|
Work item:
|
Y.cnps
|
|
Subject/title:
|
Service model of attestation-assisted credible network path provisioning based on orchestration in future networks
|
|
Status:
|
Under study
|
|
Approval process:
|
AAP
|
|
Type of work item:
|
Recommendation
|
|
Version:
|
New
|
|
Equivalent number:
|
-
|
|
Timing:
|
2026-12 (Medium priority)
|
|
Liaison:
|
ITU-T SG11, SG15, SG17, IETF RATS
|
|
Supporting members:
|
China Unicom; China Telecom; MIIT, China; Beijing Jiaotong University(BJTU), China
|
|
Summary:
|
With the digital and intelligent transformation of industries, more and more enterprise data is transmitted to public computing infrastructure for storage and computation and exchanged cross multiple enterprise sites through the network. Since the enterprise data usually is highly sensitive, e.g. including some production data, the enterprise customers have increased their emphasis on the confidentiality of the data transmission, by transporting the data using traditional secure transmission protocols such as IPSec and TLS. In addition, the enterprise customers may also request to provision the network path only over the network devices which are attested as credible to reduce the risk of data leak and data eavesdropping, e.g. the harvest now, decrypt later attack.
The credible network path is considered as a data forwarding path of wired network, which only includes the network devices which are attested as credible according to the most recent credibility attestation. The credible network path provisioning can set up a credible network path according to the service user requirements based on orchestration of multidimensional factors, including the credibility in addition to reachability, resilience and so on. The innovative attestation-assisted credible network path provisioning service is believed to be an important service to protect the confidentiality of the data in the data transfer service for the digital and intelligent transformation of industries. The potential service scenarios and use cases of credible network path need further refinement. Standing on the perspective of supporting the service model of attestation-assisted credible network path provisioning based on orchestration, some high-level technical aspects also need to be further studied.
The new work item proposed aims to study the concept, general characteristics, scenario and use cases of the service model of attestation-assisted credible network path provisioning, as well as high-level technical aspect for supporting the attestation-assisted credible network path provisioning service.
|
|
Comment:
|
-
|
|
Reference(s):
|
|
|
Historic references:
|
|
Contact(s):
|
|
| ITU-T A.5 justification(s): |
|
|
|
|
First registration in the WP:
2025-03-19 12:14:15
|
|
Last update:
2025-03-19 12:17:51
|
