- Recommendation X.1101 (05/10) - Security requirements and framework for multicast communication
This Recommendation investigates threat analysis for multicast communication services and describes security requirements and framework for secure multicast communication services. In addition, this Recommendation develops secure multicast services including group management, reliable multicast data transmission, and so forth.
- Recommendation X.1121 (04/04) - Framework of security technologies for mobile end-to-end communications
This Recommendation describes the security threats to mobile end-to-end data communications and the security requirements from the point of view of the mobile users and application service providers (ASP). In addition, this Recommendation shows where the security technologies which realize certain security function appear in the models of mobile end-to-end data communications.
- Recommendation X.1122 (04/04) - Guideline for implementing secure mobile systems based on PKI
Although public-key infrastructure (PKI) technology is very useful security technology to realize many security functions (encipherment, digital signature, data integrity, and so on) in the mobile end-to-end data communications, the PKI technology should be adapted for mobile end-to-end data communication. However, the method to construct and manage secure mobile systems based on PKI technology has not been established yet. This Recommendation provides guidelines for constructing secure mobile systems based on PKI technology.
- Recommendation X.1123 (11/07) - Differentiated security service for secure mobile end-to-end data communication
This Recommendation describes differentiated security service for secure mobile communication. The investigation of differentiated security service is important for both service providers and users. The service providers can use the differentiated security service to overcome rigorous circumstance of wireless access network and satisfy various users and service with different levels of security. The differentiated security service is realized by security policy with three layers. One layer is super security policy used as value added service that safeguards mobile communication with sensitive information. The second layer is baseline security policy used as prevalent service that satisfies mobile communication without sensitive information. The last layer is no security policy defined as the policy under which no security function is configured during communication.
- Recommendation X.1124 (11/07) - Authentication architecture for mobile end-to-end data communication
This Recommendation describes a service layer authentication architecture for mobile end-to-end data communications between mobile users and various service providers in the network. The generic negotiation mechanisms and authentication procedures specified in this Recommendation support both those entities that have miscellaneous authentication capabilities and to those entities that have differentiated security requirements. The authentication addressed in this Recommendation is used for service providers and requesters and is independent of network access authentication of the mobile users.
- Recommendation X.1125 (01/08) - Correlative Reacting System in Mobile Data Communication
In a mobile network environment, while core networks are able to manage security threats, mobile stations (MS) that access the mobile network have little defence capability due to limited hardware resources. Compromised mobile stations can themselves easily become virus agents and threaten the entire network. The Correlative Reacting System (CRS) defined in this Recommendation aims to protect mobile networks against the threats of the insecure terminals that do not conform to the security policy of the network, such as the terminals that have been compromised.
- Recommendation X.1143 (11/07) - Security architecture for message security in mobile web services
This Recommendation describes the security architecture and scenarios for message security in mobile Web Services. Security services for messages are the most fundamental security requirements for mobile Web Services. Although the components for message security such as WS-Security have been standardized, standard architecture and service scenarios for providing message security for mobile Web Services have yet to be defined. Since Simple Object Access Protocol (SOAP) messages use Hypertext Transport Protocol (HTTP) ports, they cannot be filtered by firewalls; hence there is a need to provide a message filtering mechanism based on the message contents in the architecture for secure mobile Web Services as well as to integrate security policy mechanism suitable for mobile Web Services message security and the message filtering mechanism into the architecture. Since many mobile terminals do not have sufficient processing power to support the Web Services protocol stack fully, and many backend application servers are not based on Web Services, interworking mechanisms and scenarios between mobile Web Services and legacy non-Web Services applications should be provided. This Recommendation seeks to establish a guideline for security architecture and security service scenarios for message security in mobile Web Services satisfying the above mentioned requirements.
- Recommendation Z.161 (03/11) - Testing and Test Control Notation version 3 (TTCN-3): Core language
This Recommendation defines TTCN-3 (Testing and Test Control Notation 3) intended for specification of test suites that are independent of platforms, test methods, protocol layers and protocols. TTCN-3 can be used for specification of all types of reactive system tests over a variety of communication ports. Typical areas of application are protocol testing (including mobile and Internet protocols), service testing (including supplementary services), module testing, testing of CORBA-based platforms and APIs. The specification of test suites for physical layer protocols is outside the scope of this Recommendation.
