ETSI TR 103 306-2015 CYBER Global Cyber Security Ecosystem (V1 1 1)《网络 全球网络安全生态系统(V1 1 1)》.pdf

1、 ETSI TR 103 306 V1.1.1 (2015-11) CYBER; Global Cyber Security Ecosystem TECHNICAL REPORT ETSI ETSI TR 103 306 V1.1.1 (2015-11) 2 Reference DTR/CYBER-0004 Keywords cybersecurity, ecosystem ETSI 650 Route des Lucioles F-06921 Sophia Antipolis Cedex - FRANCE Tel.: +33 4 92 94 42 00 Fax: +33 4 93 65 47

2、 16 Siret N 348 623 562 00017 - NAF 742 C Association but non lucratif enregistre la Sous-Prfecture de Grasse (06) N 7803/88 Important notice The present document can be downloaded from: http:/www.etsi.org/standards-search The present document may be made available in electronic versions and/or in p

3、rint. The content of any electronic and/or print versions of the present document shall not be modified without the prior written authorization of ETSI. In case of any existing or perceived difference in contents between such versions and/or in print, the only prevailing document is the print of the

4、 Portable Document Format (PDF) version kept on a specific network drive within ETSI Secretariat. Users of the present document should be aware that the document may be subject to revision or change of status. Information on the current status of this and other ETSI documents is available at http:/p

5、ortal.etsi.org/tb/status/status.asp If you find errors in the present document, please send your comment to one of the following services: https:/portal.etsi.org/People/CommiteeSupportStaff.aspx Copyright Notification No part may be reproduced or utilized in any form or by any means, electronic or m

6、echanical, including photocopying and microfilm except as authorized by written permission of ETSI. The content of the PDF version shall not be modified without the written authorization of ETSI. The copyright and the foregoing restriction extend to reproduction in all media. European Telecommunicat

7、ions Standards Institute 2015. All rights reserved. DECTTM, PLUGTESTSTM, UMTSTMand the ETSI logo are Trade Marks of ETSI registered for the benefit of its Members. 3GPPTM and LTE are Trade Marks of ETSI registered for the benefit of its Members and of the 3GPP Organizational Partners. GSM and the GS

8、M logo are Trade Marks registered and owned by the GSM Association. ETSI ETSI TR 103 306 V1.1.1 (2015-11) 3 Contents Intellectual Property Rights 4g3Foreword . 4g3Modal verbs terminology 4g3Executive summary 4g3Introduction 5g31 Scope 6g32 References 6g32.1 Normative references . 6g32.2 Informative

9、references 6g33 Definitions and abbreviations . 6g33.1 Definitions 6g33.2 Abbreviations . 7g34 Global cyber security ecosystem 17g34.1 Organization of the ecosystem forums and activities . 17g34.2 Forums that develop techniques, technical standards and operational practices 18g34.3 Major IT develope

10、r forums affecting cyber security 25g34.4 Activities for continuous information exchange . 26g34.5 Centres of excellence 27g34.6 Reference libraries, continuing conferences, and publications . 30g34.7 Heritage sites and historical collections . 31g34.8 Additional exchange sources and methods . 31g34

11、.8.1 Twitter accounts 31g34.8.2 Web sites . 32g34.8.3 Diffusion lists 32g3Annex A: National cyber security ecosystems . 33g3Annex B: Relationship diagrams 52g3Annex C: Bibliography 53g3History 54g3ETSI ETSI TR 103 306 V1.1.1 (2015-11) 4 Intellectual Property Rights IPRs essential or potentially esse

12、ntial to the present document may have been declared to ETSI. The information pertaining to these essential IPRs, if any, is publicly available for ETSI members and non-members, and can be found in ETSI SR 000 314: “Intellectual Property Rights (IPRs); Essential, or potentially Essential, IPRs notif

13、ied to ETSI in respect of ETSI standards“, which is available from the ETSI Secretariat. Latest updates are available on the ETSI Web server (http:/ipr.etsi.org). Pursuant to the ETSI IPR Policy, no investigation, including IPR searches, has been carried out by ETSI. No guarantee can be given as to

14、the existence of other IPRs not referenced in ETSI SR 000 314 (or the updates on the ETSI Web server) which are, or may be, or may become, essential to the present document. Foreword This Technical Report (TR) has been produced by ETSI Technical Committee Cyber Security (CYBER). Modal verbs terminol

15、ogy In the present document “shall“, “shall not“, “should“, “should not“, “may“, “need not“, “will“, “will not“, “can“ and “cannot“ are to be interpreted as described in clause 3.2 of the ETSI Drafting Rules (Verbal forms for the expression of provisions). “must“ and “must not“ are NOT allowed in ET

16、SI deliverables except when used in direct citation. Executive summary The present document is a basic reference document for undertaking the responsibilities, areas of activity, organization and working methods enumerated in the Terms of Reference for Cyber Security Technical Committee. Cyber secur

17、ity is inherently diverse, dynamic, and spread across a complex array of bodies and activities worldwide, and constitutes a specialized ecosystem. The Committees effectiveness is predicated in large measure by constantly discovering, analysing, and understanding the diverse requirements and work occ

18、urring in this ecosystem in some kind of structured fashion. The present document should also be useful to the many constituents that are part of the cyber security ecosystem. The present document somewhat uniquely attempts to discover and assemble enumerated lists in alphabetic order of global cybe

19、r security constituents. It attempts to be as inclusive as possible to expand our collective insight into the extent and diversity of the ecosystem: forums that develop techniques, technical standards and operational practices major IT developer forums affecting cyber security activities for continu

20、ous information exchange global and national centres of excellence reference libraries, continuing conferences, and publications heritage sites and historical collections The present document is augmented by Annex A which contains national cyber security ecosystems that have been published in nation

21、al cyber security strategies and publicly available material. Where groups exist within a common organization, they are grouped together. Only brief summaries of bodies are included, and available URLs are provided for further information. Where the body or activity is significantly associated with

22、a national or regional government, that relationship forms the basis of the alphabetic order. The present document also includes an extensive list of acronym abbreviations and an annex of use cases of the relationships among the different groups. ETSI ETSI TR 103 306 V1.1.1 (2015-11) 5 This ecosyste

23、m changes constantly, so URIs provide links to the activities for the latest information. The present document may also be implemented on the ETSI website to allow continuing maintenance both by the ETSI Secretariat research, outreach and cooperation with the included forums. Introduction Cyber secu

24、rity consists of a continuing cycle of structured actions to: Identify (understand state and risks to systems, assets, data, and capabilities) Protect (implement the appropriate safeguards) Detect (implement ability to identify a cybersecurity event) Respond (implement ability to take action followi

25、ng a cybersecurity event) Recover (implement resilience and restoration of impaired capabilities) All of these activities rely on the trusted, timely sharing of related structured information. See Figure 1. Almost every provider or major user of information or communication of products and services

26、today is involved in a large array of bodies and activities advancing these actions and constitutes a cyber security ecosystem at global regional, national, and local levels down small business, households and individuals. All those involved in the ecosystem seek solutions to protect the integrity a

27、nd availability of their communications and information to the extent that is feasible and within cost constraints. As is apparent from the present document, there is so much information and activity, it has created what one notable security community leader describes as “a fog of more“. Indeed, som

28、e of the activities now ongoing are dedicated to distilling and prioritizing the techniques and mechanisms that have been produced by other groups. There are so many cyber security activities occurring today in diverse, frequently insular industry, academic, and government groups, that it is beyond

29、the comprehension of any single persons or groups ability to discover and understand them all. The existence of an ecosystem living document in the form of the present document that is structured, regularly updated, and collectively maintained by everyone helps itself to strengthen cyber security. E

30、specially significant is the recent publication of a large array of formal national cyber security strategy plans and related material in countries worldwide which describe individual national ecosystems that are profiled in Annex A. Discovering and providing a common structured understanding of the

31、se national ecosystems is ultimately essential to global cyber security work such as that of the Technical Committee for Cyber Security. Figure 1: Basic components of the cyber security ecosystem ETSI ETSI TR 103 306 V1.1.1 (2015-11) 6 1 Scope The present document provides a structured overview of c

32、yber security work occurring in multiple other technical forums worldwide. The overview includes global identification of Cyber Security Centres of Excellence, heritage sites, historical collections, and reference libraries. It is intended to be continuously updated to account for the dynamics of th

33、e sector. 2 References 2.1 Normative references References are either specific (identified by date of publication and/or edition number or version number) or non-specific. For specific references, only the cited version applies. For non-specific references, the latest version of the reference docume

34、nt (including any amendments) applies. Referenced documents which are not found to be publicly available in the expected location might be found at http:/docbox.etsi.org/Reference. NOTE: While any hyperlinks included in this clause were valid at the time of publication, ETSI cannot guarantee their l

35、ong term validity. The following referenced documents are necessary for the application of the present document. Not applicable. 2.2 Informative references References are either specific (identified by date of publication and/or edition number or version number) or non-specific. For specific referen

36、ces, only the cited version applies. For non-specific references, the latest version of the reference document (including any amendments) applies. NOTE: While any hyperlinks included in this clause were valid at the time of publication, ETSI cannot guarantee their long term validity. The following r

37、eferenced documents are not necessary for the application of the present document but they assist the user with regard to a particular subject area. i.1 Recommendation ITU-T X.1205 (04/2008): “Overview of cybersecurity“. i.2 ISO|IEC JTC-1 SC 27: “Standing Document 6 (SD6): Glossary of IT Security Te

38、rminology,“ N12806 (2013.10.03), ISO/IEC 27032:2012-07-15. 3 Definitions and abbreviations 3.1 Definitions For the purposes of the present document, the following terms and definitions apply: centre of excellence: educational or research frequently denominated as a museum information exchange mechan

39、ism: real or virtual activity established for providing continuing structured exchange of cyber security information content3 reference library: collection of available published material useful for consultation for cyber security purposes NOTE: The present document also includes significant dedicat

40、ed publications in this category techniques, technical standards and operational practices forum: any continuing body established for the purposes of reaching agreement on techniques, technical standards or operational practices for enhancing cyber security 3.2 Abbreviations For the purposes of the

41、present document, the following abbreviations apply: NOTE: Not all abbreviations are used in the present document. Some are included purposely to provide a unique global reference set of cyber security abbreviations. 3GPP 3rdGeneration Partnership Project A*STAR Agency for Science, Technology and Re

42、search (Singapore) abfab Application Bridging for Federated Access Beyond web Working Group (IETF) ABW Agencja Bezpieczenstwa Wewnetrznego (Poland) AC Authentication Code (TCG) ACDC Advanced Cyber Defence Centre ACE-CSR Academic Centres of Excellence in Cyber Security Research ACI Austrian Critical

43、Infrastructure (Austria) ACI sterreichische kritische Infrastruktur (Austria) ACMA Australian Communications and Media Authority (Australia) ACSS Austrian Cyber Security Strategy (Austria) ADCC Algemene Directie Crisiscentrum (Belgium) ADIV Algemene Dienst Inlichting en Veiligheid (Belgium) AEPD Spa

44、nish Data Protection Agency (Spain) AFNOR Association Franaise de Normalisation (France) AFP Australian Federal Police (Australia) AGCOM Autorit per le Garanzie nelle Comnicazioni (Italy) AGIMO Australian Government Information Management Office (Australia) ETSI ETSI TR 103 306 V1.1.1 (2015-11) 8 AI

45、K Attestation Identity Key (TCG) AISI Australian Internet Security Initiative (Australia) ANS Autorit National de Scurit (Belgium) ANSAC ASEAN Network Security Action Council ANSES Ambient Network Secure Eco System (Singapore) ANSSI Agence nationale de la scurit des systmes dinformation (France) APC

46、ERT Asia Pacific Computer Emergency Response Team (Japan) APCIP Austrian Programme for Critical Infrastructure Protection (Austria) APCIP sterreichisches Programm zum Schutz kritischer Infrastruktur (Austria) APT Advanced Persistent Threat ARF Assessment Results Format or Asset Reporting Format ARIB

47、 Association of Radio Industries and Businesses (Japan) ASD Australian Signals Directorate (Australia) ASEAN CERT Association of Southeast Asian Nations CERT ASIO Australian Security Intelligence Organisation (Australia) A-SIT Secure Information Technology Centre - Austria (Austria) A-SIT Zentrum fr

48、 sichere Informationstechnologie - Austria (Austria) ASS Austrian Security Strategy (Austria) ATIS Alliance for Telecommunications Industry Solutions BBK Bundesamt fr Bevlkerungsschutz und Katastrophenhilfe (Germany) BBK Biuro Badan Kryminalistycznych (Poland) BCM Business Continuity Management (Ger

49、many) BCSS Banque-Carrefoir de la Scurit Sociale (Belgium) Belac Organisme belge dAccrditation (Belgium) Belac Belgische Accredidatie-instelling (Belgium)Belnet Belgian national research network (Belgium) BelNIS Belgian Network Information Security (Belgium) BEREC Euroopan shkisen viestinnn sntelyviranomaisten yhteistyelin (Finland) BEREC Body of European Regulators for Electronic Communications (Norway) BfV Bundesamt fr Verfassungsschutz (Germany) BLOB Binary Large Object (TCG) BIPT Belgisch Instituut voor postdiensten en