[フレーム] [フレーム]

Connecting the world and beyond

Sep22-summary

Page Content

​​

Executive Summary

Meeting of ITU-T SG17 'Security', Geneva, 23 August - 2 September 2022

Hot topics

  • Intelligent transport system security
  • Revised TTCN-3 standards
  • 5G security
  • Cloud security
  • DLT based security services
  • IoT security

1        Meeting Output (meeting statistics see Annex E below)

  • Output standards (29, see Annex A):
    • TAP approval (3): Details are in Annex A a).
    • TAP determined (11): 11 new Recommendations. Details are in Annex A b).
    • AAP consented (13): 12 revised and one new Recommendations for AAP Last Call. Details are in Annex A c).
    • Agreed (2): 2 new Supplements. Details are in Annex A d).
  • New work items (9, see Annex C).
  • Work item discontinued (0).
  • ITU Workshop on "Security for 5G and beyond"was held successfully on 22 August 2022
  • New national OID registration authority for Kenya: {joint-iso-itu-t(2) country(16) ke(404)}
  • A.5 qualification of SIA (Secure Identity Alliance)
  • 4 SG17 specific TD templates (Q meeting agenda; Q, WP and CG meeting reports)
  • Replacement of SG17 Vice-Chair from Argentina
  • SG17 subgroups
    • JCAs:
      • JCA-COP: terminated
      • JCA-IdM​: continued with revised ToR, and held its 30th meeting on Friday 26 August 2022
    • Correspondence Groups
      • CG-SG17-wtsa24-prep: new (ToR in TD567)
      • CG-secapa (Correspondence Group on Security Capability and Architecture): continued with revised ToR
      • CG-SG17-meeting (Correspondence Group on effective SG17 meeting): terminated
    • Advisory group on X.509: new (ToR in TD639)

2        Next SG17 meetings

2.1       3rd SG17 meeting: Geneva, Tuesday 21 February - Friday 3 March 2023 (9 working days,physical meeting with remote participation)

  • Joint ITU-T SG17/ISO TC 307 workshop on "DLT security, identity management and privacy", Monday 20 February 2023, 09:30-17:30
  • Open and extended management team meeting on Monday 20 February 2023, 19:00-21:00.
  • 31st JCA-IdM meeting on Friday 24 February 2023, 14:30-16:00
  • 25 Candidate texts for action, details see Annex B.

2.2       4th SG17 meeting: Korea, exact dates and venue to be decided by Dec 2022

2.3       Interim RGMs

8 Questions plan to hold the following 9 RGMs before next SG17 meeting:

#​
Q Date Place/Host Subject/objective
1.                  2/17 8 Dec 2022 e-meeting
  • prepare texts for action in next SG17 meeting: X.5Gsec-message.
  • review all work items and identify future topics for Q2/17.
2.                  3/17 20 Sept 2022 e-meeting
  • X.1051rev2
3.                  3/17 3rd week Nov 2022 e-meeting
  • X.sup-cdc
4.                  4/17 19 Jan 2023 e-meeting
  • X.stie and X.taeii
5.                  8/17 13-14 Jan, 2023 e-meeting
  • progress Q8 work items that are planned for approval or determination in the next SG17 meeting
6.                  10/17 Nov 2022 e-meeting
  • progress all the work of Q10/17
7.                  11/17 12-13 Dec 2022 Luxembourg
  • Progression of X.pki-em (Public-key infrastructure: Establishment and maintenance)
  • Progression of X.510 (Information technology – Open Systems Interconnection – The Directory: Protocol specifications for secure operations)
8.                  13/17 24-25 Nov 2022 e-meeting
  • address all work items and future topic.
9.                  15/177 Nov 2022 Singapore
  • progress all the work of Q15/17


Annex A
Actions taken on Recommendations, and other texts at SG17 closing plenary on 2 September 2022

a)    TAP Recommendations approved (WTSA-20 Resolution 1)

# Q Acronym Title New / Revised Editor​(s) Location of text Equivalent
e.g., ISO/IEC Sta​​rt of work Timing
1.         2/17

X.1813

(X.5G-vs)

Security and monitoring requirements for operation of vertical services supporting ultra-reliable and low latency communication (URLLC) in IMT-2020 private network New
Jae Eon Oh,
Seongki Shin,
Heung Youl Youm TD554   2020-09 2022-05
2.         2/17

X.1814

(X.5Gsec-guide)

Security guidelines for IMT-2020 communication system New Mee Yeon Kim,
Keundug Park,
Heung Youl Youm TD351   2019-01 2022-05
3.         6/17 X.1352
(X.iotsec-4) Security requirements for IoT device and gateway New Jiho Bang,
Wonsuk Chung,
Sanggeol Lee,
Hosoek Ryu TD549   2018-09 2022-05

b)   TAP Recommendations determined (WTSA-20 Resolution 1)

# Q Acronym Title New / Revised Ed​itor(s) Location of Text Equivalent
e.g., ISO/IEC Start of work Timing
1          2/17 X.1815 (X.5Gsec-ecs) Security guidelines and requirements for IMT-2020 edge computing services New

Feng Gao,
Jae Hoon ​Nah,
Junjie Xia, 
Bo Yu,
Xiaojun zhuang

TD578

A.5 in TD605

  2019-01 2022-09
2          2/17 X.1816 (X.5Gsec-ssl) Guidelines and requirements for classifying security capabilities in IMT-2020 network slice New

Ke Wang, Li Su,
Bo Yang, 
Zhiyuan Hu

TD555

A.5 in  TD552

  2020-09 2022-09
3          6/17 X.1353
(X.ztd-iot) Security methodology for zero-touch deployment in massive IoT based on blockchain New Xin Kang,
Haiguang Wang,
Weidong Wang TD584
 
2020-09 2022-09
4          7/17 X.1454 (X.sles) Security measures for location enabled smart office service New Hao Dong,
Feng Gao,
Jae Hoon Nah, Junjie Xia TD576   2019-09 2022-09
5          8/17,
(14/17) X.1411 (X.BaaS-sec) Guidelines on blockchain as a service (BaaS) security New

Nan Meng,
Kyeong Hee Oh,
Z​ixi​ang Wang,
Xuan Zha

TD622


  2019-09 2022-09
6          8/17 X.1644 (X.sgdc) Security guidelines for distributed cloud New Ye Tao,
Lei Xu,
Mark McFadden,
Laifu Wang
TD618   2019-01 2022-09
7          13/17 X.1380
(X.edr-sec) Security guidelines for cloud-based data recorders in automotive environments New

Sang-Woo Lee,
Seungwook Park

TD596   2018-03 2022-09
8          13/17 X.1381
(X.eivn-sec) Security guidelines for Ethernet-based In-Vehicle networks New Sang-Woo Lee, You-Sik Lee TD613   2018-09 2022-09
9          13/17 X.1382
(X.fstiscv) Guidelines for sharing security threat information on connected vehicles New

Min Shu,
Wenlei Wang,
Yunwei Zhao, Xiaochun Yun

TD614

A.5 TD510

  2018-09 2022-09
10       13/17 X.1383
(X.srcd) Security requirements for categorized data in vehicle-to-everything (V2X) communication New

Yaping Sun,
Huirong Tian,
Nan Meng,
Takamasa Isohara

TD603
  2018-09 2022-09
11       14/17 X.1410 (X.sa-dsm) Security architecture for data-sharing management based on the distributed ledger technology New

Feng Gao,
Zhiyuan Hu,
Min Shu,
Yunwei Zhao

TD553
    2022-09

c)    AAP Recommendations consented (Recommendation ITU-T A.8)

# Q(1) Acronym Title New / Revised Editor(s) Location of Text Equivalent
e.g., ISO/IEC Start of work Timing
1          11/17 Z.161 Testing and Test Control Notation version 3: TTCN-3 core language Rev
Dieter Hogrefe

TD515
A.5 in TD516

ETSI ES 201 873-1

2022-09 

2022-09

2          11/17 Z.161.1 Testing and Test Control Notation version 3: TTCN-3 language extensions: Support of interfaces with continuous signals ​Rev
Dieter Hogrefe
TD515

A.5 in TD516

ETSI ES 202 786
2022-09
2022-09
3          11/17 Z.161.2 Testing and Test Control Notation version 3: TTCN-3 language extensions: Configuration and deployment support ​Rev
Dieter Hogrefe
TD515

A.5 in TD516

ETSI ES 202 781 ​2022-09
2022-09
4          11/17 Z.161.3 Testing and Test Control Notation version 3: TTCN-3 language extensions: Advanced parameterization ​Rev
Dieter Hogrefe
TD515

A.5 in TD516

ETSI ES 202 784 ​2022-09
2022-09
5          11/17 Z.161.4 Testing and Test Control Notation version 3: TTCN-3 language extensions: Behaviour types ​Rev
Dieter Hogrefe
TD515

A.5 in TD516

ETSI ES 202 785 ​2022-09
2022-09
6          11/17 Z.161.5 Testing and Test Control Notation version 3: TTCN-3 language extensions: Performance and real time testing ​Rev
Dieter Hogrefe
TD515

A.5 in TD516

ETSI ES 202 782 ​2022-09
2022-09
7          11/17 Z.161.6 Testing and Test Control Notation version 3: TTCN-3 language extensions: Advanced Matching ​Rev
Dieter Hogrefe
TD515

A.5 in TD516

ETSI ES 203 202 ​2022-09
2022-09
8          11/17 Z.161.7 Testing and Test Control Notation version 3: TTCN-3 Language Extensions: Object-Oriented Features ​Rev
Dieter Hogrefe
TD515

A.5 in TD516

ETSI ES 230 790 ​2022-09
2022-09
9          11/17 Z.165 Testing and Test Control Notation version 3: TTCN-3 runtime interface (TRI) ​Rev
Dieter Hogrefe
TD515

A.5 in TD516

ETSI ES 201 873-5 ​2022-09
2022-09
10       11/17 Z.165.1 Testing and Test Control Notation version 3: TTCN-3 extension package: Extended TRI ​Rev
Dieter Hogrefe
TD515

A.5 in TD516

ETSI ES 202 789 ​2022-09
2022-09
11       11/17 Z.166 Testing and Test Control Notation version 3: TTCN-3 control interface (TCI) ​Rev
Dieter Hogrefe
TD515

A.5 in TD516

ETSI ES 201 873-6 ​2022-09
2022-09
12       11/17 Z.167 Testing and Test Control Notation version 3: Using ASN.1 with TTCN-3 ​Rev
Dieter Hogrefe
TD515

A.5 in TD516

ETSI ES 201 873-7 ​2022-09
2022-09
13       13/17 X.1377
(X.ipscv) Guidelines for an intrusion prevention system for connected vehicles New Seonghoon Jeong,
HuyKang Kim,
Sang-Woo Lee, Seungwook Park
TD593   2019-09
2022-09

d)   Non-normative texts (Technical Report, Supplement, Implementers' Guide, etc) agreed

# Q Acronym Title New / Revised Editor(s) Location of text Equivalent
e.g., ISO/IEC Start of work Timing
1.        4/17 X.Suppl.37 (X.sup.cs-ML) Supplement to X.1231: Countering spam based on machine learning New Wei Liu,
Ye Tao
TD563   2019-09 2022-09
2.        7/17 X.Suppl.38 (X.Sup.cta) Supplement to X.1152: Use cases for contact tracing applications to prevent spread of infectious diseases New Mee Yeon Kim, Sungchae Park,
Heung Youl Youm

TD642   2020​-09
2022-09

 

Annex B
Recommendations planned for action in SG17 Feb/Mar 2023 meeting

a)       TAP Recommendations planned for TAP approval (WTSA-20 Resolution 1)

11 determined texts as shown in b) of Annex A.

b)       TAP Recommendations planned for TAP determination (WTSA-20 Resolution 1)

# Q(1) Acronym Title New / Revised Editor(s) Location of Text Equivalent
e.g., ISO/IEC Start of work Timing
1.        2/17 X.5Gsec-message Security requirements for 5G message service New

Hang Dong,
Le Yu,
Hongyang Zhang

TD607  
2021-04 2023-03
2.        4/17 X.stie Structured Threat Information Expression New Michael Rosa, Duncan Sparrell
TD546 OASIS STIX Version 2.1 2022-09 2023-03
3.        4/17 X.taeii Trusted Automated Exchange of Intelligence Informa New Michael Rosa, Duncan Sparrell
TD546 OASIS TAXII Version 2.1 2022-09 2023-03
4.        6/17 X.sc-iot Security Controls for Internet of Things (IoT) system New

Liu Lijun,
Koji Nakao 

TD616   2018-09 2023-03
5.        7/17 X.rdda Requirements for data de-identification assurance New

Feng Gao,
I Seok Kang, Soonseok Kim,
Jihun Kim, Byunghoon Lee,
Hyungjin Lim,
Yunsik Park,
Heung Youl Youm

TD659   2019-01 2023-03
6.        8/17 X.nssa-cc Requirements of network security situational awareness platform for cloud computing
New

Maofei Chen,
Huamin Jin,
Zhaoji Lin,
Laifu Wang,
Yi Zhang

TD595   2019-09 2023-03

Notes:

(1)     In case of joint Question activity, the lead Question is given without parentheses and other Questions are shown in parentheses; such entries are only shown in the table against the lead Question.

c)       AAP Recommendations planned for AAP consent (Recommendation ITU-T A.8)

# Q(1) Acronym Title New / Revised Editor(s) Location of Text Equivalent
e.g., ISO/IEC Start of work Timing
1.        3/17 X.1051-rev2 Information security, cybersecurity and privacy protection - Information security controls b​ased on ISO/IEC 27002 for telecommunications organizations Rev Hang Dong,
Jinghua Min,
Thaib Mustafa TD544 ISO/IEC 27011 2020-03 2023-03
2.        4/17 X.arc-ev Functional requirements for a secured process to evaluate technical vulnerabilities  New Wei Li,
Shan Xue,
Chen Zhang TD571   2019-08 2023-03
3.        7/17 X.websec-7 Reference monitor for online analytics services New

Hyungjin Lim,
Jah Hoon Nah, Jongyoul Park,
Junjie Xia

TD573   2014-09 2023-03
4.        11/17 X.pki-em Public-key infrastructure: Establishment and maintenance New Erik Andersen TD671   2012-08 2023-03
5.        11/17 X.510 Amd.1

Information technology – Open Systems Interconnection –
The Directory: Protocol specifications for secure operations

New Erik Andersen TD670   2020-08 2023-03
6.        14/17 X.srscm-dlt Security Requirements for Smart Contract Management based on distributed ledger technology New Tietao Guo,
Li Li,
Kyeong Hee Oh,
Min Shu,
Yang Wu TD558   2020-09 2023-03

 d)      Non-normative texts (Technical Report, Supplement, Implementers' Guide, etc) planned for agreement

# Q Acronym Title New / Revised Editor(s) Location of text Start of work Timing
1.        3/17 X.sup-cdc Supplement to X.1060: X.1060 Tutorial material Rev Shigenori Takei,
Hiroshi Takechi TD653 2022-09 2023-03
2.        6/17 TR.ibc-cd Technical report: Guideline for identity-based cryptosystems used for cross-domain secure communications New

Fuwen Liu,
Li Su,
Junzhi Yan,
Bo Yang

TD583 2021-04 2023-03


 

Annex C
New work items

The following new work items were agreed to be added to the SG17 Work Programme:

# Question NWI Approval TD Title C
1.        2/17 X.5Gsec-ctrl TAP TD577
Security controls for operation and maintenance of 5G network systems
C176
2.        3/17 X.sup-cdc Agreement TD653 Supplement to X.1060: X.1060 Tutorial material  -
3.        4/17 X.stie
TAP
TD546 OASIS STIX Version 2.1 TD546
4.        4/17 X.taeii
TAP TD546 OASIS TAXII Version 2.1 TD546
5.        8/17 X.sg-scmr AAP TD620
Security guidelines for selecting computing methods and resources from Cloud Service Providers C192
6.        11/17 XSTR.x509ac4sc Agreement TD638 Technical Report: A use case of X.509 Attribute Certificate for Supply Chain C172
7.        13/17 X.sup.cv2x-sec Agreement TD570 Supplement to X.1813: Security deployment models and requirements for the operation of C-V2X services supporting ultra-reliable and low latency communication (URLLC) C131
8.        13/17 X.evpnc-sec TAP TD590 Security guidelines for electric vehicle plug and charge (PnC) service using vehicle identity (VID) C152
9.        15/17 X.sec_QKDNi AAP TD588
Security requirements for Quantum Key Distribution Network interworking (QKDNi) C126


Annex D
Work items discontinued

Question Acronym Title
None    


​Annex E
SG17 meeting Statistics

·       Participants (TD333R1)

 ​ participants countries Member States Sector Members SG17 Associates Academia Invited Experts
Announced 292 52          
Final 282 45 39 30 1 4 7

·       Meeting input and organization

Table of SG17 statistics of this and some past meetings

 

2022-09

2022-05*

2021-09*

2021-04*

2020-09*

2020-03*

2019-09

2019-01

2018-09

2018-03

2017-09

2017-03

2016-09

2016-03

2015-09

2015-04

C

104

101

98

104

110

121

151

118

144

113

106

78

81

66

74

80

LS/i

55

72

46

57

58

49

67

58

47

40

45

43

38

47

56

60

LS/o

20

20

26

17

28

29

40

39

37

38

46

38

23

32

42

42

TD

344

331

336

307

434

438

508

380

420

395

426

368

391

418

371

386

Note * - fully virtual meeting

·       Contributions: 104 – stable, DDP: 98%.​

  • APT 94 (90%) [China 42.5 + Korea 38.5 + Japan 10 + India 2 + Singapore 1]
  • Americas 7 (7%) [US 4]
  • AFR 2 (2%) [Comoros, Mali & Senegal]
  • EUR 1 (1%) [Denmark 1]
  • RCC (0), ARAB (0), LAM (0)

·       LS: matrix in TD352R1

  • incoming 55 - stable
  • Outgoing 20 - stable

·       TDs: 344 - stable 

AltStyle によって変換されたページ (->オリジナル) /