INTERNATIONAL TELECOMMUNICATION UNION STUDY GROUP 13
TELECOMMUNICATION TD 199 (GEN) STANDARDIZATION SECTOR
English only STUDY PERIOD 2005-2008
4/17; All/13 Geneva, 17-28 July 2006 Question(s):
(Ref. : COM 17 – LS 81 – E)
ITU-T SG 17 (Jeju, Korea, 19-28 April 2006) Source:
Summary of ITU-T Study Groups Security Related Activities Title:
All SGs (Information/Action) To:
FG IPTV, NGN Management FG, Open Communications Architecture Forum FG,
Telecommunication Management Collaboration – Multi-Technology Network
Management FG (Information), Security Baseline for Network Operators FG
Agreed to at SG 17 meeting Approval:
November 2006 Deadline:
Herb Bertine Tel: +1 732 949 4022 Contact:
Study Group 17 Chair Fax: +1 732 949 1196
Mike Harrop Tel: +1 613 599 5905 Contact:
Rapporteur Q.4/17 Email: email@example.com
Study Group 17 has received information from a number of SGs outlining security related activities.
SG 17 has published this information on its Lead Study Group on Telecommunications Security
webpage at http://www.itu.int/ITU-T/studygroups/com17/tel-security.html.
Annex A provides the latest draft of the summary information. Study Groups are asked to review
the information and provide updates to SG 17.
Attention: This is not a publication made available to the public, but an internal ITU-T Document intended only for use by the
Member States of ITU, by ITU-T Sector Members and Associates, and their respective staff and collaborators in their ITU related
work. It shall not be made available to, and used by, any other persons or entities without the prior written consent of ITU-T.
- 2 -
TD 199 (GEN)
Summary of ITU-T Study Groups with security-related activities
The standardization work of ITU-T is carried out by Study Groups (SGs) in which representatives of the ITU-T membership develop Recommendations (standards) for the various fields of international telecommunications. The SGs drive their work in the form of study Questions. Each of these addresses technical studies in a particular area of telecommunication standardization. Below are ITU-T Study Groups for the 2004-2008 study period, their title and mandates, and the study Questions that address security work.
Operational aspects of service provision, networks and performance SG 2
Lead Study Group for service definition, numbering and routing.
Responsible for studies relating to principles of service provision, definition and operational requirements of service emulation; numbering, naming, addressing requirements and resource assignment including criteria and procedures for reservation and assignment; routing and
interworking requirements; human factors; operational aspects of networks and associated performance requirements including network traffic management, quality of service (traffic engineering, operational performance and service measurements); operational aspects of
interworking between traditional telecommunication networks and evolving networks; evaluation of feedback from operators, manufacturing companies and users on different aspects of network operation.
- Q.1/2 Application of Numbering, Naming, and Addressing Plans for telecommunications and Service and Operational aspects of numbering, including service definition (F.851)
- Q.4/2 Operational Aspects of Telecommunication Network Service Quality (E.408)
Tariff and accounting principles including related telecommunications economic and SG 3
Responsible for studies relating to tariff and accounting principles for international
telecommunication services and study of related telecommunication economic and policy issues. To this end, Study Group 3 shall in particular foster collaboration among its members with a view to the establishment of rates at levels as low as possible consistent with an efficient service and taking into account the necessity for maintaining independent financial administration of telecommunication on a sound basis.
- 3 -
TD 199 (GEN)
Telecommunication management SG 4
Lead Study Group on telecommunication management.
Responsible for studies regarding the management of telecommunication services, networks, and equipment, including support for next generation networks (NGN) and the application and evolution of the telecommunication management network (TMN) framework. Additionally, it is
responsible for other telecommunication management studies relating to designations, transport-
related operations procedures, and test and measurement techniques and instrumentation.
As the lead study group for management activities, Study Group 4 work on security addresses the following areas:
a) Architectural considerations and requirements for the management interfaces,
b) Detailed requirements for securing the management network (also referred to as the
management plane), specifically as the networks are becoming converged,
c) Protocol and models to support securing management information and management of
Management of Telecommunications network is defined at different levels of abstractions, from
managing network element level information to management services offered to the customer. The security requirements for the information exchanged between management systems and between management systems and network elements depend on whether the management networks are
within one administration or between administrations. Based on the architectural principles, explicit requirements, mechanisms and protocol support have been defined in existing Recommendations and additional ones are under development.
The M.3016-series recently approved replaces the original Recommendation M.3016 (1998). It describes the relevance and applicability of security in the context of the TMN language. Rather than mandating a set of services for threat protection, it provides a framework for specific
organizations to make appropriate specification of the use of available mechanisms.
The M.3016-series covers the following threats in the TMN: Masquerading, Eavesdropping, Unauthorized access, Loss or corruption of information, Repudiation, Forgery and Denial of
service. It also covers the following security features: Confidentiality, Data Integrity, Accountability and Availability.
- Q.6/4 Management principles and architecture (M.3010, M.3016-series, M.3400)
- Q.7/4 Requirements for business to business and customer to business management interfaces (M.3320)
- Q.10/4 Application specific information models (M3210.1)
- Q.11/4 Protocols for management interfaces (Q.813, Q.815, Q.817)
Security Related Activities:
X.736 Security Alarm Reporting (1992)
- 4 -
TD 199 (GEN)
- Defines a mechanism for reporting alarms for security events
X.740 Security Audit Trail Function (1992)
- Defines a protocol for generation/collection of security audit information
X.741 Objects and attributes for access control (1993)
- Defines the information necessary for implementation and management of access control
M.3016 TMN Security Overview (1998)
- Overviews the security threats to a TMN and security services which may be applied to
protect against them
Q.815 Specification of a security model for whole message protection (2000)
Q.817 TMN PKI - Digital certificates and certificate revocation lists profiles (2001)
- Defines Security Objectives and Threats in the context of the TMN
- Defines Security Requirements and how they address Threats
- Defines Security Services and how they address Requirements
- Defines Security Mechanisms (functional blocks) and how they address Services
- Defines a Profile Proforma for defining the specification of which Mechanisms, Services,
and Requirements must and should be supported in a given technological or regional
domain (specified by each SDO)
Implications of Recent Work
M.3016.4 provides a proforma mechanism allowing other SDOs to state required compliancy levels to the relevant threats to a TMN in their domain.
Allows a consistent language, set of mechanisms, which could be shared and/or interoperable in implementation and documentation method which eases analysis and information sharing between domains and other bodies
The M.3016 series is viewed as a key aspect of NGN Management; it is included in:
- The NGN Management Roadmap issued by the NGNMFG
- M.3060 on the Principles of NGN Management
Potential Future Work
Internationalization through proforma approach of TMOC Issue 56 Management of Network Security in a M.3016 series style including integration of X.7xx series documents
Alignment of security audit trail function with current IDS mechanisms and IETF
Endorsement of OASIS SPML (Security Provisioning Markup Language)
- 5 -
TD 199 (GEN)
M.3016 extension to cover service management, software security
M.3016 corrections for outdated IETF references
Protection against electromagnetic environment effects SG 5
Responsible for studies relating to protection of telecommunication networks and equipment from
interference and lightning as well as for studies related to electromagnetic compatibility (EMC), to safety and to health effects connected with electromagnetic fields produced by telecommunication installations and devices, including cellular phones.
In fulfilling its mission, SG 5 has worked on several Questions and developed a number of Recommendations and Handbooks that contribute to the security of the network against electromagnetic threats. Electromagnetic threats involve malicious man-made high power transient
phenomena such as High-Altitude Electromagnetic Pulse (HEMP) and High-Power Microwave
(HPM). Also, electromagnetic security could involve of information leaks from telecommunication networks by unexpected radio emission from equipment.
The nature of the malicious threats and the corresponding mitigation techniques are similar to those that apply to natural or unintentional electromagnetic disturbances. There are similarities between HEMP and the electromagnetic pulse created by lightning. Shielding and filtering techniques that reduce the emission of unwanted radio energy from equipment also minimize the possibility of unintentional energy leakage. Thus, the traditional activities of Study Group 5 related to protection
against lightning and controlling Electromagnetic Interference (EMI) contribute to the security of the network against malicious man-made threats. During the current study period the security
aspects of the work of SG are addressed under the new Question 15/5, Security of
telecommunication and information systems regarding the electromagnetic environment.
Electromagnetic threats involve malicious man-made high power transient phenomena such as
High-Altitude Electromagnetic Pulse (HEMP) and emissions from High-Power Electromagnetic
(HPEM) generators including High-Power Microwave (HPM) and Ultra-Wideband (UWB)
sources. Also, electromagnetic security involves addressing information leaks from telecommunication networks by unexpected radio emission from equipment.
- Q.2/5 EMC related to broadband access networks (Control of unwanted emissions from broadband access systems contributes to reducing the possibility of information leaks).
- Q.4/5 Resistibility of communication equipment (Resistibility of equipment to lightning improves resistibility of equipment to HEMP-induced surges).
- Q.5/5 Lightning protection of telecommunication systems (Techniques used for lightning protection also provide a degree of hardening of the facility against HEMP and HPE).
- Q.6/5 Bonding configurations and earthing of telecommunication systems in the global environment (Appropriate bonding and earthing measures also help hardening of the facility against HEMP and HPE).
- Q.12/5 Maintenance and enhancement of existing EMC Recommendations (EMC of
telecommunication equipment improves the immunity of equipment against the conducted and
- 6 -
TD 199 (GEN)
radiated HEMP environment as well as radiated HPE environment. Also, EMC of telecommunication equipment reduces the possibility of information leaks).
- Q.？？；？; Security of telecommunication and information systems regarding electromagnetic environment (Resistibility of equipment to lightning improves resistibility of equipment to HEMP-
Security Related Activities:
Study items to be considered include, but are not limited to:
; Technical requirements for preventing information leaks by unexpected radio emission from
equipment and protection of telecommunication systems from attacks using high power
radio waves (HEMP, HPEM)
; Mitigation methods such as electromagnetic shielding
; Methodology for evaluating the protective measures
The presently proposed structure for the ITU-T K series Recommendations on electromagnetic
security is based on the information security management system for telecommunication of ITU-T
Recommendation X.1051. The overall structure is shown in the following diagram
|___(A)K.sec (new Recommendation)
| |______(B) K.hemp (new Recommendation)
| |______(C) K.hpem (new Recommendation)
| |______(D) K.leakage (new Recommendation)
| |______K.43,K.48, etc (existing Recommendations)
| |______K.44,K.45,K.20,K.21, etc (existing Recommendations)
|_____________(E) K.secmiti (new Recommendation)
where the new proposed Recommendations dedicated to Electromagnetic Security are the following:
(A) K.sec: Concept, Risk assessment, and how to select / know the requirement (B)-(D),
and K series.
(B) K.hepm: Describes the electromagnetic environment for High-Altitude
(C) K.hpem: Describes the for High-Power Electromagnetic environment
(D) K.leakage: Will address information leakage through unintentional emission
(E) K.secmiti: Will provide mitigation methods for the various threats.
In the past several years, IEC Subcommittee 77C has developed several publications describing the
HEMP and HPEM environment (conducted and radiated) for civil systems and equipment. SG5 has established a liaison with IEC SC 77C and has recently held a technical workshop with chairman of IEC SC 77C William Radasky.
- 7 -
TD 199 (GEN)
Outside Plant and related indoor installations SG 6
Responsible for studies relating to outside plant and related indoor installations such as the construction, installation, jointing, terminating, protection from corrosion and others forms of damage from environmental impact, except electromagnetic processes, of all types of terrestrial cables for public telecommunications and associated structures.
- Q.1/6 Environmental and safety procedures for outside plant
- Q.6/6 Optical fibre cable network maintenance
Integrated broadband cable networks and television and sound transmission SG 9
Lead Study Group on integrated broadband cable and television networks.
Responsible for studies relating to:
a) Use of cable and hybrid networks, primarily designed for television and sound programme
delivery to the home, as integrated broadband networks to also carry voice or other time
critical services, video on demand, interactive services, etc.
b) Use of telecommunication systems for contribution, primary distribution and secondary
distribution of television, sound programmes and similar data services.
As the lead study group on integrated broadband cable and television networks it evaluates threats and vulnerabilities to broadband networks and services, documents security objectives, evaluates
countermeasures, and defines security architectures.
Security related activities have focused on the following areas:
a) Secure broadband services: provide security services for broadband access networks.
Namely, authentication of the cable modem, cryptographic key management, privacy and
integrity of transmitted data, and secure download of cable modem software
b) Secure VoIP services: IPCablecom is a special project on time-critical interactive services
over cable television network using IP-protocol, in particular Voice and Video over IP.
Security services provided in IPCablecom include authentication of the Multimedia
Terminal Adapter (MTA) to the service provider, authentication of the service provider to
the MTA, secure device provisioning and configuration, secure device management, secure
signalling, and secure media.
c) Secure home networking services: Enhanced Cable Modems can provide home networking
services such as firewalls and Network Address Translation. Security services provided for
enhanced Cable Modems include authentication of the Multimedia Terminal Adapter
(MTA) to the service provider, authentication of the service provider to the MTA, secure
device provisioning and configuration, secure device management, packet-filtering/firewall
functionality, secure firewall management, and secure download of enhanced cable modem
- 8 -
TD 199 (GEN)
d) Secure application environments for interactive television services: Interactive television
services rely on the security services defined in Java and the Multimedia Home Platform
Q.3/9 Methods and practices for conditional access, protection against unauthorized copying and against unauthorized redistribution (“redistribution control” for digital cable television distribution to the home) (J.93, J.96 Amd 1)
Q.8/9 Cable television delivery of digital services and applications that use Internet Protocols (IP) and/or packet-based data (J.112)
Q.9/9 Voice and video IP applications over cable television networks (J.160, J.170, J.191)
Q.10/9 The extension of cable-based services over broadband in Home Networks
Signalling requirements and protocols SG 11
Lead Study Group on Signalling and Protocols and Intelligent Networks.
Responsible for studies relating to signalling requirements and protocols for Internet protocol (IP) related functions, some mobility related functions, multimedia functions for networks including convergence toward NGN, and enhancements to existing Recommendations on access and
internetwork signalling protocols of BICC, ATM, N-ISDN and PSTN.
Most of SG 11's current Recommendations were developed for trusted TDM based networks in which point to point connections could be used to ensure communications security. SG 11
recognized that introduction of IP technology into the network would present new security challenges. In recognition of the introduction of IP technology and the need to be able to provide signalling and control information capability in this evolving network in a secure manner, SG 11
generated a suite of questions related to signalling requirements and protocol that took into account these new security challenges in 2004.
- Q.1/11 Network signalling and control functional architectures in emerging NGN environments
- Q.7/11 Signalling and control requirements and protocols to support attachment in NGN environments
Security Related Activities:
SG 11 will continue to be responsible for generating signalling requirements and protocols that will
be used to perform various functions, e.g. session establishment as well as for call admission control. These requirements are obliged to include content to ensure the security of the network and its resources.
- 9 -
TD 199 (GEN)
Performance and quality of service SG 12
Lead Study Group on Quality of Service and performance.
Responsible for Recommendations on the end-to-end transmission performance of terminals and
networks, in relation to the perceived quality and acceptance by users of text, data, speech, and multi-media applications. Although this work includes the related transmission implications of all
networks (e.g., those based on PDH, SDH, ATM and IP as well as NGNs) and all
telecommunication terminals (e.g., handset, hands-free, headset, mobile, audiovisual, and
interactive voice response), a special focus is given to IP QoS, interoperability and implications for NGN, and also includes work on performance and resource management.
- Q.10/12 Transmission planning and performance considerations for voiceband, data and multimedia services
- Q.13/12 Multimedia QoS/QoE performance requirements and assessment methods
- Q.17/12 Performance of IP-based networks
Next Generation Networks SG 13
Lead study group for NGN and satellite matters.
Responsible for studies relating to the architecture, evolution and convergence of next generation
networks (NGNs) including frameworks and functional architectures, signalling requirements for NGN, NGN project management coordination across study groups and release planning, implementation scenarios and deployment models, network and service capabilities,
interoperability, impact of IPv6, NGN mobility and network convergence and public data network aspects.
Recognizing that security is one of the key features of NGN, SG 13 has established a dedicated Question on security: Question 15/13, NGN security. The Question is focused on studies of the
NGN-specific security issues and development of security solutions for NGN. One of the essential goals of SG 13 is to put in place a set of standards that will guarantee, to the maximum extent possible, the security of the telecommunications infrastructure as legacy networks evolve to NGNs.
Study Group 13 had also decided to incorporate in every new or eventually revised Recommendation a security section for references to those sections of the Recommendation in which security aspects are addressed.
Study Group 13 is developing its effort on NGN security-related matters in collaboration with other
Study Groups, including Study Groups 2, 4, 9, 11, 15, 16, 17 and 19, and also with other standards
development organizations. The IETF (Internet, Security, and Transport Areas), 3GPP and 3GPP2, and DSL Forum are among most important external SDOs of importance to SG 13 for its security studies.
- 10 -
TD 199 (GEN)
- Q.2/13 Requirements and implementation scenarios for emerging services in NGN
- Q.3/13 Principles and functional architecture for NGN
- Q.4/13 Requirements and framework for QoS for NGN
- Q.5/13 OAM and network management for NGN
- Q.6/13 NGN mobility and fixed-mobile convergence
- Q.7/13 Network and service interworking in NGN environment
- Q.8/13 Service scenarios and deployment models of NGN
- Q.9/13 Impact of IPv6 to an NGN
- Q.10/13 Interoperability of satellite with terrestrial and Next Generation Networks (NGNs)
- Q.12/13 Frame relay (X.272)
- Q.13/13 Public data networks
- Q.14/13 Protocols and service mechanisms for multi-service data networks (MSDN)
- Q.15/13 NGN security
Security related tasks include:
， Lead the NGN-specific security project-level issues within SG 13 and with other Study
Groups. Recognizing SG 17’s overall role as the Lead Study Group for Telecommunication
Security, advise and assist SG 17 on NGN security coordination issues.
， Determine how to apply Recommendation X.805 Security Architecture for Systems
Providing End-to-end Communication within the context of an NGN environment.
， Ensure the developed NGN architecture is consistent with accepted security principles.
， Ensure AAA principles are integrated as required throughout the NGN.
Optical and other transport network infrastructures SG 15
Lead Study Group on access network transport
Lead Study Group on optical technology
Study Group 15 is the focal point in ITU-T for the development of standards on optical and other transport network infrastructures, systems, equipment, optical fibres, and the corresponding control
plane technologies to enable the evolution toward intelligent transport networks. This encompasses
the development of related standards for the customer premises, access, metropolitan and long haul
sections of communication networks.
Question 14/15 is responsible for specifying the management and control requirements and supporting information models for transport equipment. Question 14/15 has been following the ITU-T established TMN concept and framework for the definition of these requirements and
models. Security management is one of the five key TMN management functional categories.