Cybersecurity/Network and Information security

Available (158)

Showing 37 - 48 per page



Space - Use of GNSS-based positioning for road Intelligent Transport Systems (ITS) - Field tests definition for basic performance

The purpose is to define the tests to be performed in order to evaluate the performances of road applications’ GNSS-based positioning terminal (GBPT). To fully define the tests, this task will address the test strategy, the facilities to be used, the test scenarios (e.g. environments and characteristics, which shall allow the comparison of different tests), and the test procedures. The defined tests and process will be validated by performing various in-field tests. The defined tests focus essentially on accuracy, integrity and availability as required in the statement of work included in the invitation to tender. This document will benefit to: - The consolidation of EN 16803-1: "Definitions and system engineering procedures for the establishment and assessment of performances" - The elaboration of EN 16803-2: "Assessment of basic performances of GNSS-based positioning terminals" - The elaboration of EN 16803-3: "Assessment of security performances of GNSS based positioning terminals".

CEN/TR 17465:2020

ITU-T Y.3804

To realize secure, stable, efficient, and robust operations of and services by a quantum key distribution (QKD) network as well as to manage a QKD network (QKDN) as a whole and support user network management, Recommendation ITU-T Y.3804 specifies functions and procedures for QKDN control and management based on the requirements specified in Recommendation ITU-T Y.3801.

Y.3804 (Recommendation)

Network Functions Virtualisation (NFV); Evolution and Ecosystem; Report on Multi-tenancy in NFV

This work item will study multi-tenancy related use cases for NFV to remove the gap between the existing IFA010 general functional requirements on multitenancy management and the missing requirement details regarding NFV elements consumed by different tenants. It will also take into consideration possible relation with Release 3 features like multi-domain NS provisioning, security orchestration. Key issues on multi-tenancy in NFV (e.g. tenant-dependent LCM, tenant dependent resource management, traffic separation, ..) will be identified and analyzed for concluding the recommendations.

DevSecOps

Businesses are now requiring a stronger collaboration between the development, security and operational functions. This addition of security creates DevSecOps. In the past, the security needs were either skipped or only addressed after the deployment of applications, or worse after security vulnerabilities were exploited. Such an approach increased risks to the deployment and contributed towards a more hostile relationship between security and the development and operations teams. DevSecOps focuses on creating a transparent and holistic management approach that leverages the synergies between the development, security and operational functions, making way towards a proactive and agile security stance. By addressing cultural changes within the work force and adhering to a new combination of tactics, security can become a functioning part across all life cycles and developments.

Security Guidance

Cloud Security Alliance’s Security Guidance for Critical Areas of Focus in Cloud Computing seeks to establish a stable, secure baseline for cloud operations. This effort provides a practical, actionable roadmap to managers wanting to adopt the cloud paradigm safely and securely. Domains are reviewed to emphasize security, stability, and privacy in a multi-tenant environment. The CSA’s Security Guidance for Critical Areas of Focus in Cloud Computing builds on previous iterations through dedicated research, public participation from CSA members, working groups, and industry experts. This version incorporates advances in cloud, security, and supporting technologies, reflects on real-world cloud security practices, integrates the latest CSA research projects, and offers guidance for related technologies. The goal of the fourth version of Security Guidance for Critical Areas of Focus in Cloud Computing is to provide guidance and inspiration to support business goals while managing and mitigating the risks associated with cloud computing adoption.

Quantum-safe Security

The CSA Quantum Safe Security Working Group's goal is to address key generation and transmission methods that will aid the industry in understanding quantum-safe methods for protecting their data through quantum key distribution (QKD) -- a physics‐based technology to securely deliver keys-- and post-quantum cryptography (PQC) -- mathematical algorithms that are resistant to quantum computing. The goal of the working group is to support the quantum‐safe cryptography community in development and deployment of a framework to protect data whether in movement or at rest.

Cloud Security Services Management

Collaboration and coordination among all stakeholders are critical to secure the cloud platform. The current gap is that there is no defined guideline dividing the security roles and responsibilities between the Cloud Service Providers (CSPs) and Cloud customers; on how to secure Cloud services in different Cloud deployment models. This is especially the case for those who have little cloud security knowledge. This WG aims to develop guidelines for CSPs to secure its Cloud platform and provide Cloud security services to Cloud users; for Cloud users to select security qualified CSPs; for security vendors to develop their Cloud-based security products and services. Subsequently, this WG hopes to develop a platform for CSPs to publish their security requirements; for security vendors to share their security products and services, and to provide a platform for interoperability testing.