信息通信技术安全标准路线图
合集下载
- 1、下载文档前请自行甄别文档内容的完整性,平台不提供额外的编辑、内容补充、找答案等附加服务。
- 2、"仅部分预览"的文档,不可在线预览部分如存在完整性等问题,可反馈申请退款(可完整预览的文档不适用该条件!)。
- 3、如文档侵犯您的权益,请联系客服反馈,我们会尽快为您处理(人工客服工作时间:9:00-18:30)。
cable networks • Study Group 11 - Signalling requirements, protocols and test specifications • Study Group 12 - Performance, QoS and QoE • Study Group 13 - Future networks including mobile and NGN • Study Group 15 - Optical transport networks and access network infrastructures • Study Group 16 - Multimedia coding, systems and applications
– dkim
Domain Keys Identified Mail
– emu
EAP Method Update
– hokey
Handover Keying
– ipsecme IP Security Maintenance and Extensions
– isms
Integrated Security Model for SNMP
Page 8
lijun2003@gmail.com
3GPP组织架构
• 项目协作部(Project Co-odination Group)- 最高管理机构,负责全面协
调工作
• 技术规范部(Technical Specification Groups )- 负责技术规
范制定工作,受PCG的管理
– GERAN: GSM/EDGE Radio Access Network(GSM/EDGE 无线接入网)
lijun2003@gmail.com
3GPP2组织架构
Page 10
TISPAN组织架构
lijun2003@gmail.com
• TISPAN是ETSI旗下从事下一代网络研究的标准化组织
– 从固网角度(3GPP以移动角度)研究下一代网络NGN – 于2003年9月成立,由欧洲运营商和制造商主导,亚洲国家可以作为准会员参与,提交文稿并
• OASIS Identity in the Cloud TC
– Developing profiles of open standards for identity deployment, provisioning and management in cloud computing
• OASIS Identity Metasystem Interoperability (IMI) TC
• Security Area Advisory Group (SAAG) - 目前活跃的工作组有14个
– abfab
Application Bridging for Federated Access Beyond web
– dane
DNS-based Authentication of Named Entities
– Advancing interoperability standard for Information Cards
• OASIS Key Management Interoperability Protocol (KMIP) TC
– Advancing interoperability standard for enterprise encryption key management
• OASIS Web Services Federation (WSFED) TC
– Extending identity management to enable federations of trust across organizations
• OASIS Web Services Secure Exchange (WS-SX) TC
– pkix
Public-Key Infrastructure (X.509)
– tls
Transport Layer Security
Page 7
OASIS(结构化信息标准促进组织)安全相关的技术委员会
lijun2003@gmail.com
• OASIS Biometric Identity Assurance Services (BIAS) Integration TC
– Defining WS-Security extensions and policies to enable the trusted exchange of multiple SOAP messages
• OASIS XRI Data Interchange (XDI) TC
– Creating a standard for sharing, linking, and synchronizing data ("dataweb") over the Internet and other networks using XML documents and Extensible Resource Identifiers
具有投票权。 – 分8个组研究NGN的标准,分别为WG1(业务)、WG2(体系架构)、WG3(协议)、WG4
(编号和路由)、WG5(QoS)、WG6(测试)、WG7(安全)、WG8(网络管理)。
Page 11
lijun2003@gmail.com
目录
• 当前安全标准制定组织及工作情况
– Providing a guideline for developing operational solutions to privacy issues
• OASIS Provisioning Services TC
– Providing an XML framework for managing the provisioning and allocation of identity information and system resources within and between organizations
– Defining a syntax for abstract structured identifiers to share semantics across different URI schemes, domains, and applications (XRI); plus defining a simple XML format for uniform metadata discovery for all URIs (XRD)
Page 2
lijun2003@gmail.com
当前主要安全标准制定组织
• 正式国际标准制定组织
– 国际电联-电信标准部门(ITU-T) – 国际标准化组织(ISO)及国际电工委员会(IEC)
• 其它国际标准团队和论坛
– 互联网工程任务组(IETF) – 结构化信息标准促进组织(OASIS)
– 3GPP
– Defining methods for using biometric identity assurance in transactional Web services and SOAs
• OASIS Cross-Enterprise Security and Privacy Authorization (XSPA) TC
– Enabling the interoperable exchange of healthcare privacy policies, consent directives, and authorizations
– OASIS Digital Signature Services eXtended (DSS-X) TC
– kitten
Common Authentication Technology Next Generation
– krb-wg
Kerberos
– msec
Multicast Security
– nea
Network Endpoint Assessment
– oauth
Web Authorization Protocol
• OASIS Open Reputation Management Systems (ORMS) TC
– Advancing the ability to use common data formats for representing reputation data
• OASIS Privacy Management Reference Model (PMRM) TC
Page 4
lijun2003@gmail.com
ITU-T SG17组织结构(2009-2012)
Page 5
ISO/IEC内部安全研究组JTC1/SC27(IT安全技术)
lijun2003@gmail.com
Page 6
lijun2003@gmail.com
IETF(互联网工程任务组)安全相关研究组
• OASIS Security Services (SAML) TC
– Defining and maintaining a standard, XML-based framework for creating and exchanging security information between online partners
lijun2003@gmail.com
ITU-T内部与安全相关的研究组
• Study Group 17 - Security • Study Group 2 - Operational aspects of service provision and
telecommunications management • Study Group 5 - Environment and Climate Change • Study Group 9 - Television and sound transmission and integrated broadband
– 3GPP2 – 电信和互联网融合业务及高级网络协议(TISPAN)
• 地区标准制定组织
– 美国电信工业解决方案联盟(ATIS) – 美国电气和电子工程师协会(IEEE) – 欧洲电信标准化协会(ETSI) – 中国通信标准化协会(CCSA) – 亚洲地区信息安全标准交流论坛(RAISS)
Page 3
信息通信技术安全标准路线图
信息通信技术安全标准路线图
lijun2003@gmail.com 2011.8.5
© 2011 Mir4ge
wenku.baidu.com
lijun2003@gmail.com
目录
• 当前安全标准制定组织及工作情况
• 当前已有安全标准总览
• 未来的需求及计划中的安全标准
• IdM身份管理领域:标准、组织及研究趋势
• OASIS eXtensible Access Control Markup Language (XACML) TC
– Representing and evaluating access control policies.
• OASIS Extensible Resource Identifier (XRI) TC
– RAN: Radio Access Network(无线 接入网)
– SA: Service and System Aspects( 业务和系统方面)
• WG3: Security 负责3GPP系统的安全
– CT: Core Network and Terminals ( 核心网络和终端)
Page 9
– Advancing digital signature services standards for XML
• OASIS Enterprise Key Management Infrastructure (EKMI) Technical Committee
– Standardizing the management of symmetric encryption cryptographic keys across the enterprise
– dkim
Domain Keys Identified Mail
– emu
EAP Method Update
– hokey
Handover Keying
– ipsecme IP Security Maintenance and Extensions
– isms
Integrated Security Model for SNMP
Page 8
lijun2003@gmail.com
3GPP组织架构
• 项目协作部(Project Co-odination Group)- 最高管理机构,负责全面协
调工作
• 技术规范部(Technical Specification Groups )- 负责技术规
范制定工作,受PCG的管理
– GERAN: GSM/EDGE Radio Access Network(GSM/EDGE 无线接入网)
lijun2003@gmail.com
3GPP2组织架构
Page 10
TISPAN组织架构
lijun2003@gmail.com
• TISPAN是ETSI旗下从事下一代网络研究的标准化组织
– 从固网角度(3GPP以移动角度)研究下一代网络NGN – 于2003年9月成立,由欧洲运营商和制造商主导,亚洲国家可以作为准会员参与,提交文稿并
• OASIS Identity in the Cloud TC
– Developing profiles of open standards for identity deployment, provisioning and management in cloud computing
• OASIS Identity Metasystem Interoperability (IMI) TC
• Security Area Advisory Group (SAAG) - 目前活跃的工作组有14个
– abfab
Application Bridging for Federated Access Beyond web
– dane
DNS-based Authentication of Named Entities
– Advancing interoperability standard for Information Cards
• OASIS Key Management Interoperability Protocol (KMIP) TC
– Advancing interoperability standard for enterprise encryption key management
• OASIS Web Services Federation (WSFED) TC
– Extending identity management to enable federations of trust across organizations
• OASIS Web Services Secure Exchange (WS-SX) TC
– pkix
Public-Key Infrastructure (X.509)
– tls
Transport Layer Security
Page 7
OASIS(结构化信息标准促进组织)安全相关的技术委员会
lijun2003@gmail.com
• OASIS Biometric Identity Assurance Services (BIAS) Integration TC
– Defining WS-Security extensions and policies to enable the trusted exchange of multiple SOAP messages
• OASIS XRI Data Interchange (XDI) TC
– Creating a standard for sharing, linking, and synchronizing data ("dataweb") over the Internet and other networks using XML documents and Extensible Resource Identifiers
具有投票权。 – 分8个组研究NGN的标准,分别为WG1(业务)、WG2(体系架构)、WG3(协议)、WG4
(编号和路由)、WG5(QoS)、WG6(测试)、WG7(安全)、WG8(网络管理)。
Page 11
lijun2003@gmail.com
目录
• 当前安全标准制定组织及工作情况
– Providing a guideline for developing operational solutions to privacy issues
• OASIS Provisioning Services TC
– Providing an XML framework for managing the provisioning and allocation of identity information and system resources within and between organizations
– Defining a syntax for abstract structured identifiers to share semantics across different URI schemes, domains, and applications (XRI); plus defining a simple XML format for uniform metadata discovery for all URIs (XRD)
Page 2
lijun2003@gmail.com
当前主要安全标准制定组织
• 正式国际标准制定组织
– 国际电联-电信标准部门(ITU-T) – 国际标准化组织(ISO)及国际电工委员会(IEC)
• 其它国际标准团队和论坛
– 互联网工程任务组(IETF) – 结构化信息标准促进组织(OASIS)
– 3GPP
– Defining methods for using biometric identity assurance in transactional Web services and SOAs
• OASIS Cross-Enterprise Security and Privacy Authorization (XSPA) TC
– Enabling the interoperable exchange of healthcare privacy policies, consent directives, and authorizations
– OASIS Digital Signature Services eXtended (DSS-X) TC
– kitten
Common Authentication Technology Next Generation
– krb-wg
Kerberos
– msec
Multicast Security
– nea
Network Endpoint Assessment
– oauth
Web Authorization Protocol
• OASIS Open Reputation Management Systems (ORMS) TC
– Advancing the ability to use common data formats for representing reputation data
• OASIS Privacy Management Reference Model (PMRM) TC
Page 4
lijun2003@gmail.com
ITU-T SG17组织结构(2009-2012)
Page 5
ISO/IEC内部安全研究组JTC1/SC27(IT安全技术)
lijun2003@gmail.com
Page 6
lijun2003@gmail.com
IETF(互联网工程任务组)安全相关研究组
• OASIS Security Services (SAML) TC
– Defining and maintaining a standard, XML-based framework for creating and exchanging security information between online partners
lijun2003@gmail.com
ITU-T内部与安全相关的研究组
• Study Group 17 - Security • Study Group 2 - Operational aspects of service provision and
telecommunications management • Study Group 5 - Environment and Climate Change • Study Group 9 - Television and sound transmission and integrated broadband
– 3GPP2 – 电信和互联网融合业务及高级网络协议(TISPAN)
• 地区标准制定组织
– 美国电信工业解决方案联盟(ATIS) – 美国电气和电子工程师协会(IEEE) – 欧洲电信标准化协会(ETSI) – 中国通信标准化协会(CCSA) – 亚洲地区信息安全标准交流论坛(RAISS)
Page 3
信息通信技术安全标准路线图
信息通信技术安全标准路线图
lijun2003@gmail.com 2011.8.5
© 2011 Mir4ge
wenku.baidu.com
lijun2003@gmail.com
目录
• 当前安全标准制定组织及工作情况
• 当前已有安全标准总览
• 未来的需求及计划中的安全标准
• IdM身份管理领域:标准、组织及研究趋势
• OASIS eXtensible Access Control Markup Language (XACML) TC
– Representing and evaluating access control policies.
• OASIS Extensible Resource Identifier (XRI) TC
– RAN: Radio Access Network(无线 接入网)
– SA: Service and System Aspects( 业务和系统方面)
• WG3: Security 负责3GPP系统的安全
– CT: Core Network and Terminals ( 核心网络和终端)
Page 9
– Advancing digital signature services standards for XML
• OASIS Enterprise Key Management Infrastructure (EKMI) Technical Committee
– Standardizing the management of symmetric encryption cryptographic keys across the enterprise