ITU Home Page International Telecommunication Union Français | Español 
Print Version 
ITU Home Page
Home : ITU-T Home : e-FLASH
ITU-T e-FLASH - Issue No. 1


Telecommunication Standardization Sector

Issue No. 1 February 2004

Work Continues to Enhance Broadband Cable Offering
Study Group 9's recent Hawaii meeting, saw a raft of new and revised Recommendations seeking to enhance broadband cable services. One significant new Recommendation - J.179 - gives service providers using the IPCablecom standard the ability to offer the whole range of digital multimedia services including video, interactive TV and games. IPCablecom is an end-to-end system for the delivery of time-critical communications to cable TV customers using Internet Protocol (IP). It builds on widely deployed digital cable modem architectures specified in ITU-T Recommendation J.112.

[ Top ]
Workshop on Home Networks Announced
Also in Hawaii Study Group 9 agreed to hold a workshop - Home Networking and Home Services - June 17-18 in Tokyo (on June 16 there will be a tutorial session for Japanese speaking participants). There is industry demand for standardization in the area, as more consumers seek to link home appliances such as TVs, PCs and even refrigerators. The workshop will examine these possibilities as well as the means of connection - wireless, powerline, Ethernet etc. - and security implications.

[ Top ]
Group to Tackle Firewall/NAT Traversal
Study Group 16 - the multimedia Study Group - has started work on a standard that will allow VoIP and other IP based protocols to be more easily implemented in a secure enterprise or service provider environment. VoIP and other IP-based protocols have long been plagued with problems when trying to work across network address translation (NAT) and firewall boundaries. Despite previous attempts to address the issue, no standardized way of dealing with the problem has emerged.

Currently many network managers and operators have found that the only way to allow inbound VoIP calls in a firewall-protected environment is to leave a permanent hole from the outside world to gateways or to the user's IP phone. Obviously, this violates even the most basic firewall security policies. Compounding the problems with VoIP and firewalls is the fact that VoIP doesn't really work well with NAT (changing the IP address and/or port used internally to be different from the IP address and/or port used externally). NAT is typically performed by the enterprise firewall.

The new work aims to create a robust and easy to implement solution that will allow any device communicating on an IP network to more easily communicate across the network boundary imposed by NAT or firewalls.

[ Top ]
Security Flaw Affects VoIP
Recent press reports have highlighted vulnerabilities in some applications using ITU-T Recommendation H.323. Experts were quick to point out however, that the security issues are not related to H.323, but rather to poor implementation that can cause improper handling of messages in some vendors' products. Indeed not all products using H.323 are at risk. Correcting the problem is relatively straightforward and most vendors impacted have reportedly taken corrective action.

The problem stems from the fact that some products fail to perform proper checking of messages to ensure that they are correctly formed. As a result, malformed messages transmitted can result in system failures of various types. In the worst case, an attacker could have intentionally caused buffer overflow, giving the opportunity to execute malicious code on the target system. This is unlikely now that the problem has been addressed in most vendors' products.

H.323 is the most widely used VoIP communication protocol worldwide. In common with all protocols its implementation should be adhered to carefully, to avoid security vulnerabilities. It is unlikely according, to ITU's H.323 experts, that global long distance networks based on H.323 carrying billions of voice minutes each month will be impacted at all. Continued vigilance by security monitoring organizations and by manufacturers will mean that these small windows of opportunity for hackers will be quickly closed.

[ More... ]

[ Top ]
Group Works to Protect Networks from Nuclear Threat
At its latest meeting the ITU-T Study Group responsible for protection against electromagnetic environment effects, has proposed new work that will help protect networks against electromagnetic threats such as nuclear attack. Specifically the proposed work will examine how to protect against malicious man-made phenomena such as High-Altitude Electromagnetic Pulse (HEMP) and High-Power Microwave (HPM). The new study into electromagnetic security will also look at the potential for information leaks from networks by accidental radio emission from equipment.

[ Top ]
Home Networking Safety Threat Addressed
Other new work proposed at the (Study Group 5) meeting was study into Electromagnetic Compatibility (EMC), resistibility (the ability of a device to survive power and lightning surge) and safety issues for home networks. Work on standards in this area is seen as increasingly important given the research and development dollars going into the networks that may one-day link all our domestic devices. Study Group Chairman Roberto Pomponi of Telecom Italia says that he expects that one field of study may relate to in-home Power Line Communications.

[ Top ]
New Standard for EMC Testing
As well as identifying new areas for study, Study Group 5 agreed on a new Recommendation that outlines a methodology to check if equipment maintains its designed and tested EMC performances. Pomponi said that the Recommendation (K.63) was designed to address a network operator need to cheaply and efficiently check EMC performance of equipment during its acceptance procedures. The Recommendation also provides a way for manufacturers to perform rapid assessment of a production run.

[ Top ]
ITU-T Manual Addresses Security Concerns
ITU-T has been active in security in telecommunication and information technology for many years. However, it may not always have been easy to find out what has been covered, and where it can be found. For this reason 'Security on Telecommunications and Information Technology. An overview of issues and the deployment of existing ITU-T Recommendations for secure telecommunications', has been produced. The manual is a first attempt at aggregating all of the available information. It aims to act as a guide for technologists, middle level management and regulators to assist in the practical implementation of security functions.

An electronic version of the guide is available: [ PDF ]

Paper copies can be ordered from
[ Top ]

[ Top ]
Main | Subscribe | Unsubscribe | Contact us


Top - Feedback - Contact Us - Copyright © ITU 2007 All Rights Reserved
Contact for this page : TSB EDH
Updated : 2007-01-19