Question 6/2 - Management architecture and security
(Continuation of Questions 6/2 (partially), 8/2 and 11/2 (partially))
The standardization of management interfaces cannot be pursued fruitfully without a characterization and specification of the systems and functions which communicate via these interfaces. For this purpose, TMN was specified by Recommendation M.3010. Recommendation M.3060 builds on M.3010 and specifies the framework and the architectures needed to support the management of the NGN. Ongoing developments in telecommunications network technologies, architectures and services, e.g. related to cloud computing, require that the management framework and architecture evolve with them.
A very important aspect of the management infrastructure is security. Undisturbed operation of telecommunications networks has become a cornerstone of society. In order to withstand actions which are aimed at disturbing this operation, the management plane must be very well secured. Therefore it is needed that the security of management is considered and included in each step in the study and specification of management frameworks, architecture and interfaces.
Study items to be considered include, but are not limited to:
How should the management architectures evolve in order to support evolving and new telecommunication network technologies, architectures and services?
Which extensions to existing Recommendations (in particular M.3060), or which new Recommendations are needed in response to the results of the study under 1)?
What is the impact of evolution in network technologies and architectures on the security of the management plane?
Which extensions to M.3016 series, or which new Recommendations are needed in response to the results of the study under 3)?
Tasks include, but are not limited to:
Enhance and extend Recommendation M.3060 as needed.
Update M.3050 series Recommendations (in close collaboration with TM Forum)
Develop/enhance functional requirements for security management systems (M.3410)
Maintain security of management and management of security Recommendations, including the M.3016 Series, M.3210.1, Q.813, Q.815, and Q.817 Recommendations.
While the primary approach for specifying terms and definitions should be to include them within related Recommendations and then reference them as needed from other Recommendations, considerations may be given to other approaches to benefit specific groups of users. In particular, the role of and the terms and definitions in Recommendation M.60 need to be confirmed or amended.