Geneva, 13-16 July 2009

Fostering worldwide interoperability

ATIS Cybersecurity

Art Reilly, Cisco

Global Standards Collaboration (GSC) 14DOCUMENT #: GSC14-GTSC7-012FOR: PresentationSOURCE: ATISAGENDA ITEM: GTSC7; 4.2CONTACT(S): Art Reilly (arreilly@cisco.com)

2Geneva, 13-16 July 2009 Fostering worldwide interoperability

ATIS’ Packet Technologies and Systems Committee (PTSC)Completed:

UNI and NNI signalling security standardsUNI and NNI testing standards

Encourages interfaces to support logging, thereby facilitating the creation of incident reports

Highlight of Current Activities (1)

3Geneva, 13-16 July 2009 Fostering worldwide interoperability

PTSC continues to focus on security-related topics that will ensure robust signalling and communications standards and network implementations that will provide adequate protection and support for multimedia and emergency services in the current cybersecurity environment:

AuthenticationSecurity MechanismsLocationIdentity ManagementCertificate Management

PTSC has also initiated an activity which will define interconnection test suites

Highlight of Current Activities (2)

4Geneva, 13-16 July 2009 Fostering worldwide interoperability

PTSC’s focus is on specifying security considerations for Layers 1 through 5 for UNIs, NNIs and SNIs

Generation of templates will:Attempt to limit number of available interconnection options, without compromising the desired flexibility in implementing the services, thereby facilitating interoperabilityFacilitate interconnection negotiationsEnsure adequate security will be provided

Highlight of Current Activities (3)

5Geneva, 13-16 July 2009 Fostering worldwide interoperability

ATIS’ Network Performance, Reliability, and QoS Committee (PRQC)Approved User-Network Interface (UNI) Media Plane Security Standard for Evolving VoIP/Multimedia Networks (ATIS-0100024.2009)Currently working on Standard for Media Plane Performance Security Impairments Standard for Evolving VoIP/Multimedia Networks (Issue A035)

Document potential QoS degradations associated with security mechanismsIdentify potential security problems associated with QoS mechanisms

Current/Future work:Development of Standards extending from the work outlined in ATIS-0100014, Information & Communications Security for NGN Converged Services IP Networks and Infrastructure

Highlight of Current Activities (4)

6Geneva, 13-16 July 2009 Fostering worldwide interoperability

ATIS’ Telecom Management and Operations Committee (TMOC)Recently completed work:

ATIS-0300074.2009, Guidelines and Requirements for Security Management SystemsIncludes an ATIS TMOC proforma requirements statement for security aligning with ITU-T M.3410

TMOC will continue to address:Management aspects of security, especially concerning NGN Carrier Interconnection arrangements and VoIP Registry Database Provisioning

Highlight of Current Activities (5)

7Geneva, 13-16 July 2009 Fostering worldwide interoperability

ATIS continues to develop a suite of security standards that well facilitate secure interconnection of:

transport facilitiessignalling facilitiesservices

ATIS is not focusing on:Security Mechanisms for Messaging Applications Tracking

ATIS is looking to ITU-T to address the messaging and tracking areas in the short term. If ITU-T does not address this subject, ATIS may reconsider work in this area.

Strategic Direction

8Geneva, 13-16 July 2009 Fostering worldwide interoperability

SIP security solutions are tailored to be end to end. SIP/SIPPING/SIMPLE/etc. RFCs have well written security sections that are not fully implemented in vendor products.Security solutions have an impact on delay and performance.Availability of ITU-T Recommendations which can be used to facilitate secure transport and service interconnection.

Challenges

9Geneva, 13-16 July 2009 Fostering worldwide interoperability

ATIS will continue on its current path of generating a complete suite of standards that can be used to facilitate interconnection negotiations and result in interconnection scenarios that are secure.

Next Steps/Actions

10Geneva, 13-16 July 2009 Fostering worldwide interoperability

Continued support for GSC-13 Security Related Resolutions:

Resolution GSC-13/4 - Identity ManagementResolution GSC-13/11 - CybersecurityResolution GSC-13/25 - Personally Identifiable Information Protection

Proposed Resolution

11Geneva, 13-16 July 2009 Fostering worldwide interoperability

Supplemental Slides

12Geneva, 13-16 July 2009 Fostering worldwide interoperability

PTSC Issues may be found at: http://www.atis.org/0191/issues.asp

PTSC Active Issues which have a security component are:Issue # TitleS0033 End to End User Authentication and Signaling Security S0051 ATIS NGN Identity Management RequirementsS0052 UNI Terminal Adapter RequirementsS0053 UNI Configuration S0055 Security MechanismsS0058 ATIS NGN Identity Management Framework S0059 ATIS NGN Identity Management Use Cases S0060 ATIS NGN Identity Management Mechanisms S0061 Certificate ManagementS0063 ATIS ETS Authentication S0065 Enterprise Network Support in NGNS0073 Security Guidelines for DBF InterfaceS0074 Security Guidelines for Carrier Interconnection (NNI)

Supplemental Slides

13Geneva, 13-16 July 2009 Fostering worldwide interoperability

PRQC Issues may be found at: http://www.atis.org/0010/issues.asp PRQC Active Issues which have a security component are:Issue # TitleA0010 User Plane Security Requirements in NGNsA0014 Network-Network Interface (NNI) User Plane SecurityA0019 ETS Authentication in Multiple IP-based Service Domains A0029 Establishment of an ATIS Security Baseline A0035 Impact of Security on QOS Performance in NGNsA0045 Service-specific Security Mechanism Implementation

Options

Supplemental Slides