Information Security Standardization — the ETSI Perspective
The European Telecommunications Standards Institute (ETSI) has been involved in almost every aspect of information security standardization, from algorithms to smart cards, from fixed and mobile teleconmiunication infrastructures to electronic signatures, from lawful interception to broadcasting. As a result, with a unique expertise and a vision of security in ICT as a whole developed, the Institute is now attempting to face the next challenges.
This paper gives a comprehensive overview of the security-related activities that are taking place within the Institute, the major security standards that have been published and views on which are the major issues to be addressed in the future within ETSI, but also in collaboration with other standardization bodies and the Industry.
KeywordsSmart Card Universal Mobile Telecommunication System Electronic Signature Digital Right Management Extensible Authentication Protocol
Unable to display preview. Download preview PDF.
- ETSI TS 133 102 Universal Mobile Telecommunications System (UMTS); 3G security; Security architecture (3GPP TS 33.102)Google Scholar
- ETSI TS 143 020 Digital cellular telecommunications system (Phase 2+); Securityrelated network functions (3GPP TS 43.020)Google Scholar
- ETSI TS 122 016 Technical Specification Group Services and System Aspects; International Mobile station Equipment Identities (IMEI) (3GPP TS 22.016)Google Scholar
- ETSI TS 187 001; TISPAN NGN Security Requirements-NGN Release 1Google Scholar
- ETSI TS 187 003; TISPAN NGN Security-Security Architecture-NGN Release 1Google Scholar
- ISOIIEC 15408 Information technology Security techniques-Evaluation criteria for IT securityGoogle Scholar
- ETSI ES 201 671 Lawful Interception (LI); Handover Interface for the Lawful Interception of Telecommunications TrafficGoogle Scholar
- ETSI TS 102 232 Lawful Interception (LI); Handover Specification for IP DeliveryGoogle Scholar
- ETSI TS 102 233 Service-specific details for e-mail servicesGoogle Scholar
- ETSI TS 102 234 Lawful Interception (LI); Service-specific details for internet access servicesGoogle Scholar
- TR 102 519 Lawful Interception (LI); Lawful Interception of WLAN Internet AccessGoogle Scholar
- ETSI TR 133 908 Universal Mobile Teleconmiunications System (UMTS); Security Algorithms Group of Experts (SAGE); General report on the design, specification and evaluation of 3GPP standard confidentiality and integrity algorithms (3GPP TR 33.908)Google Scholar
- ETSI Future Security Workshop: the threats, risks and opportunities, Output Report 2006 (http://portal.etsi.org/securityworkshop/)
- EC DG Justice M1355, “Elaboration of European Standards to identify and reduce crime risk in products and services”Google Scholar
- Charles Brookson, “GSM (and PCN) Security and encryption”, 1994Google Scholar
- Charles Brookson, Dionisio Zumerle “Security for ICT-the work of ETSI”, ETSI, 2006-http://www.etsi.org/etsi_radar/whitepaper/wp_l.htm
- EC COM(2006) 251 A strategy for a Secure Information Society-“Dialogue, partnership and empowerment”Google Scholar
- 2006/24/EC Directive of the European Parliament and of the Council on the “retention of data generated or processed in connection with the provision of publicly available electronic communications services or of public communications networks and amending Directive 2002/58/EC”Google Scholar