Liaison statement
Information on standardization of application security requirements, services and mechanisms
| State | Posted |
|---|---|
| Submitted Date | 2005-10-18 |
| From Group | ITU-T-SG-4 |
| From Contact | Greg Jones |
| To Group | SEC |
| To Contacts | housley@vigilsec.com; hartmans-ietf@mit.edu |
| Cc | sob@harvard.edu; chair@ietf.org; djsidor@nortel.com; greg.jones@itu.int |
| Response Contact | tsbsg4@itu.int |
| Technical Contact | msoukup@nortel.com; l.raman@cablelabs.com |
| Purpose | For action |
| Deadline | 2005-12-01 Action Taken |
| Attachments | COM 4 – LS 45 – E - Information on standardization of application security requirements, services and mechanisms |
| Body |
Abstract Q11/4 is responsible for Recommendations in the M.3016 series, considering security of the management plane. An important consideration is the security of management applications and services themselves (the software which provides management functions). Application security (how to ensure that the software performing management functions is secure and correct rather than just the interfaces and protocols) is an important security feature. This may include digital signatures, trusted computing, and other initiatives. Action Q11/4 would like to use relevant security standards for the security of management applications and requests information from relevant security standardization organizations on work in this area. |