Information & Communications Security for NGN Converged Services IP Networks and Infrastructure
|Publication Date:||1 October 2007|
This Technical Report discusses how to achieve the following security objectives:
• Articulating the security needs of service providers, product developers, and large enterprises as it relates to their functional lifecycle
• Recognizing potential threats & performing vulnerability analysis
• Methodology for developing and using security architectures and using security frameworks
• Understanding how to apply standards, best practices, and governmental regulations
• Recognizing when to use what protocols
• Applying accreditation procedures.
In addition, this Technical Report discusses the role of security policy, guidelines and procedures in achieving these objectives and specific technology related issues.
The development process necessary to produce a secure information system spanning:
• Conceptual definition,
• Functional requirements,
• Functional specifications,
• Software design, implementation and testing,
is beyond the scope of this Technical Report. Likewise, decommissioning is currently beyond the scope of this Technical Report.
This Technical Report provides a user guide for service provider, product developers, and application content developers on how to incorporate security from initiation to decommissioning of services.
This Technical Report is in alignment with the ITU-T X.8xx series Recommendations and ISO/IEC Standard 7498-2 [ISO7498-2]