ETSI TR 103 306-2017 CYBER Global Cyber Security Ecosystem (V1 2 1)《网络 全球网络安全生态系统(V1 2 1)》.pdf

1、 ETSI TR 103 306 V1.2.1 (2017-03) CYBER; Global Cyber Security Ecosystem TECHNICAL REPORT ETSI ETSI TR 103 306 V1.2.1 (2017-03) 2 Reference RTR/CYBER-0026 Keywords cybersecurity, ecosystem ETSI 650 Route des Lucioles F-06921 Sophia Antipolis Cedex - FRANCE Tel.: +33 4 92 94 42 00 Fax: +33 4 93 65 47

2、 16 Siret N 348 623 562 00017 - NAF 742 C Association but non lucratif enregistre la Sous-Prfecture de Grasse (06) N 7803/88 Important notice The present document can be downloaded from: http:/www.etsi.org/standards-search The present document may be made available in electronic versions and/or in p

3、rint. The content of any electronic and/or print versions of the present document shall not be modified without the prior written authorization of ETSI. In case of any existing or perceived difference in contents between such versions and/or in print, the only prevailing document is the print of the

4、 Portable Document Format (PDF) version kept on a specific network drive within ETSI Secretariat. Users of the present document should be aware that the document may be subject to revision or change of status. Information on the current status of this and other ETSI documents is available at https:/

5、portal.etsi.org/TB/ETSIDeliverableStatus.aspx If you find errors in the present document, please send your comment to one of the following services: https:/portal.etsi.org/People/CommiteeSupportStaff.aspx Copyright Notification No part may be reproduced or utilized in any form or by any means, elect

6、ronic or mechanical, including photocopying and microfilm except as authorized by written permission of ETSI. The content of the PDF version shall not be modified without the written authorization of ETSI. The copyright and the foregoing restriction extend to reproduction in all media. European Tele

7、communications Standards Institute 2017. All rights reserved. DECTTM, PLUGTESTSTM, UMTSTMand the ETSI logo are Trade Marks of ETSI registered for the benefit of its Members. 3GPPTM and LTE are Trade Marks of ETSI registered for the benefit of its Members and of the 3GPP Organizational Partners. GSM

8、and the GSM logo are Trade Marks registered and owned by the GSM Association. ETSI ETSI TR 103 306 V1.2.1 (2017-03) 3 Contents Intellectual Property Rights 4g3Foreword . 4g3Modal verbs terminology 4g3Executive summary 4g3Introduction 5g31 Scope 7g32 References 7g32.1 Normative references . 7g32.2 In

9、formative references 7g33 Definitions and abbreviations . 7g33.1 Definitions 7g33.2 Abbreviations . 8g34 Global cyber security ecosystem 18g34.1 Organization of the ecosystem forums and activities . 18g34.2 Fora that develop techniques, technical standards and operational practices . 19g34.3 Major I

10、T developer forums affecting cyber security 27g34.4 Activities for continuous information exchange . 28g34.5 Centres of excellence 29g34.6 Reference libraries, continuing conferences, and publications . 30g34.7 Heritage sites and historical collections . 31g34.8 Additional exchange sources and metho

11、ds . 32g34.8.1 Twitter accounts 32g34.8.2 Web sites . 32g34.8.3 Diffusion lists 33g3Annex A: National cyber security ecosystems . 34g3Annex B: Relationship diagrams 54g3Annex C: Bibliography 55g3History 56g3ETSI ETSI TR 103 306 V1.2.1 (2017-03) 4 Intellectual Property Rights IPRs essential or potent

12、ially essential to the present document may have been declared to ETSI. The information pertaining to these essential IPRs, if any, is publicly available for ETSI members and non-members, and can be found in ETSI SR 000 314: “Intellectual Property Rights (IPRs); Essential, or potentially Essential,

13、IPRs notified to ETSI in respect of ETSI standards“, which is available from the ETSI Secretariat. Latest updates are available on the ETSI Web server (https:/ipr.etsi.org/). Pursuant to the ETSI IPR Policy, no investigation, including IPR searches, has been carried out by ETSI. No guarantee can be

14、given as to the existence of other IPRs not referenced in ETSI SR 000 314 (or the updates on the ETSI Web server) which are, or may be, or may become, essential to the present document. Trademark notice When trademarks are mentioned in the present document, please note that they are asserted and/or

15、registered by their respective owners and that they are only shown for citation purposes. The present document conveys no right to use or reproduce these trademarks which remain the property of their respective owners. Foreword This Technical Report (TR) has been produced by ETSI Technical Committee

16、 Cyber Security (CYBER). Modal verbs terminology In the present document “should“, “should not“, “may“, “need not“, “will“, “will not“, “can“ and “cannot“ are to be interpreted as described in clause 3.2 of the ETSI Drafting Rules (Verbal forms for the expression of provisions). “must“ and “must not

17、“ are NOT allowed in ETSI deliverables except when used in direct citation. Executive summary The present document is a basic reference document for undertaking the responsibilities, areas of activity, organization and working methods enumerated in the Terms of Reference for Cyber Security Technical

18、 Committee. Cyber security is inherently diverse, dynamic, and spread across a complex array of bodies and activities worldwide, and constitutes a specialized ecosystem. The Committees effectiveness is predicated in large measure by constantly discovering, analysing, and understanding the diverse re

19、quirements and work occurring in this ecosystem in some kind of structured fashion. The present document should also be useful to the many constituents that are part of the cyber security ecosystem. The present document attempts to discover and assemble enumerated lists in alphabetic order of global

20、 cyber security constituents. It attempts to be as inclusive as possible to expand collective insight into the extent and diversity of the ecosystem: Fora that develop techniques, technical standards and operational practices; Major IT developer forums affecting cyber security; Activities for contin

21、uous information exchange; Global and national centres of excellence; Reference libraries, continuing conferences, and publications; Heritage sites and historical collections. The present document is augmented by annex A which contains national cyber security ecosystems that have been published in n

22、ational cyber security strategies and publicly available material. ETSI ETSI TR 103 306 V1.2.1 (2017-03) 5 Where groups exist within a common organization, they are grouped together. Only brief summaries of bodies are included, and available URLs are provided for further information. Where the body

23、or activity is significantly associated with a national or regional government, that relationship forms the basis of the alphabetic order. The present document also includes an extensive list of acronym abbreviations and an annex of use cases of the relationships among the different groups. This eco

24、system changes constantly, so URIs provide links to the activities for the latest information. The present document may also be implemented on the ETSI website to allow continuing maintenance both by the ETSI Secretariat research, outreach and cooperation with the included forums. Introduction Cyber

25、 security consists of a continuing cycle of structured actions to: Identify (understand state and risks to systems, assets, data, and capabilities) Protect (implement the appropriate safeguards) Detect (implement ability to identify a cybersecurity event) Respond (implement ability to take action fo

26、llowing a cybersecurity event) Recover (implement resilience and restoration of impaired capabilities) All of these activities rely on the trusted, timely sharing of related structured information. See Figure 1. Almost every provider or major user of information or communication of products and serv

27、ices today is involved in a large array of bodies and activities advancing these actions and constitutes a cyber security ecosystem at global regional, national, and local levels down small business, households and individuals. All those involved in the ecosystem seek solutions to protect the integr

28、ity and availability of their communications and information to the extent that is feasible and within cost constraints. As is apparent from the present document, there is so much information and activity, it has created what one notable security community leader describes as “a fog of more“. Indeed

29、, some of the activities now ongoing are dedicated to distilling and prioritizing the techniques and mechanisms that have been produced by other groups. There are so many cyber security activities occurring today in diverse, frequently insular industry, academic, and government groups, that it is be

30、yond the comprehension of any single persons or groups ability to discover and understand them all. The existence of an ecosystem living document in the form of the present document that is structured, regularly updated, and collectively maintained by everyone helps itself to strengthen cyber securi

31、ty. Especially significant is the recent publication of a large array of formal national cyber security strategy plans and related material in countries worldwide which describe individual national ecosystems that are profiled in annex A. Discovering and providing a common structured understanding o

32、f these national ecosystems is ultimately essential to global cyber security work such as that of the Technical Committee for Cyber Security. ETSI ETSI TR 103 306 V1.2.1 (2017-03) 6 Figure 1: Basic components of the cyber security ecosystem ETSI ETSI TR 103 306 V1.2.1 (2017-03) 7 1 Scope The present

33、 document provides a structured overview of cyber security work occurring in multiple other technical forums worldwide. The overview includes global identification of Cyber Security Centres of Excellence, heritage sites, historical collections, and reference libraries. It is intended to be continuou

34、sly updated to account for the dynamics of the sector. 2 References 2.1 Normative references Normative references are not applicable in the present document. 2.2 Informative references References are either specific (identified by date of publication and/or edition number or version number) or non-s

35、pecific. For specific references, only the cited version applies. For non-specific references, the latest version of the referenced document (including any amendments) applies. NOTE: While any hyperlinks included in this clause were valid at the time of publication, ETSI cannot guarantee their long

36、term validity. The following referenced documents are not necessary for the application of the present document but they assist the user with regard to a particular subject area. i.1 Recommendation ITU-T X.1205 (04/2008): “Overview of cybersecurity“. i.2 ISO|IEC JTC-1 SC 27: “Standing Document 6 (SD

37、6): Glossary of IT Security Terminology,“ N12806 (2013.10.03), ISO/IEC 27032:2012-07-15. 3 Definitions and abbreviations 3.1 Definitions For the purposes of the present document, the following terms and definitions apply: centre of excellence: educational or research frequently denominated as a muse

38、um information exchange mechanism: real or virtual activity established for providing continuing structured exchange of cyber security information content reference library: collection of available published material useful for consultation for cyber security purposes NOTE: The present document also

39、 includes significant dedicated publications in this category techniques, technical standards and operational practices forum: any continuing body established for the purposes of reaching agreement on techniques, technical standards or operational practices for enhancing cyber security 3.2 Abbreviat

40、ions For the purposes of the present document, the following abbreviations apply: NOTE: Not all abbreviations are used in the present document. Some are included purposely to provide a unique global reference set of cyber security abbreviations. 3GPP 3rdGeneration Partnership Project A*STAR Agency f

41、or Science, Technology and Research (Singapore) ABW Agencja Bezpieczenstwa Wewnetrznego (Poland) AC Authentication Code (TCG) ACDC Advanced Cyber Defence Centre ACE-CSR Academic Centres of Excellence in Cyber Security Research ACI Austrian Critical Infrastructure (Austria) ACI sterreichische kritisc

42、he Infrastruktur (Austria) ACMA Australian Communications and Media Authority (Australia) ACSS Austrian Cyber Security Strategy (Austria) ADCC Algemene Directie Crisiscentrum (Belgium) ADIV Algemene Dienst Inlichting en Veiligheid (Belgium) AEPD Spanish Data Protection Agency (Spain) AFNOR Associati

43、on Franaise de Normalisation (France) AFP Australian Federal Police (Australia) AGCOM Autorit per le Garanzie nelle Comnicazioni (Italy) AGIMO Australian Government Information Management Office (Australia) AIK Attestation Identity Key (TCG) AIOTI Alliance of IoT Innovation AISI Australian Internet

44、Security Initiative (Australia) AMSS Anti-Malware Support Services Working Group (IEEE) ANS Autorit National de Scurit (Belgium) ANSAC ASEAN Network Security Action Council ANSES Ambient Network Secure Eco System (Singapore) ANSSI Agence nationale de la scurit des systmes dinformation (France) ANSSI

45、 Agence nationale de la scurit des systmes dinformation (Luxembourg) APCERT Asia Pacific Computer Emergency Response Team (Japan) APCIP Austrian Programme for Critical Infrastructure Protection (Austria) APCIP sterreichisches Programm zum Schutz kritischer Infrastruktur (Austria) APT Advanced Persis

46、tent Threat ARF Assessment Results Format or Asset Reporting Format ETSI ETSI TR 103 306 V1.2.1 (2017-03) 9 ARIB Association of Radio Industries and Businesses (Japan) ASD Australian Signals Directorate (Australia) ASEAN CERT Association of Southeast Asian Nations CERT ASIO Australian Security Intel

47、ligence Organisation (Australia) A-SIT Secure Information Technology Centre - Austria (Austria) A-SIT Zentrum fr sichere Informationstechnologie - Austria (Austria) ASS Austrian Security Strategy (Austria) ATIS Alliance for Telecommunications Industry Solutions BBK Bundesamt fr Bevlkerungsschutz und

48、 Katastrophenhilfe (Germany) BBK Biuro Badan Kryminalistycznych (Poland) BCM Business Continuity Management (Germany) BCSS Banque-Carrefoir de la Scurit Sociale (Belgium) Belac Organisme belge dAccrditation (Belgium) Belac Belgische Accredidatie-instelling (Belgium)Belnet Belgian national research n

49、etwork (Belgium) BelNIS Belgian Network Information Security (Belgium) BEREC Euroopan shkisen viestinnn sntelyviranomaisten yhteistyelin (Finland) BEREC Body of European Regulators for Electronic Communications (Norway) BfV Bundesamt fr Verfassungsschutz (Germany) BLOB Binary Large Object (TCG) BIPT Belgisch Instituut voor postdiensten en telecommunicatie (Belgium) BIS Department for Business, Innovation and Skills (UK) BMI Bundesministerium des Innern (Germany) BORE Break Once Run Everywhere (TCG) BSI Bundesamt fr Sic