Go to Content Go to Navigation

Press Releases

HOME News & Notice Press Releases
share

 Korean-Developed Telebiometric Authentication Using Biosignals Approved as International Standard by ITU (February 11)

- Recommendations on SDN Security Services and on Structured Cyber Threat Information Expression Also Adopted as International Standards


The National Radio Research Agency (RRA) announced that a telebiometric authentication technology whose development was led by Korea was consented and that two cyber security recommendations including one on security services using SDN were adopted as international standards by the ITU-T SG17 meeting (on Security; chaired by Professor Youm Heung Youl of Soonchunhyang University) held in Geneva, Switzerland.


International Telecommunication Union Telecommunication Standardization Sector (ITU-T): an intergovernmental organization that develops international recommendations (i.e. standards) on the application, accounting and billing of ICT, such as telecommunication networks (telephone, Internet), IoT, big data and data protection.


Study Group 17 (SG17): A study group under the ITU-T that coordinates security-related recommendation agendas and revision activities.


The telebiometric authentication technology (X.1094), which was given consent* by the SG17 meeting, was developed by KISA for the first time in the world through an international joint study with the U.S. and Spain.


- The tamper-proof technology, which collects biosignals such as electromyogram, electrocardiogram, brainwave and heart rate from wearable devices (smart watches, smart bands, etc.), is expected to be widely used on mobile devices for authentication. It also has huge potentials to be adopted in healthcare security services as it can provide health data analysis.


* A consented standard goes through four weeks of review process by the members and sector members of the ITU for approval.


The international standard on “Security services using software-defined networking (SDN) (X.1042)”, the first recommendation by this meeting, provides examples of security threats to network-related devices (e.g. firewall, security breach response device), response scenarios and security services in SDN environments.


Software-Defined Networking (SDN): A next-generation networking technology that facilitates configuration, control and complex operation of networks through software programming.


- The standard was mainly developed by the Electronics and Telecommunications Research Institute (ETRI) of Korea since 2014 for a network security technology standardization project. It is expected to be widely used in providing sound security services in different network environments including 5G core network, cloud, big data and blockchain.


The international standard on “Use cases for structured threat information expression (X.1215)”, the second recommendation, provides use cases for sharing structured threat information (e.g. malware, vulnerabilities and attack patterns) among nations or security agencies and for finding solutions.


- The standard was co-developed by ETRI and Soonchunhyang University since 2017. It is expected to be widely used by data protection agencies and industry for cyber threat response, as it provides detailed use cases for recurring cyber threats such as ransomware and cryptocurrency exchange hacks


Ransomware: A type of malicious software that locks files on a user’s computer and demands a “ransom” to be paid in their return.


Moreover, Korea proposed two new work items for standardization “Security guideline for 5G communication system” and “Requirements for data de-identification assurance” which were approved as items under study.


Soonchunhyang University is leading the work on “Security guideline for 5G communication system,” planning to develop a security guideline that can identify main components and functions of 5G communication system and provide threats to and security capabilities of each component.


The Financial Security Institute of Korea (FSI) and Korea Internet & Security Agency (KISA) are leading the work on “Requirements for data de-identification assurance,” planning to develop a standard that can define and measure the level of de-identification and assess whether de-identification measures were properly taken. The standard will be available to related industries and agencies for privacy protection.


With respect to the approval of these standards, Jung Sam Young, head of the International Cooperation Division of the RRA said, “The adoption of Korean cybersecurity technology as international standards is expected to substantially contribute to the improvement of competitiveness of Korea’s data protection industry in the international market.”


<The Results of ITU-T SG17 Meeting>


Status

Number

Title

Editor

Consented

X.1094

Telebiometric authentication using biosignals

Kim Jae-Sung, Lee Sae Woom (KISA)

Approved

X.1215

Use cases for structured threat information expression

Kim Jong-Hyun (ETRI)

Youm Heung Youl, Kim Jihye

(Soonchunhyang University)

X.1042

Security services using software-defined networking

Park Jung Soo (ETRI), Kim Hyoungshick (Sungkyunkwan University)

Under study

X.5Gsec-

guide

Security guideline for 5G communication system

Youm Heung Youl, Kim Mee Yeon (Soonchunhyang University)

Park Keundug (Seoul University of Foreign Studies)

X.rdda

Requirements for data de-identification assurance

Choi Jisun, Lim Hyungjin (FSI), Lee

Yewon (KISA)



Move to the top of the page