Please log-in with your EOL account.

Username:
Password:
Keep me signed in (more info)

STF

STFs

STF Homepages breadcrumb separator

STF292

Specialist Task Force 292:

TISPAN security: Standards development in support of the eEurope secure and trusted network environment

Who we are:

Team Leader : Scott Cadzow
Team Members: Alvaro Armenteros Pacheco
Lennart Damm
Pietro Schicker
Paul Sijben
Santiago Denia Martinez

What we do :

The project will produce a set of ETSI deliverables currently planned to include:

Threat analysis for TISPAN (revision of ETSI TS 102 165-1) This document will define the security environment of the NGN, identifying the assets, threats and countermeasures in the NGN. The document will specify the intended protection level for the NGN.
Countermeasures for TISPAN (revision of ETSI TS 102 165-2) This document will define countermeasures required to provide assured levels of security (under specific threat conditions) for the TISPAN/NGN (Next Generation Network) environment.
Provision of Protection Profiles (ETSI TS 102 165-3)
This document will define how Protection Profiles (one element of the Common Criteria for security assurance and evaluation) are provided in the eEurope trusted network environment.
ETSI Guide for the application of countermeasures in Service Capabilities (as defined by ETSI TS 101 878)
This document will provide best practice guidelines on the achievement of a secure framework for eEurope using the countermeasures and Protection Profiles defined in the documents above.

The ETSI deliverables identified above match those identified in the scope of work as follows:

Threat analysis for TISPAN (revision of ETSI TS 102 165-1)

- eEurope secure and trusted infrastructure vulnerability analysis;
- eEurope security assurance plan.

Countermeasures for TISPAN (revision of ETSI TS 102 165-2)

- Assured authentication;
- Assured confidentiality of communication;
- Assured integrity of data transfer;
- Assured secure key management and distribution;

ETSI Guide for the application of countermeasures in Service Capabilities (as defined by ETSI TS 101 878)

- Non-repudiation service building blocks;
- Technical support for implementation of the Privacy Directive (2002/58/EC).

Read our Terms of Reference

Why we do it:

This proposal combines the assessed submissions from ETSI offered under the titles "TISPAN security techniques, threats and technology" and "TISPAN security development of countermeasures". The purpose of the first of these proposals was to enable the most up to date advances in technology for provision of security countermeasures to be made available to eEurope and the European standards bodies. The content of the activity is to ensure that appropriate developments are made visible to the standards development bodies resulting in an update of the existing TIPHON threat analysis specification (ETSI TS 102 165-1) to cover the Next Generation Network (NGN) platform used in eEurope and upon which the trust and viability of the e-enabled community will, to a very large part, depend on. Bringing this activity together in one project with the second of the original submissions will allow closer management of the threat analysis and required countermeasure development. This is one of the key goals of moving towards assurance in the security area for eEurope. In particular combining the two proposals into one project allows greater attention to be paid to the overall security programme. One further advantage of combining the two proposals is that a wider spectrum of security countermeasures can be addressed by combining the administrative load and focussing the ETSI member input to one suite of activity rather than to two possibly overlapping activities.

The eEurope initiative seeks to provide a secure and trusted network environment to lead the members of the Union into the connected age and to support many initiatives in Government, Health, Business and Society in general for open access to electronic communications networks.

Security and trust are fundamental to the success of eEurope. The action proposed in this technical proposal aims to achieve the goals of security and trust in the eEurope network infrastructure through the use of standards in the framework that provide, when deployed, the required level of trust and security.

The core of eEurope’s secure and trusted network will be the NGN in development by ETSI TISPAN in conjunction with the 3GPP, ITU-T and the IETF.

Recognising that eEurope exists in a changing telecommunications environment this activity is intended to ensure that eEurope remains secure in such environment. A pictorial view of the NGN and eEurope security problems is given below:

Picture: Changes_Threat analysis_Countermeasures

Time plan for the work:

We intend to complete our work December 2006.

How to contact us:

If you would like more information, please contact the STF Leader: scott@cadzow.com

Note: this information is based upon STF working assumptions.
The views expressed do not necessarily represent the position of ETSI in this context.