Trusted Forensic and Vulnerability Exchange Frameworks

From ITUwiki

Jump to: navigation, search
This is a placeholder for Trusted Forensic and Vulnerability Exchange Frameworks and subject to continuing evolution.

[edit] Infrastructure Protection Frameworks

This type of framework is primarily focussed on forensics relating to generic network incidents or potential vulnerabilities to networks and services.

Legal and Regulatory

Technical

  • ITU-T SG17 Infrastructure Protection Frameworks
    • X.1056, Security Incident Management for telecommunications organizations
    • X.isgf, Information Security Governance Framework. (C-56)
    • X.sisfreq, Requirement for security information sharing. (TD 116-PLEN).
    • Security information sharing framework. (C-83)
    • X.gpn, Mechanism and procedure for distributing policies for network security. (TD 220-PLEN).
    • X.abnot, Abnormal traffic detection and control guideline for telecommunication network. (TD 219-PLEN)
    • X.bots, Framework for botnet detection and response. (TD 4164 Rev. 1)
    • X.gopw, Guideline on preventing malicious code spreading in a data communication network. (TD 215-PLEN).
    • X.sips, Framework for countering cyber attacks in SIP-based services. (TD 4171)
    • X.tb-ucc, Traceback use cases and capabilities. (TD 145-PLEN Rev. 1)
    • X.dexf, Digital Evidence Exchange File Format. (Doc. C-67). Defines structures and data elements for digital evidence exchange file format and proposes the creation of a new recommendation for that purpose.
The above ITU documents are available by clicking here, logging in as indicated, clicking on the directory "txndf," and then on "ITU."
  • ITU-D SG1 Infrastructure Protection Frameworks


  • ISO SC27 Infrastructure Protection Frameworks
    • N6429, Draft Technical Report or Standard on categorization and classification of information security incidents. This work is largely duplicative with work already done in other venues such as FIRST and MITRE, and in widespread use. To the extent there is anything further to be done, WG4 has been requested to transfer to the work to ITU-T SG17.
    • N7183, Guidelines for identification, collection and/or acquisition and preservation of digital evidence acquisition. This material is largely duplicative with the X.dexf work described above, and SC27 WG4 has been requested to transfer to the work to ITU-T SG17.
    • WD29147, Responsible Vulnerability disclosure. This draft standard provides a guideline for vendors on receiving information about potential vulnerabilities in a uniform way. This document also provides guidance for vendors to distribute vulnerability resolution information. This material is largely duplicative with X.sisfreq work described above as well as ITU-T Rec. X.1056, and it is hoped that SC27 WG3 would transfer the material to ITU-SG 17.
    • WD27032, Guidelines for cybersecurity . This draft standard provides guidance for improving the state of Cybersecurity on the Internet. It is essentially completely duplicative of work already appearing in ITU-T Rec. X.1205.
The above ISO documents are available by clicking here, logging in as indicated, clicking on the directory "txndf," and then on "ISO."

[edit] Law Enforcement and Public Policy Support Frameworks

This type of framework is primarily focussed on forensics relating to specific network incidents or capabilities arising from government mandates, and includes lawful interception, retained data, location, and network neutrality.

Legal and Regulatory Law Enforcement and Public Policy Support Frameworks

Technical Law Enforcement and Public Policy Support Frameworks

[edit] Network Management Frameworks

This type of framework is primarily focussed on forensics relating to generic network incidents or capabilities necessary to manage the use of networks and services, including settlements and billing.

Legal and Regulatory Network Management Frameworks

Technical Network Management Frameworks

Personal tools