Committed to connecting the world

Search
WTISD

Mar20-summary

​​​​

Executive Summary

Meeting of ITU-T SG17 'Security' (virtual, 17-26 March 2020)

Hot topics:

  • First fully virtual decision making ITU-T SG meeting
  • IoT Security
  • ITS Security
  • Cloud Security
  • DLT security
  • Authentication
  • Fintech
  • Quantum based security
  • Preparation for WTSA-2020

Meeting Output:

  • TAP approval: 6 new Recommendations, Details are in Annex A a).
  • TAP determined : 9 new and 2 revised Recommendations, Details are in Annex A d).
  • AAP Consented: 3 new Recommendations for Last Call. Details are in Annex A e).
  • Agreed:  2 Technical Reports. Details are in Annex A c).
  • New work items: 7 NWIs were agreed to be added to the SG17 Work Programme. Details are in Annex B.

Next SG17 meeting:

  • Friday 29 May 2020, 12:30-15:00 CET, SG17 e-plenary
    • 6 texts are candidate for action in next SG17 May e-plenary, see in Annex A f).
    • Open and extended management team meeting on Thursday 28 May 2020, 13:30-14:30
  • Tuesday 25 August – Thursday 3 September 2020 (fully virtual meeting, pending SG17 e-plenary on 29 May 2020)
    • 47 texts are candidate for action in next SG17 Aug/Sept meeting, see in Annex A g).
  • Interim RGMs: 9 Questions plan to hold 12 RGMs.
  1.  
QDate​Place/HostSubject/objective
1.                 3/172-3 June 2020
e-meeting
  • To address all work items of Q3/17
2.                 4/17 April 2020e-meeting
  • To address and discuss Quantum issues
3.                 5/17July 2020e-meeting
  • discuss X.1246,X1247 and other issues about AI and anti-fraud on the basis of received contributions
4.                 6/17May 2020e-meeting
  • To address all work items and identify future topics for Q6/17.
5.                 8/177-8 May 2020e-meeting
  • To address all items of Q8/17
6.                 8/177-8 July 2020e-meeting
  • To address all items of Q8/17
7.                 

10/17

 

2nd week May 2020e-meeting
  • To progress all the work of Q10/17
8.                 

10/17

 

2nd week July 2020e-meeting
  • To progress all the work of Q10/17
9.                 

11/17

 

22 April 2020e-meeting
  • Collaborative meeting ITU-T Q11/17 and ISO/IEC/JTC 1/SC 6/WG 10
  • To prepare X.509prot for SG17 29 May e-plenary
10.              13/17

13 May 2020

(3hours)

e-meeting

Q13/17 interim Rapporteur group meeting

  • To address LSo to FG-VM
11.              13/17 10-11 June 2020e-meeting

Q13/17 interim Rapporteur group meeting

  • To address all work items
12.              14/17

22-23 June 2020Beijing, China/e-meeting
  • Focus on work items toward consent at the next meeting

Tutorial: Security aspects of New IP based Networking, TD2541

Participation:

  • 225 participants - record high (past meetings: ​206​​, 178, 168​, 130, 134, 146): 32 countries, 28 Sector Members, 4 Associates, and 4 Academia. 5 invited experts.

Correspondence Groups (2 continued, 1 new):

  • CG-xss (correspondence group on transformation of security study): continued
  • CG-wtsa20-prep (Correspondence Group on SG17 preparation for WTSA-20): continued
  • CG-SECAD (Correspondence Group on security architecture development): new

Meeting input and organization:

  • Contributions: 121 – stable (past meetings: 151, 118, 144, 113, 106, 78, 81, 66, 74, 80)Contribution# from: APT (91 (75%) (= China 40 (33%), Korea 39(32%), Japan 12), Americas   (15 (US 14+CA 1)), EUR (11 (Swiss 5+Den 4+F 1+UK 1)), AFR (4), ARAB (1), LAM (2), Russia (1). 
  • TDs: 439 (previous meeting: 508, 380, 420, 395, 426, 368, 391, 418, 371, 386), including 77 incoming liaison statements and 24 outgoing liaison statements.

​Annex A
Actions taken on Recommendations and other texts at the 26 March 2020 e-plenary

a) TAP Recommendations approved (WTSA-16 Resolution 1):

#QAcronymTitleNew / RevisedEditor(s)Location of textEquivalent
e.g., ISO/IEC		Start of workTiming
1.       
6/17X.1332
(X.sgsec-3)		Security guidelines for smart metering services in smart gridsNewGunhee LeeR46 2016-092019-09
2.       6/17X.1364
(X.nb-iot)		Security requirements and framework for narrow band Internet of ThingsNewFeng Gao,
Junjie Xia,
Heung Youl Youm,
Bo Yu		R45 2017-092019-09
3.       6/17X.1365
(X.ibc-iot)		Security methodology for the use of identity-based cryptography in support of Internet of things services over telecommunication networksNewZhaohui Cheng, 
Haiguang Wang,
Jiang Yu		R43 2017-092019-09
4.       8/17X.1604
(X.SRNaaS)		Security requirements of network as a service (NaaS) in cloud computingNewZhiyuan Hu,
Ye Tao,
Chen Zhang,
Ni Zhang		TD2844 2016-082019-09
5.       8/17X.1605
(X.SRIaaS)		Security requirements of public infrastructure as a service (IaaS) in cloud computingNewHuamin Jin, 
Laifu Wang, 
Mengxi Wang,
Shuai Wang 		R47 2016-03 2019-09
6.       13/17X.1372
(X.itssec-2)		Security guidelines for Vehicle-to-Everything (V2X)  communicationNewChangOh Kim, 
Sang-Woo Lee,
Jae-Hoon Nah,
Seungwook Park		R49 2014-092019-09

 

b) TAP Recommendations not approved (WTSA-16 Resolution 1):

None.

c) Technical Reports agreed:

QAcronymTitleNew / RevisedEditor(s)Location of textEquivalent
e.g., ISO/IEC		Start of workTiming
4/17TR.sec-qkdTechnical report: Security framework for quantum key distribution in telecom networkNewMatthieu Legré,
Dong-Hi Sim		TD2832 2018-092020-03
11/17TR.orsTechnical report: Problems, requirements and potential solutions for OID resolutionNewMark McFadden,
Ruifen Mu,
Linjian Song		TD2920R1 2019-092020-03

 

d) Recommendations determined (TAP – WTSA-16 Resolution 1):

#QAcronymTitleNew / RevisedEditor(s)Location of textEquivalent
e.g., ISO/IEC		Start of workTiming
1.   3/17X.1054revInformation technology - Security techniques - Governance of information securityRevThaib MUSTAFA Anfona TRAORE
Jinghua MIN		TD2924R1ISO/IEC 270142020-032020-03
2.   4/17X.1216 (X.gcpie)Guidelines for Collection and Preservation of Cyber Security Incident EvidenceNewIkkyun Kim,
Jonghyun Kim
Jooyoung Lee, Daesung Moon,

TD2855R2 2018-032020-03
3.   6/17X.1366 (X.amas-iot)Aggregate message authentication scheme for IoT environmentNewKoji Nakao,
Junji Shikata		TD2886R2 2018-092020-03
4.   6/17X.1367
(X.elf-iot)		Standard format of IoT error logs for security incident operationsNew Kiyotaka Atsumi ,
Koji Nakao		TD2887R2 2018-092020-03
5.   7/17X.1148 (X.fdip)
Framework of de-identification processing service for telecommunication service providersNewYe Won Lee,
Hyungjin, Lim,
Lijun Liu,
Jongyoul Park,
Heung Youl Youm		TD2850R3 2016-082020-03
6.   8/17X.1750 (X.GSBDaaS)
Guidelines on security of big data as a Service for big data service providerNewMark McFadden,
Nan Meng,
Chen Zhang		TD2913R3 2016-092020-03
7.   8/17X.1606 (X.SRCaaS)
Security requirements for communication as a service application environmentsNewXuetao Du,
Nan Meng,
Ye Tao.
Chen Zhang		TD2857R1 2016-092020-03
8.   8/17X.1751 (X.sgtBD)
Security guidelines of lifecycle management for telecom Big DataNewFeng Gao,
Jin Peng,
Lanfang Ren		TD2824R2 2017-092020-03
9.   10/17X.1254revEntity authentication assurance frameworkRevAbbie Barbir,
David Turner		TD2828R1 2016-032020-03
10.    10/17X.1279 (X.eaasd)
Framework of enhanced authentication in telebiometric environments using anti-spoofing detection mechanismsNewKepeng Li
Hongwei Luo 		TD2869 2016-082020-03
11.    14/17X.1403
(X.dlt-sec)
Security considerations for using DLT data in Identity ManagementNewAbbie BarbirTD2909  2017-092020-03

 

e) AAP Recommendations consented for Last Call (Recommendation ITU-T A.8):

#QAcronymTitleNew / RevisedEditor(s)Location of textEquivalent
e.g., ISO/IEC		Start of workTiming
1.   7/17X.1149 (X.sfop)
Security framework of open platform for FinTech servicesNewFeng Gao,
HyungJin Lim,
Jae Hoon Nah,
Xin Wang		TD2808 2017-092020-03
2.   7/17X.1451
(X.tfrca)
Technical framework of risk control to support authenticationNewXin Wang,
Min Zuo		TD2823 2018-092020-03
3.   14/17X.1403 
(X.sra-dlt)
Security framework for Distributed Ledger TechnologyNewXiaoyuan Bai,
Qiwi Kirill Ivkushkin,
Petr Kalambet,
Min Shu,
Bilyk Tatiana,
Hongru Zhu		TD2831R2 2017-092020-03

 

f) Work items planned for action in next SG17 special e-plenary meeting on 29 May 2020:

#Q(1)AcronymTitleNew / RevisedEditor(s)Location of TextEquivalent
e.g., ISO/IEC		Start of workTiming
1.       4/17TR.usm**Technical Report: Unified Security Model (USM) - a neutral integrated system approach to CybersecurityNewJacques Francoeur, Paul B. NajarianTD2878   
2.   4/17X.cf-QKDNUse of cryptographic functions on a key generated by a Quantum Key Distribution networksNewMatthieu Legré,
Dong-Hi Sim		TD2870
[Note 1] 		 2019-012020-03
3.   4/17X.sec-QKDN_ovSecurity requirements for QKD networks - OverviewNewMatthieu Legré
Zhangchao Ma,
Hao Qin,
Dong-Hi Sim		TD2872R1
[Note 2] 		 2019-012020-03
4.       6/17X.1363*** (X.iotsec-3)Technical framework of personally identifiable information (PII) handling system in Internet of things (IoT) environmentNewYutaka Miyake,
Bo Yu		TD2862R1 2017-032019-09
5.       11/17X.509protProtocol specifications for public-key infrastructure and privilege management infrastructureNewErik AndersenTD2943
[Note 3] 		ISO/IEC 9594-112018-092020-05
6.       13/17X.1371***
(X.stcv)		Security threats to connected vehiclesNewChangOh Kim,
Sang-Woo Lee,
Koji Nakao,
Seungwook Park		TD2885R2 2018-032019-09

Note:

**  For approval by agreement of SG17

*** For TAP approval

 [Note 1]To be finalized by Q4/17 RGM in April 2020

 [Note 2]To be finalized by Q4/17 RGM in April 2020

 [Note 3]To be finalized by Q11/17 RGM on 22 April​ 2020

g) Work items planned for action in next SG17 Aug/Sept 2020 meeting:

#Q(1)AcronymTitleNew / RevisedEditor(s)Location of TextEquivalent
e.g., ISO/IEC		Start of workTiming
​1.
​1/17
​Security** 
​Manual Security in telecommunications and information technology (7th edition)​Rev​Kyeong Hee Oh​TD2657

2018-09
2020-09

2.
​1/17
​TR.suss-rev**

​Technical Report: Successful use of security standards
​Rev
​Abbie Barbir
​TD2904

2019-01
2020-09
3.       2/17X.SDSecGuideline on software-defined security in SDN (Software-defined Networking)/NFV (Network Function Virtualization) network
NewZhiyuan Hu,
Ye Tao,
Junzhi Yan,
Bo Yang,
Xiaojun Zhuang		TD2889 2018-032020-09
4.       3/17X.1052revOrganization information security management guidelineRevLijun Liu,
Ming Lyu,
Jinghua Min		TD2881 2019-092020-09
5.       4/17TP.inno**Description of the incubation mechanism and ways to improve it NewArnaud TaddeiTD2874R1  2020-09
6.       4/17TP.sgstruct**Strategic approaches to the transformation of security studies NewArnaud TaddeiTD2873R1  2020-09
7.       4/17X.fgati*Framework and guidelines for applying threat intelligence in telecom network operationNewYexia Chang,
Lanfang Ren,
Min Zuo		TD2847R1 2018-032020-09
8.       4/17X.rdmaseRequirements and guidelines for dynamic malware analysis in a sandbox environmentNewSheng Gao,
Zhaoji Lin,
Tian Tian,
Jigang Wang,
Hanbing Yan		TD2858 2019-012020-09
9.       4/17X.sec-QKDN-kmSecurity requirements for quantum key distribution networks - Key managementNewKaoru Kenyoshi,
Jiajun Ma,
Zhangchao Ma,
Donghi Sim		TD2871 2019-012020-09
10.       5/17TR.cs-ml**Technical Report: Countering spam based on machine learningNewWei LIU
Ye TAO		TD2829R3 2019-092020-09
11.       5/17X.1246revTechnologies involved in countering voice spam in telecommunication organizationsRevDmitry Cherkesov,
Yanbin Zhang		TD2838 2019-09
2020-09
12.    5/17X.1247revTechnical framework for countering mobile messaging spamRev
Dmitry Cherkesov,
Yanbin Zhang
TD2838
2019-09
2020-09
13.    5/17X.gcims*Guidelines for countering instant messaging spamNewHuamin Jin,
ChangOh Kim,
Laifu Wang,
Shuai Wang,
Yanbin Zhang		TD2825R3 2017-092020-09
14.    5/17X.tecwesTechnologies in countering website spoofing for telecommunication organizationsNewRuzhen Hu, 
Meng Nan,
Chen Zhang
TD2394 2018-032020-03
15.    5/17X.tsfpp*Technical security framework for the protection of users' personal information while countering mobile messaging spam
New

Feng Gao,
Junjie Xia,
Bo Yu,
Chen Zhang,
Yanbin Zhang

TD2456 2018-032020-09
16.    6/17X.5Gsec-qSecurity guidelines for applying quantum-safe algorithms in 5G systemsNewYanfei Guo,
Zhiyuan Hu,
Zhaoji Lin,
Fuwen Liu,
Min Zuo		TD2893R3 2018-032020-03
17.    6/17X.secup-iot*Secure software update procedure for IoT devicesNewYunchul Choi,
Koji Nakao,
Takeshi Takahashi		TD1959R1 2017-092020-03
18.    6/17X.ssp-iot*Security requirements and framework for IoT service platformNewHao Dong,
Yanfei Guo,
Lijun Liu,
Jae Hoon Nah, Wenxin Wang, Junjie Xia		TD2472 2018-032020-09
19.    7/17X.sgosSecurity guidelines of web-based online customer serviceNewHao Dong,
Lijun Liu,
Jae Hoon Nah, Wenxin Wang		TD2922 2018-032020-09
20.    7/17X.tfssTechnical framework for security services provided by operatorsNewYexia Cheng,
Feng Gao,
Yu Jiang,
Jae Hoon Nah, Arnaud Taddei,
Junjie Xia		TD2896 2018-032020-09
21.    8/17X.nssa-cc*Requirements of network security situational awareness platform for cloud computingNewHuamin Jin,
Laifu Wang,
Yi Zhang,
Zhaoji Lin		TD2429 2019-092020-09
22.    8/17X.sgBDIP*Security guidelines for big data infrastructure and platformNewArnaud Taddei,
Ye Tao,
Laifu Wang		TD2449 2018-032020-09
23.    8/17X.sgcc*Security guidelines for container in cloud computing environmentNewLanfang Ren,
Ye Tao,
Laifu Wang,
Lei Xu		TD2446 2018-092020-09
24.    10/17X.1252rev*Baseline identity management terms and definitionsRevAbbie BarbirTD2809 2018-032020-09
25.    10/17X.upu*UPU S68 Postal identity management frameworkNewAbbie Barbir,
Gustavo Damy		TD2507R1UPU S682019-092020-09
26.    11/17
(, 10/17)		X.pki-emInformation Technology – Public Key Infrastructure: Establishment and maintenanceNewErik AndersenTD2493 2014-012020-09
27.    11/17X.680revInformation technology - Abstract Syntax Notation One (ASN.1): Specification of basic notationRevPaul ThorpeTD2807ISO/IEC 8824-12019-092020-09
28.    11/17X.681revInformation technology - Abstract Syntax Notation One (ASN.1): Information object specificationRev
Paul Thorpe
TD2807
ISO/IEC 8824-22019-09
2020-09
29.    11/17X.682revInformation technology - Abstract Syntax Notation One (ASN.1): Constraint specification  Rev
Paul Thorpe
TD2807
ISO/IEC 8824-32019-09
30.    11/17X.683revInformation technology - Abstract Syntax Notation One (ASN.1): Parameterization of ASN.1 specificationsRev
Paul Thorpe
TD2807
ISO/IEC 8824-42019-09
2020-09
31.    11/17X.690revInformation technology - ASN.1 encoding rules: Specification of Basic Encoding Rules (BER), Canonical Encoding Rules (CER) and Distinguished Encoding Rules (DER)  Rev
Paul Thorpe
TD2807
ISO/IEC 8825-12019-09
2020-09
32.    11/17X.691revInformation technology - ASN.1 encoding rules: Specification of Packed Encoding Rules (PER)  Rev
Paul Thorpe
TD2807
ISO/IEC 8825-22019-09
2020-09
33.    11/17X.692revInformation technology - ASN.1 encoding rules: Specification of Encoding Control Notation (ECN)RevPaul Thorpe
TD2807
ISO/IEC 8825-32019-09
2020-09
34.    11/17X.693revInformation technology - ASN.1 encoding rules: XML Encoding Rules (XER)Rev
Paul Thorpe
TD2807
ISO/IEC 8825-42019-09
2020-09
35.    11/17X.694revInformation technology - ASN.1 encoding rules: Mapping W3C XML schema definitions into ASN.1  Rev
Paul Thorpe
TD2807
ISO/IEC 8825-52019-09
2020-09
36.    11/17X.695revInformation technology - ASN.1 encoding rules: Registration and application of PER encoding instructionsRev
Paul Thorpe
TD2807
ISO/IEC 8825-62019-09
2020-09
37.    11/17X.696revInformation technology - ASN.1 encoding rules: Specification of Octet Encoding Rules (OER)  Rev
Paul Thorpe
TD2807
ISO/IEC 8825-72019-09
2020-09
38.    11/17X.697rev

Information technology - ASN.1 encoding rules: Specification of JavaScript Object Notation Encoding Rules (JER)Rev
Paul Thorpe
TD2807
ISO/IEC 8825-82019-09
2020-09
​39.
​12/17
​Z.160-170-series
​TTCN-3 series
​Rev
​Dieter Hogrefe
​ETSI 
​2020-09
40.    13/17X.itssec-3Security requirements for external device with vehicle access capabilityNewAram Cho,
Sang-Woo Lee,
Whapyeong Lim,
Seungwook Park		TD2845R1 2017-092020-03
41.    13/17X.itssec-4Methodologies for intrusion detection system on in-vehicle systemNewChangOh Kim,
HuyKang Kim,
Sang-Woo Lee,
Seungwook Park

 

TD2883R2

 2017-092020-09
42.    13/17X.mdcv*Security-related misbehaviour detection mechanism based on big data analysis for connected vehiclesNewJianhao Liu,
Minruni Yan,
Yi Zhang		TD2725  2018-032020-09
43.    14/17X.dlt-tdTerms and definitions for distributed ledger technologyNew

Heung Youl Youm,

Ji Hye Kim

TD2821R1 2019-092020-09
44.    14/17X.sa-dltSecurity assurance for distributed ledger technologyNewMee Yeon Kim,
Ke Wang,
Heung Youl Youm		TD2819R1 2017-092020-09
45.    14/17X.srip-dlt*Security requirements for intellectual property management based on distributed ledger technologyNewJung Yeon Hwang,
Juhee Ki,
Min Shu,
Wenlei Wang,
Yang Wu,
Yunwei Zhao		TD2816R1 2018-092020-09
46.    14/17X.str-dltThe security threats and requirements for digital payment services based on distributed ledger technologyNewChangOh Kim,
Kyeong Hee Oh,
Preetika Singh		TD2826R1 2017-092020-03
47.    14/17X.tf-spd-dltTechnical framework for secure software programme distribution mechanism based on distributed ledger technologyNewFeng Gao,
Nan Jiang,
Ke Wang,
Junjie Xia,
Bo Yu		TD1926 2018-032020-09

Note:

*    for TAP determination

**  for approval by SG17 agreement

 

Annex B
New work items

The following new work items were agreed to be added to the SG17 Work Programme:

#QuestionNWITitleCTDEditorsTiming
1.       3/17X.1051rev2Code of practice for information security controls based on ISO/IEC 27002 for telecommunications organizationsC770TD2945R1

Thaib MUSTAFA Jinghua MIN
Ha​ng DONG

2024
2.       9/17X.pet_authProposal for new work item X.pet_auth: Entity authentication service for pet animals using telebiometrics   C804TD2900Jason Kim,
Taeheon Kim		2023
3.       7/17X.sggmsp*Proposal for new work item: Security guideline for group movement service platform    C809TD2891R1ChangOh Kim,
SangHoon Jeon,
JooSun Yoon,
Heung Youl Youm		2022-03
4.       7/17X. smdtscProposal for new work item: Security Measures for Digital Twin System of Smart Cities    C831TD2927Junjie Xia,
Feng Gao,
Jae Hoon Nah,
Longjun Zhao,
Feng Zhang		2022-03
5.       7/17X.smsrcProposal for new work item: Security Measures for Smart Residential Community Services    C832

TD2928

 

Junjie Xia,
Feng Gao,
Jae Hoon Nah,
Longjun Zhao,
Feng Zhang		2022-03
6.       4/17X.sgfdcmlProposal for new work item: Security guidelines for FHE-based machine learning    C845TD2897

Jihoon Cho,
Donggeon Yhee,
Jae Hoon Nah

2021-09
7.       11/17X.672revInformation technology – Open systems interconnection – Object identifier resolution system TD2919

Linjian Song
RuiFen Mu

2021-03

 

Notes:

(1)     Target date for AAP consent or TAP determination of Recommendations,  or for approval by agreement of Supplements or non-normative text.
*: for TAP determination, **: for approval by SG17 agreement  ***: for TAP approval

Annex C
Work items Removed

none

© ITU All Rights Reserved

Back to top