|
Work item:
|
X.1011 (ex X.rf-csap)
|
|
Subject/title:
|
Guidlines for continuous protection of service access process
|
|
Status:
|
Approved on 2021-10-29
|
|
Approval process:
|
AAP
|
|
Type of work item:
|
Recommendation
|
|
Version:
|
New
|
|
Equivalent number:
|
-
|
|
Timing:
|
-
|
|
Liaison:
|
ISO/IEC JTC1 SC27 WG4 & WG5
|
|
Supporting members:
|
-
|
|
Summary:
|
To prevent unauthorized access to information and abuse of ICT resources is fundamental to the cybersecurity. An extensive effort had been made towards the standardization of identity and access management. However, the access environment is continuously changing and traditional mechanisms could not deal with the challenges of evolving security threats. Firstly, traditional data center infrastructure is moving to the cloud, consequently the perimeter security device for traditional data center is not applicable to cloud-based data center. Secondly, internal threats are becoming more and more serious, e.g. authorized user trying to perform dangerous operations caused by negligence, or internal users being attacked by social engineering which may lead to impersonation risk. Thirdly, the status of the device or resource may become insecure during access process, e.g. operating system (OS) or software in device and resource platform being compromised by exploitation of misconfigure, or access request being intercepted, etc.
Service access process is the process during the interval between a subject initiating access request(s) and receiving response(s) from a service, which may involve a variety of above-mentioned security threats.
In order to deal with these challenges, it is crucial to continuously analyse related security status, verify the rationality of access activity, protect the security of access process and prevent unsecure access. Referred as Zero Trust in current security industry, this Recommendation defines a reference framework for keeping continuous protection of service access process.
|
|
Comment:
|
-
|
|
Reference(s):
|
|
|
Historic references:
|
|
Contact(s):
|
|
| ITU-T A.5 justification(s): |
|
|
|
|
First registration in the WP:
2019-09-09 11:33:52
|
|
Last update:
2021-09-30 13:58:31
|
