[フレーム] [フレーム]

Connecting the world and beyond

Sep20-summary

Page Content

​​​​

Executive Summary

Meeting of ITU-T SG17 'Security', virtual, 24 August - 3 September 2020

Hot topics:

  • 5G security
  • IoT Security
  • ITS Security
  • Cloud Security
  • DLT security
  • Revision of ASN.1 series Recommendations
  • Revision of TTCN-3 series Recommendations
  • Preparation for WTSA2020

Meeting Output:

  • TAP approval: 10 new Recommendations, Details are in Annex A a).
  • TAP determined : 45 new Recommendations, Details are in Annex A d).
  • AAP Consented: 32 new/revised Recommendations/Corrigendum for Last Call. Details are in Annex A e).
  • Agreed 5 texts: Technical Reports. Details are in Annex A c).
  • New work items: 15 NWIs were agreed to be added to the SG17 Work Programme. Details are in Annex B.
  • SG17 Reports to WTSA-20 Part I - GENERAL (Annex 2 only) and Part II - QUESTIONS for next study period finalized  in SG17-LS285  ​​​

Next SG17 meetings:

  • 7 Jan 2021, SG17 e-plenary
    • 7 texts and C872 (late Contribution) are candidate for action in SG17 Jan 2021 e-plenary, see in Annex A f).
    • Open and extended management team meeting on 6 Jan 2020, 13:30-14:30
  • 1st SG17 meeting in next study period: tbc in SG17 Jan 2021 meeting.
    • 12 texts are candidate for action in 1st SG17 meeting meeting, see in Annex A g).
       
  • Interim RGMs: 9 Questions plan to hold 9 RGMs.
  1.  
Q​ Date Place/Host Subject/objective
1.                2/17
7-8 Dec 2020
e-meeting
  • To address all work items of Q2/17
2.                3/17 Dec 2020
e-meeting
  • To address all work items of Q3/17
3.                4/17 26-27 Nov 2020 e-meeting
  • To address all work items of Q4/17
4.                6/17 Jan 2021 e-meeting
  • To address all work items and identify future topics for Q6/17.
5.                8/17 11-12 Nov 2020 e-meeting
  • To address all items of Q8/17
6.               

10/17

 

Nov 2020 e-meeting
  • To progress all the work of Q10/17
7.               

11/17

 

19-30 Oct 2020

(agenda in TD3397)

e-meeting
  • Collaborative meeting ITU-T Q11/17 and ISO/IEC/JTC 1/SC 6/WG 10
8.                13/17 Nov 2020 e-meeting
  • To progress all the work of Q13/17
9.                14/17

Jan 2021 e-meeting
  • work on all items
  • review of deliverables from other study groups, focus groups and other SDOs

Tutorial: SG17 overview, TD3046​​

Participation:

  • 262 participants (307 announced): 32 countries, 28 Sector Members, 3 Associates, 4 Academia,and  5 invited experts.

All 3 SG17 Correspondence Groups are terminated:

  • CG-xss (correspondence group on transformation of security study)
  • CG-wtsa20-prep (Correspondence Group on SG17 preparation for WTSA-20)
  • CG-SECAD (Correspondence Group on security architecture development)

SG17 Task Force on Preparation for Next Study Period was created (ToR in TD3228)

Meeting input and organization:

  • Contributions: 110 – slight decrease (past meetings: 121, 151, 118, 144, 113, 106, 78, 81, 66, 74, 80) DDP: 100%; SG17 Counsellor reviewed all of them and provided substantial comments on 20 Cs (18%).
  • Contribution# from: APT (94 (85%) (= China 50.8 (46%), Korea 33.1 (30%), Japan 9.1), Americas   (10 (US 9 +CA 1)), EUR (5 (Swiss 2+ UK 2+Den 1)), LAM (1), AFR (0), ARAB (0), RCC (0). 
  • ​​TDs434 (previous meeting: 438, 508, 380, 420, 395, 426, 368, 391, 418, 371, 386)  - stable
  • LS:  incoming 58 (past meeting: 77, 67, 58, 47, 40, 45, 43, 38, 47); Outgoing 32 - stable (matrix TD2996 )

Annex A
Actions taken on Recommendations, and other texts at the 3 September 2020 plenary

a) TAP Recommendations approved (WTSA-16 Resolution 1):

# Q Acronym Title New / Revised Editor(s) Location of text Equivalent
e.g., ISO/IEC Start of work Timing
1.       
4/17 X.1216 (X.gcpie) Guidelines for Collection and Preservation of Cyber Security Incident Evidence
New Ikkyun Kim,
Jonghyun Kim
Jooyoung Lee, Daesung Moon TD3299

  2018-03 2020-03
2.        6/17 X.1366 (X.amas-iot) Aggregate message authentication schemes with group authentication capability for IoT environment New Koji Nakao,
Junji Shikata R58   2018-09 2020-03
3.        6/17 X.1367
(X.elf-iot) Standard format of IoT error logs for security incident operations New Kiyotaka Atsumi,
Koji Nakao R59   2018-09 2020-03
4.        7/17 X.1148
(X.fdip) Framework of de-identification process for telecommunication service providers New Ye Won Lee,
Hyungjin, Lim,
Lijun Liu,
Jongyoul Park,
Heung Youl Youm R60   2016-08 2020-03
5.        8/17 X.1750 (X.GSBDaaS) Guidelines on security of big data as a service for big data service providers New Mark McFadden,
Nan Meng,
Chen Zhang R61   2016-09 2020-03
6.        8/17 X.1606 (X.SRCaaS) Security requirements for communications as a service application environments   New Xuetao Du,
Nan Meng,
Ye Tao.
Chen Zhang R62   2016-09 2020-03
7.        8/17 X.1751 (X.sgtBD) Security guidelines on big data lifecycle management for telecommunication operators   New Feng Gao,
Jin Peng,
Lanfang Ren R63   2017-09 2020-03
8.        10/17 X.1254rev Entity authentication assurance framework Rev Abbie Barbir,
David Turner R64   2016-03 2020-03
9.        10/17 X.1279 (X.eaasd) Framework of enhanced authentication using telebiometrics with anti-spoofing detection mechanisms New Kepeng Li
Hongwei Luo R65   2016-08 2020-03
10.     14/17 X.1403
(X.dlt-sec) Security guidelines for using DLT for decentralized identity management    New Abbie Barbir TD3371   2017-09 2020-03

 

b) TAP Recommendations not approved (WTSA-16 Resolution 1):

none

c) Amendment approved, Corrigendum approved, Supplements agreed:

The SG17 plenary meeting approved the following texts by agreement:

# Q Acronym Title New / Revised Editor(s) Location of text Equivalent
e.g., ISO/IEC Start of work Timing
1.        1/17 Security Manual Security in telecommunications and information technology (7th edition) Rev Kyeong Hee Oh TD3104   2018-09 2020-09
2.        1/17 TR.suss-rev Successful use of security standards (2nd edition) Rev Abbie Barbir TD3103   2019-01 2020-09
3.        4/17 TP.inno Description of the incubation mechanism and ways to improve it New Arnaud Taddei TD3353   2019-01 2020-09
4.        4/17 TP.sgstruct Strategic approaches to the transformation of security studies New Arnaud Taddei TD3355   2019-01 2020-09
5.        4/17 TR.usm Unified Security Model (USM) - a neutral integrated system approach to Cybersecurity New Jacques Francoeur, Paul B. Najarian TD3390   2019-01 2020-09

 

d) Recommendations determined (TAP – WTSA-16 Resolution 1):

# Q Acronym Title New / Revised Editor(s) Location of text Equivalent (e.g., ISO/IEC) Start of work Timing
1.        4/17 X.1217 (X.fgati) Framework and guidelines for applying threat intelligence in telecom network operation New Yexia Chang,
Lanfang Ren,
Min Zuo

TD3358

(A.5 in TD3326)

 

  2018-03 2020-09
2.        6/17 X.1811 (X.5Gsec-q) Security guidelines for applying quantum-safe algorithms in 5G systems New Yanfei Guo,
Zhiyuan Hu,
Zhaoji Lin,
Fuwen Liu,
Min Zuo TD3352   2018-03 2020-09
3.        6/17 X.1368 (X.secup-iot) Secure software update procedure for IoT devices
New Yunchul Choi,
Koji Nakao,
Takeshi Takahashi TD3102   2017-09 2020-09
​4.
​10/17
​X.1252rev*
​Baseline identity management terms and definitions
​Rev
​Abbie Barbir
R77

​2018-03
​2020-09
4.  5.      13/17 X.1376 (X.mdcv) Security-related misbehaviour detection mechanism based on big data analysis for connected vehicles New
Yi Zhang,
Minrui Yan,
Yuming Ge,
Jianxin Liu​

TD3168    2018-03 2020-09

 Note: X.1252rev was determined in SG17 closing plenary on 3 September 2020 but misunderstood by SG17 secretary as for determination at the 7 January 2021 SG17 e-plenary. Consequently, it was not included in TSB Circular 268 announcing TAP consultation of SG17 determined texts. This mistake was identified in preparation for SG17 plenary meeting on 7 January 2021. Its TAP consultation was launched after SG17 plenary meeting on 7 January 2021 via TSB Circular 289. 

e) AAP Recommendations consented for Last Call (Recommendation ITU-T A.8):

The SG17 plenary meeting gave consent (AAP) to the following new/rev ITU-T Recommendations and Technical Corrigendum for Last Call according to Recommendation ITU-T A.8:


# Q Acronym Title New / Revised Editor(s) Location of text Equivalent
e.g., ISO/IEC Start of work Timing
1.        2/17 X.1046 (X.SDSec) Guideline on software-defined security in SDN (Software-defined Networking)/NFV (Network Function Virtualization) network New Zhiyuan Hu,
Ye Tao,
Junzhi Yan,
Bo Yang,
Xiaojun Zhuang TD3359   2018-03 ​ 2020-09
2.        3/17 X.1052rev Organization information security management guideline Rev Lijun Liu,
Ming Lyu,
Jinghua Min TD3368   2019-09 ​ 2020-09
3.        4/17 X.1218 (X.rdmase) Requirements and guidelines for dynamic malware analysis in a sandbox environment New Sheng Gao,
Zhaoji Lin,
Tian Tian,
Jigang Wang,
Hanbing Yan TD3339   2019-01 ​ 2020-09
4.        4/17 X.1710
(X.sec-QKDN_ov) Security framework for quantum key distribution networks New Matthieu Legré
Zhangchao Ma,
Hao Qin,
Dong-Hi Sim TD3325   2019-01 ​ 2020-09
5.        4/17  X.1714
(X.cf-QKDN) Key combination and confidential key supply for quantum key distribution networks New Matthieu Legré,
Dong-Hi Sim TD3324   2019-01 ​ 2020-09
6.        7/17 X.1452 (X.tfss) Technical framework for security services provided by operators New Yexia Cheng,
Feng Gao,
Yu Jiang,
Jae Hoon Nah,
Arnaud Taddei,
Junjie Xia TD3279   2018-03 ​ 2020-09
7.        11/17 X.680rev(1) Information technology - Abstract Syntax Notation One (ASN.1): Specification of basic notation Rev Paul Thorpe TD3424 ISO/IEC 8824-1 2019-09 ​ 2020-09
8.        11/17 X.681rev(1) Information technology - Abstract Syntax Notation One (ASN.1): Information object specification Rev Paul Thorpe TD3424 ISO/IEC 8824-2 2019-09 ​ 2020-09
9.        11/17 X.682rev(1) Information technology - Abstract Syntax Notation One (ASN.1): Constraint specification  Rev Paul Thorpe TD3424 ISO/IEC 8824-3 2019-09 ​ 2020-09
10.     11/17 X.683rev(1) Information technology - Abstract Syntax Notation One (ASN.1): Parameterization of ASN.1 specifications Rev Paul Thorpe TD3424 ISO/IEC 8824-4 2019-09 ​ 2020-09
11.     11/17 X.690rev(1) Information technology - ASN.1 encoding rules: Specification of Basic Encoding Rules (BER), Canonical Encoding Rules (CER) and Distinguished Encoding Rules (DER)  Rev Paul Thorpe TD3424 ISO/IEC 8825-1 2019-09 ​ 2020-09
12.     11/17 X.691rev(1) Information technology - ASN.1 encoding rules: Specification of Packed Encoding Rules (PER)  Rev Paul Thorpe TD3424 ISO/IEC 8825-2 2019-09 ​ 2020-09
13.     11/17 X.692rev(1) Information technology - ASN.1 encoding rules: Specification of Encoding Control Notation (ECN) Rev Paul Thorpe TD3424 ISO/IEC 8825-3 2019-09 ​ 2020-09
14.     11/17 X.693rev(1) Information technology - ASN.1 encoding rules: XML Encoding Rules (XER) Rev Paul Thorpe TD3424 ISO/IEC 8825-4 2019-09 ​ 2020-09
15.     11/17 X.694rev(1) Information technology - ASN.1 encoding rules: Mapping W3C XML schema definitions into ASN.1  Rev Paul Thorpe TD3424 ISO/IEC 8825-5 2019-09 ​ 2020-09
16.     11/17 X.695rev(1) Information technology - ASN.1 encoding rules: Registration and application of PER encoding instructions Rev Paul Thorpe TD3424 ISO/IEC 8825-6 2019-09 ​ 2020-09
17.     11/17 X.696rev(1) Information technology - ASN.1 encoding rules: Specification of Octet Encoding Rules (OER) Rev Paul Thorpe TD3424 ISO/IEC 8825-7 2019-09 ​ 2020-09
18.     11/17 X.697rev(1) Information technology - ASN.1 encoding rules: Specification of JavaScript Object Notation Encoding Rules (JER) Rev Paul Thorpe TD3424 ISO/IEC 8825-8 2019-09 ​ 2020-09
19.     11/17 X.894 Cor. 2(1) Generic applications of ASN.1
Cryptographic Message Syntax New Jean-Paul Lemaire TD3271 ISO/IEC 24824-4   ​ 2020-09
20.     12/17 Z.161rev Testing and Test Control Notation version 3: TTCN-3 core language Rev Dieter Hogrefe

TD3190

(A.5 TD3191)

ETSI ES 201 873-1 2019-09 ​ 2020-09
21.     12/17 Z.161.3rev Testing and Test Control Notation version 3: TTCN-3 language extensions: Advanced Parameterization Rev Dieter Hogrefe

TD3192

(A.5 TD3193)

ETSI ES 202 784 2019-09 ​ 2020-09
22.     12/17 Z.161.4rev Testing and Test Control Notation version 3: TTCN-3 language extensions: Behaviour types Rev Dieter Hogrefe

TD3194

(A.5 TD3195)

ETSI ES 202 785 2019-09 ​ 2020-09
23.     12/17 Z.161.6rev Testing and Test Control Notation version 3: TTCN-3 language extensions: Advanced Matching Rev Dieter Hogrefe

TD3196

(A.5 TD3197)

ETSI ES 203 022 2019-09 ​ 2020-09
24.     12/17 Z.161.7rev Testing and Test Control Notation version 3: TTCN-3 language extensions: Object-Oriented Features Rev Dieter Hogrefe

TD3198

(A.5 TD3199)

ETSI ES 203 790 2019-09 ​ 2020-09
25.     12/17 Z.165.1rev Testing and Test Control Notation version 3: TTCN-3 language extensions: Extended TRI Rev Dieter Hogrefe

TD3200

(A.5 TD3201)

ETSI ES 202 789 2019-09 ​ 2020-09
26.     12/17 Z.166rev Testing and Test Control Notation version 3: TTCN-3 control interface (TCI) Rev Dieter Hogrefe TD3202 (A.5 TD3203) ETSI ES 201 873-6 2019-09 ​ 2020-09
27.     12/17 Z.167rev Testing and Test Control Notation version 3: Using ASN.1 with TTCN-3 Rev Dieter Hogrefe TD3204 (A.5 TD3205) ETSI ES 201 873-7 2019-09 ​ 2020-09
28.     12/17 Z.169rev Testing and Test Control Notation version 3: Using XML schema with TTCN-3 Rev Dieter Hogrefe TD3206 (A.5 TD3207) ETSI ES 201 873-9 2019-09 ​ 2020-09
29.     13/17 X.1374 (X.itssec-3) Security requirements for external device with vehicle access capability New Aram Cho,
Sang-Woo Lee,
Whapyeong Lim,
Seungwook Park TD3290

  2017-09 ​ 2020-09
30.     13/17 X.1375 (X.itssec-4) Methodologies for intrusion detection system on in-vehicle system New ChangOh Kim,
HuyKang Kim,
Sang-Woo Lee,
Seungwook Park
TD3293   2017-09 ​ 2020-09
31.     14/17 X.1400
(X.dlt-td) Terms and definitions for distributed ledger technology New Ji Hye Kim,
Heung Youl Youm
TD3292   2019-09 ​ 2020-09
32.     14/17 X.1404
(X.sa-dlt) Security assurance for distributed ledger technology New Mee Yeon Kim,
Ke Wang,
Heung Youl Youm TD3294

  2017-09 ​ 2020-09

Note:​

(1)   Q11/17 requested AAP Last call of revised ASN.1 Recommendations deferred to November 2020 so that these common texts are synchronized with its FDIS approval by ISO/IEC JTC1/SC6.

 

f) Work items planned for action in SG17 Jan 2021 meeting:

Note #
Q
Acronym Title

New / Revised Editor(s) Location of text Equivalent
e.g., ISO/IEC Start of work Timing
1.        3/17 X.1054rev***(1) Information technology - Security techniques - Governance of information security Rev Jinghua Min,
Thaib Mustafa,
Anfona Traore R56 ISO/IEC 27014 2020-03 2021-01
2.        4/17 X.1217
(X.fgati)*** Framework and guidelines for applying threat intelligence in telecom network operation New Yexia Chang,
Lanfang Ren,
Min Zuo TD3358   2018-03 2020-09
3.        6/17 X.1811 (X.5Gsec-q)*** Security guidelines for applying quantum-safe algorithms in 5G systems New Yanfei Guo,
Zhiyuan Hu,
Zhaoji Lin,
Fuwen Liu,
Min Zuo TD3352   2018-03 2020-09
4.        6/17 X.1368 (X.secup-iot)*** Secure software update procedure for IoT devices New Yunchul Choi,
Koji Nakao,
Takeshi Takahashi TD3102   2017-09 2020-09
5.        13/17 X.1376 (X.mdcv)*** Security-related misbehaviour detection mechanism based on big data analysis for connected vehicles New Jianhao Liu,
Minruni Yan,
Yi Zhang
TD3168    2018-03 2020-09
6.        4/17 X.sec-QKDN_km Security requirements and designs for quantum key distribution networks - key management New Dong-Hi SIM, Jiajun Ma, Kaoru Kenyoshi, Hao Qin TD3316   2019-01 2021-01
7.        10/17 X.1252rev Baseline identity management terms and definitions Rev Abbie Barbir TD3286   2018-03 2021-01
8.        10/17  To consider late contribution C872 to SG17 Aug/Sep 2020 meeting proposing NWI X.1251rev "A framework for user control of digital identity"         

Note:

  1. 1    TAP approval of X.1054rev was deferred by SG17 Aug/Sep 2020 meeting to next SG17 Jan 2021 meeting so that this common text is synchronized with its FDIS approval by ISO/IEC JTC1/SC27;
  2. 2-5  for TAP approval; 
  3. 6     for AAP consent; 
  4. 7     for TAP determination; 
  5. 8     NWI for approval by SG17 agreement.

g) Work items planned for action in 1st SG17 meeting in next study period (tbc):

# Q Acronym Title New / Revised Editor(s) Location of text Equivalent
e.g., ISO/IEC Start of work Timing
1.        3/17
X.framcdc Framework for the creation and operation for a Cyber Defence Center
New Arnaud TADDEI
Shinji ABE
Shigenori TAKEI TD3398   2018-03 2021-03
2.        3/17 X.ciag Cyber insurance acquisition guideline for Information and Communication Technologies (ICT) services provider New Thaib Mustafa,
Ong Yew Seng TD2944   2019-01 2021-03
3.        3/17 X.sup-csc** Critical security controls for telecommunication organization information and network security management in support of ITU-T X.105 New
Payen PATRICE, Arnaud TADDEI, Thaib MUSTAFA TD1971   2018-09 2021-03
4.        5/17 X.gcims* Guidelines for countering instant messaging spam  New

Huamin Jin
ChangOh Kim
Laifu Wang
Shuai Wang
Yanbin Zhang

TD3304   2017-09 2021-03
5.        5/17 X.tecwes* Technologies in countering website spoofing for telecommunication organizations  New Chen Zhang,
Ruzhen Hu, 
Meng Nan TD3349   2018-03 2021-03
6.        5/17 X.1246rev* Technologies involved in countering voice spam in telecommunication organizations  Rev

Yanbin Zhang
Dmitry Cherkesov

TD2838   2019-09 2021-03
7.        5/17 X1247rev* Technical framework for countering mobile messaging spam  Rev

Yanbin Zhang
Dmitry Cherkesov

TD2838  
2019-09 2021-03
8.        5/17 TR.cs-ML**

Technical Report:Countering Spam based on machine learning

 New

Wei LIU
Ye TAO

TD3314   2019-09 2021-03
9.        7/17 X.sgos Security guidelines of Web-based online customer service New Hang Dong,
Wenxin Wang
Lijun Liu,
Jae Hoon Nah TD3418   2018-03 2021-03
10.     14/17 X.srip-dlt* Security requirements for intellectual property management based on distributed ledger technology New Min Shu, Yunwei Zhao, Yuhee Ki, Wenlei Wang, Yang Wu, Jung Yeon Hwang TD3229   2018-09 2021-03
11.     14/17 X.str-dlt Security threats and requirements for DLT New Kyeong Hee Oh, ChangOh Kim, Preetika Singh TD3300   2018-09 2021-03
12.     14/17 X.stov Security threats to online voting using distributed ledger technology New Keundug Park, ChangOh Kim, Heung Youl Youm, Byoung-moon Chin TD3297   2017-09 2021-03

Note:

*    for TAP determination

**  approval by SG17 agreement

 

Annex B
New work items

The following new work items were agreed to be added to the SG17 Work Programme:

# Question NWI TD Title​ C
1.       
1/17
TP.sec-sr**
TD3082, TD3083, TD3084 SG17 activities and achievements in support of the most recent Resolutions of the ITU PP, WTDC and WTSA  
2.        8/17 TR.fssvs**
TD3400, TD3303 Framework for Security Standardization for Virtualized Services     C863R3
3.        10/17 X.tec-idms*
TD3403 Techniques for management and protection of user data in distributed identity systems C871
4.        10/17 X.1250rev
TD3360 Baseline capabilities for enhanced global identity management and interoperability C873
5.        10/17 X.gpwd
TD3362 Guidelines for securing password and password-less authentication solutions C875
6.        14/17 X.sa-dsm*
TD3288 Security architecture of data sharing management based on DLT C887
7.        6/17 X.ztd-iot*
TD3327 Security methodology for zero-touch massive IoT deployment C910
8.        7/17 TR.cta**
TD3317 Use cases of contact tracing applications to prevent spread of infectious diseases C916
9.        6/17 X.5Gsec-vs*
TD3329 Security requirements for vertical services supporting ultra-reliable and low latency communication (URLLC) in the 5G non-public networks C928
10.     13/17 X.eVTOL-sec*
TD3346
Security guidelines for electric vertical take-off and landing (eVTOL) vehicle in an urban air mobility environment C934
11.     4/17 X.sec_QKDN_intrq
TD3377, TD3378 Security requirements for integration of QKDN and secure network infrastructures C938
12.     14/17 X.srscm-dlt TD3281 Security Requirements for Smart Contract Management based on DLT C948
13.     6/17 X.5Gsec-ssl*
TD3415 Guidelines for classifying security capabilities in 5G network slice C952
14.     14/17 TR.qs-dlt**
TD3291 Guidelines for quantum-safe DLT systems C953
15.     11/17 X.510 Amd.1 TD3425 Amendment to X.510: Protocol specifications for secure operations  

 

Notes:

*: for TAP determination, **: for approval by SG17 agreement  ​

Annex C
Work items Removed

none


AltStyle によって変換されたページ (->オリジナル) /