[フレーム] [フレーム]

Connecting the world and beyond

1909-summary

Page Content


Executive Summary

Meeting of ITU-T SG17 'Security', Geneva, 27 August - 5 September 2019

Hot topics:

  • 9th edition of X.500-series Recommendations on 'Directory' and PKI
  • Security Architecture
  • Cybersecurity
  • Quantum-based security
  • Preparation for WTSA2020
  • Distributed identity management

ITU Workshop on Fintech Security 

The event was announced by TSB Circular 158 and was attended by 71 participants (including remote participation) from 22 countries.  Outcome of this workshop identified next step advices for SG17 is found here.

Meeting Output:

  • Agreed 3 texts: Amendment, Supplement, Implementers' Guide. Details are in Annex A c).
  • Determined (TAP): 8 new Recommendation, Details are in Annex A d).
  • Consented (AAP): 8new, 26 25 revised Recommendation and 2 new Corrigenda for Last Call. Details are in Annex A e).
  • New work items: 25 26 NWIs were agreed to be added to the SG17 Work Programme. One work item to be removed. Details are in Annex B.

Next SG17 meeting:

  • 1st SG17 meeting in 2020: Tuesday 17 – Thursday 26 March 2020 in Geneva (8 Working days)
    • 24 texts are candidate for action in next SG17 meeting, see in Annex A f).
  • Interim RGMs: 9 Questions plan to hold 11 RGMs.
  • 2nd SG17 meeting in 2020: Tuesday 25 August – Thursday 3 September 2020, venue to be confirmed (8 Working days)

 

  1.  ​
Q Date Place/Host Subject/objective
1.                  3/17
Dec 2019 Japan
  • To address all work items of Q3/17
2.                  4/17 (colocated with Q16/13 Dec 2019 Japan
  • Quantum
3.                  6/17 13-14 Jan 2020 Kuala Lumpur, Malaysia
  • To address all work items and identify future topics for Q6/17
4.                  7/17 22 - 23 Oct 2019 Haikou, China
  • To address all items of Q7/17
5.                  8/17 7-8 Jan 2020 Beijing, China
  • To address all items of Q8/17
6.                 

10/17

 

5-6 Dec 2019 Japan
  • To progress all the work of Q10/17
7.                 

11/17

 

3-7 Feb 2020 London, UK
  • Collaborative meeting ITU-T Q11/17 and ISO/IEC/JTC 1/SC 6/WG 10
8.                 

11/17

 

11 Dec 2019 e-meeting
  • TR.ors
9.                  Joint meeting of Q11/17 and Q14/17 5-6 Dec 2019 Fribourg, Switzerland
  • Decentralized identity
10.               13/17 7-8 Jan 2020 Fukuoka, Japan
  • To address all work items of Q13/17
11.               14/17

Jan 2020 e-meeting
  • Focus on work items toward consent (X.sra-dlt, X.str-dlt, and X.tf-spd-dlt)
  • work on coordination matters

Bridging the Standardization Gap (BSG):

  • Welcome and guided tour for newcomers;
  • SG17 orientation session with SG17 overview presentation given by SG17 Chairman;
  • ITU-T leadership training to Rapporteurs and Editors
  • Informal gatherings of SG17RG-AFR and SG17RG-ARB
  • Trial on use of a daily 'check-in' sheet to track and evaluate participation of delegates attending this SG17 meeting on an ITU fellowship

Tutorial presentations: TD2147

Participation:

  • 206 participants (263 announced): 41 countries, 27 Sector Members, 5 Associates, and 1 Academia. 7 invited experts.
  • 6 partial fellowships granted: Congo DRC, Guinea, Liberia, Mali, Senegal, Sudan
  • 2 New Member States participation: Eswatini and Mozambique
  • SG17 vice chairmen absent (6/9): Gökhan EVREN (Turkey), Juan GONZALEZ (USA), Muataz Elsadig ISHAG (Sudan), Patrick-Kennedy KETTIN ZANGA (Central Africa), Hugo Darío MIGUEL (Argentina) and Wala TURKI LATROUS (Tunisia)

Correspondence Groups (both to continue):

  • CG-xss (correspondence group on transformation of security study)
  • CG-wtsa20-prep (Correspondence Group on SG17 preparation for WTSA-20)

Meeting input and organization:

  • 151 – double of last Study Period (past meetings: 118, 144, 113, 106, 78, 81, 66, 74, 80)
  • Contribution# from: APT (120 (79%) (= China 57 (38%), Korea 50, Japan 10, India 2, Malaysia 1)), Americas (16), EUR (5), AFR (6), ARAB (2), LAM (2), Russia (1). 
  • TDs: 508 (previous meeting: 380, 420, 395, 426, 368, 391, 418, 371, 386), including 64 incoming liaison statements and 42 outgoing liaison statements; 100+ prepared by SG17 secretary.
  • 240 sessions (previous meeting: 240, 252, 249, 204) were organized, up to 12 parallel meetings per quarter.
  • 30 sessions (previous meeting: 29, 27, 25, 11) used remote participation

Annex A
Actions taken on Recommendations, and other texts at the 5 Sept 2019 plenary

a) TAP Recommendations approved (WTSA-16 Resolution 1):

None.

b) TAP Recommendations not approved (WTSA-16 Resolution 1):

None.

c) Amendment approved, Corrigendum approved, Supplements agreed:

The SG17 plenary meeting agreed the following 3 texts:

Q Acronym Title New / Revised Editor(s) Location of text Equivalent
e.g., ISO/IEC Start of work Timing
6/17 X.1197 Amd.1 Amendment 1 of ITU-T Recommendation X.1197, Guidelines on criteria for selecting cryptographic algorithms for IPTV service and content protection New Stiepan Kovac
TD2442   2019-01 2019-09
10/17 X.Sup35 (X.sup-1254) ITU-T X.1254 - Supplement on use cases and high level abstract implementations New Junjie Xia,
Bo Yu,
Feng Zhang TD2471   2017-03 2019-09
12/17 Z.Imp100-rev Z.Imp100 Specification and Description Language Implementer's guide – Version 4.0 Rev Rick Reed TD2182   2018-09 2019-09

d) Recommendations determined (TAP – WTSA-16 Resolution 1):

The SG17 plenary meeting determined the following 8 texts:

  Q Acronym Title New / Revised Editor(s) Location of text Equivalent
e.g., ISO/IEC Start of work Timing
1.    6/17 X.1332 (X.sgsec-3) Security guidelines for smart metering service in smart grids New Gunhee Lee TD2352   2016-09 2019-09
2.    6/17 X.1363 (X.iotsec-3) Technical framework of personally identifiable information (PII ) handling system in IoT environment New

Yutaka Miyake,

Bo Yu

TD2396   2017-03 2019-09
3.    6/17 X.1364 (X.nb-iot) Security requirements and framework for narrow band internet of things New Feng Gao,
Junjie Xia,
Heung Youl Youm,
Bo Yu TD2398   2017-09 2019-09
4.    6/17 X.1365 (X.ibc-iot) Security framework for use of identity-based cryptography in support of IoT services over telecom networks New Zhaohui Cheng, 
Haiguang Wang,
Jiang Yu TD2365   2017-09 2019-09
5.    13/17 X.1371
(X.stcv) Security threats in connected vehicles New
ChangOh Kim,
Sang-Woo Lee,
Koji Nakao,
Seungwook Park TD2424   2018-03 2019-09
6.    13/17 X.1372
(X.itssec-2) Security guidelines for V2X communication systems New ChangOh Kim, 
Sang-Woo Lee,
Jae-Hoon Nah,
Seungwook Park TD2431   2014-09 2019-09
7.    8/17 X.1604
(X.SRNaaS) Security requirements of network as a service (NaaS) in cloud computing New Zhiyuan Hu,
Ye Tao,
Chen Zhang,
Ni Zhang TD2411   2016-08 2019-09
8.    8/17 X.1605 (X.SRIaaS) Security requirements of public infrastructure as a service (IaaS) in cloud computing New Huamin Jin, 
Laifu Wang, 
Mengxi Wang,
Shuai Wang  TD2443   2016-03  2019-09


e) AAP Recommendations consented for Last Call (Recommendation ITU-T A.8):

The SG17 plenary meeting gave consent (AAP) to the following 35 new/rev ITU-T Recommendations and Technical Corrigendum for Last Call according to Recommendation ITU-T A.8:

 ​

Q Acronym Title New / Revised Editor(s) Location of text Equivalent
e.g., ISO/IEC Start of work Timing
1.        2/17 X.1044 (X.srnv) Security requirements of network virtualization
New Di Liu,
Min Shu,
Ye Tao,
Min Zuo TD2410
  2017-09
2019-09
2.        2/17 X.1045 (X.ssc) Security service chain architecture and its application New Zhiyuan Hu,
Min Shu, 
Ye Tao,
Xiaojun Zhuang,
Min Zuo TD2383   2017-09 2019-09
3.        3/17 X.1059 (X.grm) Risk management implementation guidance on the assets of telecommunication organizations accessible by global IP-based networks New Yunbo Feng,
Bo Yu,
Chen Zhang TD2409   2014-09 2019-09
4.        4/17 X.1702 (X.qrng-a) Quantum noise random number generator architecture   New Matthieu Legré, 
Zhangchao Ma, 
Hao Qin, 
Dong-Hi Sim  TD2391   2018-09 2019-09
5.        5/17 X.1232 (X.tfcas) Technical framework for countering advertising spam in user generated information  New Kepeng Li,
Zhaoji Lin, Keundug Park, Feng Zhang TD2390   2017-03 2019-09
6.        11/17 X.500rev Information technology – The Directory –  Overview of concepts, models and services Rev Erik Andersen TD2329 ISO/IEC 9594-1  2017-09 2019-09
7.        11/17 X.501rev Information technology – The Directory –  Models Rev Erik Andersen TD2330 ISO/IEC 9594-2 2017-09  2019-09
8.        11/17 X.509rev Information technology – The Directory – Public-key and attribute certificate frameworks Rev Erik Andersen TD2328 ISO/IEC 9594-8  2017-09 2019-09
9.        11/17 X.511rev Information technology – The Directory – Abstract service definition Rev Erik Andersen TD2331 ISO/IEC 9594-3 2017-09  2019-09
10.     11/17 X.518rev Information technology – The Directory – Procedures for distributed operation Rev Erik Andersen TD2332 ISO/IEC 9594-4  2017-09 2019-09
11.     11/17 X.519rev Information technology – The Directory – Protocol specifications Rev Erik Andersen TD2333 ISO/IEC 9594-5 2017-09  2019-09
12.     11/17 X.520rev Information technology – The Directory – Selected attribute types Rev Erik Andersen TD2334 ISO/IEC 9594-6  2017-09 2019-09
13.     11/17 X.521rev Information technology – The Directory – Selected object classes Rev Erik Andersen TD2335 ISO/IEC 9594-7 2017-09  2019-09
14.     11/17 X.525rev Information technology – The Directory – The Directory: Replication Rev Erik Andersen TD2336 ISO/IEC 9594-9  2017-09 2019-09
15.     11/17 X.677 (X.uav-oid) Identification mechanism for unmanned aerial vehicles using object identifiers New Wenjing Ma TD2389   2018-03 2019-09
16.     11/17 X.694 Cor.1 Information technology - ASN.1 encoding rules: Mapping W3C XML schema definitions into ASN.1 Corrigendum 1 New Jean-Paul Lemaire TD2326 ISO/IEC 8825-5 2019-09 2019-09
17.     11/17 X.893 Cor.1 Information technology - Generic applications of ASN.1: Fast infoset security Technical Corrigendum 1 New Jean-Paul Lemaire TD2325 ISO/IEC 24824-3 2019-09 2019-09
18.     12/17 Z.100 Annex F1-rev Specification and Description Language - Overview of SDL-2010 - SDL formal definition: General overview Rev Rick Reed, Edel Sherratt TD2179   2018-09 2019-09
19.     12/17 Z.100 Annex F2-rev Specification and Description Language - Overview of SDL-2010 - SDL formal definition: Static semantics Rev Rick Reed, Edel Sherratt TD2180   2018-09 2019-09
20.     12/17 Z.100 Annex F3-rev Specification and Description Language - Overview of SDL-2010 - SDL formal definition: Dynamic semantics Rev Rick Reed, Edel Sherratt TD2181   2018-09 2019-09
21.     12/17 Z.100rev Specification and Description Language - Overview of SDL-2010 Rev Rick Reed TD2171   2017-09 2019-09
22.     12/17 Z.101rev Specification and Description Language - Basic SDL-2010 Rev Rick Reed TD2172   2017-09 2019-09
23.     12/17 Z.102rev Specification and Description Language - Comprehensive SDL-2010 Rev Rick Reed TD2173   2017-09 2019-09
24.     12/17 Z.103rev Specification and Description Language - Shorthand notation and annotation in SDL-2010 Rev Rick Reed TD2174   2017-09 2019-09
25.     12/17 Z.104rev Specification and Description Language - Data and action language in SDL-2010 Rev Rick Reed TD2175   2017-09 2019-09
26.     12/17 Z.105rev Specification and Description Language - SDL-2010 combined with ASN.1 modules Rev Rick Reed TD2176   2017-09 2019-09
27.     12/17 Z.106rev Specification and Description Language - Common interchange format for SDL-2010 Rev Rick Reed TD2177   2017-09 2019-09
28.     12/17 Z.107rev Specification and Description Language - Object-oriented data in SDL-2010 Rev Rick Reed TD2178   2017-09 2019-09
29.     12/17 Z.161rev Testing and Test Control Notation version 3: TTCN-3 core language Rev Dieter Hogrefe TD2251 ETSI ES 201 873-1 2018-09 2019-09
30.     12/17 Z.161.2rev Testing and Test Control Notation version 3: TTCN-3 language extensions: Configuration and deployment support Rev Dieter Hogrefe TD2252 ETSI ES 202 781 2018-09 2019-09
31.     12/17 Z.161.6rev Testing and Test Control Notation version 3: TTCN-3 language extensions: Advanced Matching Rev Dieter Hogrefe TD2253 ETSI ES 203 022 2018-09 2019-09
32.     12/17 Z.161.7 Testing and Test Control Notation version 3: TTCN-3 language extensions: Object-Oriented Features  New Dieter Hogrefe TD2254 ETSI ES 203 790 2019-09 2019-09
33.     12/17 Z.166rev Testing and Test Control Notation version 3: TTCN-3 control interface (TCI) Rev Dieter Hogrefe TD2255 ETSI ES 201 873-6 2018-09 2019-09
34.     12/17 Z.169rev Testing and Test Control Notation version 3: Using XML schema with TTCN-3 Rev Dieter Hogrefe TD2256 ETSI ES 201 873-9 2018-09 2019-09
35.     14/17 X.1401 (X.sct-dlt) Security threats to Distributed Ledger Technology New Zhaoji Lin, 
Ke Wang, 
Kai Wei, 
Junjie Xia, Heung Youl Youm,
Min Zuo  TD2441   2017-09 2019-09


These Recommendations will enter AAP Last call from Sept 2019. 

f) Work items planned for action in next SG17 meeting:

 

 ​​ Q Acronym Title New / Revised Editor(s) Location of text Equivalent
e.g., ISO/IEC Start of work Timing
1.        4 TR.sec-qkd Technical Report: Security framework for quantum key distribution in telecom network New Matthieu Legré, Dong-Hi Sim TD2502   2018-09 2020-03
2.        4 X.cf-QKDN The use of cryptographic functions on a key generated by a Quantum Key Distribution networks" New Matthieu Legré, Dong-Hi Sim, TD2415   2019-01
2020-03
3.        4 X.gcpie*
Guidelines for Collection and Preservation of Cyber Security Incident Evidence New Jooyoung Lee, Daesung Moon, Jonghyun Kim, Ikkyun Kim TD2375  
2018-03 2020-03
4.        4 X.sec-QKDN_ov Security Requirements for QKD Networks - Overview New Dong-Hi SIM Matthieu Legré
Hao Qin
Zhangchao Ma TD2460   2019-01 2020-03
5.        5 X.tecwes*
Technologies in countering website spoofing for telecommunication organizations New Chen Zhang,
Ruzhen Hu, 
Nan Meng TD2394   2018-03 2020-03
6.        6 X.5Gsec-q* Security guidelines for applying quantum-safe algorithms in 5G systems New Fuwen Liu,
Yanfei Guo,
Zhiyuan Hu,
Zhaoji Lin,
Min Zuo TD2388   2018-03 2020-03
7.        6 X.amas-iot* Aggregate Message Authentication Scheme with Group Authentication Capability for IoT environment New Koji Nakao,
Junji Shikata TD2422   2018-09 2020-03
8.        6 X.elf-iot * Standard format of IoT error logs for security incident operations New

Koji Nakao,

Kiyotaka Atsumi

TD2399   2018-09 2020-03
9.        6 X.secup-iot * Secure Software Update Procedure for IoT Devices New

Takeshi Takahashi,

Koji Nakao,

Yunchul Choi

TD1959   2017-09 2020-03
10.     7 (10) X.fdip* Framework of de-identification processing service for telecommunication service providers New Ye Won Lee,
Hyungjin, Lim,
Lijun Liu,
Jongyoul Park,
Heung Youl Youm TD2380   2016-08 2020-03
11.     7 X.sfop Security framework of open platform for FinTech services New Jae Hoon Nah,
Feng Gao,
Xin Wang,
HyungJin Lim TD2461   2017-09 2020-03
12.     7 X.tfrca Technical framework of risk control to support authentication New Min Zuo,
Xin Wang TD2458   2018-09 2020-03
13.     8 X.GSBDaaS*
Guidelines on security of Big Data as a Service New Nan Meng
Chen Zhang
Mark McFadden TD2407   2016-09 2020-03
14.     8 X.sgtBD*
Security guidelines of lifecycle management for telecom Big Data New Lanfang Ren
Jin Peng
Feng Gao TD2386   2017-09 2020-03
15.     8 X.SRCaaS*
Security requirements for communication as a service application environments New Chen Zhang
Nan Meng,
Xuetao Du,
Ye Tao TD2403   2016-09 2020-03
16.     10 X.1254rev* Entity authentication assurance framework Rev Abbie Barbir,
David Tuner TD2372   2016-09 2020-03
17.     10 X.eaasd* Framework of enhanced authentication in telebiometric environments using anti-spoofing detection mechanisms New

Kepeng Li

Hongwei Luo

TD2478   2016-09 2020-03
18.     10 X.upu*
UPU S68 Postal identity management framework New

Abbie Barbir

Gustavo Damy

TD2507 UPU S68 2019-09 2020-03
19.     11 TR.ors Technical Report: Problems, requirements and potential solutions for OID resolution New Mark McFadden
Ruifen Mu
Linjian Song TD2417   2019-09 2020-03
20.     11 X.509prot Protocol specifications for public-key infrastructure and privilege management infrastructure New Erik Andersen TD2494 ISO/IEC 9594-11 2017-09 2020-03
21.     13 X.itssec-3 Security requirements for external device with vehicle access capability New

Aram Cho,

Seungwook Park,

Sang-Woo Lee,

Whapyeong Lim

TD2437   2017-09 2020-03
22.     14 X.dlt-sec* Security considerations for using DLT data in Identity Management New Abbie Barbir TD2497   2017-09 2020-03
23.     14 X.sra-dlt Security framework for Distributed Ledger Technology New

Hongru Zhu,

Xiaoyuan Bai,
Petr Kalambet,
Qiwi Kirill Ivkushkin,
Bilyk Tatiana,
Min Shu

TD2348   2017-09 2020-03
24.     14 X.str-dlt The security threats and requirements for digital payment services based on distributed ledger technology New Kyeong Hee Oh, ChangOh Kim, Preetika Singh TD2360   2017-09 2020-03


 

Annex B
New work items

The following 25 26 new work items were agreed to be added to the SG17 Work Programme:

# Question NWI Title A.1 justification
1.      
2/17
X.arch-design
Design Principles and Best Practices for Security Architectures
TD2451
2.       2/17 TP.sec-arch** Technical Paper - Implications and further considerations of security architecture patterns TD2421
3.       2/17 X.rf-csap Reference framework for continuous protection of service access process TD2382
4.       2/17 X.nsom-sec Security requirements and architecture for network slice orchestration and management TD2428
5.       4/17 TP.usm** Technical Paper: Unified Security Model (USM) - An integrated system approach to Cybersecurity TD2462
6.       4/17 X.ics-schema Security data schemas for integrated cyber defence solutions TD2452
7.       4/17 X.arc-ev Security architecture for evaluation of technical vulnerabilities TD2419
8.       4/17 X.sec_QKDN_tn  Security requirements for quantum key distribution networks - trusted node TD2455
9.       4/17 X.tfmpc Technical framework and application for secure multi-party computation TD2426
10.    5/17 TR.cs-ml** Technical Report - Countering spam based on AI TD2363
11.    5/17 X.1246rev* Revision to X.1246 TD2486
12.    ​ X.1247rev* Revision to X.1247 ​
13.    6/17 X.sg-rat* Security guidelines for the use of remote access tools in Internet-connected control system TD2453
14.    6/17 X.5Gsec-netec* Security capabilities of network layer for 5G edge computing TD2420
15.    7/17 X.scpa Security measures for countering password related online attacks TD2354
16.    7/17 X.sles* Security measures for location enabled smart office services TD2385
17.    8, 14/17 TR.BaaS-sec** Technical Report - Guideline on blockchain as a service (BaaS) security TD2408
18.    8/17 X.nssa-cc* Requirements of network security situational awareness platform for cloud computing TD2429
19.    8/17 X.sgmc* Security guidelines for multi-cloud TD2433
20.    10/17 X.upu* UPU S68 Postal identity management framework TD2507
21.    11/17 TR.ors** Technical Report - Problems, Requirements and Potential solutions for OID Resolution
TD2417
​​22.
 ​12/17
 ​Z.161.7
​Testing and Test Control Notation version 3: TTCN-​3 Language Extensions: Object-Oriented Features
TD2254​
23.    13/17 X.rsu-sec Security requirements for road side unit in intelligent transport systems TD2374
24.    13/17 X.ipscv Methodologies for intrusion prevention systems for connected vehicles TD2425
25.    14/17 TR.dlt-td** Technical Report - Terms and definitions for distributed ledger technology TD2357
26.    14/17 X.sc-dlt
Security controls for distributed ledger technology TD2358

 

Notes:

(1)     Target date for consent or determination of Recommendations or for agreement of Supplements or non-normative text.
*: for determination, **: for agreement

​ 

Annex C
Work items Removed

Q Acronym Title
11/17 X.Imp500-rev  Directory implementer's guide​
11/17 X.500-series.amd Amendments to 8th edition (2016) of X.500-series​



AltStyle によって変換されたページ (->オリジナル) /