{"title":"eTVRA:欧洲的威胁、脆弱性和风险评估方法和工具","authors":"J. Rossebø, S. Cadzow, P. Sijben","doi":"10.1109/ARES.2007.82","DOIUrl":null,"url":null,"abstract":"The telecommunications environment is evolving into next generation networks (NGN). On an NGN, telecommunications services are recreated on IP networks, this creates a demand on standardization bodies to adapt and meet the needs of these emerging networks. Securing the service environment for eBusiness and the underlying network are crucial areas cited in the eEurope action plan. Standardization provides an important means for securing the NGN and establishing trust in its services and infrastructure in order to enable the development of modern public services. In response to this, we have developed a threat, vulnerability and risk assessment (eTVRA) method and tool for use in standardisation. Using the eTVRA method and tool, the threats to NGNs can be analyzed and a set of recommended countermeasures identified that when implemented will reduce the overall risk to users of NGNs. In this paper we present the eTVRA method and tool along with the results of its application to the use of enhanced number (ENUM) (Eastlake, 1999) and SIP (Rosenberg et al., 2002) in the NGN","PeriodicalId":383015,"journal":{"name":"The Second International Conference on Availability, Reliability and Security (ARES'07)","volume":"63 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2007-04-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"19","resultStr":"{\"title\":\"eTVRA, a Threat, Vulnerability and Risk Assessment Method and Tool for eEurope\",\"authors\":\"J. Rossebø, S. Cadzow, P. Sijben\",\"doi\":\"10.1109/ARES.2007.82\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The telecommunications environment is evolving into next generation networks (NGN). On an NGN, telecommunications services are recreated on IP networks, this creates a demand on standardization bodies to adapt and meet the needs of these emerging networks. Securing the service environment for eBusiness and the underlying network are crucial areas cited in the eEurope action plan. Standardization provides an important means for securing the NGN and establishing trust in its services and infrastructure in order to enable the development of modern public services. In response to this, we have developed a threat, vulnerability and risk assessment (eTVRA) method and tool for use in standardisation. Using the eTVRA method and tool, the threats to NGNs can be analyzed and a set of recommended countermeasures identified that when implemented will reduce the overall risk to users of NGNs. In this paper we present the eTVRA method and tool along with the results of its application to the use of enhanced number (ENUM) (Eastlake, 1999) and SIP (Rosenberg et al., 2002) in the NGN\",\"PeriodicalId\":383015,\"journal\":{\"name\":\"The Second International Conference on Availability, Reliability and Security (ARES'07)\",\"volume\":\"63 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2007-04-10\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"19\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"The Second International Conference on Availability, Reliability and Security (ARES'07)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ARES.2007.82\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"The Second International Conference on Availability, Reliability and Security (ARES'07)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ARES.2007.82","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 19
摘要
电信环境正在向下一代网络(NGN)演进。在下一代网络中,电信业务是在IP网络上重新创建的,这就对标准化机构产生了需求,以适应和满足这些新兴网络的需求。确保电子商务的服务环境和基础网络是eEurope行动计划中提到的关键领域。标准化是保障下一代网络安全并在其服务和基础设施中建立信任的重要手段,从而实现现代公共服务的发展。为此,我们开发了一种用于标准化的威胁、脆弱性和风险评估(eTVRA)方法和工具。使用eTVRA方法和工具,可以分析ngn面临的威胁,并确定一套建议的应对措施,这些措施在实施后将降低ngn用户面临的总体风险。在本文中,我们介绍了eTVRA方法和工具,以及将其应用于NGN中增强数(ENUM) (Eastlake, 1999)和SIP (Rosenberg et al., 2002)的结果
eTVRA, a Threat, Vulnerability and Risk Assessment Method and Tool for eEurope
The telecommunications environment is evolving into next generation networks (NGN). On an NGN, telecommunications services are recreated on IP networks, this creates a demand on standardization bodies to adapt and meet the needs of these emerging networks. Securing the service environment for eBusiness and the underlying network are crucial areas cited in the eEurope action plan. Standardization provides an important means for securing the NGN and establishing trust in its services and infrastructure in order to enable the development of modern public services. In response to this, we have developed a threat, vulnerability and risk assessment (eTVRA) method and tool for use in standardisation. Using the eTVRA method and tool, the threats to NGNs can be analyzed and a set of recommended countermeasures identified that when implemented will reduce the overall risk to users of NGNs. In this paper we present the eTVRA method and tool along with the results of its application to the use of enhanced number (ENUM) (Eastlake, 1999) and SIP (Rosenberg et al., 2002) in the NGN