ITU

Recommendation ITU-T Y.4905 is a holistic impact framework for the assessment of smart and sustainable cities to address the effects of digital innovation on social, economic and environmental issues. Smart sustainable city (SSC) initiatives have been proposed as potential solutions to economic, social and environmental challenges and pressures encountered by cities. Advances in information and communication technologies (ICTs) enable significant transformation potential in the way city resources, services and infrastructures are planned and managed. More specifically, ICT can play an enabling role to address the urban challenges of the twenty-first century. Smart sustainable cities harness ICTs (including various subtopics under ICT such as digital transformation, data, Internet of things (IoT), digital services, etc.) and intend to deliver city enhancements through a portfolio of action items. By their very nature, SSC initiatives impact the underlying cities. It is important to identify and asses this impact. The identification and assessment of impact will allow for better planning, the setting expectations with stakeholders, better informed budgeting, more effective public private partnerships and the promotion of alternative financing mechanisms. This will also help in communicating SSC initiatives.

Recommendation ITU-T Y.4051 contains vocabulary applied to the work on smart cities and communities (SC&C). The vocabulary terms and definitions in this Recommendation are defined in published ITU‑T Recommendations and Supplements, and standards from other international standards developing organizations (SDOs) such as the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). Additionally, this vocabulary also includes and defines new terms to meet the needs of the work of ITU on SC&C.

For quantum key distribution networks (QKDN), Recommendation ITU-T X.sec_QKDN_intrq specifies security requirements for integration of QKDN with various user networks (e.g., storage, cloud, sensor, content, etc.).

ITU T Y.QKDN_frint "Framework for integration of QKDN and secure network infrastructures"

Recommendation ITU-T X.1714 describes key combination methods for quantum key distribution network (QKDN) and specifies security requirements for both the key combination and the key supply from QKDN to cryptographic applications.

Rapid advancements in communications and associated technologies has led to the emergence of distributed ecosystems with a large number of devices, applications and use cases requiring open access to trusted services. This open access to trusted services in distributed ecosystems can be provisioned by using the inherent security capabilities and mechanisms already present in the devices and the underlying networks. Recommendation ITU-T Y.3056 provides a concept of bootstrapping of devices and applications by network operators who can share the network security capabilities with users and providers of new devices and services. It describes the requirements to be fulfilled by the entities of the ecosystem such that they may benefit from the bootstrapping capabilities. Based on the requirements, a reference model as well as a functional architecture is provided, which together describe the elements, functions and reference points needed for provisioning of the bootstrapping capabilities. Finally, this Recommendation provides the information flows required to enable the bootstrapping capabilities.

Recommendation ITU-T X.1364 analyses potential deployment schemes and typical application scenarios for narrowband Internet of things (NB-IoT). It specifies security threats and requirements specific to the NB-IoT deployments and establishes a security framework for the operator to safeguard new NB-IoT technology applications. Current developments in telecommunication technology in the mobile communication domain, are leading to changes in communication patterns from person-to-person to person-to-thing and thing-to-thing, making inevitable the evolution to the Internet of things. Compared to short distance communication technologies such as Bluetooth, ZigBee and others, cellular mobile networks characterized by wide coverage, mobility and extensive connections that bring richer application scenarios will become the main interconnection technology of IoT. NB-IoT is based on cellular mobile network technology, using a bandwidth of approximately only 180 KHz. It may be deployed on global system for mobile communication (GSM) networks, universal mobile telecommunications system (UMTS) networks or long-term evolution (LTE) networks directly to reduce costs and achieve a smooth upgrade. Based on its low power dissipation, wide coverage, low cost and high capacity, NB-IoT is expected to be massively adopted by operators with wide application in multiple vertical industries. As a new technology, NB-IoT has its own characteristics that may bring new security issues. In order to ensure security of NB-IoT deployments and applications, security threats and relevant security requirements specific to NB-IoT need to be analysed and an overall security framework for NB-IoT needs to be established.

The Recommendation X.1044 analyses security challenges and threats on Network Virtualization, and provides the security requirements on physical resources layer, virtual resources layer and LINP layer in Network Virtualization (NV).

Recommendation ITU-T X.1040 analyses the main features and typical threats faced by e‑commerce service ecosystems, and provides a security reference architecture for lifecycle management of e-commerce business data.

SAML is an XML-based framework for exchanging security information. This security information is expressed in the form of assertions about subjects, where a subject is an entity (either human or computer) that has an identity in some security domain. A single assertion might contain several different internal statements about authentication, authorization and attributes. This Recommendation defines a protocol by which clients can request assertions from SAML authorities and get a response from them. This protocol, consisting of XML-based request and response message formats, can be bound to many different underlying communications and transport protocols; SAML currently defines one binding to SOAP over HTTP. In creating their responses, SAML authorities can use various sources of information, such as external policy stores and assertions that were received as input in requests. This Recommendation defines SAML assertions elements, subjects, conditions, processing rules and statements. Additionally, it develops a comprehensive SAML metadata profile that includes associated namespace, common data types, processing rules and signature processing. Several protocol bindings such as SOAP, PAOS (reverse SOAP), HTTP redirect, HTTP POST, among others, are also developed. This Recommendation provides a comprehensive list of SAML profiles such as web browser SSO profile and single logout profile to enable the wide adoption of SAML 2.0 in the industry. Guidelines for authentication context and conformance are also provided.This Recommendation is technically equivalent and compatible with the OASIS SAML 2.0 standard.