Tiêu chuẩn quốc tế

Foreword Acknowledgements Welcome remark to this Security Manual Executive Summary Introduction to the 7th edition 1 How to use this Security Manual 2 Overview of ITU-T security activities 2.1 Reference and outreach documentation 2.2 Overview of major security topics and Recommendations3 Security requirements 3.1 Threats, risks and vulnerabilities 3.2 General security objectives for ICT networks 3.3 Rationale for security standards 3.4 Evolution of ITU-T security standards 3.5 Personnel and physical security requirements and controls 4 Security architectures 4.1 The open systems security architecture and related standards 4.2 Security services 4.3 Security architecture for systems providing end-to-end communications 4.4 Implementation guidance 4.5 Some application-specific architectures 4.6 Architecture for external relationships 4.7 Other network security architectures and models 5 Aspects of security management 5.1 Information security management 5.2 Information security management processes 5.3 Risk management 5.4 Asset management5.5 Risk management of their assets globally accessible in IP-based networks 5.6 Governance of information security 5.7 Personally identifiable information protection management 6 The role of the Directory and the importance of the ITU-T X.500 series of Recommendations 6.1 Cryptographic concepts relevant to Recommendation ITU-T X.509 6.2 Public-key infrastructure (PKI) 6.3 Privilege management infrastructure (PMI) 6.4 Protection of directory information 7 Identity management and telebiometrics 7.1 Identity management 7.2 Telebiometrics8 Examples of approaches to authentication and non-repudiation 8.1 Secure password-based authentication protocol with key exchange 8.2 Extensible Authentication Protocol 8.3 One-time password authentication 8.4 Delegated non-repudiation 8.5 Non-repudiation framework based on a one-time password 9 Securing the network infrastructure 9.1 The telecommunications management network (TMN) 9.2 Network management architecture 9.3 Securing the infrastructure elements of a network 9.4 Securing monitoring and control activities 9.5 Securing network operation activities and management applications 9.6 Protection against electromagnetic threats 9.7 Common security management services 10 Some specific approaches to network security 10.1 Next Generation Network (NGN) security 10.2 Mobile communications security10.3 Security for home networks 10.4 IPCablecom 10.5 IPCablecom210.6 Ubiquitous sensor networks 10.7 Software-defined networking 11 Cybersecurity and incident response 11.1 Cybersecurity information sharing and exchange 11.2 Discovery of cybersecurity information 11.3 Access control for incident exchange network 11.4 Incident handling 11.5 Unified Security Model (USM) 12 Application security 12.1 Voice over Internet protocol (VoIP) and multimedia 12.2 Internet protocol television (IPTV) 12.3 Digital rights management (DRM) for Cable Television Multiscreen 12.4 Secure fax 12.5 Web services 12.6 Tag-based services 12.7 Value-added services 13 Countering common network threats 13.1 Spam 13.2 Malicious code, spyware and deceptive software 13.3 Notification and dissemination of software updates 14 Security aspects of cloud computing 14.1 Overview of cloud computing 14.2 A security framework for cloud computing 14.3 Information security management controls for cloud services. 14.4 Virtual measurement systems 15 The future of ICT security standardization 15.1 Security for Internet of Things (IoT) 15.2 Security for Intelligent Transport Systems (ITS)15.3 Security for Distributed Ledger Technology (DLT) 15.4 Security for quantum-based communications 16 Sources of additional information 16.1 Overview of SG17 work 16.2 The Security Compendium16.3 The Security Standards Roadmap16.4 Implementation guidelines for security Annex A: Security definitions Annex B: Acronyms and abbreviations Annex C: Summary of security-related ITU-T Study Groups Annex D: Security Recommendations and other publications referenced in this manual