|
Work item:
|
X.1452 (ex X.tfss)
|
|
Subject/title:
|
Guidelines for security services provided by operators
|
|
Status:
|
Approved on 2020-10-29
|
|
Approval process:
|
AAP
|
|
Type of work item:
|
Recommendation
|
|
Version:
|
New
|
|
Equivalent number:
|
-
|
|
Timing:
|
-
|
|
Liaison:
|
-
|
|
Supporting members:
|
-
|
|
Summary:
|
Due to the growing number of innovations in services in network and telecommunication domains, operators do face the pressing need to explore new services based on their network and services capabilities. In this transformation, operators have not only accumulated new assets and experiences with technologies and services for network and telecommunication, but also the capability of offering security services based on the full extend of their network and infrastructure deployments and operations. The specific nature of this class of services makes them exhibit a number of differences with the more traditional telecommunication services (e.g. phone call, short message, mobile network access). In this context, the portfolio of security services that are currently in production and explored by the operators need a specific integration with the resources and assets of the telecommunication network and infrastructure; the risk level on this portfolio is actually higher should the security service itself be compromised as it is precisely supposed to turn the operator offering it as the 'security provider' for the end market customers. A compromise of the service will result in lost of trust by customers and will span through the whole range of the services offered by the operator and will significantly increase the overall churn level and customer satisfaction and loyalty. Therefore the security assurance defined as the degree of confidence reached in the security service needs to be studied thoroughly. In order to offer technical reference for the operators and guarantee the security, the guidelines of the security services provided by the operator need to be analysed and established.
This recommendation aims to classify potential use cases of security services provided by operators, analyse specific requirements for security services thus provides guidelines for operators to safeguard and improve their security services.
|
|
Comment:
|
-
|
|
Reference(s):
|
|
|
Historic references:
|
|
Contact(s):
|
|
| ITU-T A.5 justification(s): |
|
|
|
|
First registration in the WP:
2017-10-16 18:04:51
|
|
Last update:
2020-11-04 11:16:35
|
