May22-summary
|
Executive Summary Meeting of ITU-T SG17 'Security', virtual, 10-20 May 2022 Hot topics
- 5G security
- Countering spam
- QKDN
- Intelligent transport system security
- DLT based security services
- IoT security
- Security multi-party computation
1 Meeting Output (meeting statistics see Annex E below)- SG17 Working Party structure: no change from last Study Period.
- Default approval procedure for SG17 Questions: no change from last Study Period.
- SG17 Rapporteurship: same as last Study Period, adding one new Q13/17 associate Rapporteur
- Output standards (12, see Annex A):
- TAP approval (3): Details are in Annex A a).
- TAP determined (3): 3 new Recommendations. Details are in Annex A b).
- AAP consented (3): 3 new Recommendations for AAP Last Call. Details are in Annex A c).
- Agreed (3): 3 new Technical Reports. Details are in Annex A d).
- New work item established (1517, see Annex C).
- Work items discontinued (1): Detail is in Annex D.
- New Registry authority for Republic of Korea: {joint-iso-itu-t(2) country(16) kr(410)}
- Workshop: 1st ITU-T X.509 Day Event was held successfully on 9 May 2022.
- SG17 JCAs, Correspondence Group/task force
- JCA-IdM: continued
- 3 Correspondence Groups
- CG-secapa (Correspondence Group on Security Capability and Architecture): new
- CG-SG17-meeting (Correspondence Group on effective SG17 meeting): continued
- CG-FIDO (of Q10/17): new
2 Next SG17 meetings2.1 2nd SG17 meeting: Geneva, Tuesday 23 August – Friday 2 September 2022 (9 working days, physical meeting with remote participation (as WTSA-20))- ITU workshop on security for 5G and beyond, Monday 22 August 2022, 09:30-17:30
- Open and extended management team meeting on Monday 22 August 2022, 19:00-21:00.
- 30th JCA-IdM meeting on Friday 26 August 2022, 14:30-16:00
- 20 Candidate texts planned for action, details see Annex B.
2.2 3rd SG17 meeting: Geneva, Tuesday 21 February - Friday 3 March 2023 (9 working days) - Open and extended management team meeting on Monday 20 February 2023, 19:00-21:00.
2.3 Interim RGMs 6 Questions plan to hold 6 RGMs before next SG17 meeting
#
| Q | Date | Place/Host | Subject/objective | | 1. | 2/17 | 30 June 2022 | e-meeting | - prepare texts for action in next SG17 meeting: X.5Gsec-ecs and X.5G-ssl
| | 2. | 3/17 | June-July 2022 | e-meeting | - Discuss survey for CDC in Africa
| | 3. | 10/17 | July 2022 | e-meeting | - progress all the work of Q10/17
| | 4. | 11/17 | 27 June – 01 July 2022 | e-meeting | - Joint meeting with ISO/IEC/JTC 1/SC6, agenda in TD216
| | 5. | 13/17 | 7-8 June 2022 | e-meeting | - prepare final texts for X.ipscv, X.edr-sec, X.eivn-sec, X.srcd, X.fistiscv
- address all work items
| | 6. | 14/17 | 12-13 July 2022 | e-meeting | - work on the action items: X.srscm-dlt, X.sa-dsm
- review of deliverables from other study groups, focus groups and other SDOs
|
Annex A
Actions taken on Recommendations, and other texts at SG17 closing plenary on 20 May 2022a) TAP Recommendations approved (WTSA-20 Resolution 1)| # | Q | Acronym | Title | New / Revised | Editor(s) | Location of text | Equivalent
e.g., ISO/IEC | Start of work | Timing | | 1. | 2/17 | X.1812
(X.5Gsec-t)*
| Security framework based on trust relationship for IMT-2020 ecosystem | New | Minpeng Qi,
Li Su,
Junzhi Yan,
HeungYoul Youm | TD128 | | 2018-09 | 2021-09 | | 2. | 4/17 | X.1246Amd.1*
| Technologies involved in countering voice spam in telecommunication organizations | New | Dmitry Cherkesov,
Yanbin Zhang | TD322 | | 2019-09 | 2021-09 | | 3. | 4/17 | X.1247Amd.1*
| Technical framework for countering mobile messaging spam | New | Dmitry Cherkesov,
Yanbin Zhang | TD323 | | 2019-09 | 2021-09 |
Note: * TAP approval postponed from last SG17 meeting (Jan 2022).
b) TAP Recommendations determined (WTSA-20 Resolution 1)| Q | Acronym | Title | New / Revised | Editor(s) | Location of Text | Equivalent
e.g., ISO/IEC | Start of work | Timing | | 2/17 | X.1813 (X.5G-vs) | Security requirements for operation of vertical services supporting ultra-reliable and low latency communication (URLLC) in IMT-2020 private network | New | Jae Eon Oh,
Seongki Shin,
Heung Youl Youm | TD300 | | 2020-09 | 2022-05 | | 2/17 | X.1814 (X.5Gsec-guide) | Security guideline for 5G communication system | New | Mee Yeon Kim,
Keundug Park,
Heung Youl Youm | TD264 | | 2019-01 | 2022-05 | | 6/17 | X.1352
(X.iotsec-4) | Security requirements for IoT device and gateway | New | Jiho Bang,
Wonsuk Chung,
Sanggeol Lee,
Hosoek Ryu | TD269 | | 2018-09 | 2022-05 |
c) AAP Recommendations consented (Recommendation ITU-T A.8)| Q(1) | Acronym | Title | New / Revised | Editor(s) | Location of Text | Equivalent
e.g., ISO/IEC | Start of work | Timing | | 13/17 | X.1379
(X.rsu-sec) | Security requirements for road-side unit in intelligent transportation system | New | Qiguang Fan,
Ye Tian,
Junzhi Yan | TD271 | | 2019-09 | 2022-05 | | 14/17 | X.1409
(X.ss-dlt) | Security services based on distributed ledger technology | New | Yue Chen,
Zhaoji Lin,
Min Shu,
Ke Wang,
Kai Wei,
Junjie Xia,
Junzhi Yan | TD222 | | 2017-05 | 2022-05 | | 15/17 | X.1715
(X.sec-QKDN-intrq) | Security requirements and measures for integration of QKDN and secure storage network | New | Kaoru Kenyoshi | TD325 | | 2020-09 | 2022-05 |
d) Non-normative texts (Technical Report, Supplement, Implementers' Guide, etc) agreed| Q | Acronym | Title | New / Revised | Editor(s) | Location of text | Equivalent
e.g., ISO/IEC | Start of work | Timing | 2/17
| XSTP-5Gsec-RM | Technical Report: 5G Security Standardization Roadmap | New | Yutaka Miyake,
Junzhi Yan,
Gunhee Lee,
Stiepan Kovac | TD312 | | 2021-09 | 2022-05 | | 15/17 | TR.sec-ai | Technical Report: Guidelines for security management of using artificial intelligence technology | New | Linlin Zhang,
Liang Wei,
Huiyun Jing,
Junjie Xia | TD232 | | | 2022-05 | | 15/17 | TR.hyb-qkd | Technical Report: Overview of hybrid approaches for key exchange with QKD | New | Dong-Hi SIM | TD301 | | | 2022-05 |
Annex B
Recommendations planned for action in SG17 Aug/Sep 2022 meetinga) TAP Recommendations planned for TAP approval (WTSA-20 Resolution 1) | Q | Acronym | Title | New / Revised | Editor(s) | Location of Text | Equivalent
e.g., ISO/IEC | Start of work | Timing | | 2/17 | X.1813
(X.5G-vs) | Security requirements for operation of vertical services supporting ultra-reliable and low latency communication (URLLC) in IMT-2020 private network | New
| Jae Eon Oh,
Seongki Shin,
Heung Youl Youm | R7 | | 2020-09 | 2022-05 | | 2/17 | X.1814
(X.5Gsec-guide) | Security guideline for 5G communication system
| New | Mee Yeon Kim,
Keundug Park,
Heung Youl Youm | R8 | | 2019-01 | 2022-05 | | 6/17 | X.1352
(X.iotsec-4) | Security requirements for IoT device and gateway | New | Jiho Bang,
Wonsuk Chung,
Sanggeol Lee,
Hosoek Ryu | R9 | | 2018-09 | 2022-05 |
b) TAP Recommendations planned for TAP determination (WTSA-20 Resolution 1)| # | Q(1) | Acronym | Title | New / Revised | Editor(s) | Location of Text | Start of work | Timing | | 1. | 2/17 | X.5Gsec-ecs | Security guidelines for 5G edge computing services | New | Feng Gao,
Jae Hoon Nah,
Junjie Xia,
Bo Yu,
Xiaojun Zhuang | TD311 | 2019-01 | 2022-09 | | 2. | 2/17 | X.5Gsec-ssl | Guidelines for classifying security capabilities in 5G network slice | New | Zhiyuan Hu,
Li Su,
Ke Wang,
Bo Yang | TD245 | 2020-09 | 2022-09 | | 3. | 6/17 | X.sc-iot | Security Controls for Internet of Things (IoT) system | New | Koji Nakao, Liu Lijun | TD4091 | 2018-09 | 2022-09 | | 4. | 6/17 | X.ztd-iot | Security methodology for zero-touch deployment in massive IoT based on blockchain | New | Xin Kang,
Haiguang Wang,
Weidong Wang | TD243 | 2020-09 | 2022-09 | | 5. | 7/17 | X.sles | Security measures for location enabled smart office service | New | Hao Dong,
Lijun Liu,
Jae Hoon Nah, Wenxin Wang | TD295 | 2019-09 | 2022-09 | | 6. | 8/17,
(14/17) | X.BaaS-sec | Guidelines on blockchain as a service (BaaS) security | New | Nan Meng,
Kyeong Hee Oh | TD231 | 2019-09 | 2022-09 | | 7. | 8/17 | X.sgdc | Security guidelines for distributed cloud | New | Jinfeng Kou,
Mark McFadden,
Ye Tao,
Laifu Wang,
Lei Xu | TD252 | 2019-01 | 2022-09 | | 8. | 13/17 | X.srcd | Security requirements for categorized data in V2X communication | New | Yaping Sun, Huirong Tian, Nan Meng, Takamasa Isohara | TD285 | 2018-03 | 2022-09 | | 9. | 13/17 | X.edr-sec | Security guidelines for cloud-based event data recorders in automotive environment | New | Sang-Woo Lee,
Seungwook Park | TD281 | 2018-09 | 2022-09 | | 10. | 13/17 | X.eivn-sec | Security guidelines for Ethernet-based In-Vehicle network | New | Sang-Woo Lee,
You-Sik Lee | TD279 | 2018-09 | 2022-09 | | 11. | 13/17 | X.fstiscv | Guidelines for sharing security threat information on connected vehicles | New | Min Shu,
Wenlei Wang,
Yunwei Zhao,
Xiaochun Yun | TD282 | 2018-09 | 2022-09 | | 12. | 14/17 | X.sa-dsm | Security architecture of data sharing management based on the distributed ledger technology | New | Min Shu,
Yunei Zhao,
Feng Gao,
Zhiyuan Hu | TD293 | | 2022-09 |
Notes: (1) In case of joint Question activity, the lead Question is given without parentheses and other Questions are shown in parentheses; such entries are only shown in the table against the lead Question. c) AAP Recommendations planned for AAP consent (Recommendation ITU-T A.8)| Q(1) | Acronym | Title | New / Revised | Editor(s) | Location of Text | Start of work | Timing | | 1/17 | X.arch-design | Design principles and best practices for security architectures | New | Arnaud Taddei | TD3386
| 2019-09
| 2022-09 | | 13/17 | X.ipscv | Guidelines for an intrusion prevention system for connected vehicles | New | Seonghoon Jeong, HuyKang Kim, Sang-Woo Lee, Seungwook Park
| TD277 | 2019-09 | 2022-09 | | 14/17 | X.srscm-dlt | Security Requirements for Smart Contract Management based on distributed ledger technology | New | Tietao Guo,
Li Li,
Kyeong Hee Oh,
Min Shu,
Yang Wu
| TD236 | 2020-09 | 2022-09 |
d) Non-normative texts (Technical Report, Supplement, Implementers' Guide, etc) planned for agreement | Q | Acronym | Title | New / Revised | Editor(s) | Location of text | Start of work | Timing | | 4/17 | X.Sup-cs-ml | Supplement to X.1231: Countering spam based on machine learning | New | Elizabeth Essl, Wei Liu,
Weidong Wang,
Lei Xu,
Yanbin Zhang | TD239 | 2019-08 | 2022-09 | | 7/17 | TR.cta | Technical Report: Use cases for contact tracing technologies to prevent spread of infectious diseases | New | Mee Yeon Kim,
Heung Youl Youm | TD294 | 2020-09 | 2022-09 |
Annex C
New work itemsThe following new work items were agreed to be added to the SG17 Work Programme: | # | Q | NWI | Approval | TD | Title | C | | 1. | 2/17 | TR.cpn-col-sec | Agreement | TD248 | Technical Report: Security considerations of collaboration of multiple computing power networks
| C009 | | 2. | 2/17 | TR.5Gsec-bsf | Agreement | TD255 | Technical Report: Guidelines of built-in security framework for telecommunications network | C056 | | 3. | 2/17 | X.5Gsec-srocvs | TAP | TD268 | Security Requirements for the Operation of IMT-2020 Core Network to Support Vertical Services | C073 | | 4. | 4/17 | X.sr-ctea | AAP | TD244 | Security requirements and countermeasures for targeted email attacks | C021 | | 5. | 4/17 | X.spmoh | AAP | TD241 | Security framework for storage protection against malware attacks on hosts | C042 | | 6. | 4/17 | X.sgc_rcs | TAP | TD286 | Guidelines for countering spam over rich communication service (RCS) messaging | C087 | | 7. | 6/17 | TR.ba-iot | Agreement | TD321 | Technical Report: Broadcast authentication scheme for IoT system | C074 | | 8. | 7/17 | X.suppl.uc-dcc | Agreement | TD266 | Supplement to X.1152 on use cases for digital COVID-19 certificates | C031 | | 9. | 7/17 | X.smdtf | AAP | TD258 | Security measures for digital twin federation in smart cities and communities | C061 | | 10. | 7/17 | X.srmpc | AAP | TD259 | Security requirements for monitoring physical city assets | C062 | | 11. | 7/17 | X.tc-ifd | TAP | TD253 | Technical capabilities of interactive fraud detection | C093 | | 12. | 8/17 | X.soar-cc
| TAP | TD272 | Framework of security orchestration, automation and response for cloud computing | C067 | 13.
| 8/17
| X.gdsml
| TAP | TD229 | Guidelines for data security using machine learning in big data infrastructure
| C088 | 14.
| 10/17
| X.ctap21
| AAP
| TD214
| FIDO Client to Authenticator Protocol 2.1
| TD214
| 15.
| 10/17
| X.uaf12
| AAP
| TD214
| FIDO Universal Authentication Framework Protocol Specification 1.2
| TD214
| | 16. | 15/17 | X.secadef | AAP | TD288 | Security capabilities definitions | C013 | | 17. | 15/17 | TR.smpa | Agreement | TD319 | Technical Report: Security middle platform architecture | C099 |
Annex D
Work items discontinued| Question | Acronym | Title | | 10/17 | X.tec-idms
| Management and protection techniques for user data protection in distributed identity systems
|
Annex E
SG17 meeting Statistics | | participants | countries | Member States | Sector Members | SG17 Associates | Academia | Invited Experts | | Announced | 276 | 39 | 36 | 32 | 1 | 6 | 6 | | Final | 281 | 39 | 35 | 32 | 1 | 6 | 6 |
- Meeting input and organization
Table of SG17 statistics of this and some past meetings | 2022-05* | 2021-09* | 2021-04* | 2020-09* | 2020-03* | 2019-09 | 2019-01 | 2018-09 | 2018-03 | 2017-09 | 2017-03 | 2016-09 | 2016-03 | 2015-09 | 2015-04 | C | 101 | 98 | 104 | 110 | 121 | 151 | 118 | 144 | 113 | 106 | 78 | 81 | 66 | 74 | 80 | LS/i | 72 | 46 | 57 | 58 | 49 | 67 | 58 | 47 | 40 | 45 | 43 | 38 | 47 | 56 | 60 | LS/o | 20 | 26 | 17 | 28 | 29 | 40 | 39 | 37 | 38 | 46 | 38 | 23 | 32 | 42 | 42 | TD | 331
| 336 | 307 | 434 | 438 | 508 | 380 | 420 | 395 | 426 | 368 | 391 | 418 | 371 | 386 |
Note * - fully virtual meeting - Contribution: 101 – stable, DDP: 97%.
- APT 93 (93%) [China 44 + Korea 39 + Japan 9 + Singapore 1]
- Americas 4 (4%) [US 4]
- RCC 2 (2%) [Russia 2]
- EUR 1 (1%) [UK 1]
- AFR (0), ARAB (0), LAM (0)
- Liaison Statement: matrix in TD23
- incoming 72 - increased due to longer interval since last SG17 meeting
- Outgoing 20 - stable
- TDs: 331 - stable
|
|
|
|
|
|
