ImageVerifierCode 换一换
格式:PDF , 页数:170 ,大小:12.44MB ,
资源ID:803508      下载积分:10000 积分
快捷下载
登录下载
邮箱/手机:
温馨提示:
如需开发票,请勿充值!快捷下载时,用户名和密码都是您填写的邮箱或者手机号,方便查询和重复下载(系统自动生成)。
如填写123,账号就是123,密码也是123。
特别说明:
请自助下载,系统不会自动发送文件的哦; 如果您已付费,想二次下载,请登录后访问:我的下载记录
支付方式: 支付宝扫码支付 微信扫码支付   
注意:如需开发票,请勿充值!
验证码:   换一换

加入VIP,免费下载
 

温馨提示:由于个人手机设置不同,如果发现不能下载,请复制以下地址【http://www.mydoc123.com/d-803508.html】到电脑端继续下载(重复下载不扣费)。

已注册用户请登录:
账号:
密码:
验证码:   换一换
  忘记密码?
三方登录: 微信登录  

下载须知

1: 本站所有资源如无特殊说明,都需要本地电脑安装OFFICE2007和PDF阅读器。
2: 试题试卷类文档,如果标题没有明确说明有答案则都视为没有答案,请知晓。
3: 文件的所有权益归上传用户所有。
4. 未经权益所有人同意不得将文件中的内容挪作商业或盈利用途。
5. 本站仅提供交流平台,并不能对任何下载内容负责。
6. 下载文件中如有侵权或不适当内容,请与我们联系,我们立即纠正。
7. 本站不保证下载资源的准确性、安全性和完整性, 同时也不承担用户因使用这些下载资源对自己和他人造成任何形式的伤害或损失。

版权提示 | 免责声明

本文(ITU-T STIT-2012 Security in Telecommunications and Information Technology (Study Group 17)《信息技术和通讯安全(研究组17)》.pdf)为本站会员(hopesteam270)主动上传,麦多课文库仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对上载内容本身不做任何修改或编辑。 若此文所含内容侵犯了您的版权或隐私,请立即通知麦多课文库(发送邮件至master@mydoc123.com或直接QQ联系客服),我们立即给予删除!

ITU-T STIT-2012 Security in Telecommunications and Information Technology (Study Group 17)《信息技术和通讯安全(研究组17)》.pdf

1、Printed in SwitzerlandGeneva, 2012ISBN 978-92-61-14001-4Telecommunication Standardization Sector of ITUInternational Telecommunication UnionSecurity in Telecommunications and Information TechnologyAn overview of issues and the deployment of existing ITU-T Recommendations for secure telecommunication

2、sITU-TITU-T2012*37139*Security in telecommunications and information technology An overview of issues and the deployment of existing ITU-T Recommendations for secure telecommunications January 2012 ITU 2012 All rights reserved. No part of this publication may be reproduced, by any means whatsoever,

3、without the prior written permission of ITU. SECURITY IN TELECOMMUNICATIONS AND INFORMATION TECHNOLOGY Prefix i Foreword Malcolm Johnson Director ITU Telecommunication Standardization Bureau Until relatively recently, information and communication technology (ICT) security was mainly of concern to a

4、pplication areas such as banking, aerospace and defence. However, with the rapid and widespread growth in the use of data communications and, particularly the Internet, security is now a universal concern. The increased profile of ICT security may be attributed in part to widely-reported incidents s

5、uch as viruses, hackers and threats to personal privacy, but the reality is that, as computing and networking are now such an important part of daily life, the need for effective security measures to protect the ICT systems of governments, industry, commerce, critical infrastructures and individual

6、users is now imperative. Also, many countries now have data protection laws that require adherence to recognized standards of protection. To be truly effective, security must be considered at all stages of the system lifecycle, from inception and design through implementation, deployment and finally

7、, decommissioning. Failure to give adequate consideration to security at any of these stages can result in systems or data being compromised. Standards bodies have a vital role to play by promoting awareness of ICT security issues, by ensuring that security considerations are a fundamental part of s

8、pecifications, and by providing technical standards and guidance to help implementers and users to ensure communication systems and services are sufficiently robust to withstand cyber-attacks. ITU-T has long been active in ICT security work but the workload has recently grown quite dramatically in r

9、esponse to new and evolving threats and the demands of our members for standards to help counter these threats. This manual highlights some of the key elements of that work and provides an introduction to the extensive resources available from the ITU-T to help users address the ICT security challen

10、ges we face. Standardization is a key building block in constructing a global culture of cybersecurity. We can and will win the war against cyber-threats by building on the work of the thousands of dedicated individuals from public administrations, the private sector and academia, who come together,

11、 in organizations like the ITU, to develop security standards and guidelines for best practice. The work is not glamorous, or high profile, but it is nonetheless essential to safeguard our digital future. I would like to express my appreciation to the engineers of the ITU Telecommunication Standardi

12、zation Bureau who, in conjunction with experts from the ITU membership, have worked, and continue to work, so tirelessly to develop these standards and guidelines. I hope that you will find this manual helpful in gaining a better understanding of ICT security issues and the work of the ITU-T and I w

13、elcome feedback from readers for future editions. Malcolm Johnson Director Telecommunication Standardization Bureau, ITU SECURITY IN TELECOMMUNICATIONS AND INFORMATION TECHNOLOGY ii Acknowledgements Acknowledgements This manual was prepared with the contribution of numerous authors who either contri

14、buted to the generation of the relevant ITU-T Recommendations or participated in the ITU-T Study Group meetings, workshops and seminars. Credit should be given to the Rapporteurs, editors, and security coordinators of the ITU Study Groups, to Martin Euchner, SG 17 Advisor and Georges Sebek, the form

15、er SG 17 counsellor, and in particular to Herb Bertine, the former Chairman of the lead Study Group in ITU-T for work on telecommunications security and Mike Harrop, the former Rapporteur for the security project and chief editor of this manual. SECURITY IN TELECOMMUNICATIONS AND INFORMATION TECHNOL

16、OGY Executive Summary iii Executive Summary This manual provides a broad introduction to the ICT security work of the ITU-T and, more specifically, it summarizes how the ITU-T is responding to global cybersecurity challenges with Recommendations, guidance documents and outreach initiatives. It is pr

17、imarily directed towards those who have responsibility for, or an interest in, information and communications security and the related standards, as well as those who simply need to gain a better understanding of ICT security issues. The manual can be used in various ways according to the organizati

18、on, role and needs of the user. The introductory chapters provide an overview of the current key areas of the ITU-T security work together with a discussion of the basic requirements for the protection of ICT applications, services and information. The threats and vulnerabilities that drive security

19、 requirements are highlighted and the role of standards in meeting the requirements is examined. Some of the features that are needed to protect the various entities involved in providing, supporting and using information and communications technology and services are discussed. In addition, the imp

20、ortance of ICT security standards is explained and examples are given of how the ITU-T security work is evolving to meet security requirements. The generic security architectures for open systems and end-to-end communications are then introduced together with some examples of application-specific ar

21、chitectures. These architectures each establish a framework within which the multiple facets of security can be applied in a consistent manner. They also standardize the underlying concepts of security services and mechanisms and contribute to a standardized vocabulary for ICT security terms and bas

22、ic concepts. The general principles introduced in these architectures form the basis for many of the other standards on security services, mechanisms and protocols, some of which are discussed later in the text. Security management embraces many activities associated with controlling and protecting

23、access to system and network resources, event monitoring and reporting, policy and auditing, as well as managing the information related to these functions and activities. The topics of information security management, risk management and asset management are the focus of one section. Management act

24、ivities associated with securing the network infrastructure are discussed later in the text in a section that covers the need to secure the data used to monitor and control the telecommunications network as well as topics related to network management and common security management services. The Dir

25、ectory, and its role in supporting authentication and other security services, is explained along with some of the key areas that depend on Directory services. These include identity management, public-key infrastructures, telebiometrics (i.e. personal identification and authentication using biometr

26、ic devices in telecommunication environments) and privacy. The importance of protecting the Directory information base is also discussed. Some specific examples and approaches to network security are reviewed. These include the security requirements for Next Generation Networks and mobile communicat

27、ions networks which are in transition from a single technology (such as CDMA or GSM) to mobility across heterogeneous platforms using the Internet protocol. Also included in this section is an examination of security provisions for home networks, cable television and ubiquitous sensor networks. A ne

28、w section on cybersecurity and incident response has been added to this edition of the manual. Effective response to cyber-attacks is dependent on understanding the source and nature of the attack and on sharing information with monitoring agencies. This section discusses the development of a framew

29、ork for sharing cybersecurity-related information and requirements for detecting, protecting against, mitigating the effects of, and recovering from cyber-attacks. SECURITY IN TELECOMMUNICATIONS AND INFORMATION TECHNOLOGY iv Executive Summary The security needs of a number of application areas are e

30、xamined with particular emphasis on the security features that are defined in ITU-T Recommendations. Topics discussed include voice over internet protocol (VOIP), internet protocol television (IPTV) and web services. Also included in this section is the topic of identification tags (including RFID t

31、ags) which are widely deployed but which are also the subject of growing concern over the risk of privacy infringement. Technical measures for countering common network threats such as spam, malicious code and spyware are presented and a discussion is included on the importance of timely notificatio

32、n and dissemination of software updates and the need for organization and consistency in handling security incidents. In conclusion, there is a short section on possible future directions of ICT security standardization work. A review of sources of additional information is included at the end of th

33、e text along with Annexes on definitions and acronyms used in the manual, a summary of security-related Study Groups and a complete listing of Recommendations referenced in this manual. In the electronic version of the text, links are included throughout the text to some of the key ITU-T security re

34、sources and outreach information. SECURITY IN TELECOMMUNICATIONS AND INFORMATION TECHNOLOGY Introduction v Introduction to the 5th edition Since the first edition of the manual was published in 2003, the ITU-T has embarked on many new areas of work and great many new Recommendations have been comple

35、ted and published. In addition, the Study Groups themselves were restructured following the World Telecommunication Standardization Assembly (WTSA) 2008. Since publication of the 4thedition of the manual, the work has continued to expand and the number of security-related Recommendations has grown i

36、n response to continued demand for standardized solutions to counter evolving threats to ICT security. Once again, the editors have faced the challenge of presenting a representative cross-section of the work in a limited amount of space. For the 4thedition of this manual, the structure and contents

37、 were revised significantly and guiding principles were established for the text. These guiding principles have also been followed for this edition and the structure and format developed for the 4th edition are largely unchanged. The guiding principles, which were developed after consultation with I

38、TU-T members are as follows: The publication should appeal to a wide audience and should try to avoid complex terminology and terms that are likely to be understood only within specialized domains; The text should complement, not duplicate, existing material available in other forms (e.g. Recommenda

39、tions); The text should be developed to accommodate publication both as a stand-alone, printed document and as an electronic document; The text should employ web links to Recommendations and other sources of publicly-available material as much as possible. Detailed information, over and above that n

40、eeded to fulfil the basic objectives should be referenced by web links; and To the greatest extent possible, the text should focus on work that has been completed and published, rather than work that is planned or in progress. In keeping with these objectives, the manual does not attempt to cover al

41、l the ITU-T security work that has either been completed or is underway. Instead, it focuses on key selected topics and accomplishments and provides web links to additional information. The manual is published in hard copy and in electronic format. For readers using an electronic version of the text

42、, direct hyperlinks are provided to the listed Recommendations and to other on-line documentation. For readers using a hard copy of the text, all referenced Recommendations are listed in Annex D. These can be accessed on line at: www.itu.int/rec/T-REC/en. Note: This manual is purely illustrative. It

43、 has no normative character and does not supersede the ITU-T Recommendations referenced herein. SECURITY IN TELECOMMUNICATIONS AND INFORMATION TECHNOLOGY Contents vii Table of Contents Page Foreword . i Acknowledgements ii Executive Summary iii Introduction to the 5th edition v 1 How to use this Sec

44、urity Manual . 3 2 Overview of ITU-T security activities . 7 2.1 Reference and outreach documentation . 7 2.2 Overview of major security topics and Recommendations 7 3 Security requirements . 13 3.1 Threats, risks and vulnerabilities . 13 3.2 General security objectives for ICT networks . 15 3.3 Rat

45、ionale for security standards . 15 3.4 Evolution of ITU-T security standards 15 3.5 Personnel and physical security requirements . 17 4 Security architectures . 21 4.1 The open systems security architecture and related standards . 21 4.2 Security services 22 4.3 Security architecture for systems pro

46、viding end-to-end communications . 23 4.4 Implementation guidance . 25 4.5 Some application-specific architectures . 25 4.6 Architecture for external relationships . 28 4.7 Other network security architectures and models 29 5 Aspects of security management 33 5.1 Information security management . 33

47、 5.2 Information security management framework . 34 5.3 Risk management 35 5.5 Asset management . 36 6 Authentication and the role of the Directory 41 6.1 Protection of Directory information 41 6.2 Strong authentication: public-key security mechanisms . 43 6.3 Authentication guidelines 48 6.4 Identi

48、ty management . 50 6.5 Telebiometrics . 51 SECURITY IN TELECOMMUNICATIONS AND INFORMATION TECHNOLOGY vii Contents Page 7 Securing the network infrastructure . 57 7.1 The telecommunications management network (TMN) 57 7.2 Network management architecture 57 7.3 Securing the infrastructure elements of

49、a network 58 7.4 Securing monitoring and control activities 59 7.5 Securing network operation activities and management applications . 60 7.6 Common security management services . 61 8 Some specific approaches to network security 67 8.1 Next Generation Network (NGN) security 67 8.2 Mobile communications security . 68 8.3 Security for home networks . 73 8.4 IPCablecom . 76 8.5 IPCablecom2 . 78 8.6 Ubiquitous sensor networks . 80 9. Cybersecurity and incident response 87 9.1 Cybersecurity information sharing and exchange . 87 9.2 Incident handling . 90 10 Applicati

copyright@ 2008-2019 麦多课文库(www.mydoc123.com)网站版权所有
备案/许可证编号:苏ICP备17064731号-1