Security

Introduction

The increasing complexity and rapid development of new systems present a real challenge for securing ICT systems.

Today ETSI's standardization activities cover a broad spectrum of security issues, increasingly in cybersecurity, and ranging from lawful interception to algorithms, from electronic signatures to smart cards, and they relate to every aspect of ICT.

In addition, ETSI is working towards the establishment of effective telecommunications systems to protect citizens in an emergency and on security issues in next generation networks, machine-to-machine, intelligent transport systems and quantum cryptography among others.

A pdfSecurity White Paper is available free of charge, outlining all of the Security work being carried out by ETSI.

ETSI security events

Each year ETSI brings together security standards experts.

Following our highly successful series of 9 annual security workshops, we decided in 2015 to expand our workshop and turn it into a full Security Week of events with more focused thematic streams. We allocate more time for networking and consequently more opportunities are offered for ETSI security-related committees to hold open meetings which all delegates can attend.

Information on the security week is available at the dedicated page on our website.

Speakers from ETSI Member companies, as well as the European Commission, ISO, IEC, ITU, ENISA, CEN & CENELEC participate at each event.

Our Role & Activities

GSM

Security has been a major driver for the success of GSMTM. Specifications have been developed to prevent terminal equipment theft, to allow encryption and authentication, to control payment for copyright material downloading and to respond to many other security threats.

UMTS

The Third Generation Partnership Project (3GPP) is also responsible for the maintenance and evolution of the specifications for GSM, and for transitional technologies such as GPRS and EDGE.

The UMTSTM security specifications developed in 3GPP build on the mechanisms used in GSM. In addition, they offer numerous security enhancements, including: Authentication, public safety, location services, cell broadcast services, IP Multimedia Subsystem (IMS) and Selective disabling of user equipment.

TETRA

Our Technical Committee TETRA and Critical Communications Evolution (TCCE) is responsible for producing specifications for TErrestrial Trunked RAdio (TETRA), designed for Private Mobile Radio (PMR) and Public Access Mobile Radio (PAMR) markets. A TCCE Working Group is dedicated to security.

DECT

DECTTM (Digital Enhanced Cordless Telecommunications) is a flexible digital radio access standard for cordless communications in residential, corporate and public environments.

Among other achievements for DECT, ETSI has developed the DECT Standard Authentication Algorithm (DSAA and DSAA2) and the DECT Standard Cipher (DSC and DSC2).

Lawful Interception

Our Technical Committee Lawful Interception (LI) covers the whole spectrum of interception aspects, from a logical overview of the entire architecture and the generic intercepted data flow, to the service-specific details for e-mail and Internet, and the requirements for law enforcement agencies.

Specifications for the handover procedure illustrate the flow that the intercepted data should follow in telecommunication networks or services.

LI is also addressing retained data by producing documents on retaining data for enforcement authorities and for the retained data handover interface.

Electronic Signatures

ETSI standards for electronic signatures are currently being developed in Technical Committee Electronic Signatures and Infrastructures (ESI).

Cyber Security

Our Cyber Security Technical Committee (TC CYBER) is developing standards to protect the Internet and the communications and business it carries against cyber-threats.

Network security

Our Technical Committee Network Technologies (NTECH) is working on establishing generic security requirements for networks, in particular security design guides.

Algorithms

Our Security Algorithms Group of Experts (SAGE) provides the Institute's standards makers with cryptographic algorithms and protocols specific to fraud prevention, unauthorized access to public and private telecommunications networks and user data privacy.

We also act as the custodian (distributing authority) and deal with the licensing of various algorithms, developed ourselves or by other organizations.

EMTEL

Our Special Committee on Emergency Communications (EMTEL) is the focal point in ETSI for the co-ordination and collection of requirements for emergency service communication. The committee's scope includes issues related to user needs, network architectures, network resilience, contingency planning, priority communications, priority access technologies and network management, national security and Public Protection and Disaster Relief (PPDR).

Other deliverables published by EMTEL address the European regulations covering communication during emergency situations, suitability of SMS and CBS (Cell Broadcast Service) for emergency messaging, and requirements for emergency communications network resiliency.

Smart Cards

The main task of Technical Committee Smart Card Platform (TC SCP) is to maintain and expand the smart card platform specifications for mobile communication systems on which other committees and organizations can base their system-specific applications.

Radio Frequency Identification (RFID)

Security in RFID technology must prevent illicit tracking and cloning of tags. In addition, RFID tags present a rather low limit of computational resources within the tag, which makes the use of standard cryptographic techniques unfeasible. Lighter encryption algorithms must be created for the RFID tags.

Broadcasting

Joint Technical Committee Broadcast is defining specific security features.

Some Achievements:

  • DVB Common Scrambling Algorithm - ETSI is the Custodian for the Common Scrambling Algorithm.
  • TV-Anytime is a set of specifications for the controlled delivery of multimedia content to a user's personal device (Personal Video Recorder). ETSI standards for TV-Anytime are being developed in JTC Broadcast, based on proposals from the TV-Anytime Forum. Phase 2 specifications have now also been published by ETSI.
  • Current work involves security issues regarding satellite distribution systems, with the intention of protecting the user identity in terms of location, signalling and data traffic to prevent unauthorized use of the network.

Satellite

Our Technical Committee Satellite Earth Stations and Systems (SES) has produced specifications on network security for broadband satellite multimedia services. In addition, the committee's working group on geo-mobile radio interfaces, which is responsible for standards on radio interfaces for geostationary earth orbit satellite access to the core network of GSM, has undertaken work on the security of the interface and the services delivered through it.

SES is working on specifications on network security in the area of broadband satellite multimedia services.

IPCablecom

ETSI has set standards defining the protocols and functional requirements for Internet Protocol Cable Communications (IP Cablecom) - including a security specification for the technology.

MESA (now closed)

Project MESA (Mobility for Emergency and Safety Applications) - now closed - was a transatlantic partnership project, established in 2000. It aimed to define a digital mobile broadband system to revolutionize the efficiency of first responders and rescue squads during an emergency or a disaster. Security requirements as well as advanced [mobile] service requirements, reached far beyond the scope of current established wireless standards.

Project MESA had adopted a 'System of Systems' approach, which involved linking together a variety of existing and foreseen technologies and systems. The key factor was interoperability.

Standards

The following is a list of the 20 latest published ETSI standards on security.

A full list of related standards in the public domain is accessible via the ETSI standards search. Via this interface you can also subscribe for alerts on updates of ETSI standards.

For work in progress see the ETSI Work Programme on the Portal

Standard No. Standard title.
TR 119 124-1 Electronic Signatures and Infrastructures (ESI); CAdES digital signatures - Testing Conformance and Interoperability; Part 1: Overview
TR 119 134-1 Electronic Signatures and Infrastructures (ESI); XAdES digital signatures - Testing Conformance and Interoperability; Part 1: Overview
TR 119 144-1 Electronic Signatures and Infrastructures (ESI); PAdES digital signatures - Testing Conformance and Interoperability; Part 1: Overview
TS 119 124-2 Electronic Signatures and Infrastructures (ESI); CAdES digital signatures - Testing Conformance and Interoperability; Part 2: Test suites for testing interoperability of CAdES baseline signatures
TS 119 124-3 Electronic Signatures and Infrastructures (ESI); CAdES digital signatures - Testing Conformance and Interoperability; Part 3: Test suites for testing interoperability of extended CAdES signatures
TS 119 124-4 Electronic Signatures and Infrastructures (ESI); CAdES digital signatures - Testing Conformance and Interoperability; Part 4: Testing Conformance of CAdES baseline signatures
TS 119 124-5 Electronic Signatures and Infrastructures (ESI); CAdES digital signatures - Testing Conformance and Interoperability; Part 5: Testing Conformance of extended CAdES signatures
TS 119 134-2 Electronic Signatures and Infrastructures (ESI); XAdES digital signatures - Testing Conformance and Interoperability; Part 2: Test suites for testing interoperability of XAdES baseline signatures
TS 119 134-3 Electronic Signatures and Infrastructures (ESI); XAdES digital signatures - Testing Conformance and Interoperability; Part 3: Test suites for testing interoperability of extended XAdES signatures
TS 119 134-4 Electronic Signatures and Infrastructures (ESI); XAdES digital signatures - Testing Conformance and Interoperability; Part 4: Testing Conformance of XAdES baseline signatures
TS 119 134-5 Electronic Signatures and Infrastructures (ESI); XAdES digital signatures - Testing Conformance and Interoperability; Part 5: Testing Conformance of extended XAdES signatures
TS 119 144-2 Electronic Signatures and Infrastructures (ESI); PAdES digital signatures - Testing Conformance and Interoperability; Part 2: Test suites for testing interoperability of PAdES baseline signatures
TS 119 144-3 Electronic Signatures and Infrastructures (ESI); PAdES digital signatures - Testing Conformance and Interoperability; Part 3: Test suites for testing interoperability of additional PAdES signatures
TS 119 144-4 Electronic Signatures and Infrastructures (ESI); PAdES digital signatures - Testing Conformance and Interoperability; Part 4: Testing Conformance of PAdES baseline signatures
TS 119 144-5 Electronic Signatures and Infrastructures (ESI); PAdES digital signatures - Testing Conformance and Interoperability; Part 5: Testing Conformance of additional PAdES signatures
EG 203 310 CYBER; Quantum Computing Impact on security of ICT Systems; Recommendations on Business Continuity and Algorithm Selection
TS 102 230-1 Smart Cards; UICC-Terminal interface; Physical, electrical and logical test specification; Part 1: Terminal features (Release 11)
TS 102 221 Smart Cards; UICC-Terminal interface; Physical and logical characteristics (Release 13)
TS 103 383 Smart Cards; Embedded UICC; Requirements Specification (Release 13)
TS 103 481 Smart Cards; Testing of the UICC remote application management (Release 9)