The 6th CJK IT Standards Meeting April 10 ~ 12, 2006, Hangzhou, China CJK IT Standards Meeting...
-
date post
18-Dec-2015 -
Category
Documents
-
view
214 -
download
1
Transcript of The 6th CJK IT Standards Meeting April 10 ~ 12, 2006, Hangzhou, China CJK IT Standards Meeting...
The 6th CJK IT Standards Meeting
April 10 ~ 12, 2006, Hangzhou, China
CJK IT Standards Meeting(Collaboration of Security Activity
between CJKOn NGN and N-RFID Security)
Heung Youl YoumProfessor, Soonchunhyang University, Korea
Rapporteur, Q.9/SG17, [email protected]
The 6th CJK IT Standards Meeting 2
NGN Security
N-RFID Security
Conclusions
ContentsContents
The 6th CJK IT Standards Meeting 3
NGN Security
The 6th CJK IT Standards Meeting 4
ITU-T FGNGN output for NGN ITU-T FGNGN output for NGN security security
• FGNGN output– The output of FGNGN moves to SG13, which is lead SG
on NGN.– Security requirement for NGN release 1
• Security requirements for the Service Stratum• Security requirements for Transport Stratum
– Guideline for NGN release 1• General• Security of the NGN subsystems
The 6th CJK IT Standards Meeting 5
Role of each SG for NGN security Role of each SG for NGN security in ITU-Tin ITU-T
SG13
Requirements Frameworkfor
NGN security
SG17
Security mechanisms and protocols for
NGN security
SG4
Management securityFor NGN
SG11
Security of signaling planesFor NGN
SG16
Multimedia securityFor NGN
The 6th CJK IT Standards Meeting 6
List of new draft recommendations List of new draft recommendations on NGN security (1/2)on NGN security (1/2)
• SG4 – Lead Study Group on Telecommunication Management – Question 7/SG4: Requirements for business to business
and customer to business management interfaces – Question 11/SG4: Protocols for management interfaces – M.NGN-Xsec, Security Requirements for X-Interface
• SG11– Lead Study Group on signalling and protocols – Question 7: Signaling and control requirements and
protocols to support attachment in NGN environments– Q.NGN-nacf.sec, Security Signaling Protocol for Network
Attachment , Korea
The 6th CJK IT Standards Meeting 7
List of new draft recommendations List of new draft recommendations on NGN security(2/2) on NGN security(2/2)
• SG16– Lead Study Group on multimedia terminals, systems and
applications– Question25/16: Multimedia Security in Next-Generation
Networks (NGN-MM-SEC) – H.460.spn, Security protocol negotiation – H.FSIC, Federated Architecture for Secure Internet
Conferencing
• SG17 – Lead Study Group on Telecommunication Security– Question 5: Security Architecture and Framework – X.akm, Framework for authentication and key
management for link layer security of NGN, Korea
The 6th CJK IT Standards Meeting 8
Key standardization items for NGN Key standardization items for NGN security security
• Cryptographic primitives for NGN security • Key management and Global PKI for NGN • Security for NGN host and network mobility • Security policy issues • Security for access network including link layer
security• Adoption of existing standardization produced by
other SDOs, like IETF, 3GPP, 3GPP2.• Privacy issues• Guideline for Disaster recovery and emergence
telecommunication service• RFID security issues through NGN
The 6th CJK IT Standards Meeting 9
N-RFID Security
The 6th CJK IT Standards Meeting 10
Security session of ITU-T N-RFID Security session of ITU-T N-RFID workshop (Jan. 2006. Geneva) workshop (Jan. 2006. Geneva)
• Three presentations– Security Issues in RFID and Sensor Networks,
Kyo-Il Chung, ETRI, Korea– Authentication and privacy capabilities suitable
for RFID capabilities suitable for RFID, M. Robshaw, France Telecom R&D, France
– Malicious Traceability within RFID Systems, Gildas Avoine, EPFL, Lausanne, Switzerland
The 6th CJK IT Standards Meeting 11
Observations for N-RFID Observations for N-RFID security(1/2) security(1/2)
• Light weight security protocol should be developed to provide the confidentiality, anonymity, un-traceability and forgery protection to counter all types of threats in network-based RFID.
• The dedicated techniques may be well-suited to RFID tags and offer a safe foundation.
• Preventing from malicious traceability should be provided for privacy protection of RFID, especially for the passport application.
• However, key management and scalability are identified to be very challenging problems to be explored.
The 6th CJK IT Standards Meeting 12
Observations for N-RFID Observations for N-RFID security(2/2) security(2/2)
• Some standardization items identified :- Security framework for RFID: - NGN Security architecture for network aspects
of identification (including RFID) services and applications;
- Various authentication protocol including password access protocol to lock or kill an RFID tag for privacy control;
- Privacy management framework and protocol based on a user profile;
- Adult confirmation technology;- Protocol for countering malicious traceability;- Secure data exchange protocol for application.
The 6th CJK IT Standards Meeting 13
Conclusions
The 6th CJK IT Standards Meeting 14
Conclusions(1/3) Conclusions(1/3)
• The security will become a mandatory function, not an optional function. That is, the security should be integrated into every level of NGN: access network level, transport stratum, and service stratum.
• Seamless service for NGN can only be possible with the aid of security.
• The recommendation and technology on the security of networked RFID should be developed to make the N-RFID service feasible in the near future.
• We, CJK, are now leading the standardization activities for NGN, especially in SG13 and SG17 in ITU-T. Indeed, 22 out of 35 recommendations are being developed by editors from CJK for SG17.
The 6th CJK IT Standards Meeting 15
Conclusions(2/3) Conclusions(2/3)
• Therefore, collaboration between CJK is very important to accelerate the standardization work in ITU-T.
• ITU-T has coordinated structure for security; the security framework has been assigned to SG13, and security mechanism and protocol to SG17.
• Considering the spirit of coordination on the security in ITU-T, how do we collaborate each other efficiently under CJK IT Standards group?– To make new study items to cover a security-related
issues under the CJK group in the near future.
The 6th CJK IT Standards Meeting 16
Conclusions(3/3) Conclusions(3/3)
• The scope of security-related study items is as follows, but is not limited to the below areas.– NGN security, RFID security– ISMS, Secure application protocol, Home network
• The objective of the security-related activities will be as follows;– To extract the study items for NGN and RFID security;– To coordinate the standardization activities between CJK
for NGN and N-RFID security in ITU-T. This presentation was supported by the MIC, Korea, under
the ITRC support program supervised by the IITA. (IITA-2005-(C1090-0502-0020))
The 6th CJK IT Standards Meeting 17
Thank you very much!!