ITU-T Study Group 17 - Security
Work to build confidence and security in the use of information and communication technologies (ICTs) continues to intensify in order to facilitate more secure network infrastructure, services and applications.
ITU-T Study Group 17 (SG17) coordinates security-related work across all ITU-T Study Groups, often working in cooperation with other standards development organizations (SDOs) and various ICT industry consortia.
SG17 works on cybersecurity, security management, security architectures and frameworks, countering spam, identity management, the protection of personally identifiable information, operational aspects of data protection, open identity trust framework; and quantum-based security; and Child Online Protection.
SG17 also works on the security of applications and services for the Internet of Things (IoT), smart grid, smartphones, software defined networking, web services, big data analytics, social networks, cloud computing, mobile financial systems, IPTV, distributed ledger technology, intelligent transport system, telebiometrics, the combating of counterfeiting and mobile device theft, IMT-2020/5G, cloud-based event data technology, e-health, and Radio Frequency Identification.
The ITU-T Security Manual provides an introduction to the security work of ITU-T and summarizes how ITU-T is responding to global cybersecurity challenges with international standards (ITU-T Recommendations), Technical Reports, guidance documents and outreach initiatives. The ITU-T Technical Report on successful use of security standards presents examples of how ITU-T Recommendations are helping to protect networks, people, data and critical infrastructure, offering guidance of particular value to security practitioners in developing countries.
Work highlights
One key reference for security standards in use today is Recommendation ITU-T X.509 for electronic authentication over public networks. A cornerstone in designing applications relating to public key infrastructure (PKI), ITU-T X.509 is used in a wide range of applications; from securing the connection between a browser and a server on the web, to providing digital signatures that enable e-commerce transactions to be conducted with the same confidence as in a traditional system.
ITU-T's Cybersecurity Information Exchange (CYBEX) – specified by the X.1500 series of ITU-T Recommendations – is a collection of the most successful standards from government agencies and industry in ensuring rapid, internationally coordinated responses to cyber threats and attacks. The CYBEX ensemble of techniques presents a standardized means to exchange the cybersecurity information demanded by Computer Incident Response Teams. Recommendation ITU-T X.1215 provides various use cases for how the structured threat information expression (STIX) language may be used to support cyber threat intelligence and information sharing. In addition, Recommendation ITU-T X.1205 provides a definition of cybersecurity and a taxonomy of security threats, presenting threats at various network layers and the most common tools employed by hackers.
Recommendation ITU-T X.805 gives telecom network operators and enterprises the ability to detail an end-to-end architecture description from a security perspective. It defines specifications that alter the way companies look at their networks, allowing them to pinpoint all vulnerabilities in a network and mitigate them.
Recommendation ITU-T X.1051 supports the implementation of information security controls in telecommunications organizations, providing guidelines to meet baseline information security management requirements including confidentiality, integrity and availability.
Recommendation ITU-T X.1254 provides an entity authentication assurance framework supporting the verification an entity's digital identity. This assurance lies at the heart of online trust, security and access control. The Recommendation identifies three types of assurance to establish trust in a digital identity: identity assurance, authentication assurance, and federation assurance.
Recommendation ITU-T X.1141 defines the security assertion markup language (SAML 2.0), an XML-based framework for exchanging security information, which is expressed in the form of assertions about subjects, where a subject is an entity (either human or computer) that has an identity in some security domain.
Standards developed by SG17 also include technical strategies for countering spam (Recommendation ITU-T X.1231); capabilities to counter security threats in the IoT environment using security gateways (Recommendation ITU-T X.1361); a security framework for cloud computing (Recommendation ITU-T X.1601); and a telebiometric authentication scheme to verify ownership of ITU-T X.509 digital certificates (Recommendation ITU-T X.1085).
Quantum-safe security and security aspects of intelligent transport systems and distributed ledger technology are subjects of fast-growing importance to SG17's work, with relevant standards providing considerations relevant to the design, implementation and operation of key management for quantum key distribution networks (Recommendation ITU-T X.1712); an analysis of security threats to connected vehicles (Recommendation ITU-T X.1371); and a baseline set of terms and definitions for distributed ledger technology (Recommendation ITU-T X.1400).
SG17 is also the place to study technical languages and description techniques. A well-known example is the formal language Abstract Syntax Notation One (ASN.1) – specified by the X.680-699 series of ITU-T Recommendations – an important component for protocol specification or systems design. ASN.1 is used, for example, in the signalling system (SS7) for most telephone calls, package tracking, credit card verification and digital certificates, and in many of the most-used software programs.