ITU-T Study Group 17 - Lead Study Group Activities

عربي | 中文 | Español | Français | Русский

Advanced Search

Home : ITU-T Home

ITU-T Study Group 17 (Study Period 2005-2008)

Lead Study Group Activities - Telecommunication Security

Study Group 17 has been designated the Lead Study Group for Telecommunication Security in accordance with World Telecommunication Standardization Assembly (WTSA-04) Resolution 2.

Activities of the LSG for Telecommunication Security include: developing and maintaining security outreach material; coordination of security-related work; and identification of needs and assignment and prioritization of work to encourage timely development of telecommunication security Recommendations.

Within SG 17 for the period 2005-2008 the Question 4/17 has been identified as the coordinator for LSG for Telecommunication Security activities. This effort will be carried out closely with other Study Groups to identify and develop security solutions. However, specific expertise to integrate these solutions with the technology under development can come only from the Question carrying out the development.

All Study Groups are requested to keep Study Group 17 informed of their work plans regarding security so that they can be integrated into the overall security work programme.

Security Manual

In August 2006, the TSB published a third edition of the security manual entitled "Security in telecommunications and information technology - An overview of issues and the deployment of existing ITU-T Recommendations for secure telecommunications." This manual includes highlights the major security work of the ITU-T Study Groups.

Security Compendium

The security compendium provides information on ITU security activities and consists of five parts

Catalogue of approved ITU-T Recommendations related to Telecommunication Security
The Catalogue of the approved Recommendations related to Telecommunication Security includes those designed for security purposes and those which describe or use of functions of security interest and need.
In an effort to make this information as up-to-date as possible, all ITU-T Study Groups are requested to review this catalogue for accuracy and completeness.
ITU-T approved security definitions
A List of ITU-T Approved Security Definitions has been prepared. The material in these tables was extracted from approved ITU-T Recommendations with a view toward establishing a common understanding (and use) of security terms within ITU-T. This listing will continue to be developed. An extract of the ITU-T approved security definitions is also available in an ITU-T flyer on security.
In an effort to make this information as complete as possible, all ITU-T Study Groups are requested to review this information for accuracy and completeness.
Summary of ITU-T Study Groups with security-related activities
Summary of Recommendations within ITU-T Study Groups under review for security considerations
Summary of Other ITU Security Activities

Security Standards Roadmap

This Roadmap is an on-line resource that provides information about existing Information and Communication Technology (ICT) security standards and work in progress in key standards development organizations. In addition to information on the ITU-T security Recommendations and related work, the Roadmap currently includes information on standards work of ISO/IEC, ATIS, ENISA, ETSI, IEEE, IETF, OASIS, 3GPP, and 3GPP2.

The Roadmap is in five parts:

Part 1: ICT Standards Development Organizations and Their Work which contains information about the Roadmap structure and about each of the listed standards organizations. Part 1 also provides links to existing security glossaries and vocabularies;
Part 2: Approved ICT Security Standards which contains a searchable database of approved security standards;
Part 3: Security standards under development;
Part 4: Future needs and proposed new security standards; and
Part 5: Best practices

Security Workshops

ITU-T Study Group 17 organized a workshop on Security that was held 13-14 May 2002 in Seoul, Korea. The workshop focused on the following subjects: Security Requirements and telecommunications reliability, Hot topics on IP-based network security, Security management, Biometric authentication and Mobile security.

The presentations and related information are available (including a link to the ITU workshops on "Creating trust in critical network infrastructures").

A second ITU-T workshop on security entitled “New Horizons for Security Standardization” took place on 3-4 October 2005. This workshop, actively supported by Study Group 17, helped to further address the information and communications security issues and promote increased cooperation between organizations engaged in security standardization work.

Presentations and related information (including the final report that was provided as input to relevant organizations) are available.

Cybersecurity Symposium

The ITU-T organized a Cybersecurity Symposium on 4 October 2004, the day before the opening of the WTSA-04 in Florianópolis, Brazil. The symposium brought together senior experts from governments, computer emergency response teams (CERTs), network operators and equipment manufacturers to address the current state of cybersecurity and future approaches to ensuring security in cyberspace. Details and material.

A Cybersecurity Symposium II took place in Moscow (Russian Federation) on 29 March 2005. The main objective of the symposium was to highlight the importance of Cybersecurity as an essential part of information and communication technologies (ICT). There was a discussion on international cooperation, which is increasingly becoming the decisive issue in coordinating the efforts of state institutions and business for the harmonized development of normative, legal, technological and organizational aspects of an effective Cybersecurity infrastructure. Details and material.

Tutorial on writing safe and secure programs

A list of suggestions has been prepared on how to avoid the most common pitfalls that make software less secure or less safe than it should be. It is addressed to software developers and covers the phases of software design, implementation, and testing. It focuses on network application programs, but many of the suggestions are equally valid for other kinds of software.

Security Guidance for ITU-T Recommendations

ITU-T Study Group 17 has created a document "Security Guidance for ITU-T Recommendations" to provide guidance to authors and reviewers of ITU-T Recommendations to consistently address security considerations within their Recommendations. This document responds to WTSA-04 Resolution 50 which recognizes that converged legacy networks and IP networks are potentially more vulnerable to intrusion if adequate care is not taken in the security design and management and requires the ITU-T to evaluate existing and evolving new Recommendations, especially signalling and communications protocol Recommendations, with respect to their security considerations.

Other outreach activities and presentations

ITU-T Study Group 17 participates in, and contributes to ICT security-related activities in other organizations. Presentations on the ITU-T work on telecommunication security were made to the Global Standards Collaboration meetings (GSC 11 and GSC 12) in 2006 and 2007 and to the 2007 European Telecommunications Standards Institute (ETSI) Security Workshop in 2007 and 2008.

Contributions and presentations on the SG 17 work were also made to the Internet Governance Forum in 2006 and 2007.

In 2006 and 2007, on behalf of the ITU-T, SG 17 representatives participated in the ISO, IEC and ITU-T Strategic Advisory Group on Security (SAG-S). Related information may be found at http://www.iso.org/iso/security.

Copies of the above presentation decks are available at Presentations on Security