Honourable Deputy Minister Marder, Distinguished guests, homourable delegates,
colleagues and friends
On behalf of the Secretary-General Hamadoun Touré I would like to offer ITU’s
condolences for the cowardly terrorist attacks yesterday. ICTs play an important
role in fighting terrorism, and security of ICTs is essential for it to be
effective.
So I am honoured to be asked to provide some words to welcome you to today at
this 9th Russian Association for Networks and Services (RANS) conference -
“Standardization, implementation and evaluation of security in using of ICTs”
In Tunis in November 2005, ITU was entrusted by the World Summit on the
Information Society with the task of coordinating multi-stakeholder
implementation of the WSIS for action line C5: building confidence and trust in
the use of ICTs.
ITU has targeted cybersecurity as one of the priority areas for coordinated
action in its three Sectors – radio, development and standardization.
An important part of this process is standardization work, to ensure that common
standards for network security are adopted as widely as possible. Not only will
harmonization of standards increase the level of security, it will also reduce
the costs of building secure systems.
Russia has played an important role in this very important work. I am happy to
note that Russia has increased its management presence in ITU’s standardization
work with Mr. Arkadiy Kremer’s Chairmanship of Study Group 17, our security
study group, plus Vice-Chairmanships our advisory group and five other study
groups...
ITU is the preeminent global body for ICT standards-setting, and is unique among
standards bodies in having a membership of 191 Member States and more than 700
private sector entities.
This unique public/private partnership is the secret to our success.
Collaboration and participation from all stakeholders is particularly important
if we are to build safer ICT solutions.
Study Group 17’s responsibility includes maintaining overall security frameworks
as well as project management activities, and the coordination, assignment and
prioritization of actions that lead to the timely adoption of security standards
(which we call ITU-T Recommendations).
There are over 200 hundred ITU-T Recommendations on security, or which have
security implications. In particular:
- The X.500 series of Recommendations on directory services and authentication,
including the well-known X.509 Recommendation which lies behind public key
infrastructure (PKI) encryption;
- The X.800 series on Security Architecture framework;
- The X.1000 series on Telecommunication Security; and
- The new Y.2700 series on security for Next-Generation Networks (NGNs).
All of these standards are now available for free downloading from our website,
and more than three million copies of ITU-T Recommendations are being downloaded
each year.
Ongoing ITU-T work on security is now looking into areas like telebiometrics,
security for home networks including IPTV, security for mobiles, security for
cloud computing and security for smart grid.
One particularly urgent area of work is in combating identity theft, which was
identified in an ITU survey as the biggest fear preventing users from placing
more trust in online networks.
Last year, a first set of ITU-T Recommendations dealing with identity management
for NGN was approved.
Standardization for identity management involves many groups within and outside
of ITU-T. The need for coordination led to the establishment of a joint
coordination activity on identity management (JCA-IdM), and I am grateful to
RANS for kindly agreed to host a meeting of the JCA-IdM here this week.
A key achievement last year was the establishment of a Cybersecurity Information
Exchange (CYBEX) which enables a global communications infrastructure for
cybersecurity, and allows best-of-breed standards from government agencies and
industry to be imported.
It is essential that cybersecurity and telecoms infrastructure protection
communities worldwide are able to exchange information on network digital
forensics and vulnerabilities. CYBEX will, for the first time, provide for this
exchange globally.
I am also pleased to announce that just recently ITU Focus Groups have been
agreed that will examine Cloud Computing and Smart Grid security. Our Focus
Groups are open to anyone interested to participate in.
Cybersecurity is a wide ranging and critical topic. I am pleased that there are
so many contributions from ITU experts to this meeting.
In addition to the meeting of the JCA on identity management under the
chairmanship of Richard Brackney, we have a talk on Emergency
telecommunications, from my colleague Georges Sebek, an update on object
identifiers and their registration from John Larmouth, and information on
conformance and interoperability from Paolo Rosa and Os Monkewich. This will be
coordinated with a meeting of another ITU-T JCA related to conformance and
interoperability testing, also kindly hosted by RANS.
Conformance and interoperability is a major concern, particularly for developing
countries.
ITU’s activity here was initiated by WTSA Resolution 76 in 2008.
This year we have established a pilot conformity database that will enable
companies to list and give visibility to their products that have been tested
successfully to ITU-T Recommendations.
We will hold our first interoperability test event in July 2010 focusing on IPTV
Standards. We are also looking to help establish test centres in developing
countries, and offering the necessary training on conformity and
interoperability testing.
Pursuing activities that create better conformance and interoperability will
ensure more effective use of resources offered by modern ICTs and help towards
ITU’s mission to Connect the World.
And now together with organisations like RANS we will help to ensure that the
connected world will also be a secure one.
I appreciate very much the opportunity to speak to you… and wish you an
enjoyable and productive conference.
Thank you for your attention. |
|