Standard

Available (1843)

Showing 1201 - 1212 per page



Security requirements of Network as a Service (NaaS) in cloud computing

Network as a Service (NaaS) is one of the representative cloud service categories, in which the capability provided to the cloud service customer (CSC) is transport connectivity and related network capabilities. NaaS services can provide any of three cloud capabilities as: NaaS application service, NaaS platform service and NaaS connectivity service. All the three kinds of NaaS service face particular security challenges such as application security vulnerabilities, security risks of network virtualization, eavesdropping, etc. Recommendation ITU-T X.SRNaaS analyses the security challenges and security requirements of NaaS application, NaaS platform and NaaS connectivity. This Recommendation could help NaaS service providers to address on the security issues. The capabilities provided by this Recommendation will take into account the national legal and regulatory obligations in individual Member States in which the NaaS services operate.The methodology of this proposal would follow the recommendations of clause 10 in Recommendation ITU-T X.1601.

Security requirements of public infrastructure as a service (IaaS) in cloud computing

Infrastructure as a Service (IaaS) is one of the representative categories of cloud services, in which the cloud capabilities service provided to the CSC is an infrastructure capabilities type. IaaS environments and virtualized services are facing more challenges and threats than traditional information technology infrastructure and application. Platforms that share computing, storage, and network services need protections specific to the threats in the IaaS environment. If these threats are not carefully addressed, it will have very negative impact on the development of IaaS services.Recommendation ITU- X.SRIaaS aims to document the security requirements of public IaaS. This will be helpful for IaaS CSPs to improve the overall security level throughout the planning, constructing and operating stages of IaaS platform and services. This work also complements the security standardization activity related to Software Defined Networks

Security requirements for Communication as a Service application environments

Recommendation ITUT X.SRCaaS recommends the security requirements of communication as a service (CaaS) application environments with the identification of the risks. The Recommendation describes the scenarios and the features of CaaS, into which multicommunication capabilities are plugged. Moreover, some special /unique risks are identified, which are caused by the unique features of CaaS. The corresponding security requirements are recommended for the following aspects: Identity fraud, orchestration security, multi devices security, countering spam, privacy protection, infrastructure attack, attack from infrastructure, Intranet attack and so on. The Recommendation refers to the common security requirements of Recommendation ITUT X.1602 to avoid duplicated work. These measures in the requirements take into account the national legal and regulatory obligations in individual member states in which the platforms operate. The work applies the methodology standardized in clause 10 of Recommendation ITU-T X.1601.

Security guidelines for container in cloud computing environment

Recommendation X.1643 analyses security threats and challenges on virtualization container in cloud computing environment and specifies a reference framework with security guidelines for virtualization container in cloud.

Intelligent Transport Systems (ITS); On-Board Weighing (OBW) equipment; protocol and data elements specification; Release 2

The scope of this standard is to define an access layer independent protocol for on-board weighing equipment based on the requirements defined in COMMISSION IMPLEMENTING REGULATION (EU) 2019/1213.  

Security requirements and framework for narrowband Internet of things

Recommendation ITU-T X.1364 analyses potential deployment schemes and typical application scenarios for narrowband Internet of things (NB-IoT). It specifies security threats and requirements specific to the NB-IoT deployments and establishes a security framework for the operator to safeguard new NB-IoT technology applications. Current developments in telecommunication technology in the mobile communication domain, are leading to changes in communication patterns from person-to-person to person-to-thing and thing-to-thing, making inevitable the evolution to the Internet of things. Compared to short distance communication technologies such as Bluetooth, ZigBee and others, cellular mobile networks characterized by wide coverage, mobility and extensive connections that bring richer application scenarios will become the main interconnection technology of IoT. NB-IoT is based on cellular mobile network technology, using a bandwidth of approximately only 180 KHz. It may be deployed on global system for mobile communication (GSM) networks, universal mobile telecommunications system (UMTS) networks or long-term evolution (LTE) networks directly to reduce costs and achieve a smooth upgrade. Based on its low power dissipation, wide coverage, low cost and high capacity, NB-IoT is expected to be massively adopted by operators with wide application in multiple vertical industries. As a new technology, NB-IoT has its own characteristics that may bring new security issues. In order to ensure security of NB-IoT deployments and applications, security threats and relevant security requirements specific to NB-IoT need to be analysed and an overall security framework for NB-IoT needs to be established.

IEEE Standard for Adoption of OpenFog Reference Architecture for Fog Computing

OpenFog Consortium--OpenFog Reference Architecture for Fog Computing is adopted by this standard. OpenFog Reference Architecture [OPFRA001.020817] is a structural and functional prescription of an open, interoperable, horizontal system architecture for distributing computing, storage, control and networking functions closer to the users along a cloud-to-thing continuum of communicating, computing, sensing and actuating entities. It encompasses various approaches to disperse Information Technology (IT), Communication Technology (CT) and Operational Technology (OT) Services through information messaging infrastructure as well as legacy and emerging multi-access networking technologies

Standard for Vehicle to Vehicle Communications for Unmanned Aircraft Systems

Vehicle to Vehicle Communications (V2V) standard for Unmanned Aircraft Systems defines the protocol for exchanging information between the vehicles. The information exchange will facilitate beyond line of sight (BLOS) and beyond radio line of sight (BRLOS) communications. The information exchanged between the aircraft may be for the purpose of command, control, and navigation or for any application specific purpose.

Security reference architecture for lifecycle management of e-commerce business data

Recommendation ITU-T X.1040 analyses the main features and typical threats faced by e‑commerce service ecosystems, and provides a security reference architecture for lifecycle management of e-commerce business data.

ITU-T X.1040

Security Assertion Markup Language (SAML 2.0)

SAML is an XML-based framework for exchanging security information. This security information is expressed in the form of assertions about subjects, where a subject is an entity (either human or computer) that has an identity in some security domain. A single assertion might contain several different internal statements about authentication, authorization and attributes. This Recommendation defines a protocol by which clients can request assertions from SAML authorities and get a response from them. This protocol, consisting of XML-based request and response message formats, can be bound to many different underlying communications and transport protocols; SAML currently defines one binding to SOAP over HTTP. In creating their responses, SAML authorities can use various sources of information, such as external policy stores and assertions that were received as input in requests. This Recommendation defines SAML assertions elements, subjects, conditions, processing rules and statements. Additionally, it develops a comprehensive SAML metadata profile that includes associated namespace, common data types, processing rules and signature processing. Several protocol bindings such as SOAP, PAOS (reverse SOAP), HTTP redirect, HTTP POST, among others, are also developed. This Recommendation provides a comprehensive list of SAML profiles such as web browser SSO profile and single logout profile to enable the wide adoption of SAML 2.0 in the industry. Guidelines for authentication context and conformance are also provided.This Recommendation is technically equivalent and compatible with the OASIS SAML 2.0 standard.

ITU-T X.1141