Monthly newsletter Weekly news roundup Breaking news notification      

International Telecommunication Union launches new network security standard

Get free weekly news by e-mailThe Bell Labs Network Security Model has been adopted by the ITU as ITU-T Recommendation X.805 - which is a comprehensive approach to proactively combat information security threats.

This new global standard will enable businesses, government agencies and service providers to better implement governance programs that improve network security and eliminate potential threats. The standard provides a comprehensive security management framework under which existing security standards such as X.509 for public key and attribute certificates can be mapped.

"It is paramount that security be a well-thought process that goes from system inception and design to system implementation to policies and practices for system deployment," said Houlin Zhao, director of the Telecommunication Standardization Bureau for the ITU. "Lucent and Bell Labs understand security, and they recognise the importance of a standards-based approach for realising it. I applaud their work in driving the development and adoption of Recommendation X.805 - a significant step on the path to securing networks worldwide."

Network operators and individuals can use the approaches within X.805 to detect, predict and correct security vulnerabilities across wireless, optical, and wire-line voice, data and converged networks. It can also be used to assess the security of existing networks, and help ensure end-to-end security of distributed applications.

About the new ITU Security Standard
X.805 is a comprehensive, multi-layered, end-to-end security framework that, when implemented, can help enterprise customers and service providers combat network security threats across eight different dimensions and potentially save millions of dollars in security vulnerabilities. The three key security components of the framework are:

* Security Dimensions refer to a particular aspect of network security such as authentication, or data integrity, and extends to applications and end user information as well.

* Security Layers refer to the infrastructure, services and applications layers - all of which have different security vulnerabilities that need to be dealt with in a way best suited to that particular layer.

* Security Planes address network management activities such as provisioning; network control, or signalling activities using protocols such as session initiation protocol (SIP); and end-user activities such as virtual private networking (VPNs).

The X.805 standard also provides a systematic framework for diagnosing potential security threats in large complex networks and ensuring a consistent framework for applying network operations and management across the network. It can be applied to all aspects and phases of a successful security program, including:

* Definition and Planning: helps define comprehensive security policies, incident response and recovery plans, technology architectures and technical requirements

* Implementation: helps assess how security policies and procedures are rolled out and technology is deployed

* Maintenance and Health Check: helps manage and assess routine changes in architecture, network equipment, security policies and procedures, incident response and recovery plans

The full text of Recommendation X.805 is available online at the ITU's website.

Date: 18th March 2004 •Region: Worldwide •Type: Article •Topic: ISM
Rate this article or make a comment - click here


Copyright 2004 Portal Publishing LtdPrivacy policyContact usSite mapNavigation help