Page 14 - ETSI-WP-2017-2018.html
P. 14
Security
Online
Work
Programme
Standards for Secure,
Reliable Communications
Online
Work
Information Security standards are Programme
essential to ensure interoperability
among systems and networks,
compliance with legislation and
adequate levels of security. They
provide a means for protecting the Online
Work
user and creating a more secure Programme
and profitable environment for the
industrial sector.
Online
Work
Cyber Security Identifiable Information, a TS on identity management and
Programme
The rapid evolution and growth in the complexity of new naming schema protection mechanisms, which will identify
systems and networks, coupled with the sophistication means to prevent identity theft and resultant crime, and a TR
of changing threats, present demanding challenges for on a practical introductory guide to privacy.
maintaining the security of Information and Communications
Technologies (ICT) systems and networks. Security solutions Our work on Attribute-Based Encryption (ABE) is ongoing. By
Online
Work
must include a reliable and secure network infrastructure, mid-2018 we plan to publish specifications on the application
Programme
but they must also protect the privacy of individuals of ABE for data protection on smart devices, Cloud and
and organisations. Security standardisation, sometimes mobile services, and on the standard features needed to use
in support of legislative actions, has a key role to play ABE as Attribute Based Access Control.
in protecting the Internet and the communications and
business it carries. Our Cyber Security committee (TC CYBER) We will finalise a Technical Report (TR) on the
Online
is addressing many of these issues. implementation of the European Union’s Network and
Work
Information Security Directive, which will identify existing
Programme
Building on our previous work, we have begun developing standards and where new standards are needed in support of
a Technical Specification (TS) which will define metrics for the directive, particularly in the area of critical infrastructure
the identification of critical infrastructures, addressing protection.
issues such as the impact of a successful attack on a critical
infrastructure, categorisation of the critical infrastructure, We will also complete a new TS specifying an interface to
Online
its dependencies and interdependencies, reporting and enable a trusted domain to perform sensitive functions
Work
registration and access control. Publication is expected coming from another domain. Programme
before the end of 2017.
Work continues on the updating of our two-part TS
We continue to address privacy, in response to European on methods and protocols for security, addressing
Commission (EC) standardisation request M/530 on Privacy countermeasures and Threat, Vulnerability and Risk Analysis
by Design, and in co-operation with the European Committee methods and taking account of developing threats and new
Online
for Standardisation (CEN) and the European Committee for security techniques. Work
Electrotechnical Standardisation (CENELEC). By the end of Programme
2017 we expect to have completed a new TS on mechanisms Our new working group on quantum-safe cryptography,
for privacy assurance and the verification of Personally which brings the activities of our former Industry
Specification Group (ISG) on Quantum-Safe Cryptography
(ISG QSC), into mainstream ETSI standardisation, has begun
work on three TRs. Two will compare proposals for quantum-
Online
safe key exchange schemes and signature schemes, and a
Work
third will review and make recommendations on the impact
Programme
of integrating quantum-safe algorithms into Virtual Private
Network technologies.
We have begun new work on middlebox security protocols,
which is expected to lead to the publication of a TS in 2018.
Online
Work
Programme
In the spectrum area, we plan to finalise a new System
Reference document on critical infrastructure utility
operations.
12