Motivation

Recommendations X.800, X.802 and X.803 describe security within the context of open systems. The security architecture for systems providing end-to-end communications is provided in Recommendation X.805. A comprehensive set of detailed security frameworks covering aspects of security such as authentication, access control, non-repudiation, confidentiality, integrity, and security audit and alarms has been established (X.810, X.811, X.812, X.813, X.814, X.815 and X.816). To provide Generic Upper Layers Security (GULS), Recommendations X.830, X.831, X.832, X.833, X.834 and X.835 have been developed. In cooperation with ISO/IEC JTC 1/SC 27, Recommendations X.841, X.842 and X.843 on security information objects and trusted third party services have been established.

A continued effort to maintain and enhance these security Recommendations to satisfy the needs of emerging technologies (e.g., the next generation networks (NGN) and Internet protocol based networks) and services is required. This effort is reflected by X.1035 and X.1036 that show details of password-authenticated key exchange protocols and policy distribution and enforcement.

Due to convergence and mobility, telecommunications carrier networks and the associated information systems are exposed to new classes of security threats. The attackers have a deeper reach into networks and require less skill levels with a higher damage propensity. Viruses, hacking and denial of service attacks have become pervasive and they adversely impact network elements and support systems alike.

The telecommunications and information technology industries are seeking cost-effective comprehensive security solutions that are technology agnostic and protect a wide spectrum of services and applications. To achieve such solutions in multi-vendor environment, network security should be designed around the standard security architectures and standard security technologies. Taking into account the security threats to the telecommunication environment and the current advancement of security countermeasures against the threats, new security requirements and solutions should be investigated. New Recommendations that show how to combine the technology standards and security frameworks are needed to implement comprehensive security for the emerging networks and services.

Recommendations and Supplements under responsibility of this Question as of 1 December 2008: X.800, X.802, X.803, X.805, X.810, X.811, X.812, X.813, X.814, X.815, X.816, X.830, X.831, X.832, X.833, X.834, X.835, X.841, X.842, X.843, X.1031, X.1034, X.1035, X.1036 and Supplements 2 and 3 to X-series.

Question

Study items to be considered include, but are not limited to:

1. How should a comprehensive, coherent telecommunications security solution be defined?
2. What is the architecture for a comprehensive, coherent telecommunications security solution?
3. What is the framework for applying the security architecture in order to establish a new security solution?
4. What is the framework for applying the security architecture in order to assess (and consequently improve) an existing security solution?
5. What are the architectural underpinnings for security?
   1. What is the security architecture of emerging technologies?
   2. What is the architecture for end-to-end security?
   3. What is the security architecture for mobile environment?
   4. What technical security architectures are required? For example:
      • What is the open systems security architecture?
      • What is the IP-based networks security architecture?
      • What should be security architecture for supporting security needs of the NGN?
6. What new Recommendations may be required for providing security solutions in the changing environment?
7. How should architectural standards be structured with respect to existing Recommendations on security?
8. How should architectural standards be structured with respect to the existing advanced security technologies?
9. How should the security framework Recommendations be modified to adapt them to emerging technologies and what new framework Recommendations may be required?
10. How are security services applied to provide security solutions?

Tasks

Tasks include, but are not limited to:

1. Development of a comprehensive set of Recommendations for providing standard security solutions for telecommunications in collaboration with other standards development organizations and ITU-T study groups.
2. Studies and development of Recommendations on a trusted telecommunication network architecture that integrates advanced security technologies.
3. Maintenance and enhancements of Recommendations and Supplements in the X.800-series and X.103x-series.

Relationships

Questions: ITU-T Qs 1, 3, 4, 5, 6, 7, 9, 10 and 11/17

Study groups: ITU-T SGs 2, 9, 11, 13 and 16

Standardization bodies: ISO/IEC JTC 1/SC 27 and SC 37; IEC TC 25; ISO TC12; IETF; ATIS; ETSI; 3GPP, 3GPP2