SOURCE:
ATIS
TITLE:
NGN-Network Security
AGENDA ITEM:
GTSC-2; #5.6
CONTACT:
Art Reilly; [email protected]
GSC9/GTSC
_015
NGN - Network Security
Art Reilly, Cisco
ATIS GSC Delegation
GSC - Seoul, Korea
May 9-13, 2004
Technology and OPerationS (TOPS)
Council
• Established in 2002 by the ATIS Board
• Identifies and assesses industry's technical and operational
initiatives of strategic importance, including its technical and
operational priorities
• Reached consensus on the industry's 16 most critical
priorities, including five deemed “most critical.”
–
–
–
–
–
Network Security
VoIP
Data Interchange
Mobile Wireless Service
Wide Area Ethernet
• Established ATIS Board Focus Groups on each of the
above
GSC-9, Seoul
GSC - Seoul, Korea
May 9-13, 2004
2
TOPS
Network Security Focus Group
The Focus Group (18 senior level members):
• Has examined the priority issues and, identified
which standards bodies are addressing (or could
address) these issues,
• Has developed a work-plan for the industry,
• Has set actions milestones and timelines, and
• Is facilitating relationships with standards
organizations to coordinate deliverables for
standards development.
GSC-9, Seoul
GSC - Seoul, Korea
May 9-13, 2004
3
Network Security Issues Overview
Security and its relevant sub-issues have been
categorized under 3 main topics:
• Transport Issues: SS7 Firewalls, Packet Filtering,
Optical Control, and 802.11-related issues
• Application Issues: Voice Application, Messaging,
Firewall/NT Translation & Transparency. There are two
subcategories: Signaling and Control, and Bearer Traffic.
• Overall Security Management: Security Event
Management and Attack Determination/Mitigation,
Security Verification and Validation, and Element
Management System Interface
GSC-9, Seoul
GSC - Seoul, Korea
May 9-13, 2004
4
Network Security Issues
Overall Security Management
• Identifies the functions and information necessary to
manage security-related services
• Provides an evolutionary path for security methodology
(e.g. Event Management, Vulnerabilities, Security
Verification & Validation).
Proposed Actions:
– ATIS Committee T1M1 to develop a set of Security
Operational Guidelines
– T1M1 existing standard (T1.276) could provide the
foundation
– T1M1 to initiate standards development in 2Q04
GSC-9, Seoul
GSC - Seoul, Korea
May 9-13, 2004
5
Network Security Issues
Firewall/NAT
• Opening and closing of holes in firewalls is a major
security issue.
• Several approaches to dynamically negotiated ports were
assessed.
Proposed Actions:
– ATIS will convene a symposium (3Q04) to discuss and
agree on an approach for an interoperable protocol
access control mechanism. Such a mechanism could
result in cost savings, ease interworking of security
systems, and improved user interfaces.
– ATIS will work with the IETF to accelerate the IETF’s
midcom work
GSC-9, Seoul
GSC - Seoul, Korea
May 9-13, 2004
6
Network Security Issues
Messaging:
• Defined as e-mail, instant messaging, short message
(SMS), etc.
• A proliferation of messaging exists and, if triggered,
becomes a security risk.
• Security related interoperability between various messaging
systems
Proposed Actions:
– ATIS will facilitate an industry roundtable (3Q04) of
communications service providers to determine:
• What is considered acceptable behavior for electronic
infrastructures?
• Mechanisms are necessary to instantiate the agreed
to policies
GSC-9, Seoul
GSC - Seoul, Korea
May 9-13, 2004
7
Network Security Issues
Lawful Intercept (LI):
• LI Security focuses on the prevention of “unauthorized
access” and “abuse of authorized access” within the context
of communications service providers’ support to CALEA.
• Current standards do not address how “unauthorized access”
and “abuse of authorized access” will be prevented.
Proposed Action:
– ATIS Committee T1S1 to prepare a companion standard
that addresses requirements necessary to comply.
– The Security Focus Group will prepare a contribution for
T1S1 with inputs about developing an addendum to
existing standard
GSC-9, Seoul
GSC - Seoul, Korea
May 9-13, 2004
8
Network Security Issues
Next Steps:
• Coordination between TOPS Focus
Groups to ensure security-related issues
are addressed.
• ATIS Board discussions with SDOs to
establish timely deliverables related to all
the priority security issues identified.
• Monitor the actions taken by SDOs
GSC-9, Seoul
GSC - Seoul, Korea
May 9-13, 2004
9