Standard

Recommendation ITU-T X.1043 analyses security threats to and defines security requirements for software-defined networking (SDN) based service function chaining. The corresponding security countermeasures are also given. This Recommendation aims to help understanding of security risks encountered when using the SDN-based service function chaining and implementation of secured SDN-based service function chains.

Recommendation ITU-T X.1042 supports the protection of network resources using security services based on software-defined networking (SDN). This Recommendation first classifies the network resources for SDN-based security services: SDN application, SDN controller, SDN switch and security manager (SM). Recommendation ITU-T X.1042 then defines security services based on SDN.

Recommendation ITU-T X.1040 analyses the main features and typical threats faced by e‑commerce service ecosystems, and provides a security reference architecture for lifecycle management of e-commerce business data.

Many organizations in developing countries as well as developed countries may have difficulties in implementing the high-level dimensions described in Recommendation ITU-T X.805. Recommendation ITU-T X.1039 is aimed at providing a set of security measures to implement the high-level dimensions. It also provides technical implementation guidance for security measures that can be used to improve organizations’ security response capabilities. A set of security measures described in this Recommendation could assist organizations in managing information security risks and implementing technical dimensions. The audience of this Recommendation includes, but is not limited to, those individuals responsible for implementing an organization's information security dimensions.

The Internet Protocol version 6 (IPv6) is intended to provide many built-in benefits such as large address space, and self-configuration capabilities. Because it is a new protocol that is likely to be massively adopted in the coming years and operates differently than the Internet Protocol version 4 (IPv4), both foreseeable and unforeseeable security issues will arise. Many new functions or requirements of IPv6, i.e., automatic configuration of interfaces, multicast addressing for specific services, the ability to assign multiple IPv6 addresses to a given interface, and for the use of the ICMPv6 protocol as the cornerstone of the IPv6 protocol machinery (dynamic neighbour discovery, ICMPv6 Router Advertisement (RA) messages that convey configuration information so that IPv6 terminal devices can automatically access to the IPv6 network, etc.) can be identified. Although somewhat equivalent capabilities exist in IPv4 and have been exposed to security threats for quite some time, IPv6 implementation and operation differs from IPv4, at the risk of raising specific security issues.
From that perspective, Recommendation ITU-T X.1037 provides a set of technical security guidelines for telecommunication organizations to deploy and operate IPv6 networks and services. The content of this Recommendation focuses on how to securely deploy network facilities for telecommunication organizations and how to ensure security operations for the IPv6 environment.

Supplement 12 to ITU-T X-series Recommendations, in particular to Recommendation ITU-T X.1240, describes the basic concept and characteristics of mobile messaging spam. It also introduces and analyses current technologies on countering mobile messaging spam. In addition, this supplement proposes a general implementation framework for countering mobile messaging spam. The relative activities in different organizations are introduced in Appendix I.

The purpose of this Recommendation is to analyse, structure and suggest a method for establishing an incident management organization within a telecommunication organization involved in the provision of international telecommunications, where the flow and structure of an incident are focused. The flow and the handling are useful in determining whether an event is to be classified as an event, an incident, a security incident or a crisis. The flow also covers the critical first decisions that have to be made. Computer crime follows in the wake of the heavily increased use of computers in international telecommunications. Over the last years, computer crime has literally exploded, as confirmed by several international and national surveys. In the majority of countries, there are no exact figures on the number of computer break-ins or security incidents, especially those related to international telecommunications.Most telecommunication organizations or companies do not have any specialized organization for handling Information and Communication Networks (ICN) security incidents (although they may have a general crisis team for handling crises of any type). When an ICN security incident occurs it is handled ad hoc, i.e., the person who detects an ICN security incident takes the responsibility to handle it as best as (s)he can. In some organizations the tendency is to forget and cover up ICN security incidents as they may affect production, availability and revenues.Often, when an ICN security incident is detected, the person who detects it does not know who to report it to. This may result in the system or network's administrator deploying a workaround or quick fix just to get rid of the problem. They do not have the delegated authority, time or expertise to correct the system so that the ICN security incident does not recur. These are the main reasons why it is better to have a trained unit or group that can handle security incidents in a prompt and correct manner. Furthermore, many of the issues may be in areas as diverse as media relations, legal, law enforcement, market share, or financial.When reporting or handling an incident, the use of different taxonomies leads to misunderstanding. This may, in turn, result in an ICN security incident getting neither the proper attention, nor the prompt handling, that is needed in order to stop, contain and prevent the incident from recurring. This may lead to serious consequences for the affected organization (victim).To be able to succeed in incident handling and incident reporting, it is necessary to have an understanding of how incidents are detected, handled and resolved. By establishing a general structure for incidents (i.e., physical, administrative or organizational, and logical incidents) it is possible to obtain a general picture of the structure and flow of an incident. A uniform terminology is the base for a common understanding of words and terms.

ISO/IEC 19464:2014 defines the Advanced Message Queuing Protocol (AMQP), an open internet protocol for business messaging. It defines a binary wire-level protocol that allows for the reliable exchange of business messages between two parties. AMQP has a layered architecture and the specification is organized as a set of parts that reflects that architecture.

Part 1 defines the AMQP type system and encoding.
Part 2 defines the AMQP transport layer, an efficient, binary, peer-to-peer protocol for transporting messages between two processes over a network.
Part 3 defines the AMQP message format, with a concrete encoding.
Part 4 defines how interactions can be grouped within atomic transactions.
Part 5 defines the AMQP security layers.

ISO/IEC 20922:2016 is a Client Server publish/subscribe messaging transport protocol. It is light weight, open, simple, and designed so as to be easy to implement. These characteristics make it ideal for use in many situations, including constrained environments such as for communication in Machine to Machine (M2M) and Internet of Things (IoT) contexts where a small code footprint is required and/or network bandwidth is at a premium.

The protocol runs over TCP/IP, or over other network protocols that provide ordered, lossless, bi-directional connections. Its features include:

Use of the publish/subscribe message pattern which provides one-to-many message distribution and decoupling of applications.
A messaging transport that is agnostic to the content of the payload.
Three qualities of service for message delivery:
"At most once", where messages are delivered according to the best efforts of the operating environment. Message loss can occur. This level could be used, for example, with ambient sensor data where it does not matter if an individual reading is lost as the next one will be published soon after.
"At least once", where messages are assured to arrive but duplicates can occur.
"Exactly once", where message are assured to arrive exactly once. This level could be used, for example, with billing systems where duplicate or lost messages could lead to incorrect charges being applied

ISO/IEC 30163:2021 specifies the system requirements of an Internet of Things (IoT)/Sensor Network (SN) technology-based platform for chattel asset monitoring supporting financial services, including: - System infrastructure that describes functional components; - System and functional requirements during the entire chattel asset management process, including chattel assets in transition, in/out of warehouse, storage, mortgage, etc.; - Performance requirements and performance specifications of each functional component; - Interface definition of the integrated platform system. This document is applicable to the design and development of IoT/SN system for chattel asset monitoring supporting financial services.

This document specifies the framework of a real-time IoT (RT-IoT) system, including:

RT-IoT system conceptual model based on domain-based IoT reference model defined in ISO/IEC 30141;
impacts of real-time parameters in terms of four viewpoints (time, communication, control and computation).

ISO 18828-3:2017 describes the information flows identified for each planning discipline within production planning, according to ISO 18828‑2.

The following aspects are within the scope of ISO 18828-3:2017:

· general overview of the main information flows within the reference planning process;

· basic pattern to describe the main information flows;

· detailed description of every main information flow;

· state notation structure of the main information flows objects;

· detailed descriptions for each information object state;

· proposal of checklists for benchmarking information objects.

The following items are outside the scope of ISO 18828-3:2017:

· information flows to intersecting areas, including high-level planning;

· data models for production planning;

· complete description of all possible information flows/objects within production planning;

· workflow engines for automated production planning;

· production facilities planning/manufacturing facilities planning (physical plant and equipment); including any kind of resource that is not directly related to the manufacturing process;

· value chain (inbound logistics, operations management, outbound logistics, marketing and sales);

· process simulation/safeguarding;

· investment planning during production process management.