8 Proposals Adopted as Standards at ITU-T SG 17
The National Radio Research Agency announced on Sept. 3 that the ITU-T Study Group 17 (SG17) has adopted eight security-related proposals prepared by Korea as international standards, while at the same time establishing a task group dedicated to the development of standards for quantum cryptography.
SG 17 is a study group under the ITU-T that focuses on establishing and revising communications security standards. The SG 17 meeting was held online from Aug. 24 to Sept. 3.
The eight proposals were developed jointly by Korea University, the Finance Security Institute, Soon Chun Hyang University, SK Telecom, Kakao Mobility, the Korea Internet & Security Agency (KISA), the Electronics and Telecommunications Research Institute (ETRI), Korea Information Systems Consulting and Audit and Hyundai Motor.
At the SG 17 meeting, six proposals related to quantum cryptography, blockchain (distributed ledger technology), and vehicle security were adopted in advance as standards, and two proposals on personal information protection and cyber security failure responses were finally adopted as standards. The pre-adopted standards will be finally adopted as standards if there is no disagreement among governments.
Among the six pre-adopted standards, standards on security frameworks (SK Telecom) for quantum cryptographic key distribution networks and quantum cryptographic keys and security key supply (SK Telecom) define how cryptographic keys generated by the distribution technology are combined with encryption keys along with elements that make up a network where quantum keys are transmitted and a communication environment and security requirements. This enables interconnections between existing and quantum cryptographic communication networks, which can lower construction costs and speed up introduction.
In addition, defining a technical terminology of blockchain (Soon Chun Hyang University and Korea Information Systems Consulting and Audit) and standards on a guarantee of corresponding security (Sooncheonhyang University and NSHC) provide criteria on determining security levels of blockchains. This will be used as a guideline for companies that provide blockchains to check security levels of their own systems.
Standards on security requirements for external access devices (Hyundai Motor and the ETRI) and an in-vehicle network intrusion detection system (Korea University, Kakao Mobility, the the ETRI and Hyundai Motor) are expected to contribute to the spread of related services by strengthening the security of self-driving cars and securing interoperability among automakers.
Among the two final adoption cases, standards on a de-identification framework (KISTRI, Soonchunhyang University, the KISA and the ETRI) provide procedures to de-identify personal information and technology to safely handle target data, while the ETRI provides a guidance to determine the suitability and reliability of technology used to collect and preserve evidence data in the event of a cyber breach. In particular, the introduction of the concept of alias information as the main content of the three recently revised data acts is expected to help spread related technology.