[フレーム] [フレーム]

Connecting the world and beyond

Sep21-summary

Page Content


Executive Summary

Meeting of ITU-T SG17 'Security', virtual, 24 August - 3 September 2021

Hot topics

o   PKI, OID, TTCN-3

o   Countering spam and website spoofing

o   5G security

o   IoT security

o   Cloud security

o   Big data infrastructure security

o   Web based online customer service security

o   DLT based service security

o   Key management of QKDN

o   Security multi-party computation

Meeting Output

  • TAP approval (1): X.1233, Details are in Annex A a).
  • TAP determined (11): 9 new and 2 revised Recommendations. Details are in Annex A d).
  • AAP consented (19): 7 new, 10 revised Recommendations and 1 Corrigendum, 1 Amendment, for AAP Last Call. Details are in Annex A e).
  • Agreed (2): 1 new Supplement and 1 new Technical Report. Details are in Annex A c).
  • New work items (7): Details are in Annex B.
  • Work items discontinued (4): Details are in Annex C.
  • New Registry authority for Annex C of ITU-T X.666 | ISO/IEC 9834-7 (pending agreement by ISO/IEC/JTC 1/SC 6)
    • Standards Council of Canada (SCC)
  • Workshops:
    • 2nd ITU/WHO workshop on Digital Vaccination Certificate, jointly organized by ITU-T SG17, SG16 and SG20, date tbd in 2021 during ITU Digital World.

Next SG17 meetings

  • Friday 7 Jan 2022, SG17 e-plenary (virtual, 11:00-16:00)
    • Open and extended management team meeting on Wed 5 Jan 2022, 12:00-15:00.
    • Tasks:
      • Final review of SG17 reports to WTSA-20;
      • Planning of future SG17 meeting after WTSA-20;
      • 12 work items identified (X.pki-em for AAP consent + 11 determined texts for TAP approval) for action, see Annex A f).
  • May/June 2022 SG17 meeting [virtual, 10/9 working days, 10:00-16:00] | [physical in Geneva, 8 working days]
    • Open and extended management team meeting, tbd, virtual 13:00-15:00 | physical?
  • 2nd SG17 meeting in next study period: Aug/Sep 2022?

     
  • Interim RGMs: 6 Questions plan to hold 8 RGMs before 1st SG17 meeting after WTSA-20.
  1.  
Q Date Place/Host Subject/objective
1.                  2/17
24-25 Nov 2021
e-meeting
  • To progress on  work items of Q2/17 planned for action in 1st SG17 meeting after WTSA-20.
2.                  3/17 5 Oct 2021 e-meeting
  • To review 3rd Revised baseline text for X.1051-rev2 (1st CD 27011) and prepare reply to SC27 LS/i
  • Contribution deadline is 2 Oct 2021
3.                  3/17 Feb 2022 e-meeting
  • Tbd by the previous Q3/17 RGM
4.                  Q6/17 Dec 2021 or Feb 2022 e-meeting
  • To progress all the work items of Q6/17
5.                  10/17 Nov 2021 e-meeting
  • To progress all the work items of Q10/17
6.                  10/17 Feb 2022 e-meeting ​
7.                  14/17  Nov/Dec 2021 e-meeting
  • As a joint session with Q22/16
  • work on the action items: X.ss-dlt, TR.qs-dlt
  • preparation for workshops: Joint workshop with TC 307
  • review of deliverables from other study groups, focus groups and other SDOs
8.                  15/17 20-21 Jan 2022 e-meeting
  • To address and discuss draft X.sec_QKDN_intrq for consent in the next study period
  • Contribution deadline is 13 Jan 2022 ​


Tutorial

SG17 overview TD3787

Statistics of participants

  participants countries Member States Sector Members SG17 Associates Academia Invited Experts
Announced 252 37 27 31 3 2 8
Final 223 28 21 31 3 2 8


SG17 Correspondence Group/task force​

  • CG-SG17-meeting: new​​ (ToR in TD4006R2​)
  • CG-wtsa20-prep (Correspondence Group on SG17 preparation for WTSA-20): continued​

Meeting input and organization​

  • Contributions: 98 – stable, DDP: 99%.
    • APT 81 (83%) [China 41 (42%), Korea 30 (31%), Japan 10 (10%)]
    • Americas 8 (8%) [US 8]
    • EUR 7 (7%) [Denmark 1, UK 1, Germany 4, Switzerland 1]
    • AFR 2 (Kenya, Senegal, and Ghana)
    • LAM (0), ARAB (0), RCC (0). 
  • LS: (matrix in TD3801)
    • incoming 46 - stable
    • Outgoing 26 - stable
  • TDs: 336 - stable

Annex A
Actions taken on Recommendations, and other texts at SG17 closing plenary on 3 Sept 2021

a) TAP Recommendations approved (WTSA-16 Resolution 1):

# Q Acronym Title New / Revised Editor(s) Location of text Equivalent
e.g., ISO/IEC Start of work Timing
  1.  
4/17 X.1233 (X.gcims) Guidelines for countering spam over instant messaging New Huamin Jin,
ChangOh Kim,
Laifu Wang,
Shuai Wang,
Yanbin Zhang R83
  2017-09 2021-09

 

b) TAP Recommendations not approved (WTSA-16 Resolution 1):

none

c) Other texts (Supplement, Implementers' Guide, etc) agreed:

The SG17 plenary meeting approved the following texts by agreement:

# Q Acronym Title New / Revised Editor(s) Location of text Equivalent
e.g., ISO/IEC Start of work Timing
1.        3/17 X.Suppl.36
(X.sup-csc) Supplement to X.1051: Critical security controls for telecommunication organization New Patrice Payen,
Arnaud Taddei,
Mustafa Thaib TD4087   2018-09 2021-09
2.        8/17 TR.XAASL Technical Report: Framework for security standardization for virtualized services New
Mark McFadden TD4041   2020-09 2021-09

 

d) Recommendation determined (TAP – WTSA-16 Resolution 1):

# Q Acronym Title New / Revised Editor(s) Location of text Equivalent (e.g., ISO/IEC) Start of work Timing
1.        2/17 X.1812
(X.5Gsec-t) Security framework based on trust relationship for IMT-2020 ecosystem New Minpeng Qi,
Li Su,
Junzhi Yan,
HeungYoul Youm TD3976   2018-09 2021-09
2.        4/17 X.1246Amd.1 Technologies involved in countering voice spam in telecommunication organizations New Dmitry Cherkesov,
Yanbin Zhang TD4000   2019-09 2021-09
3.        4/17 X.1247Amd.1 Technical framework for countering mobile messaging spam New Dmitry Cherkesov,
Yanbin Zhang TD4000   2019-09 2021-09
4.        4/17 X.1234
(X.gcmms) Guideline for countering Multimedia Messaging Service (MMS) spam New Jinfeng Kou,
Zhaoji Lin,
 Wei Liu,
Ye Tao TD4040   2018-09 2021-09
5.        4/17 X.1235
(X.tecwes) Technologies in countering website spoofing for telecommunication organizations New Ruzhen Hu,
Meng Nan,
Chen Zhang TD4043   2018-03 2021-09
6.        6/17 X.1333
(X.sg-rat) Security guidelines for use of remote access tools in Internet-connected control systems New Gunhee Lee TD4004   2019-09 2021-09
7.        6/17 X.1369
(X.ssp-iot) Security requirements for IoT service platform New Hao Dong,
Yanfei Guo,
Lijun Liu,
Jae Hoon Nah, Wenxin Wang, Junjie Xia TD4068   2018-03 2021-09
8.        6/17 X.1453
(X.strvms) Security threats and requirements for video management systems New Jong Wook Han,
Geon Woo Kim,
Kyungsoo Lim TD4011   2018-03 2021-09
9.        8/17 X.1752
(X.sgBDIP) Security guidelines for big data infrastructure and platform New Arnaud Taddei,
Ye Tao,
Laifu Wang TD4045   2018-03 2021-09
10.     8/17 X.1643
(X.sgcc) Security guidelines for container in cloud computing environment New Lanfang Ren,
Ye Tao,
Laifu Wang,
Lei Xu TD4048   2018-09 2021-09
11.     14/17 X.1407
(X.srip-dlt) Security requirements for digital integrity proofing service based on distributed ledger technology New Jung Yeon Hwang,
Juhee Ki,
Min Shu,
Wenlei Wang,
Yang Wu,
Yunwei Zhao TD4014   2018-09 2021-09

 

e) AAP Recommendations consented for Last Call (Recommendation ITU-T A.8):

The SG17 plenary meeting gave consent (AAP) to the following new/revised ITU-T Recommendations for Last Call according to Recommendation ITU-T A.8:

# Q Acronym Title New / Revised Editor(s) Location of text Equivalent
e.g., ISO/IEC Start of work Timing
1.        2/17 X.1047
(X.nsom-sec) Security requirements and architecture for network slice orchestration and management New Zhiyuan Hu,
Huamin Jin,
Ye Tao,
Junzhi Yan TD3975
(A.5 TD3900)   2019-09 ​ 2021-09
2.        2/17 X.1011
(X.rf-csap) Guidelines for continuous protection of service access process New Chao Huang,
Min Shu,
Weilei Wang,
Chen Zhang TD3974   2019-09 ​ 2021-09
3.        7/17 X.1470
(X.sgos) Security guidelines of web-based online customer service New Hao Dong,
Lijun Liu,
Jae Hoon Nah,
Wenxin Wang

TD4071

(A.5 TD4094)

  2018-03 ​ 2021-09
4.        10/17 X.1080.2
(X.b2m) Biology to machine protocol New Erik Andersen,
John Caras,
Myung Geun Chun TD3977   2018-09 ​ 2021-09
5.        11/17 X.501Amd.1 Information Technology - Open systems Interconnection - The Directory – Models New Erik Andersen TD3971 ISO/IEC 9594-2 2021-04 ​ 2021-09
6.        11/17 X.509Cor.1 Information Technology - Open systems Interconnection - The Directory – Public-key and attribute certificate frameworks New Erik Andersen TD3972 ISO/IEC 9594-8 2021-04 ​ 2021-09
7.        11/17 X.672rev Information technology – Open systems interconnection – Object identifier resolution system Rev

Zhou Liang,

Zhihui Liu,
 RuiFen Mu,
Linjian Song

TD4009 ISO/IEC 29168-1 2020-03 ​ 2021-09
8.        11/17 Z.161rev Testing and Test Control Notation version 3: TTCN-3 core language Rev Dieter Hogrefe

TD3978

(A.5 TD3979)

ETSI ES 201 873-1   ​ 2021-09
9.        11/17 Z.161.2rev Testing and Test Control Notation version 3: TTCN-3 language extensions: Configuration and deployment support Rev Dieter Hogrefe

TD3980

(A.5 TD3981)

ETSI ES 202 781   ​ 2021-09
10.     11/17 Z.161.3rev Testing and Test Control Notation version 3: TTCN-3 language extensions: Advanced parameterization Rev Dieter Hogrefe

TD3982

(A.5 TD3983)

ETSI ES 202 784   ​ 2021-09
11.     11/17 Z.161.4rev Testing and Test Control Notation version 3: TTCN-3 language extensions: Behaviour types Rev Dieter Hogrefe

TD3984

(A.5 TD3985)

ETSI ES 202 785   ​ 2021-09
12.     11/17 Z.161.7rev Testing and Test Control Notation version 3: TTCN-3 language extensions: Object-Oriented Features Rev Dieter Hogrefe

TD3986

(A.5 TD3987)

ETSI ES 230790   ​ 2021-09
13.     11/17 Z.167rev Testing and Test Control Notation version 3: Using ASN.1 with TTCN-3 Rev Dieter Hogrefe

TD3988

(A.5 TD3989)

ETSI ES 201873-7   ​ 2021-09
14.     11/17 Z.168rev Testing and Test Control Notation version 3: The IDL to TTCN-3 mapping Rev Dieter Hogrefe

TD3990

(A.5 TD3991)

ETSI ES 201873-8   ​ 2021-09
15.     11/17 Z.169rev Testing and Test Control Notation version 3: Using XML schema with TTCN-3 Rev Dieter Hogrefe

TD3992

(A.5 TD3993)

ETSI ES 201873-9   ​ 2021-09
16.     11/17 Z.171rev Testing and Test Control Notation version 3: Using JSON with TTCN-3 Rev Dieter Hogrefe

TD3994

(A.5 TD3995)

ETSI ES 201873-11   ​ 2021-09
17.     14/17 X.1408
(X.das-mgt) Security threats and requirements for data access and sharing based on distributed ledger technology New Zhiyuan Hu,
Mee Yeon Kim,
Keundug Park,
Heung Youl Youm TD4017   2018-03 ​ 2021-09
18.     15/17 X.1712
(X.sec-QKDN_km) Security requirements and designs for quantum key distribution networks - key management New Kaoru Kenyoshi,
Jiajun Ma,
Hao Qin,
Dong-Hi Sim TD3939   2019-01 ​ 2021-09
19.     15/17 X.1770
(X.tf-mpc) Technical guidelines for secure multi-party computation New Xiaoyuan Bai,
Cheng Hong,
Jung Yeon Hwang,
Zhaoji Lin,
Hongru Zhu TD4035   2019-09 ​ 2021-09
​ ​ ​ ​ ​ ​ ​ ​ ​ ​ ​

f) Recommendations planned for action in SG17 Jan 2022 meeting:

#   Q Acronym Title New / Revised Editor(s) Location of text Equivalent
e.g., ISO/IEC Start of work Timing
1.        AAP consent 11/17 X.pki-em Information Technology – Public Key Infrastructure: Establishment and maintenance New Erik Andersen TD3658R1 TBD 2012-08 2022-01
2.        TAP approval 2/17 X.1812 (X.5Gsec-t) Security framework based on trust relationship for IMT-2020 ecosystem New

Li Su,
Minpeng Qi,
Junzhi Yan,
HeungYoul Youm

R102
  2018-09 2022-01
3.        TAP approval 4/17 X.1246Amd Technologies involved in countering voice spam in telecommunication organizations New Dmitry Cherkesov,
Yanbin Zhang R94   2019-09 2022-01
4.        TAP approval 4/17 X.1247Amd Technical framework for countering mobile messaging spam New Dmitry Cherkesov,
Yanbin Zhang R95   2019-09 2022-01
5.        TAP approval 4/17 X.1234 (X.gcmms) Guideline for countering Multimedia Messaging Service (MMS) spam New Jinfeng Kou,
Wei Liu,
Ye Tao,
Lin Zhaoji R92   2018-09 2022-01
6.        TAP approval 4/17 X.1235 (X.tecwes) Technologies in countering website spoofing for telecommunication organizations New Ruzhen Hu,
Meng Nan,
Chen Zhang R93   2018-03 2022-01
7.        TAP approval 6/17 X.1333
(X.sg-rat) Security guidelines for use of remote access tools in Internet-connected control systems New Gunhee Lee R96   2019-09 2022-01
8.        TAP approval 6/17 X.1369 (X.ssp-iot) Security requirements for IoT service platform New Hao Dong,
Yanfei Guo,
Lijun Liu,
Jae Hoon Nah,
Wenxin Wang, Junjie Xia R97   2018-03 2022-01
9.        TAP approval 6/17 X.1453 (X.strvms) Security threats and requirements for video management systems New Jong Wook Han,
Geon Woo Kim,
Kyungsoo Lim R99   2018-03 2022-01
10.     TAP approval 8/17 X.1752 (X.sgBDIP) Security guidelines for big data infrastructure and platform New Arnaud Taddei,
Ye Tao,
Laifu Wang R101   2018-03 2022-01
11.     TAP approval 8/17 X.1643 (X.sgcc) Security guidelines for container in cloud computing environment New Lanfang Ren,
Ye Tao,
Laifu Wang,
Lei Xu R100   2018-09 2022-01
12.     TAP approval 14/17 X.1407 (X.srip-dlt) Security requirements for digital integrity proofing service based on distributed ledger technology New Jung Yeon Hwang,
Juhee Ki,
Min Shu,
Wenlei Wang,
Yang Wu,
Yunwei Zhao R98   2018-09 2022-01



Annex B
New work items

The following new work items were agreed to be added to the SG17 Work Programme:

#​ Question NWI TD Title C
1.        2/17 XSTP-5Gsec-RM** TD4090 Technical paper: 5G security standardization roadmap C1113
2.        2/17 TR.zt-acp** TD4049 Technical report: Guideline for zero trust based access control platform in telecommunication network C1174
3.        6/17 X.ra-iot* TD4096 Security risk analysis framework for IoT devices C1096
4.        7/17 X.saf-dfs TD4056 Security assurance framework for digital financial services C1135
5.        10/17 X.oob-sa* TD4029 Framework for out-of-band server authentication using mobile devices C1132
6.        10/17 X.srdidm TD4018 Security requirements for decentralized identity management systems using distributed ledger technology C1128
7.        13/17 X.idse TD4005 Evaluation methodology for in-vehicle intrusion detection system C1175

Notes:

*: for TAP determination, **: for agreement, others for consent 

Annex C
Work items discontinued

# Question Acronym Title
1.        1/17
TP.sec-arch Technical Paper: Implications and further considerations of security architecture patterns
2.        10/17 X.upu Postal identity management framework
3.        10/17 X.tas Telebiometric authentication using speaker recognition
4.        14/17 X.tf-spd-dlt Technical framework for secure software programme distribution mechanism based on distributed ledger technology​


AltStyle によって変換されたページ (->オリジナル) /