[フレーム] [フレーム]

Connecting the world and beyond

1901-summary

Page Content

​​​​​

Executive Summary

Meeting of ITU-T SG17 'Security', Geneva, 22-30 January 2019

Hot topics:

  • Quantum Key Distribution Networks
  • Artificial Intelligence/Machine Learning and Security
  • Edge computing security
  • 5G security
  • Post-quantum PKI
  • Cloud-based platform (industrial Internet, etc) security
  • Distributed identity management
  • Malware Analysis
  • Data de-identification

ITU Workshop on Artificial Intelligence, Machine Learning and Security   

The event was announced by TSB Circular 116 and was attended by 71 participants (including remote participation) from 17 countries.  Outcome of this workshop identified next step advices for SG17 is found at: https://www.itu.int/en/ITU-T/Workshops-and-Seminars/20190121/Documents/Outcome Report.pdf.

Meeting Output:

  • Approved (TAP) 3 new ITU-T Recommendations. Details are in Annex A a).
  • Agreed 1 new Supplement. Details are in Annex A c).
  • Consented (AAP) 3new Recommendation/Corrigendum for Last Call. Details are in Annex A e).
  • 10 new work items were agreed to be added to the SG17 work programme. Details are in Annex B.
  • Q2/17 Text revised to highlight new working areas on foundations on AI/ML for ICT security.

Next SG17 meeting:

  • Tuesday 27 August – Thursday 5 September 2019, Geneva, Switzerland (8 working days).
    • Workshop on FinTech security on Monday 26 August 2019, Geneva, Switzerland.
  • Tuesday 17 – Thursday 26 March 2020 in Geneva (8 Working days) (to be confirmed)
  • Tuesday 25 August – Thursday 3 September 2020 in Geneva (8 Working days) (to be confirmed)
  • 53 texts are candidate for action in next SG17 meeting, see in Annex A f).
  • Interim RGMs: 8 Questions plan to hold 9 RGMs.
  1.  ​
Q Date Place/Host Subject/objective
1.                3/17
In the week of 17 June 2019 e-meeting
  • To address all work items of Q3/17
2.                6/17 tbd (May or June 2019) tbd
  • To address all work items and identify future topics for Q6/17
3.                7/17 18-19 June 2019 ChongQing, China
  • To address all items of Q7/17
4.                8/17 11-12 or 13-14 June 2019 (tbd)
Beijing, China
  • To address all items of Q8/17
5.               

10/17

 

April 2019 e-meeting
  • tbd
6.                ​10/17
June 2019 e-meeting
  • tbd
7.               

11/17

 

22-26 April 2019
Beijing, China
  • Collaborative meeting ITU-T Q11/17 and ISO/IEC/JTC 1/SC 6/WG 10
8.                13/17

11-12 June 2019

(tbd)

Beijing, China
  • To address all work items of Q13/17
9.                14/17

May-June 2019 (tbd) e-meeting
  • To address all issue and to identify future topics.

Bridging the Standardization Gap (BSG):

  • Welcome and guided tour for newcomers;
  • SG17 orientation session with SG17 overview presentation given by SG17 Chairman;
  • SG17 Counsellor's clinic to answer questions from delegates on ITU-T (SG17) working methods
  • Informal gatherings of SG17RG-AFR and SG17RG-ARB
  • Trial on use of a daily 'check-in' sheet to track and evaluate participation of delegates attending this SG17 meeting on an ITU fellowship

Tutorial presentations:

  • A half-day mini-workshop/showcase (TD1837) on QKD on 23 Jan 2019 for 7 new members who joined SG17 for this subject to explain this new work area
  • Q1-14/17 tutorials (TD1793)to initiate SG17 preparation for WTSA-2020.

Participation:

  • 178 participants (182 announced): 36 countries, 21 Sector Members, 4 Associates, and 2 Academia. 8 invited experts.
  • 8 partial fellowships granted: Comoros, Congo DRC, Mali, Niger, Palestine, Senegal, Sudan, Syria
  • 3 new associates (Hudson Institue (USA), Quantum Xchange (USA), Cambridge Quantum Computing (UK))
  • 2 new Sector Members from China (QuantumCTek, CAS Quantum Network)
  • 1 New Member State participation: Liberia
  • SG17 vice chairmen absent (6/9): Vasiliy DOLMATOV (Russia), Gökhan EVREN (Turkey), Juan GONZALEZ (USA), Patrick-Kennedy KETTIN ZANGA (Central Africa) and Hugo Darío MIGUEL (Argentina) (Muataz Elsadig ISHAG (Sudan) participated 3 days)

Correspondence Groups:

  • CG-xss (correspondence group on transformation of security study) will continue.
  • CG-sg17-wtsa20-prep (Correspondence Group on SG17 preparation for WTSA-20) was established.

Meeting input and organization:

  • Contributions: 118 - stable (past meetings: 144, 113, 106, 78, 81, 66, 74, 80)
  • Contribution# from: APT (98 (83%) (= China 49 (42%), Korea 41, Japan 7, Malaysia 2)), Americas (12), EUR (9), AFR (3), ARAB (1), LAM (0).    
  • TDs: 380 (previous meeting: 420, 395, 426, 368, 391, 418, 371, 386), including 47 incoming liaison statements and 30 outgoing liaison statements; 80+ prepared by SG17 secretary.
  • 240 sessions (previous meeting: 252, 249, 204) were organized, up to 12 parallel meetings per quarter.
  • 29 sessions (previous meeting: 27, 25, 11) used remote participation

Annex A
Actions taken on Recommendations, and other texts at the 7 September 2018 SG17 plenary

a) TAP Recommendations approved (WTSA-16 Resolution 1):

The SG17 plenary meeting approved (TAP) the following three draft new ITU-T Recommendations in accordance with WTSA-16 Resolution 1, Section 9.

 ​ Q Acronym Title New / Revised Editor(s) Location of text Equivalent
e.g., ISO/IEC Start of work Timing of approval
1.        4 X.1215
(X.ucstix) Use cases for structured threat information expression New Ik-Kyun Kim, Jihye Kim,
Jong-Hyun Kim, Heung Youl Youm R29 ​ 2017-03 2019-01
2.        5 X.1249
(X.tfcma) Technical framework for countering mobile in-application advertising spam New Hongwei Luo,
Laifu Wang,
Xin Wang TD1869R1 ​ 2015-09 2019-01
3.        6 (,2) X.1042 (X.sdnsec-1) Security services using the software-defined networking New Hyoungshick Kim,
JungSoo Park TD1873R1 ​ 2014-09 2019-01

Approval of the above Recommendations will be announced by TSB Circular in Feb 2019.

b) TAP Recommendations not approved (WTSA-16 Resolution 1):

None.

c) Amendment approved, Corrigendum approved, Supplements agreed:

The SG17 plenary meeting agreed the following new Supplement:

  Q Acronym Title New / Revised Editor(s) Location of Text Equivalent
e.g., ISO/IEC Start of work Timing
  1.  ​

3 X.Suppl.34 (ex X.sup-myuc)
Supplement to ITU-T X.1051
Code of practice for information security controls based on ITU-T X.1051 for telecommunication organizations information and network security management New Thaib Mustafa,
Rafeah Omar TD1966   2017-09 2019-01

d) Recommendations determined (TAP – WTSA-16 Resolution 1):

None.

e) AAP Recommendations consented for Last Call (Recommendation ITU-T A.8):

The SG17 plenary meeting gave consent (AAP) to the following three new ITU-T Recommendations and Technical Corrigendum for Last Call according to Recommendation ITU-T A.8:

  Q Acronym Title New / Revised Editor​(s) Location of text Equivalent
e.g., ISO/IEC Start of work Timing
1.                 2
X.1043 (ex X.sdnsec-3)
Security framework and requirements of service function chain based on software-defined networking New Zhiyuan Hu,
JungSoo Park,
Junjie Xia,  
Feng Zhang,
Xiaojun Zhuang, Min Zuo
TD1903R4   2017-03
2019-01
2.                 9 X.1094 (ex X.tab)
Telebiometric authentication using bio-signals New Jason Kim,
Sam Lee TD1975  
2016-08 2019-01
3.                 11 X.894 Cor.1 Cryptographic Message Syntax (CMS) profile New Jean-Paul Lemaire TD1867

ISO/IEC 24824-4

2019?

2019-01 2019-01

These Recommendations will enter AAP Last call in Feb 2019.

f) Work items planned for action in next SG17 meeting:

 

  Q Acronym Title New / Revised Editor(s) Location of text Equivalent
e.g., ISO/IEC Start of work Timing
1.        2 X.ssc Security service chain architecture and its application New Zhiyuan Hu,
Min Shu,
Ye Tao,
Xiaojun Zhuang,
Min Zuo
TD1909R2   2017-09 2019-09
2.                 2 X.srnv Security requirements of network virtualization New Di Liu,
Min Shu,
Ye Tao,
Min Zuo TD1919   2017-09 2019-09
3.                 3 X.grm Risk management implementation guidance on the assets of telecommunication organizations accessible by global IP-based networks New Yunbo Feng,
Bo Yu,
Chen Zhang


TD1491R1   2014-09 2019-09
4.                 4 X.qrng-a Quantum Noise Random Number Generator Architecture   New Matthieu Legré, Zhangchao Ma
Hao Qin, 
Dong-Hi Sim 
TD1979R2   2018-09 2019-09
5.                 4 TR.sec-qkd** Security framework for Quantum Key Distribution in Telecom network New Dong-Hi Sim
TD1950R1     2019-09
6.                 5 X.tfcas Technical framework for countering advertising spam in user generated information"  New

Kepeng Li,
Zhaoji Lin, Keundug Park, Feng Zhang

TD1922R1   2017-03 2019-09
7.                 6 X.1197 Amd.1** Amendment 1 of ITU-T Recommendation X.1197, Guidelines on criteria for selecting cryptographic algorithms for IPTV service and content protection New Stiepan Kovac TD1930R1   2019-01 2019-09
8.                 6 X.sgsec-3* Security guidelines for smart metering service in smart grids New Gunhee Lee
TD1879   2016-09 2019-09
9.                 6 X.nb-iot* Security requirements and framework for narrow band internet of things New Feng Gao,
Junjie Xia,
Heung Youl Youm,
Bo Yu TD1883   2017-09 2019-09
10.               6 X.ibc-iot* Security framework for use of identity-based cryptography in support of IoT services over telecom networks New Zhaohui Cheng
Haiguang Wang,
Jiang Yu,
TD1874R2   2017-09 2019-09
11.               6 X.secup-iot* Secure software update procedure for IoT devices New Yunchul Choi
Koji Nakao,
Takeshi Takahashi
TD1959R1   2017-09 2019-09
12.               6 X.iotsec-3* Technical framework of PII (Personally Identifiable Information) handling system in IoT environment New Yutaka Miyake,
Bo Yu TD1942R1   2017-03 2019-09
13.               7 X.fdip* Framework of de-identification processing service for telecommunication service providers New Ye Won Lee
Hyungjin, Lim,
Lijun Liu,​​Jongyoul Park,
Heung Youl Youm
TD1974R1     2019-09
14.               7 X.sfop Security framework of open platform for FinTech services New Feng Gao,
HyungJin LimJae Hoon Nah,
Wesley Wang
TD1897R1     2019-09
15.               8 X.SRIaaS* Security Requirements of Public Infrastructure as a Service (IaaS) in Cloud Computing New Huamin Jin, 
Laifu Wang, 
Mengxi Wang,
Shuai Wang 
TD1920R2     2019-09
16.               8 X.GSBDaaS* Guidelines on security of Big Data as a Service New Mark McFadden,
Nan Meng, Chen Zhang 
TD1941     2019-09
17.               8 X.SRNaaS* Security Requirements of Network as a Service (NaaS) in Cloud Computing New Zhiyuan Hu,
Ye Tao,
Chen Zhang, 
Ni Zhang
TD1895     2019-09
18.               8 X.sgtBD* Security guidelines of lifecycle management for telecom Big Data New Feng Gao,
Jin Peng,
Lanfang Ren 
TD1936R1     2019-09
19.               10 X.eaasd* Framework of enhanced authentication in telebiometric environments using anti-spoofing detection mechanisms New

Xiaoyuan Bai, 
Hongwei Luo

TD1955     2019-08
20.               10 X.Sup-1254** Supplement to X.1254 on use cases and high level abstract implementations New

Junjie Xia,
Bo Yu,
Feng Zhang

TD1958     2019-08
21.               11 X.uav-oid Identification mechanism for unmanned aerial vehicles using object identifiers New Wenjing Ma TD1887R4     2019-08
22.               11 X.500rev

Information technology – The Directory –  Overview of concepts, models and services Rev Erik Andersen   ISO/IEC 9594-1   2019-08
23.               11 X.501rev

Information technology – The Directory –  Models Rev Erik Andersen   ISO/IEC 9594-2   2019-08
24.               11 X.509rev Information technology – The Directory – Public-key and attribute certificate frameworks Rev Erik Andersen   ISO/IEC 9594-8   2019-08
25.               11 X.511rev Information technology – The Directory – Abstract service definition Rev Erik Andersen   ISO/IEC 9594-3   2019-08
26.               11 X.518rev Information technology – The Directory – Procedures for distributed operation Rev Erik Andersen   ISO/IEC 9594-4   2019-08
27.               11 X.519rev Information technology – The Directory – Protocol specifications Rev Erik Andersen   ISO/IEC 9594-5   2019-08
28.               11 X.520rev Information technology – The Directory – Selected attribute types Rev Erik Andersen   ISO/IEC 9594-6   2019-08
29.               11 X.521rev Information technology – The Directory – Selected object classes Rev Erik Andersen   ISO/IEC 9594-7   2019-08
30.               11 X.525rev Information technology – The Directory – The Directory: Replication Rev Erik Andersen   ISO/IEC 9594-9   2019-08
31.               11 X.509 Cor. 1 Information technology - Open Systems Interconnection - The Directory: Public-key and attribute certificate frameworks  Rev Erik Andersen  

ISO/IEC 9594-8 Cor 1

  2019-08
32.               11 X.694 Cor. 1 Information technology - ASN.1 encoding rules: Mapping W3C XML schema definitions into ASN.1  Rev Paul Thorpe   ISO/IEC 8825-5 Cor 1   2019-08
33.               11 X.893 Cor.1 Information technology - Generic applications of ASN.1: Fast infoset security  Rev Paul Thorpe   ISO/IEC 24824-3 Cor 1   2019-08
34.               12 Z.100rev Specification and Description Language - Overview of SDL-2010 Rev Rick Reed TD1801R1   2017-09 2019-09
35.               12 Z.100 Annex F1-rev Specification and Description Language - Overview of SDL-2010 - SDL formal definition: General overview Rev Rick Reed, Edel Sherratt TD1809R1  
2018-09 2019-09
36.               12 Z.100 Annex F2-rev Specification and Description Language - Overview of SDL-2010 - SDL formal definition: Static semantics Rev Rick Reed, Edel Sherratt TD1810R1   2018-09 2019-09
37.               12 Z.100 Annex F3-rev Specification and Description Language - Overview of SDL-2010 - SDL formal definition: Dynamic semantics Rev Rick Reed, Edel Sherratt TD1811R1   2018-09 2019-09
38.               12 Z.101rev Specification and Description Language - Basic SDL-2010 Rev Rick Reed TD1802R1   2017-09 2019-09
39.               12 Z.102rev Specification and Description Language - Comprehensive SDL-2010 Rev Rick Reed TD1803R1   2017-09 2019-09
40.               12 Z.103rev Specification and Description Language - Shorthand notation and annotation in SDL-2010 Rev Rick Reed TD1804R1   2017-09 2019-09
41.               12 Z.104rev Specification and Description Language - Data and action language in SDL-2010 Rev Rick Reed TD1805R1   2017-09 2019-09
42.               12 Z.105rev Specification and Description Language - SDL-2010 combined with ASN.1 modules Rev Rick Reed TD1806R1   2017-09 2019-09
43.               12 Z.106rev Specification and Description Language - Common interchange format for SDL-2010 Rev Rick Reed TD1807R1   2017-09 2019-09
44.               12 Z.107rev Specification and Description Language - Object-oriented data in SDL-2010 Rev Rick Reed TD1808R1   2017-09 2019-09
45.               12 Z.161 Testing and Test Control Notation version 3: TTCN-3 core language Rev Dieter Hogrefe   ETSI ES 201 873-1 2018-09 2019-09
46.               12 Z.161.2rev Testing and Test Control Notation version 3: TTCN-3 language extensions: Configuration and deployment support Rev Dieter Hogrefe   ETSI ES 202 781 2018-09 2019-09
47.               12 Z.161.6rev Testing and Test Control Notation version 3: TTCN-3 language extensions: Advanced Matching Rev Dieter Hogrefe   ETSI ES 203 022 2018-09 2019-09
48.               12 Z.166rev Testing and Test Control Notation version 3: TTCN-3 control interface (TCI) Rev Dieter Hogrefe   ETSI ES 201 873-6 2018-09 2019-09
49.               12 Z.169rev Testing and Test Control Notation version 3: Using XML schema with TTCN-3 Rev Dieter Hogrefe   ETSI ES 201 873-9 2018-09 2019-09
50.               12 Z.Imp100-rev** Z.Imp100 Specification and Description Language Implementer's guide – Version 4.0 Rev Rick Reed TD1813   2018-09 2019-09
51.               13 X.itssec-2* Security guidelines for V2X communication systems New ChangOh Kim, 
Sang-Woo Lee,
Jae-Hoon Nah,
Seungwook Park
TD1913R1   2014-09 2019-09
52.               13 X.stcv* Security threats in connected vehicles New ChangOh Kim
Sang-Woo Lee,
Koji Nakao,
Seungwook Park
TD1949R1   2018-03 2019-09
53.               14 X.sct-dlt X.sct-dlt, Security threats to Distributed Ledger Technology New
Zhaoji Lin, 
Ke Wang,
Kai Wei
Junjie Xia, Heung Youl Youm,
Min Zuo 
TD1891R1   2017-09 2019-09


 

Annex B
New work items

The following 11 new work items were agreed to be added to the SG17 Work Programme:

  Q Acronym Title New/ Revised AAP/TAP/ Agreement Editor(s) Location of text Equivalent
e.g., ISO/IEC Timing(1)
1.                 3 X.ciag Cyber insurance acquisition guideline for Information and Communication Technologies (ICT) services provider New AAP Thaib Mustafa,
Ong Yew Seng TD1963R1   2021-09
2.                 4 X.sec-QKDN-ov Security Requirements for QKD Networks - Overview

New AAP

Matthieu Legré,
Zhangchao Ma
Hao Qin,
Dong-Hi Sim

TD1904R7   2019-09
3.                 4 X.sec_QKDN-km Security Requirements for QKD Networks - Key Management
New AAP

Kaoru Kenyoshi
Jiajun Ma,
Zhangchao Ma, 
Dong-Hi Sim

TD1900R3   2019-09
4.                 4 X.cf​-QKDN Use of cryptographic functions on a key generated in  Quantum Key Distribution networks New AAP

Matthieu Legré,
Dong-Hi Sim

TD1953R2   2019-09
5.                 4 X.rdmase

Requirements and Guidelines for Dynamic Malware Analysis in a Sandbox Environment

New​
AAP

Sheng Gao,
Zhaoji Lin,​Tian Tian,
Jigang Wang, Hanbing Yan

TD1880R1
  2020-09

​​6.


​4
​TP.inno

​Description of the incubation mechanism and ways to improve it​​
​New
Agreement
Youki Kadobayashi, Zhaoji Lin, Kyeong Hee Oh, Arnaud Taddei
TD1981R2

​ ​2020-09
​7.
4​ ​TP.sgstruct
​Strategic approaches to the transformation of security studies
​New
Agreement
Youki Kadobayashi, Zhaoji Lin, Kyeong Hee Oh, Arnaud Taddei​​
TD1982R2​
​ ​2020-09​

​​

  1. ​​​
8.
​6
​X.11​97Amd.1
​Amendment 1 of ITU-T Recommendation X.1197, Guidelines on criteria for selecting cryptographic algorithms for IPTV service and content protection
​New
​Agreement
​Stiepan Kovac
TD1930R1
​ ​2019-09
9.                 6 X.5Gsec-ecs* Security framework for 5G edge computing services
New TAP
Feng Gao,
Jae Hoon Nah,
Junjie Xia,
Bo Yu,
Xiaojun Zhuang
TD1928R1   2021-03
10.                 6 X.5Gsec-guide* Security guidelines for 5G communication system based on ITU-T X.805 New TAP Mee Yeon Kim,
Keundug Park,
Heung Youl Youm
TD1939R2   2021-09
11.                 7 X.rdda* Requirements for data de-identification assurance New TAP Feng Gao,
Yewon Lee, Hyungjin Lim
TD2000R1   2021-Q1
12.                 8 X.sgdc* Security guidelines for distributed cloud New TAP Jinfeng Kou, Mark Mcfadden,
Ye Tao,
Lei Xu, Laifu Wang TD1921R2   2021-1Q
13.               8 X.sr_cphr Security specification for Industrial Internet Cloud-based Platform New AAP Jie Ma,
Nan Meng,​Yaping Sun, Huirong Tian​
TD1937R4   2021-1Q

 

Notes:

(1)    Target date for consent or determination of Recommendations or for agreement of Supplements or non-normative text.
*: for determination, **: for agreement

 

 

Annex C
Work items Removed

The following work item was agreed to be removed (discontinued) from the SG17 work programme:

​Q Acronym Title
12/17 Z.109rev
Specification and Description Language - Unified modeling language profile for SDL-2010




AltStyle によって変換されたページ (->オリジナル) /