As the lead study group for security, SG17 is responsible for the study of the appropriate core Questions on security. In addition, in consultation with other relevant study groups and in collaboration, where appropriate, with other standards bodies, Study Group has the responsibility to define and maintain the overall framework and to coordinate, assign (recognizing the mandates of the study groups) and prioritize the studies to be carried out by the study groups, and to ensure the preparation of consistent, complete and timely Recommendations.
Standardization Activities in ITU-T SG17, ITU-T SGs and other SDOs
1. ICT Security Standards Roadmap
The ICT Security Standards Roadmap presents a comprehensive view of standardization activities:
- Part 1: ICT Standards Development Organizations and their work;
- Part 2: approved ICT security standards (database with direct links);
- Part 3: Security standards under development;
- Part 4: Future needs and proposed new security standards;
- Part 5: Best practices; and
- Part 6: Identity Management (IdM) landscape
2. Security Compendia
The Security Compendiapresents a detailed view of ITU security standardization activities outputs:
- Catalogue of approved Recommendations related to telecommunication security
- List of security definitions extracted from approved ITU-T Recommendations
3. ICT Security Manual
The ICT Security Manual, i.e., Security in Telecommunications and Information Technology, is regularly updated (2020new , 2015 , 2012 , 2009 , 2006 , 2004 , 2003 ):
- SG 17 promotes workshops and seminars on Security and publishes guidance documents and presentations.
- Security flyer
5. Guidance on Security
- Tutorial on writing safe and secure programs
A list of suggestions has been prepared on how to avoid the most common pitfalls that make software less secure or less safe than it should be. It is addressed to software developers and covers the phases of software design, implementation, and testing. It focuses on network application programs, but many of the suggestions are equally valid for other kinds of software.
ITU-T SG17 has created a document "Security Guidance for ITU-T Recommendations" to provide guidance to authors and reviewers of ITU-T Recommendations to consistently address security considerations within their Recommendations. This document responds to WTSA-04 Resolution 50 which recognizes that converged legacy networks and IP networks are potentially more vulnerable to intrusion if adequate care is not taken in the security design and management and requires the ITU-T to evaluate existing and evolving new Recommendations, especially signalling and communications protocol Recommendations, with respect to their security considerations.
6. Security Workshops
ITU-T SG17 organized security workshops are found at: http://www.itu.int/en/ITU-T/studygroups/2017-2020/17/Pages/workshops.aspx.
7. Other outreach activities and presentations
ITU-T SG17 participates in, and contributes to ICT security-related activities in other organizations. Presentations on the ITU-T work on telecommunication security were made to the Global Standards Collaboration meetings and to the European Telecommunications Standards Institute (ETSI) Security Workshops. Copies of the above presentation decks are available at Presentations on Security
ITU-T Study Groups' Security Achievements and Security Activities were presented at Telecom 2013, Bangkok/Thailand.
Contributions and presentations on the SG 17 work were also made to the Internet Governance Forum as follows:
2008 - Hyderabad, India
2007 - Rio de Janeiro, Brazil
2006 - Athens, Greece