TD915   2020-09 2022-09
3.        8/17,
(14/17) X.1411 (X.BaaS-sec) Guidelines on blockchain as a service (BaaS) security New Nan MENG, Kyeong Hee OH, Zixiang WANG, Xuan ZHA R20     2019-09 2022-09
4.        8/17 X.1644 (X.sgdc) Security guidelines for distributed cloud New Mark MCFADDEN, Ye TAO, Lei XU, Laifu WANG R2   2019-01 2022-09
5.        13/17 X.1380 (X.edr-sec) Security guidelines for cloud-based data recorders in automotive environments New Sang-Woo LEE,
Seungwook PARK R22   2018-03 2022-09
6.        13/17 X.1381 (X.eivn-sec) Security guidelines for Ethernet-based In-Vehicle networks New Sang-Woo LEE, You-Sik LEE TD917   2018-09 2022-09
7.        13/17 X.1382 (X.fstiscv) Guidelines for sharing security threat information on connected vehicles New Min SHU, Wenlei WANG,
Xiaochun YUN, Yunwei ZHAO TD918   2018-09 2022-09
8.        13/17 X.1383 (X.srcd) Security requirements for categorized data in vehicle-to-everything (V2X) communication New Takamasa ISOHARA, Nan MENG, Yaping SUN, Huirong TIAN TD919   2018-09 2022-09
9.        14/17 X.1410 (X.sa-dsm) Security architecture for data-sharing management based on the distributed ledger technology New Feng GAO,
Zhiyuan HU,
Min SHU,
Yunwei ZHAO TD900   2020-09 2022-09

b)   TAP Recommendations not approved (WTSA-20 Resolution 1)

# Q Acronym Title New / Revised Editor(s) Location of Text Equivalent
e.g., ISO/IEC Start of work Determined Decision
1         6/17 X.1353
(X.ztd-iot) Security methodology for zero-touch deployment in massive IoT based on blockchain New
Xin KANG, Haiguang WANG, Weidong WANG R18  
2020-09 2022-09 Re-determined (see Table c) #3 below)
2         7/17 X.1454 (X.sles) Security measures for location enabled smart office service New Hao Dong,
Feng Gao,
Jae Hoon Nah, Junjie Xia R19   2019-09 2022-09 Postponed to next SG17 meeting

​​c) TAP Recommendations determined (WTSA-20 Resolution 1)

# Q Acronym Title New / Revised Editor(s) Location of Text Equivalent
e.g., ISO/IEC Start of work Timing
1          2/17 X.1817
(X.5Gsec-message) Security requirements for 5G message service New Hang DONG,
Le YU,
Hongyang ZHANG

TD939

(A.5 in TD934)

  2021-04 2023-03
2          6/17 X.1333 Cor. 1 Corrigendum 1 to X.1333: Security guidelines for use of remote access tools in Internet-connected control systems New Gunhee Lee
TD958   2023-02 2023-03
3          6/17 X.1353
(X.ztd-iot) Security methodology for zero-touch deployment in massive IoT based on blockchain New Xin KANG, Haiguang WANG,
Weidong WANG TD937   2020-09 2022-09
4          7/17 X.1471
(X.websec-7) Reference monitor for online analytics services New Jongyoul Park,
Junjie Xia,
Hyungjin Lim,
Jah Hoon Nah TD936   2014-09 2023-03
5          7/17 X.1771
(X.rdda) Requirements for data de-identification assurance New Feng Gao,
 I Seok Kang, Soonseok Kim,
Jihun Kim, Byunghoon Lee, Yunsik Park, Hyungjin Lim,
Heung Youl Youm TD1012   2019-01 2023-03
6          8/17 X.1645
(X.nssa-cc) Requirements of network security situational awareness platform for cloud computing New Maofei CHEN, Huamin JIN,
Zhaoji LIN,
Laifu WANG,
Yi ZHANG TD965   2019-09 2023-03

d)    AAP Recommendations consented (Recommendation ITU-T A.8)

# Q(1) Acronym Title New / Revised Editor(s) Location of Text Equivalent
e.g., ISO/IEC Start of work Timing
1          4/17 X.1219
(ex X.arc-ev) Functional requirements for a secured process to evaluate technical vulnerabilities New

Wei Li,
Shan Xue,
Chen Zhang

TD930   2019-08 2023-03
2          10/17 X.1278.2 (X.ctap21) Client to authenticator protocol version 2.1 New Abbie Barbir TD886 (A.5 in TD887) FIDO CTAP2.1 2022-05 2023-03
3          10/17 X.1277.2 (X.uaf12) Universal authentication framework version 1.2 New Abbie Barbir TD888 (A.5 in TD889) FIDO UAF1.2 2022-05 2023-03
4          14/17 X.1412
(X.srscm-dlt) Security Requirements for Smart Contract Management based on the distributed ledger technology New Kepeng Li,
Kyeong Hee Oh, Dong Bin Choi, Yang Wu, Min Shu TD920   2020-09 2023-02

e)   Non-normative texts (Technical Report, Supplement, Implementers' Guide, etc) agreed

#​ Q Acronym Title New / Revised Editor(s) Location of text Equivalent
e.g., ISO/IEC Start of work Timing
  1.  
6/17 TR.ibc-cd Guidelines for identity based cryptosystems used for cross-domain secure communications New Fuwen Liu,
Li Su,
Junzhi Yan,
Bo Yang TD956   2021-04 2023-03

Annex B

Recommendations planned for action in SG17 Aug/Sep 2023 meeting

a)       TAP Recommendations planned for TAP approval (WTSA-20 Resolution 1)

# Q Acronym Title New / Revised Editor(s) Location of Text Equivalent
e.g., ISO/IEC Start of work Timing
  1.  
7/17 X.1454 (X.sles)* Security measures for location enabled smart office services New Junjie Xia,
Feng Gao,
Jae Hoon Nah,
Hang Dong TD985   2019-09 2022-09

b)       TAP Recommendations planned for TAP determination (WTSA-20 Resolution 1)

# Q(1) Acronym Title New / Revised Editor(s) Location of Text Equivalent
e.g., ISO/IEC Start of work Timing
1          2/17 X.5Gsec-ctrl* Security controls for operation and maintenance of 5G network systems New Ayumu KUBOTA, Koji NAKAO, Yutaka MIYAKE TD1016    2022-09
 2023-09
2          4/17 X.spmoh* Security framework for storage protection against malware attacks on hosts
New

Jonghyun Woo,
Bongchan Kim
Heejun Shin
Jonghyun Kim
Sujung Park

TD929    2022-05
2023-09
3          4/17 X.sr-ctea* Security requirements and countermeasures for targeted email attacks New

Chunghan Kim
Jonghyun Kim
Sujung Park

TD924    2022-05
2023-09
4          4/17 X.stie* Structured Threat Information Expression New Michael ROSA, Duncan SPARRELL TD972 OASIS STIX Version 2.1 2022-09 2023-09
5          4/17 X.taeii* Trusted Automated Exchange of Intelligence Informa New Michael ROSA, Duncan​​ SPARRELL
TD971 OASIS TAXII Version 2.1 2022-09 2023-09
6          6/17 X.sc-iot* Security Controls for Internet of Things (IoT) systems New

Koji Nakao,
Liu Lijun

TD1032   2018-09 2023-09
7          10/17 X.oob-sa* Framework for out-of-band server authentication using mobile devices New Il Jin JUNG,
Sujung PARK, Heejun SHIN, Jonghyun WOO TD1044    2022-01
 2023-09
8          13/17 X.itssec-5* Security guidelines for vehicular edge computing New Sang-Woo Lee TD981   2017-09 2023-09
9          13/17 X.1373rev* Secure softwa​re update capability for intelligent transportation system communication devices Revised Koji Nakao,
Sang-Woo Lee,
Aram Cho,
Seungwook Park TD997   2018-08 2023-09

Notes:
(1)     In case of joint Question activity, the lead Question is given without parentheses and other Questions are shown in parentheses; such entries are only shown in the table against the lead Question.

c)       AAP Recommendations planned for AAP consent (Recommendation ITU-T A.8)

# Q(1) Acronym Title New / Revised Editor(s) Location of Text Equivalent
e.g., ISO/IEC Start of work Timing
1          7/17 X.1144rev The revision of eXtensible Access Control Markup Language (XACML) 3.0 Rev Jae Hoon NAH,
Duncan Sparrell TD1033   2020-03 2023-09
2          7/17 X.guide-cdd Security guidelines for combining de-identified data using trusted third party New Heung Youl Youm, Sungchae Park,
Jae Nam Ko TD978   2021-04 2023-09
3          7/17 X.saf-dfs Security assurance framework for digital financial services New Jacques Francoeur, Jun Hyung Park, Sungchae Park, Heung Youl Youm TD966   2021-08 2023-09
4          7/17 X.scpa Security measures for Countering Password Related Online Attacks New Hang Dong,
Qin Qiu, Lijun Liu,
Jung Yeon Hwang,
Feng Gao,
Jae Hoon Nah TD1056   2019-08 2023-09
5          10/17 X.pet-auth Entity authentication service for pet animals using telebiometrics New Jae-Sung (Jason) Kim, Taeheon Kim TD944   2020-03 2023-09
6          10/17 X.osia Open Standard Identity APIs (OSIA) specification version 6.1.0 New Abbie Barbir TD703   2023-03 2023-09
7          11/17 X.508
(X.pki-em) Public-key infrastructure: Establishment and maintenance New Erik Andersen TD955 ISO/IEC 9594-12 2012-08 2023-09
8          11/17 X.510 Amd.1

Information technology – Open Systems Interconnection –

The Directory: Protocol specifications for secure operations

New Erik Andersen TD954 ISO/IEC 9594-11 2020-08 2023-09
9          15/17 X.sec-QKDN-tn Security requirements and designs for quantum key distribution networks - trusted node New Qiang Huang, Minghan Li,
Jiajun Ma, Hao Qin TD1021   2019-08 2023-09

 d)      Non-normative texts (Technical Report, Supplement, Implementers' Guide, etc) planned for agreement

# Q Acronym Title New / Revised Editor(s) Location of text Start of work Timing
1.        2/17 TR.cpn-col-sec Technical Report: Security consideration of collaboration of multiple computing power networks New

Xiongwei Jia,
Zhaoji Lin,
Keng Li,
Yuwei Wang

TD960 2022-05 2023-09
2.        6/17 TR.ba-iot Technical Report: Broadcast authentication schemes for IoT system New Koji Nakao TD977 2022-05 2023-09
3.        7/17 TR.sgfdm Technical Report: FHE-based data collaboration in machine learning New Jihoon Cho, Jae Hoon Nah, Donggeon Yhee TD1035 2020-03 2023-09
4.        14/17 TR.qs-dlt Technical Report: Guidelines for quantum-safe DLT system New

Fuwen Liu,

Ke Wang,

Bo Yang,

Heung Youl Youm

TD938 2020-09 2023-09
5.        15/17 TP.inno-2.0 Technical Paper: Description of the incubation mechanism and ways to improve it Rev Arnaud Taddei TD991 2023.02 2023-09

Annex C

New work items

The following new work items were agreed to be added to the SG17 Work Programme:

# Question NWI Approval TD Title C
1.        1/17 TR.SUSSrev Agreement TD1040 Successful use of security standards  
2.        4/17 TR.verm* Agreement TD1002 Technical Report: Framework for Verification of Messages C210
3.        4/17 X.st-ssc* TAP TD980 Security threats of software supply chain C239
4.        6/17 X.mt-integrity* TAP TD983  Security guidelines for mobile terminal integrity protection C273
5.        6/17 X.mt-feature* TAP TD984 Security features to assess mobile terminal security C226
6.        6/17 X.suppl.tig-iotsec** Agreement TD950 Supplement to X.1352 (X.suppl.tig-iotsec) "Technical Implementation guidelines for IoT devices and gateway" C240
7.        7/17 X.srgsc* TAP TD942 Security Requirements and guidelines of application and service for smart city platform C280
8.        8/17 X.asm-cc* TAP TD988  Requirements of Attack Surface Management for cloud computing C287
9.        8/17 X.sfrms* TAP TD996 Security framework and requirements of microservice for cloud computing using container technology C274
10.     10/17 X.bvm AAP TD1014 Requirements for biometric variability management C253
11.     10/17 X.osia AAP TD1036 Open Standards Identity APIs (OSIA) version 6.1.0 TD703
12.     11/17 X.jss AAP TD925 JSON Signature Scheme (JSS) C217
13.     11/17 X.509 Cor.2
AAP TD949​​
Technical Corrigendum to X.509: LDAP schema for attribute certificates TD874
14.     13/17 X.ota-sec AAP TD1010 Implementation and evaluation of security functions to support over-the-air (OTA) update capability in connected vehicles C250
15.     14/17 X.DLT-ccs-fr AAP TD962 Security requirements and framework of cross-chain service for DLT systems C277
16.     15/17 TR.hyb-qsafe** Agreement TD1020 Technical Report: Overview of key management of hybrid approaches for quantum-safe communications C256
17.     15/17 X.sec_ QKD_profr AAP TD1019  Framework of quantum key distribution (QKD) protocols in QKD network C269, ​​C321​
18.     15/17 TP.inno-2.0** Agreement TD991 Technical Paper:  Description of the incubation mechanism and ways to improve it C216
19.     15/17 X.dtns AAP TD995 Guidelines of using digital twin of network for network security C303
20.     15/17 X.gcspcc* TAP TD964 Guidelines of developing of cybersecurity simulation platform based on cloud computing C314
21.     15/17 X.SecaaS AAP TD970  Security threats to be identified in the domain of security as a service C299
22.     15/17 X.so-sap AAP TD941 Guidelines for security orchestration of service access process C302
23.     15/17 TR.srsec** Agreement TD1007 Technical Report: Security aspects of segment routing IPv6 for the convergence of computing and network for telecommunication operators C286

Annex D

Discontinued work items​​

Question Acronym Title
8/17 X.sr-cphr Security requirements for cloud-based platform to support low latency and high reliability application scenarios

Annex E

SG17 meeting statistics

·       Participants (TD677R1 )

  participants countries Member States Sector Members SG17 Associates Academia Invited Experts
Announced 332 58 48  
     
Final 325 54 48  30  2  4  13

·       Meeting input and organization

Table of SG17 statistics of this and some past meetings

 

2023-03

2022-09

2022-05*

C

119

104

101

LS/i

70

55

72

LS/o

23

20

20

TD

394

342

331

Note * - fully virtual meeting

·       Contributions : 119 – steady increasing, DDP: 98%.

    • APT 100.5 (84%) (= China 46.5 + Korea 39 + Japan 10 + India 3 + Singapore 1 + Malaysia 1)
    • Americas 14 (12%)) (= US 4)
    • AFR 2 (Mali, Ghana)
    • EUR 1.5 (= UK 1.5)
    • RCC 1 (= Russia 1)
    • LAM (0), ARAB (0). 

·       LS : matrix in TD699

  • incoming 61 - stable
  • Outgoing 24 - stable

·       TDs : 394​ – higher than normal










Page Content 9
Page Content 10
Page Content 18
Page Content 19
Page Content 6
Page Content 7
Page Content 11
Page Content 12
Page Content 2
Page Content 3
Page Content 4
Page Content 5
Page Content 13
Page Content 14
Page Content 15
Page Content 16

AltStyle によって変換されたページ (->オリジナル) /