IT Security

We develop test specifications to test interoperability, conformance, performance and security. The methodology used is end-to-end (e2e) and includes verification of both the control and user plane. The test specifications are based on 3GPP specifications which enable network operators to test their network for services for both fixed and mobile customers.

We produce test purposes, test descriptions, and TTCN-3 test cases to enable interoperability testing of the core network elements and covering the single-network, interconnect and roaming scenarios. Use Cases and requirements specified by ETSI for Automated and Autonomic Management and Control (self- management) of Networks and Services are tested via “industry standards-anchored” Proof of Concepts (PoC) events.

We create standards related to testing and specification languages and provide frameworks and methodologies to enable the other ETSI committees to achieve this goal. Work is performed very closely with ETSI’s Centre for Testing and Interoperability (CTI) to develop the background material which they then use in their support of other ETSI committees as well as other relevant standardization bodies such as ITU Study Group 17. Much of work done by TC MTS has also been adapted and used beyond ETSI by other organizations, fora, and industry globally.

Preparation of European Standards specifying safety and performance requirements for supplementary grip devices to be mounted on tyres of road vehicles.

The OASIS KMIP TC works to define a single, comprehensive protocol for communication between encryption systems and a broad range of new and legacy enterprise applications, including email, databases, and storage devices. By removing redundant, incompatible key management processes, KMIP will provide better data security while at the same time reducing expenditures on multiple products.

This International Standard provides guidelines for specific activities in handling digital evidence, which are identification, collection, acquisition and preservation of digital evidence that may be of evidential value.

Source:    https://www.iso.org/obp/ui/#iso:std:iso-iec:27037:ed-1:v1:en

This part of ISO/IEC 14888 specifies digital signatures with appendix whose security is based on the difficulty of factoring the modulus in use. For each signature scheme, it specifies:
a) the relationships and constraints between all the data elements required for signing and verifying;
b) a signature mechanism, i.e., how to produce a signature of a message with the data elements required for signing;
c) a verification mechanism, i.e., how to verify a signature of a message with the data elements required for verifying.

This document specifies digital signature mechanisms with appendix whose security is based on the discrete logarithm problem.
This document provides
— a general description of a digital signature with appendix mechanism, and
— a variety of mechanisms that provide digital signatures with appendix.

This part of ISO/IEC 15408 establishes the general concepts and principles of IT security evaluation and specifies the general model of evaluation given by various parts of the International Standard which in its entirety is meant to be used as the basis for evaluation of security properties of IT products.

This part of ISO/IEC 15408 defines the assurance requirements of ISO/IEC 15408. It includes the evaluation assurance levels (EALs) that define a scale for measuring assurance for component Targets of Evaluation (TOEs), the composed assurance packages (CAPs) that define a scale for measuring assurance for composed TOEs, the individual assurance components from which the assurance levels and packages are composed, and the criteria for evaluation of Protection Profiles (PPs) and Security Targets (STs).

The present document provides technical solutions for oneM2M authorization architecture, authorization procedures and access control policies. The present document also gives evaluations of these proposed technical solutions.

ETSI TS 118 103 [i.2] only defines a high level authorization architecture that describes its major components and general authorization procedure. The objective of the present document is to provide candidate security solutions related to authorization architecture, authorization procedures and access control policies. The present document provides security solutions in the following three aspects:

• Detailed design of authorization architecture: This part investigates the interfaces among authorization components (e.g. procedures and parameters), how these components could be distributed in different oneM2M entities (i.e. different CSEs), and how to implement Role Based Access Control (RBAC) and token based access control.

• Supporting user specified access control policies: This part investigates how the oneM2M authorization system could be an extensible system that can support user-defined access control mechanisms and/or access control policy languages.

• Investigating existing access control policy languages: This part investigates if some standardized access control policy languages could become oneM2M recommended access control policy description languages

The present document provides options and analyses for the security features and mechanisms providing end-to-end security and group authentication for oneM2M.

The scope of this technical report includes use cases, threat analyses, high level architecture, generic requirements, available options, evaluation of options, and detailed procedures for executing end-to-end security and group authentication.