ETSI TR 187 009-2008 Telecommunications and Internet Converged Services and Protocols for Advanced Networking (TISPAN) Feasibility study of prevention of unsolicited communication _1.pdf

1、 ETSI TR 187 009 V2.1.1 (2008-07)Technical Report Telecommunications and Internet Converged Services andProtocols for Advanced Networking (TISPAN);Feasibility study of preventionof unsolicited communication in the NGNETSI ETSI TR 187 009 V2.1.1 (2008-07) 2 Reference DTR/TISPAN-07025-NGN-R2 Keywords

2、Regulation, security ETSI 650 Route des Lucioles F-06921 Sophia Antipolis Cedex - FRANCE Tel.: +33 4 92 94 42 00 Fax: +33 4 93 65 47 16 Siret N 348 623 562 00017 - NAF 742 C Association but non lucratif enregistre la Sous-Prfecture de Grasse (06) N 7803/88 Important notice Individual copies of the p

3、resent document can be downloaded from: http:/www.etsi.org The present document may be made available in more than one electronic version or in print. In any case of existing or perceived difference in contents between such versions, the reference version is the Portable Document Format (PDF). In ca

4、se of dispute, the reference shall be the printing on ETSI printers of the PDF version kept on a specific network drive within ETSI Secretariat. Users of the present document should be aware that the document may be subject to revision or change of status. Information on the current status of this a

5、nd other ETSI documents is available at http:/portal.etsi.org/tb/status/status.asp If you find errors in the present document, please send your comment to one of the following services: http:/portal.etsi.org/chaircor/ETSI_support.asp Copyright Notification No part may be reproduced except as authori

6、zed by written permission. The copyright and the foregoing restriction extend to reproduction in all media. European Telecommunications Standards Institute 2008. All rights reserved. DECTTM, PLUGTESTSTM, UMTSTM, TIPHONTM, the TIPHON logo and the ETSI logo are Trade Marks of ETSI registered for the b

7、enefit of its Members. 3GPPTM is a Trade Mark of ETSI registered for the benefit of its Members and of the 3GPP Organizational Partners. ETSI ETSI TR 187 009 V2.1.1 (2008-07) 3 Contents Intellectual Property Rights5 Foreword.5 1 Scope 6 2 References 6 2.1 Normative references .6 2.2 Informative refe

8、rences7 3 Abbreviations .8 4 General overview .9 5 Threat analysis for UC in the NGN10 5.1 UC attack configurations for basis of TVRA .10 5.1.1 Scenario 1: One-to-One UC10 5.1.2 Scenario 2: One-to-Many UC .11 5.1.3 Scenario 3: Many-to-One UC .11 5.1.4 Scenario 4: Many-to-Many UC 12 5.2 Attack vector

9、 of UC in NGN12 5.3 Risk assessment for UC in NGN 13 5.4 Objectives for the prevention of UC in NGN.13 5.5 Security requirements for prevention of UC in the NGN.14 5.5.1 Functional security requirements14 5.6 Prevention of UC in NGN countermeasure framework14 5.6.1 Existing solutions / countermeasur

10、es14 5.6.1.1 MCID - Malicious call identification 14 5.6.1.2 OIR - Originating Identification Restriction .15 5.6.1.3 ACR - Anonymous Communication Rejection and ICB - Incoming Communication Barring 15 5.7 System management requirements .15 5.7.1 User requirements.15 5.7.2 Architectural requirements

11、16 6 Feasibility of providing UC prevention in the NGN16 6.1 Identifying UC16 6.2 Marking UC17 6.3 Reacting to UC .17 6.4 Architectural impact .17 6.4.1 Technical impact.17 6.4.1.1 User Interaction.17 6.4.2 Identifying and marking UC .17 6.4.3 Handling Essential, or potentially Essential, IPRs notif

12、ied to ETSI in respect of ETSI standards“, which is available from the ETSI Secretariat. Latest updates are available on the ETSI Web server (http:/webapp.etsi.org/IPR/home.asp). Pursuant to the ETSI IPR Policy, no investigation, including IPR searches, has been carried out by ETSI. No guarantee can

13、 be given as to the existence of other IPRs not referenced in ETSI SR 000 314 (or the updates on the ETSI Web server) which are, or may be, or may become, essential to the present document. Foreword This Technical Report (TR) has been produced by ETSI Technical Committee Telecommunications and Inter

14、net converged Services and Protocols for Advanced Networking (TISPAN). ETSI ETSI TR 187 009 V2.1.1 (2008-07) 6 1 Scope The present document seeks to determine if UC is a risk to the NGN user or to the NGN Operator (a CSP using NGN technology to provide services). The present document offers justific

15、ation for UC countermeasures by presenting the results of a Threat Vulnerability and Risk Analysis (TVRA) that quantifies the likelihood and impact of UC in the NGN where UC is initiated in a variety of forms described using a number of scenarios for illustration. The present document defines the te

16、rm unsolicited communication in the context of the NGN. Where risk is shown from UC in the NGN the present document considers means to mitigate the risk using metrics of applicability, effectiveness and architectural instantiation. NOTE: Whilst this document is a technical report it identifies requi

17、rements for future work. In all cases these requirements are considered indicative pending their ratification in formal ETSI Technical Specifications within the TISPAN Work Programme. 2 References References are either specific (identified by date of publication and/or edition number or version numb

18、er) or non-specific. For a specific reference, subsequent revisions do not apply. Non-specific reference may be made only to a complete document or a part thereof and only in the following cases: - if it is accepted that it will be possible to use all future changes of the referenced document for th

19、e purposes of the referring document; - for informative references. Referenced documents which are not found to be publicly available in the expected location might be found at http:/docbox.etsi.org/Reference. For online referenced documents, information sufficient to identify and locate the source

20、shall be provided. Preferably, the primary source of the referenced document should be cited, in order to ensure traceability. Furthermore, the reference should, as far as possible, remain valid for the expected life of the document. The reference shall include the method of access to the referenced

21、 document and the full network address, with the same punctuation and use of upper case and lower case letters. NOTE: While any hyperlinks included in this clause were valid at the time of publication ETSI cannot guarantee their long term validity. 2.1 Normative references The following referenced d

22、ocuments are indispensable for the application of the present document. For dated references, only the edition cited applies. For non-specific references, the latest edition of the referenced document (including any amendments) applies. Not applicable. ETSI ETSI TR 187 009 V2.1.1 (2008-07) 7 2.2 Inf

23、ormative references The following referenced documents are not essential to the use of the present document but they assist the user with regard to a particular subject area. For non-specific references, the latest version of the referenced document (including any amendments) applies. i.1 OMA-RD-CBC

24、S-V1-0-20060711-C: “Categorization Based Content Screening Framework Requirements“. i.2 OMA-AD-CBCS-V1-0-20060828-D: “Categorization-based Content Screening Framework Architecture“. i.3 IETF RFC 5039: “The Session Initiation Protocol (SIP) and Spam“. i.4 ETSI TS 183 011: “Telecommunications and Inte

25、rnet converged Services and Protocols for Advanced Networking (TISPAN); PSTN/ISDN simulation services: Anonymous Communication Rejection (ACR) and Communication Barring (CB); Protocol specification“. i.5 ETSI ETS 300 128: “Integrated Services Digital Network (ISDN); Malicious Call Identification (MC

26、ID) supplementary service; Service description“. i.6 ETSI TS 183 016: “Telecommunications and Internet converged Services and Protocols for Advanced Networking (TISPAN); PSTN/ISDN simulation services; Malicious Communication Identification (MCID); Protocol Specification“. i.7 ETSI TS 183 007 (V2.0.0

27、): “Telecommunications and Internet converged Services and Protocols for Advanced Networking (TISPAN); PSTN/ISDN simulation services; Originating Identification Presentation (OIP) and Originating Identification Restriction (OIR); Protocol specification“. i.8 Directive 2002/20/EC of the European Parl

28、iament and of the Council of 7 March 2002 on the authorisation of electronic communications networks and services. i.9 Directive 2002/58/EC of the European Parliament and of the Council of 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communi

29、cations sector (Directive on privacy and electronic communications - OJ L 201, 31.07.2002). i.10 ETSI TS 102 165-1: “Telecommunications and Internet converged Services and Protocols for Advanced Networking (TISPAN); Methods and protocols; Part 1: Method and proforma for Threat, Risk, Vulnerability A

30、nalysis“. i.11 ETSI TR 187 010: “Telecommunications and Internet converged Services and Protocols for Advanced Networking (TISPAN); NGN Security; Report on issues related to security in identity imanagement and their resolution in the NGN“. i.12 ETSI TR 187 011: “Telecommunications and Internet conv

31、erged Services and Protocols for Advanced Networking (TISPAN); NGN Security; Application of ISO-15408-2 requirements to ETSI standards - guide, method and application with examples“. i.13 IETF draft-niccolini-sipping-spitstop: “Signalling TO Prevent SPIT (SPITSTOP) Reference Scenario“. i.14 IETF dra

32、ft-niccolini-sipping-feedback-spit: “SIP Extensions for SPIT identification“. i.15 IETF draft-jung-sipping-authentication-spit: “Authentication between the Inbound Proxy and the UAS for Protecting SPIT in the Session Initiation Protocol (SIP)“. i.16 IETF draft-schwartz-sipping-spit-saml: “SPAM for I

33、nternet Telephony (SPIT) Prevention using the Security Assertion Markup Language (SAML)“. i.17 IETF draft-froment-sipping-spit-authz-policies: “Authorization Policies for Preventing SPIT“. i.18 ISO/IEC 15408-2: “Information technology - Security techniques - Evaluation criteria for IT security - Par

34、t 2: Security functional requirements“. ETSI ETSI TR 187 009 V2.1.1 (2008-07) 8 i.19 ETSI TS 186 006-1: “Telecommunications and Internet Converged Services and Protocols for Advanced Networking (TISPAN); Originating Identification Presentation (OIP) and Originating Identification Restriction (OIR);

35、Part 1: Protocol Implementation Conformance Statement (PICS)“. i.20 ETSI EN 300 798: “Digital Audio Broadcasting (DAB); Distribution interfaces; Digital baseband In-phase and Quadrature (DIQ) interface“. i.21 ETSI TR 141 031: “Digital cellular telecommunications system (Phase 2+); Fraud Information

36、Gathering System (FIGS); Service requirements; Stage 0 (3GPP TR 41.031 version 6.0.0 Release 7)“. i.22 ETSI TS 122 031: “Digital cellular telecommunications system (Phase 2+); Universal Mobile Telecommunications System (UMTS); Fraud Information Gathering System (FIGS); Service description; Stage 1 (

37、3GPP TS 22.031 version 6.0.0 Release 7)“. i.23 ETSI TS 123 031: “Digital cellular telecommunications system (Phase 2+); Universal Mobile Telecommunications System (UMTS); Fraud Information Gathering System (FIGS); Service description; Stage 2 (3GPP TS 23.031 version 6.0.0 Release 7)“. i.24 ITU-T Rec

38、ommendation X.1244 (former X.ocsip): “Overview of countering SPAM for IP multimedia application“. i.25 ITU-T Recommendation X.fcsip: “Technical Framework of Countering IP Multimedia SPAM“. i.26 ITU-T Recommendation X.1231: (former X.csreq) - “Requirement on countering SPAM“. i.27 3GPP TR ab.cde draf

39、t: “Group Services and System Aspects; Protection against SMS, MMS and IMS SPAM; Study of Different SPAM Protection Mechanisms. Release 8.“. NOTE: This work item was never be finalized, for references please have a look at: square4 3GPP,“Protection against SMS and MMS spam“, SP-060446, SA#32; square

40、4 Orange, “Consumer protection against spam and malware“, S3-060331, Athens, April 2006; square4 Nokia, “Anti-spam work in OMA and IETF“, S3060504, 3GPP S3#44, Talinn, July 2006; square4 Orange, “Spam Flagging using In-band Signaling in Mobile and Broadband Networks“, S3-070094 TSGS3#46 Beijing 2007

41、. i.28 ETSI SR 002 211: “Electronic communications networks and services; Candidate list of standards and/or specifications in accordance with Article 17 of Directive 2002/21/EC“. 3 Abbreviations For the purposes of the present document, the following abbreviations apply: ACR Anonymous Communication

42、 Rejection CAMEL Customized Applications for Mobile network Enhanced Logic CBCS Categorization Based Content Screening CSP Communications Service Provider DAB Digital Audio Broadcasting DIQ Digital baseband In-phase and Quadrature interface DoS Denial of Service FIGS Fraud Information Gathering Syst

43、em gsmSCF GSM Service Control Function gsmSSF GSM Service Switching Function HPLMN Home Public Land Mobile Network ICAP Internet Content Adaptation Protocol ICB Incoming Communication Barring IDD International Direct Dialling IETF Internet Engineering Task Force IP Internet Protcol ETSI ETSI TR 187

44、009 V2.1.1 (2008-07) 9 ISDN Integrated Services Digital Network IST Immediate Service TerminationITU International Telecommunication Unit MCID Malicious Call Identification NGN Next Generation Network ODB Operator Determined Barring OIP Originating Identification Presentation OIR Originating Identif

45、ication Restriction OMA Open Mobile Alliance PICS Protocol Implementation Conformance Statement PSTN Public Switched Telecommunications Network SAML Security Assertion Markup Language SIP Session Initiation Protocol SIPPING Session Initiation Proposal Investigation SPIT SPAM over Internet Telephony

46、TAP Transferred Account Procedure TVRA Threat Vulnerability and Risk Analysis UC Unsolicited Communication UE User Equipment UMTS Universal Mobile telecommunication System VPLMN Visited Public Land Mobile Network WG Working Group 4 General overview In the email environment the instance of SPAM, the

47、common name used to refer to bulk Unsolicited Communication (UC) where the benefit is weighted in favour of the sender, has proliferated in recent years. SPAM is recognized as a problem and is regulated against, at least in part, in the context of the Privacy Directive 2002/58/EC i.9, specifically i

48、n article 13. However, as has been noted in SR 002 211 i.28: “Whilst proprietary technical means exist to assist algorithms that identify and filter spam emails, the legal framework for application of such means in face of processing error is uncertain. Article 13 supports the legal instruments unde

49、r which spammers may be prosecuted but does not seem to imply technical provision.“ As the NGN moves towards adoption of similar protocols for signalling and transport as used in email applications and services, there is a threat that similar UC phenomena will migrate to the NGN and may escalate in severity. NOTE 1: UC existed in the pre-NGN PSTN/ISDN and treatment of such calls when characterized as either nuisance or malicious calls has been well documented and is not repeated in the present document. In order