Recognizing WSIS Impacts
- Synopsis of the Opinion
- Supporters Letter
- Statements
- WSIS
- Geneva Plan of Action
- ITU Plenipotentiary Conferences
- PP 2010 – Guadalajara, Mexico
- PP Resolution 2
- PP Resolution 21
- PP Resolution 22
- PP Resolution 23
- PP Resolution 24
- PP Resolution 25
- PP Resolution 30
- PP Resolution 31
- PP Resolution 34
- PP Resolution 35
- PP Resolution 36
- PP Resolution 58
- PP Resolution 64
- PP Resolution 70
- PP Resolution 71
- PP Resolution 73
- PP Resolution 100
- PP Resolution 101
- PP Resolution 102
- PP Resolution 112
- PP Resolution 113
- PP Resolution 122
- PP Resolution 123
- PP Resolution 124
- PP Resolution 128
- PP Resolution 129
- PP Resolution 130
- PP Resolution 131
- PP Resolution 133
- PP Resolution 135
- PP Resolution 136
- PP Resolution 137
- PP Resolution 138
- PP Resolution 139
- PP Resolution 140
- PP Resolution 143
- PP Resolution 149
- PP Resolution 157
- PP Resolution 169
- PP Resolution 170
- PP Resolution 172
- PP Resolution 174
- PP Resolution 175
- PP Resolution 177
- PP Resolution 178
- PP Resolution 179
- PP Resolution 180
- PP Resolution 181
- PP Resolution 182
- PP Resolution 183
- PP Resolution 184
- PP 2014 – Busan, Republic of Korea
- PP Resolution 2
- PP Resolution 21
- PP Resolution 58
- PP Resolution 64
- PP Resolution 70
- PP Resolution 71
- PP Resolution 101
- PP Resolution 102
- PP Resolution 123
- PP Resolution 130
- PP Resolution 131
- PP Resolution 133
- PP Resolution 135
- PP Resolution 137
- PP Resolution 139
- PP Resolution 140
- PP Resolution 157
- PP Resolution 162
- PP Resolution 174
- PP Resolution 177
- PP Resolution 180
- PP Resolution 185
- PP Resolution 187
- PP Resolution 188
- PP Resolution 189
- PP Resolution 190
- PP Resolution 191
- PP Resolution 195
- PP Resolution 196
- PP Resolution 197
- PP Resolution 199
- PP Resolution 200
- PP Resolution 201
- PP Resolution 203
- PP 2010 – Guadalajara, Mexico
- World Telecommunications Development Conferences
- WTDC 2010 – Hyderabad, India
- WTDC Resolution 5
- WTDC Resolution 7
- WTDC Resolution 8
- WTDC Resolution 11
- WTDC Resolution 13
- WTDC Resolution 15
- WTDC Resolution 16
- WTDC Resolution 17
- WTDC Resolution 20
- WTDC Resolution 21
- WTDC Resolution 22
- WTDC Resolution 23
- WTDC Resolution 24
- WTDC Resolution 30
- WTDC Resolution 31
- WTDC Resolution 32
- WTDC Resolution 34
- WTDC Resolution 35
- WTDC Resolution 36
- WTDC Resolution 37
- WTDC Resolution 38
- WTDC Resolution 39
- WTDC Resolution 40
- WTDC Resolution 44
- WTDC Resolution 45
- WTDC Resolution 46
- WTDC Resolution 47
- WTDC Resolution 48
- WTDC Resolution 50
- WTDC Resolution 52
- WTDC Resolution 53
- WTDC Resolution 54
- WTDC Resolution 55
- WTDC Resolution 56
- WTDC Resolution 58
- WTDC Resolution 59
- WTDC Resolution 62
- WTDC Resolution 63
- WTDC Resolution 64
- WTDC Resolution 65
- WTDC Resolution 66
- WTDC Resolution 67
- WTDC Resolution 68
- WTDC Resolution 69
- WTDC Resolution 70
- WTDC Resolution 71
- WTDC Resolution 72
- WTDC Resolution 73
- WTDC Resolution 74
- WTDC 2014 – Dubai, United Arab Emirates
- WTDC Resolution 22
- WTDC Resolution 23
- WTDC Resolution 30
- WTDC Resolution 37
- WTDC Resolution 40
- WTDC Resolution 43
- WTDC Resolution 45
- WTDC Resolution 50
- WTDC Resolution 54
- WTDC Resolution 63
- WTDC Resolution 64
- WTDC Resolution 69
- WTDC Resolution 73
- WTDC Resolution 77
- WTDC Resolution 78
- WTDC Resolution 79
- WTDC Resolution 80
- WTDC Resolution 82
- WTDC 2010 – Hyderabad, India
- World Telecommunications Standards Assemblies
- WTSA 2012 – Dubai, United Arab Emirates
- WTSA Resolution 1
- WTSA Resolution 7
- WTSA Resolution 17
- WTSA Resolution 20
- WTSA Resolution 22
- WTSA Resolution 29
- WTSA Resolution 33
- WTSA Resolution 43
- WTSA Resolution 44
- WTSA Resolution 45
- WTSA Resolution 47
- WTSA Resolution 48
- WTSA Resolution 49
- WTSA Resolution 50
- WTSA Resolution 52
- WTSA Resolution 53
- WTSA Resolution 54
- WTSA Resolution 55
- WTSA Resolution 56
- WTSA Resolution 57
- WTSA Resolution 58
- WTSA Resolution 59
- WTSA Resolution 64
- WTSA Resolution 69
- WTSA Resolution 70
- WTSA Resolution 73
- WTSA Resolution 74
- WTSA Resolution 75
- WTSA Resolution 76
- WTSA 2012 – Dubai, United Arab Emirates
WTSA Resolution 50
WTSA RESOLUTION 50 (Rev. Dubai, 2012)
Cybersecurity
The World Telecommunication Standardization Assembly (Dubai, 2012),
- recalling
- a) Resolution 130 (Rev. Guadalajara, 2010) of the Plenipotentiary Conference, on the role of ITU in building confidence and security in the use of information and communication technologies (ICT);
- b) Resolution 174 (Guadalajara, 2010) of the Plenipotentiary Conference, on ITU’s role with regard to international public policy issues relating to the risk of illicit use of ICT;
- c) Resolution 179 (Guadalajara, 2010) of the Plenipotentiary Conference, on ITU’s role in child online protection;
- d) Resolution 181 (Guadalajara, 2010) of the Plenipotentiary Conference, on definitions and terminology relating to building confidence and security in the use of ICT;
- e) Resolutions 55/63 and 56/121 of the United Nations General Assembly, which established the legal framework on countering the criminal misuse of information technologies;
- f) Resolution 57/239 of the United Nations General Assembly, on the creation of a global culture of cybersecurity;
- g) Resolution 58/199 of the United Nations General Assembly, on the creation of a global culture of cybersecurity and the protection of essential information infrastructures;
- h) Resolution 41/65 of the United Nations General Assembly, on principles relating to remote sensing of the Earth from outer space;
- i) Resolution 45 (Rev. Hyderabad, 2010) of the World Telecommunication Development Conference (WTDC);
- j) Resolution 52 (Rev. Dubai, 2012) of this assembly, on countering and combating spam;
- k) Resolution 58 (Rev. Dubai, 2012) of this assembly, on encouraging the creation of national computer incident response teams, particularly in developing countries1,
- considering
- a) the crucial importance of ICT infrastructure to practically all forms of social and economic activity;
- b) that the legacy public switched telephone network (PSTN) has a level of inherent security properties because of its hierarchical structure and built-in management systems;
- c) that IP networks provide reduced separation between user components and network components if adequate care is not taken in the security design and management;
- d) that the converged legacy networks and IP networks are therefore potentially more vulnerable to intrusion if adequate care is not taken in the security design and management of such networks;
- e) that there are cyberincidents caused by cyberattacks, for example malicious or thrill-seeker intrusions using malware (such as worms and viruses), distributed by various methods, for example distribution by web and bot-infected computers;
- f) that in order to protect global telecommunication/ICT infrastructures from the threats and challenges of the evolving cybersecurity landscape, coordinated national, regional and international action is required to protect from and respond to various forms of impairing events;
- g) that the ITU Telecommunication Standardization Sector (ITU-T) has a role to play within its mandate and competencies in considering f),
- considering further
- a) that Recommendation ITU-T X.1205 provides a definition, a description of technologies, and network protection principles;
- b) that Recommendation ITU-T X.805 provides a systematic framework for identifying security vulnerabilities, and Recommendation ITU-T X.1500 provides the cybersecurity information exchange (CYBEX) model and discusses techniques that could be used to facilitate the exchange of cybersecurity information;
- c) that ITU-T and the Joint Technical Committee for Information Technology (JTC 1) of the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) already have a significant body of published materials and ongoing work that is directly relevant to this topic, which needs to be considered,
- recognizing
- a) the relevant outcomes of the World Summit on the Information Society (WSIS) identified ITU as the facilitator and moderator for Action Line C5 (Building confidence and security in the use of ICTs);
- b) the resolves paragraph of Resolution 130 (Rev. Guadalajara, 2010) of the Plenipotentiary Conference, on strengthening the role of ITU in building confidence and security in the use of information and communication technologies, and the instruction to intensify work with high priority within the ITU-T study groups;
- c) that Programme 2, on cybersecurity, ICT applications and IP-based network related issues adopted by WTDC (Hyderabad, 2010) includes cybersecurity as one of its priority activities and relevant activities to be undertaken by the Telecommunication Development Bureau (BDT), and that Question 22/1 of the ITU Telecommunication Development Sector (ITU-D) addresses the issue of securing information and communication networks through the identification of best practices for developing a culture of cybersecurity, and Resolution 45 (Rev. Hyderabad, 2010), on mechanisms for enhancing cooperation on cybersecurity, including countering and combating spam, was adopted;
- d) that the ITU Global Cybersecurity Agenda (GCA) promotes international cooperation aimed at proposing strategies for solutions to enhance confidence and security in the use of ICTs,
- recognizing further
- a) that cyberattacks such as phishing, pharming, scan/intrusion, distributed denials of service, web-defacements, unauthorized access, etc., are emerging and having serious impacts;
- b) that botnets are used to distribute bot-malware and carry out cyberattacks;
- c) that sources of attacks are sometimes difficult to identify (for example, attacks using spoofed IP addresses);
- d) that cybersecurity is one of the elements for building confidence and security in the use of telecommunications/ICTs;
- e) that, in accordance with Resolution 181 (Guadalajara, 2010), it is recognized that it is important to study the issue of terminology related to building confidence and security in the use of ICTs, that this base set needs to include other important issues in addition to cybersecurity and that the definition of cybersecurity may need to be modified from time to time to reflect changes in policy;
- f) that Resolution 181 (Guadalajara, 2010) resolved to take into account the definition of the term cybersecurity approved in Recommendation ITU-T X.1205 for use in ITU activities related to building confidence and security in the use of ICTs;
- g) that, as recognized in Resolution 181 (Guadalajara, 2010), ITU-T Study Group 17 is responsible for developing the core Recommendations on telecommunication and ICT security,
- noting
- a) the vigorous activity and interest in the development of telecommunication/ICT security standards and Recommendations in Study Group 17, the lead ITU-T study group on security, and in other standardization bodies, including the Global Standards Collaboration (GSC) group;
- b) that there is a need for national, regional and international strategies and initiatives to be harmonized to the extent possible, in order to avoid duplication and to optimize the use of resources;
- c) that cooperation and collaboration among organizations addressing security issues can promote progress and contribute to building and maintaining a culture of cybersecurity;
- d) that, as recognized in Resolution 130 (Rev. Guadalajara, 2010), a national IP-based public network security centre for developing countries is under study by Study Group 17, and some work has been completed in this area, including the ITU-T X.800 – ITU-T X.849-series of Recommendations and Supplements thereto,
- resolves
- 1 that all ITU-T study groups continue to evaluate existing and evolving new Recommendations, and especially signalling and telecommunication protocol Recommendations, with respect to their robustness of design and potential for exploitation by malicious parties to interfere destructively with their deployment in the global information and telecommunication infrastructure, develop new Recommendations for emerging security issues and take into account new services and applications to be supported by the global telecommunication/ICT infrastructure (e.g. cloud computing, smart grid and intelligent transport systems, which are based on telecommunication/ICT networks);
- 2 that ITU-T continue to raise awareness, within its area of operation and influence, of the need to defend information and telecommunication systems against the threat of cyberattack, and continue to promote cooperation among appropriate international and regional organizations in order to enhance exchange of technical information in the field of information and telecommunication network security;
- 3 that ITU-T should work closely with ITU-D, particularly in the context of Question 22/1;
- 4 that, in assessing networks and protocols for security vulnerabilities and facilitation of exchanging cybersecurity information, ITU-T Recommendations, including the ITU-T X-series of Recommendations and Supplements thereto, among them ITU-T X.805, ITU-T X.1205, ITU-T X.1500, ISO/IEC standards and other relevant deliverables from other organizations, be taken into consideration and applied as appropriate;
- 5 that ITU-T continue work on the development and improvement of terms and definitions related to building confidence and security in the use of telecommunications/ICTs, including the term cybersecurity;
- 6 that parties concerned are invited to work together to develop standards and guidelines in order to protect against cyberattacks, and facilitate tracing the source of an attack;
- 7 that global, consistent and interoperable processes for sharing incident-response related information should be promoted;
- 8 that all ITU-T study groups continue to provide regular reports on security of telecommunications/ICT to the Telecommunication Standardization Advisory Group (TSAG) on progress in evaluating existing and evolving new Recommendations;
- 9 that ITU-T study groups continue to liaise with standards development organizations and other bodies active in this field, such as ISO/IEC JTC1, the Organisation for Economic Co-operation and Development (OECD), the Asia-Pacific Economic Cooperation Telecommunication and Information Working Group (APEC-TEL) and the Internet Engineering Task Force (IETF);
- 10 that Study Group 17 continue its work on the issues raised in Resolution 130 (Rev. Guadalajara, 2010), and on the ITU-T X-series of Recommendations, including Supplements as appropriate,
- instructs the Director of the Telecommunication Standardization Bureau
- 1 to prepare, in building upon the information base associated with the “ICT Security Standards Roadmap” and the ITU-D efforts on cybersecurity, and with the assistance of other relevant organizations, an inventory of national, regional and international initiatives and activities to promote, to the maximum extent possible, the worldwide harmonization of strategies and approaches in this critically important area;
- 2 to report annually to the ITU Council, as specified in Resolution 130 (Guadalajara, 2010), on progress achieved in the actions outlined above;
- 3 to continue to recognize the role played by other organizations with experience and expertise in the area of security standards, and coordinate with those organizations as appropriate,
- further instructs the Director of the Telecommunication Standardization Bureau
- 1 to continue to follow up WSIS activities on building confidence and security in the use of ICTs, in cooperation with relevant stakeholders, as a way to share information on national, regional and international and non-discriminatory cybersecurity-related initiatives globally;
- 2 to cooperate with BDT in relation to any item concerning cybersecurity in accordance with Resolution 45 (Rev. Hyderabad, 2010),
- 3 to continue to cooperate with the Secretary-General’s Global Cybersecurity Agenda (CGA) and with IMPACT, FIRST and other global or regional cybersecurity projects, as appropriate, to develop relationships and partnerships with various regional and international cybersecurity-related organizations and initiatives, as appropriate, and to invite all Member States, particularly developing countries, to take part in these activities and to coordinate and cooperate with these different activities;
- 4 taking into account Resolution 130 (Rev. Guadalajara 2010), to work collaboratively with the other Directors of the Bureaux to support the Secretary-General in preparing a document relating to a possible memorandum of understanding (MoU) (according to Resolution 45 (Rev. Hyderabad, 2010)) among interested Member States to strengthen cybersecurity and combat cyberthreats in order to protect developing countries and any country interested in acceding to this possible MoU,
- invites Member States, Sector Members, Associates and academia, as appropriate
- to cooperate and participate actively in the implementation of this resolution and the associated actions.
- No comments yet.