ITU Home Page International Telecommunication Union Français | Español 
Print Version 
ITU Home Page
Home : ITU-T Home : Workshops and Seminars : Security : New Horizons for Security Standardization
Workshop on “New Horizons for Security Standardization”
Geneva, 3 - 4 October 2005



Day One (3 October 2005)
09:30 – 09:45 Workshop Opening

Opening remarks by Workshop Chair, Herb Bertine, Chair ITU-T SG17
[ CV ]

Welcome by Houlin Zhao, Director, Telecommunications Standardization Bureau, ITU-T
[ Presentation ]
09:45 – 11:15 Session 1: The role of standards in telecommunications and IT security

Chair: Yu Watanabe, KDDI (Japan)
[ CV ]

Security standardization in an evolving threat environment – Bill McCrum, Industry Canada (Canada)
[ CV | Abstract | Presentation ]

This session will provide a context for the workshop by providing some background on how the security standardization work began and how it has evolved to meet a changing threat environment as Internet use has become pervasive. A summary of the current threat environment will be included. 

Overview of security standards work These presentations will be high-level & broad-ranging and will provide an overview of the security standards work in each organization, existing collaboration, plus the major achievements and the key standards produced. Mention will be made of how requirements for standards are determined and evaluated, how standards are marketed and how they are assessed for success. Who are the targeted users for each organization’s standards? Possible gaps may be indicated and the respective strengths and weaknesses of each organization’s processes will be identified.

11:15 – 11:30 Coffee break
11:30 – 13:00 Session 2: Key areas of security standards focus

Chair: Byoung-Moon Chin, TTA (Korea)
[ CV ]

Representatives of ITU-T, ISO/IEC/JTC1 & ETSI will each highlight what they consider to be a key topic of current focus and to report on the challenges and issues associated with that topic. 

- ISO/IEC/SC27 perspective - Marijke De Soete (Vice-chair JTC1/SC27) [ CV | Abstract | Presentation ]
  • Security techniques standards within SC27
  • Signature and authentication standards for secure e-business
  • Focus on future ‘diversions’ biometrics and identity management

- ITU-T SG16 perspective – Martin Euchner, ITU-T Q.25/16 Rapporteur [ CV | Abstract | Presentation ]

  • NGN Multimedia Security

- ETSI perspective - Charles Brookson, Department of Trade and Industry (UK)
 [ CV | Abstract | Presentation ]

  • Overview and ETSI security program
  • Update on GSM standards
13:00 – 14:00 Lunch break
14:00 – 15:30 Session 3: Emerging Technical Issues

Chair: Jianyong Chen, ZTE, (China)
[ CV ]

In this session, experts will address a number of technical topics that have network security implications 

- Wireless security: can wireless and wireline security be unified? Zhi Zhou, China Mobile (China)
[ CV | Abstract | Presentation ]

- RFID and Ubiquitous Sensor Network. Kyoil Chung, ETRI (Korea)
[ CV | Abstract | Presentation ]

- Trusted computing platform (including trusted mobile platform) – Abbie Barbir, Nortel (Canada)
[ CV | Abstract | Presentation ]

15:30 – 16:00 Coffee break
16:00 – 17:30 Session 4: Stakeholder perspectives

Chair: Charles Brookson, Department of Trade and Industry (UK)
[ CV ]

A panel of stakeholders representing standards users (e.g. network operators, developers, transaction processors and administrations/regulators) will try to address some of the key questions concerning development and use of security standards. Who are the security standards stakeholders (i.e. the organizations who use the standards) and are the SDOs responding adequately to their needs? If not, why not? What needs to change? What are the economic implications of security standards? Can security standards be implemented cost-effectively in a way that provides “good-enough security” while ensuring cost-competitiveness of the product/service? 

Each panellist will be invited to make a short opening statement/presentation following which there will be a mediated discussion with questions and contributions from the audience.

 17:30 – 18:00 Wrap-up of Day 1

The Workshop Chair will provide a brief summary and identify any issues for overnight discussion/review.
[ TOP ]
Day Two (4 October 2005)
09:00 – 9:30 Session 5: Day 2 Introduction

Introduction by Workshop Chair. Report on results of any after-hours discussions. Feedback from participants.

09:30 –10:30 Session 6: Key network security issues – some regional and consortia perspectives

Chair: Arkadi Kremer, RANS (Russian Federation)
[ CV ]

OASIS - Jamie Clark, OASIS (USA)
[ CV | Abstract | Presentation ]

3GPP - Rajesh Talpade, Telcordia (USA)
[ CV | Abstract | Presentation ]

ATIS - François Cosquer, Alcatel North America (Canada)
[ CV | Abstract | Presentation ]

RAISS Forum - Meng Chow Kang, Microsoft, (Singapore)
[ CV | Abstract | Presentation ]
10:30 – 11:00 Coffee break

11:00 – 12:30 Session 7: Overview of some specific areas of current interest for security standardization

Chair: Lewis Robart, Industry Canada
[ CV ]

This session will cover 3 key areas of technical focus for security standardization. 

Information Security Management for Networks – what is the status of current work & where is it leading? (e.g. ISO 17799, SC27 work such as ISMS, IETF work on OpSec.) What are the implications of this work for security standards development and collaboration? - Angelika Plate (Germany/SC27) [ CV ] & Ted Humphreys (UK/SC27) [ CV | Abstract | Presentation ]

SS7 and the vulnerability of the networking infrastructure – Michel Leber, Tekelec (France)
[ CV | Abstract | Presentation ]

Security of voice in an IP environment – Xiaofeng Huang, France Telecom (France)
[ CV | Abstract | Presentation ]
12:30-14:00 Lunch break

14:00 – 15:00 Session 8 – Refining the focus and the processes for security standardization

Chair: Ted Humphreys (UK/SC27)
[ CV ]

This panel discussion and interactive session will provide an opportunity for all workshop participants to join in the discussion to try to find answers to the problems facing standards development organizations.

What are the crucial problems in ICT security and which of these can/should be addressed by standards? What areas should standardization avoid? Are there differences in security standards needs (or differences in emphasis) in the different regions? How can standards bodies respond most quickly and effectively to emerging threats? How can the work be funded and resourced? How can SDOs address evolving threats such as spyware, bots, etc

[ Summary Points ]
15:00 – 15:30 Session 9 – Security Standards for the Developing Countries and Countries with Economies in Transition

Chair: Abbie Barbir, Nortel (Canada)
[ CV ]

Raphael Nlend (Cameroon) [ CV | Abstract | Presentation ]

This session responds to a growing need to address network security in the developing countries and countries with economies in transition. The presentation will review the particular situation in these countries and provide an assessment as to whether the DCs have any special needs that are not already being addressed by the current security standards work.

15:30-16:00 Coffee break

16:00 – 17:00 Session 10 – Improving the effectiveness of the security standards process - next steps

Chair: Bob Thornberry (Lucent Technologies)
[ CV ]

A panel discussion with participation of representatives from each session and significant interaction with delegates. The purpose is to identify those areas of focus in which the standards organizations (and the ITU in particular) can be most effective in developing security standards, to prioritize security standards activities and to improve collaboration. 

How can we increase collaboration and leverage the respective strengths of the formal and informal processes? What can be done to improve alignment of the needs and the work? How can we avoid redundant and conflicting efforts? How do we validate new work proposals and ensure on-going cooperation and coordination?

[ Summary Points ]
17:00 – 17:30 Session 11: Summary and closing remarks

Review and summary of workshop results by Workshop Chair and Rapporteur.

[ TOP ]


Top - Feedback - Contact Us - Copyright © ITU 2006 All Rights Reserved
Contact for this page : TSB EDH
Updated : 2006-02-06