1、 International Telecommunication Union ITU-T Series YTELECOMMUNICATION STANDARDIZATION SECTOR OF ITU Supplement 19(06/2012) SERIES Y: GLOBAL INFORMATION INFRASTRUCTURE, INTERNET PROTOCOL ASPECTS AND NEXT-GENERATION NETWORKS ITU-T Y.2200-series Supplement on the risk analysis service in next generati
2、on networks ITU-T Y-series Recommendations Supplement 19 ITU-T Y-SERIES RECOMMENDATIONS GLOBAL INFORMATION INFRASTRUCTURE, INTERNET PROTOCOL ASPECTS AND NEXT-GENERATION NETWORKS GLOBAL INFORMATION INFRASTRUCTURE General Y.100Y.199 Services, applications and middleware Y.200Y.299 Network aspects Y.30
3、0Y.399 Interfaces and protocols Y.400Y.499 Numbering, addressing and naming Y.500Y.599 Operation, administration and maintenance Y.600Y.699 Security Y.700Y.799 Performances Y.800Y.899 INTERNET PROTOCOL ASPECTS General Y.1000Y.1099 Services and applications Y.1100Y.1199 Architecture, access, network
4、capabilities and resource management Y.1200Y.1299 Transport Y.1300Y.1399 Interworking Y.1400Y.1499 Quality of service and network performance Y.1500Y.1599 Signalling Y.1600Y.1699 Operation, administration and maintenance Y.1700Y.1799 Charging Y.1800Y.1899 IPTV over NGN Y.1900Y.1999 NEXT GENERATION N
5、ETWORKS Frameworks and functional architecture models Y.2000Y.2099 Quality of Service and performance Y.2100Y.2199 Service aspects: Service capabilities and service architecture Y.2200Y.2249 Service aspects: Interoperability of services and networks in NGN Y.2250Y.2299 Numbering, naming and addressi
6、ng Y.2300Y.2399 Network management Y.2400Y.2499 Network control architectures and protocols Y.2500Y.2599 Packet-based Networks Y.2600Y.2699 Security Y.2700Y.2799 Generalized mobility Y.2800Y.2899 Carrier grade open environment Y.2900Y.2999 FUTURE NETWORKS Y.3000Y.3499 CLOUD COMPUTING Y.3500Y.3999 Fo
7、r further details, please refer to the list of ITU-T Recommendations. Y series Supplement 19 (06/2012) i Supplement 19 to ITU-T Y-series Recommendations ITU-T Y.2200-series Supplement on the risk analysis service in next generation networks Summary Supplement 19 to the ITU-T Y-series Recommendations
8、 deals with the risk analysis service, which is a service that is capable of identifying risks, assessing them and then invoking processes to identify the proper actions that should be taken to reduce damage that could affect users or organizations subscribed to a next generation network (NGN). Prov
9、ided that a risk situation exists, the risk analysis function performs the analysis and assessment of the risk event data with an algorithm that applies the most recent pattern according to procedures, and reports the analysis results and the proper complementary measures which, if invoked, will red
10、uce risk. History Edition Recommendation Approval Study Group 1.0 ITU-T Y Suppl. 19 2012-06-15 13 Keywords Risk analysis service. ii Y series Supplement 19 (06/2012) FOREWORD The International Telecommunication Union (ITU) is the United Nations specialized agency in the field of telecommunications,
11、information and communication technologies (ICTs). The ITU Telecommunication Standardization Sector (ITU-T) is a permanent organ of ITU. ITU-T is responsible for studying technical, operating and tariff questions and issuing Recommendations on them with a view to standardizing telecommunications on
12、a worldwide basis. The World Telecommunication Standardization Assembly (WTSA), which meets every four years, establishes the topics for study by the ITU-T study groups which, in turn, produce Recommendations on these topics. The approval of ITU-T Recommendations is covered by the procedure laid dow
13、n in WTSA Resolution 1. In some areas of information technology which fall within ITU-Ts purview, the necessary standards are prepared on a collaborative basis with ISO and IEC. NOTE In this publication, the expression “Administration“ is used for conciseness to indicate both a telecommunication adm
14、inistration and a recognized operating agency. Compliance with this publication is voluntary. However, the publication may contain certain mandatory provisions (to ensure, e.g., interoperability or applicability) and compliance with the publication is achieved when all of these mandatory provisions
15、are met. The words “shall“ or some other obligatory language such as “must“ and the negative equivalents are used to express requirements. The use of such words does not suggest that compliance with the publication is required of any party. INTELLECTUAL PROPERTY RIGHTS ITU draws attention to the pos
16、sibility that the practice or implementation of this publication may involve the use of a claimed Intellectual Property Right. ITU takes no position concerning the evidence, validity or applicability of claimed Intellectual Property Rights, whether asserted by ITU members or others outside of the pu
17、blication development process. As of the date of approval of this publication, ITU had not received notice of intellectual property, protected by patents, which may be required to implement this publication. However, implementers are cautioned that this may not represent the latest information and a
18、re therefore strongly urged to consult the TSB patent database at http:/www.itu.int/ITU-T/ipr/. ITU 2013 All rights reserved. No part of this publication may be reproduced, by any means whatsoever, without the prior written permission of ITU. Y series Supplement 19 (06/2012) iii Table of Contents Pa
19、ge 1 Scope 1 2 References. 1 3 Definitions 2 3.1 Terms defined elsewhere 2 3.2 Terms defined in this Supplement 2 4 Abbreviations and acronyms 2 5 Conventions 3 6 Overview 3 6.1 Internal risks . 3 6.2 External risks 4 6.3 Conceptual model for an IRAS function 4 7 IRAS function . 4 7.1 Application se
20、rvice management function . 6 7.2 Risk search function . 6 7.3 Risk analysis function . 6 7.4 Risk service profile . 8 8 Execution of IRAS functions 8 8.1 Risk analysis service and user registration . 8 8.2 Log-in session process 9 8.3 Risk analysis service execution 9 9 Risk analysis service proced
21、ure 9 9.1 General risk analysis service procedure . 9 10 Service scenarios 13 10.1 Service scenario related to external risks . 13 10.2 Service scenario related to internal risks 14 11 Security consideration 14 iv Y series Supplement 19 (06/2012) Introduction The risk analysis service must contend w
22、ith internal risks, which are risks related to potential network providers, service providers and user/terminal failures, as well as with external risks, which are risks related to forces external to the network. Internal risks can be associated with items such as hardware failures, software errors
23、affecting service features and integrity, network outages, poor change management, data centre failures, network congestion, inefficient software code, inadequate capacity and malicious calls. External risks can be associated with items such as disasters resulting from earthquakes, typhoons, tsunami
24、s and floods. An invoked risk analysis service will identify proper actions to take to reduce risk, which if taken, would reduce the risk of critical next generation network (NGN) service failures. Failure to invoke a risk analysis service, especially one that can deal with risk sources, could resul
25、t in serious events which could adversely affect users subscribed to an NGN. Y series Supplement 19 (06/2012) 1 Supplement 19 to ITU-T Y-series Recommendations ITU-T Y.2200-series Supplement on the risk analysis service in next generation networks 1 Scope Risk analysis service (IRAS) is a service th
26、at is capable of identifying risk, assessing the risk and then invoking a process to identify the proper actions that should be taken to reduce damage that could have an effect on users or organizations subscribed to an NGN. Invocation of a risk analysis service will result in identification of a se
27、t of positive actions that could be taken to reduce the current risk level for users or organizations subscribed to an NGN. A risk analysis service will be capable of performing the following functions: identification and capture of the risk information, which will be used as the input to the IRAS;
28、analysis of the risk sources based on detected information; assessment of risks so as to calculate the risk grade; determine actions necessary to mitigating risk. 2 References ITU-T E.106 Recommendation ITU-T E.106 (2003), International Emergency Preference Scheme (IEPS) for disaster relief operatio
29、ns. ITU-T G.8001 Recommendation ITU-T G.8001 (2012), Terms and definitions for Ethernet frames over transport. ITU-T Y.1308 Recommendation ITU-T Y.1308 (2004), Ethernet UNI and Ethernet NNI. ITU-T Y.1910 Recommendation ITU-T Y.1910 (2008), IPTV functional architecture. ITU-T Y.2011 Recommendation IT
30、U-T Y.2011 (2004), General principles and general reference model for Next Generation Networks. ITU-T Y.2012 Recommendation ITU-T Y.2012 (2010), Functional requirements and architecture of next generation networks. ITU-T Y.2201 Recommendation ITU-T Y.2201 (2009), Requirements and capabilities for IT
31、U-T NGN. ITU-T Y.2234 Recommendation ITU-T Y.2234 (2008), Open Service Environment Capabilities for NGN. ITU-T Y.2261 Recommendation ITU-T Y.2261 (2006), PSTN/ISDN evolution to NGN. ITU-T Y.2701 Recommendation ITU-T Y.2701 (2007), Security requirements for NGN release 1. ITU-T Y.2702 Recommendation
32、ITU-T Y.2702 (2008), Authentication and authorization requirements for NGN release 1. 2 Y series Supplement 19 (06/2012) 3 Definitions 3.1 Terms defined elsewhere This Supplement uses the following term defined elsewhere: 3.1.1 application ITU-T Y.2261: A structured set of capabilities, which provid
33、e value added functionality supported by one or more services, which may be supported by an application programming interface (API). 3.2 Terms defined in this Supplement This Supplement defines the following terms: 3.2.1 application-to-network interface (ANI): An interface that results from the conn
34、ection between an application and a network. 3.2.2 detection point (DP): The detection point, which is located in each service provider, network provider, and user terminal, is capable of collecting sophisticated metrics related to risk. 3.2.3 disaster surveillance sensor network (DSSN): The network
35、 that performs surveillance of disasters based on a sensor network. 3.2.4 network-to-network interface (NNI): An interface that results from the connection of two networks. 3.2.5 risk analysis function (RAF): The function that analyses and processes data from the risk search functional entity. 3.2.6
36、 risk analysis functional entity (RAFE): The entity that performs identification, analysis and prioritization of risks which come from the risk search function. 3.2.7 risk analysis service (IRAS): The service that is implemented to facilitate the prevention or reduction of risk to which users or org
37、anizations subscribed to an NGN are exposed. 3.2.8 risk classification functional entity (RCFE): The entity that classifies the received risk events as being associated with either internal or external risk. 3.2.9 risk detection functional entity (RDFE): The entity that performs monitoring and traci
38、ng of risk relevant events from detection points. 3.2.10 risk mitigation functional entity (RMFE): The entity that is to prevent a risk and to reduce the impact of a risk incident. 3.2.11 risk search function (RSF): The function that is used to detect risk events that are obtained from the detection
39、 point. 3.2.12 risk service profile (RSP): The repository that stores the various risk patterns and the individuals user data. 3.2.13 service management function (SMF): The function that provides session management and controls the risk search function, risk service profile and risk analysis functio
40、n. 4 Abbreviations and acronyms This Supplement uses the following abbreviations and acronyms: ANI Application-to-Network Interface API Application Programming Interface DP Detection Point DSSN Disaster Surveillance Sensor Network Y series Supplement 19 (06/2012) 3 IRAS Risk Analysis Service NGN Nex
41、t Generation Network NNI Network-to-Network Interface NP Network Provider RAF Risk Analysis Function RAFE Risk Analysis Functional Entity RCFE Risk Classification Functional Entity RDFE Risk Detection Functional Entity RMFE Risk Mitigation Functional Entity RSF Risk Search Function RSFE Risk Search
42、Functional Entity RSP Risk Service Profile SMF Service Management Function SNI System Network Interface SP Service Provider TE Terminal Equipment UNI User Network Interface 5 Conventions None. 6 Overview The term “risk analysis service“ means a service which is implemented to facilitate the preventi
43、on or reduction of risk to which users or organizations subscribed to an NGN are exposed. The risk analysis service classifies the risk into one of two types, viz. internal or external risk, as shown in Figure 6-1. Each of these types of risk is discussed below. 6.1 Internal risks Internal risks are
44、 risks which are related to potential failures of the network provider, service provider or user terminal. These risks can be associated with items such as hardware failures, software errors affecting service features and integrity, network outages, data centre failures, network congestion, ineffici
45、ent software code, inadequate capacity and malicious calls. The risks related to the network provider are associated with network failures, network congestion, and inadequate network capacity or provisioning. Risks of this sort can be evaluated to determine their potential impact, e.g., causing tran
46、sactions to be abandoned and reducing customer, partner and client satisfaction. The risks related to the service provider are associated with incorrect or unreliable information such as insecure data, incorrect service contents, inadequate service data and malware. Service provider risks must also
47、include the risk associated with the use of data that may be stolen. Risks of this sort can be evaluated to determine their potential impact: breach of client confidentiality and trust, loss of service availability, identity theft and theft of financial property. 4 Y series Supplement 19 (06/2012) T
48、he risks related to the user terminal are associated with the failure due to improper user fault, terminal loss and malicious operation. Risks of this sort can be evaluated to determine their potential impact: material losses, property damage and leakage of private information. 6.2 External risks Ex
49、ternal risks are risks related or due to forces that are external to the network. External risks can be associated with items such as disasters like earthquakes, volcanoes, typhoons, tsunamis and floods, serious accidents such as fire, nuclear disasters, and attacks of various kind such as cyber attacks, security incidents and mass deception, as well as terrorist attacks on important facilities. Risks of this sort can be evaluated to determine their potential impacts: extent of potentia