Cybersecurity/Network and Information security

The standard provides a guideline on the mechanisms to ensure that the methods and processes used in the investigation of information security incidents are "fit for purpose". It contains the best practices regarding the definition of the requirements, the description of the methods, and demonstration of how the implementation of the methods can satisfy the requests. It also includes considerations on how vendors and third parties can be used to help this warranty process.

Describes guidelines based on idealized models for common incident investigation processes across various incident investigation scenarios involving digital evidence.

The OASIS PMRM TC works to provide a standards-based framework that will help business process engineers, IT analysts, architects, and developers implement privacy and security policies in their operations. PMRM picks up where broad privacy policies leave off. Most policies describe fair information practices and principles but offer little insight into actual implementation. PMRM provides a guideline or template for developing operational solutions to privacy issues. It also serves as an analytical tool for assessing the completeness of proposed solutions and as the basis for establishing categories and groupings of privacy management controls.

The OASIS KMIP TC works to define a single, comprehensive protocol for communication between encryption systems and a broad range of new and legacy enterprise applications, including email, databases, and storage devices. By removing redundant, incompatible key management processes, KMIP will provide better data security while at the same time reducing expenditures on multiple products.

The OASIS CSAF Technical Committee is chartered to make a major revision to the Common Vulnerability Reporting Framework (CVRF) under a new name for the framework that reflects the primary purpose: a Common Security Advisory Framework (CSAF). TC deliverables are designed standardize existing practice in structured machine-readable vulnerability-related advisories and further refine those standards over time.

This Recommendation proposes security guidelines for identity management (IdM) systems. The security guidelines provide how an IdM system should be deployed and operated for secure identity services in NGN (Next Generation Network) or cyberspace environment. The security guidelines focus on providing official advice how to employ various security mechanisms to protect a general IdM system and it also provides proper security procedures required when two IdM systems are interoperated.

To realize secure, stable, efficient, and robust operations of and services by a quantum key distribution (QKD) network as well as to manage a QKD network (QKDN) as a whole and support user network management, Recommendation ITU-T Y.3804 specifies functions and procedures for QKDN control and management based on the requirements specified in Recommendation ITU-T Y.3801.

The purpose is to define the tests to be performed in order to evaluate the performances of road applications’ GNSS-based positioning terminal (GBPT). To fully define the tests, this task will address the test strategy, the facilities to be used, the test scenarios (e.g. environments and characteristics, which shall allow the comparison of different tests), and the test procedures. The defined tests and process will be validated by performing various in-field tests. The defined tests focus essentially on accuracy, integrity and availability as required in the statement of work included in the invitation to tender. This document will benefit to: - The consolidation of EN 16803-1: "Definitions and system engineering procedures for the establishment and assessment of performances" - The elaboration of EN 16803-2: "Assessment of basic performances of GNSS-based positioning terminals" - The elaboration of EN 16803-3: "Assessment of security performances of GNSS based positioning terminals".

The purpose of this Recommendation is to analyse, structure and suggest a method for establishing an incident management organization within a telecommunication organization involved in the provision of international telecommunications, where the flow and structure of an incident are focused. The flow and the handling are useful in determining whether an event is to be classified as an event, an incident, a security incident or a crisis. The flow also covers the critical first decisions that have to be made. Computer crime follows in the wake of the heavily increased use of computers in international telecommunications. Over the last years, computer crime has literally exploded, as confirmed by several international and national surveys. In the majority of countries, there are no exact figures on the number of computer break-ins or security incidents, especially those related to international telecommunications.Most telecommunication organizations or companies do not have any specialized organization for handling Information and Communication Networks (ICN) security incidents (although they may have a general crisis team for handling crises of any type). When an ICN security incident occurs it is handled ad hoc, i.e., the person who detects an ICN security incident takes the responsibility to handle it as best as (s)he can. In some organizations the tendency is to forget and cover up ICN security incidents as they may affect production, availability and revenues.Often, when an ICN security incident is detected, the person who detects it does not know who to report it to. This may result in the system or network's administrator deploying a workaround or quick fix just to get rid of the problem. They do not have the delegated authority, time or expertise to correct the system so that the ICN security incident does not recur. These are the main reasons why it is better to have a trained unit or group that can handle security incidents in a prompt and correct manner. Furthermore, many of the issues may be in areas as diverse as media relations, legal, law enforcement, market share, or financial.When reporting or handling an incident, the use of different taxonomies leads to misunderstanding. This may, in turn, result in an ICN security incident getting neither the proper attention, nor the prompt handling, that is needed in order to stop, contain and prevent the incident from recurring. This may lead to serious consequences for the affected organization (victim).To be able to succeed in incident handling and incident reporting, it is necessary to have an understanding of how incidents are detected, handled and resolved. By establishing a general structure for incidents (i.e., physical, administrative or organizational, and logical incidents) it is possible to obtain a general picture of the structure and flow of an incident. A uniform terminology is the base for a common understanding of words and terms.

Supplement 12 to ITU-T X-series Recommendations, in particular to Recommendation ITU-T X.1240, describes the basic concept and characteristics of mobile messaging spam. It also introduces and analyses current technologies on countering mobile messaging spam. In addition, this supplement proposes a general implementation framework for countering mobile messaging spam. The relative activities in different organizations are introduced in Appendix I.

This work item will study multi-tenancy related use cases for NFV to remove the gap between the existing IFA010 general functional requirements on multitenancy management and the missing requirement details regarding NFV elements consumed by different tenants. It will also take into consideration possible relation with Release 3 features like multi-domain NS provisioning, security orchestration. Key issues on multi-tenancy in NFV (e.g. tenant-dependent LCM, tenant dependent resource management, traffic separation, ..) will be identified and analyzed for concluding the recommendations.

Many organizations in developing countries as well as developed countries may have difficulties in implementing the high-level dimensions described in Recommendation ITU-T X.805. Recommendation ITU-T X.1039 is aimed at providing a set of security measures to implement the high-level dimensions. It also provides technical implementation guidance for security measures that can be used to improve organizations’ security response capabilities. A set of security measures described in this Recommendation could assist organizations in managing information security risks and implementing technical dimensions. The audience of this Recommendation includes, but is not limited to, those individuals responsible for implementing an organization's information security dimensions.