Telenor and TISPAN NGNJudith Rossebø, ETSI TISPAN Security WG ChairmanSenior Research Scientist, Telenor{judith.rossebo@telenor.com}

2

• One of the world’s largest mobile operators with 147 mill. mobile subscriptions* * 100% figures - all companies per Q1 2008.

• Norway’s leading telecommunications company

• Largest provider of TV services to the Nordic market

• Total workforce: 35,150 man-years (25,350 outside Norway)

• Market value as of 30 April 2008: NOK 169 billion

Telenor factsTelenor facts

ThailandDTAC 65.5% (*)

HungaryPannon 100% Bangladesh

Grameenphone 62.0%

MalaysiaDiGi 50.8%

UkraineKyivstar 56.5%

DenmarkSonofon 100%

NorwayTelenor 100%

MontenegroPromonte

PakistanTelenor Pakistan 100%

RussiaVimpelCom 33.6%

SwedenTelenor 100%

*Economic exposure

100%

SerbiaTelenor 100%

3

Telenor Involvement in Standardization and ForaTelenor Involvement in Standardization and Fora

Telenor is engaged in several Standardization organizations and Fora:

– ETSI TISPAN, STQ, ESI, SCP

– 3GPP

– IEEE 802

– ITU-T

– IPsphere Forum

– OMA, OMTP

– GSMA

– NGMN

Standards to simplify service deployment, cost efficiency, accessindependence…. a commercially sustainable framework for providing IP services.

4

Next Generation Network - a reference architectureNext Generation Network - a reference architecture

Customers

”Any service, any terminal, anywhere, anytime, to anyone”

Traditional

Vertical(service specific)

PSTN

/ISD

NPS

TN/IS

DN

ATM

/FR

ATM

/FR

Mob

ileM

obile

Sate

llite

Sate

llite

Cab

le-T

VC

able

-TV

Inte

rnet

Inte

rnet

Long term vision

Horizontal(service integration)

Access FibreFibreWLANWLANCellularCellular DSLDSL

Aggregation/core IPIP

Service enabler/Session engine

Applications/content

IMS..IMS..

MessageMessageWebWebVoiceVoiceStreamStream……

Customers

Horizontal layering - modular, flexible architecture

5

New standards driven by new architecture andnew business aspects

Next Generation Network – Why TISPAN?Next Generation Network – Why TISPAN?

TTelecommunication and IInternet converged SServices andPProtocols for AAdvanced NNetworking

6

• IPTV

• QoS in a multi-service environment

– RACS can help us to achieve this

– End to end QoS

• Security

– IPTV security (enhancement of stage 2, definition of stage 3)

– Security for CNG/CND (stage 1, stage 2, stage 3)

– Analyse the inter-relation between security features and architectureof the NGN (IPTV, NAT-T, NASS, RACS etc.) in terms of how to employconsistent security architecture and mechanisms

• IP Interconnection

• Standardize elements and reduce complexity of the NGN

TISPAN – beyond R2 – important topicsTISPAN – beyond R2 – important topics

7

• For the NGN, TISPAN WG7:

– Defines security requirements;

– Defines the security architecture;

– Conducts threat and risk analyses for specific NGN use cases;

– Proposes countermeasures.

WG7 security standardisation is risk-based:Using the ETSI TISPAN methodology for systematic threat,

vulnerability and risk analysis (TVRA)

TISPAN Working Group (WG) 7 is responsible forthe management and co-ordination of thedevelopment of security specifications for TISPAN.

TISPAN approach to securityTISPAN approach to security

8

* References:

ETSI TS 181 016. TISPAN; Service Layer Requirements to Integrate NGN Services and IPTV.

ATIS. IPTV DRM Interoperability Requirements. ATIS-0800001.

ATIS. IPTV Architecture Requirements. ATIS-0800002.

IPTV-Security Requirement Approach.Development of IPTV-building blocks.

• Analyze IPTV services. Basedon this analysis, design anappropriate security model.

– Based on Service requirements*,identify security objectives andthreats and from that deducesecurity requirements

– Define security architecture takinginto account service and securityrequirements

– Develop appropriatecountermeasures asre-useable building blocks

ServiceRequirements

ThreatsSecurity

Requirements

ArchitectureSecurity

Architecture(Functions)

ProtocolsSecurity

Counter-measures(Mechanisms)

Security

1

2 3

9

{source: GSM Association}

IP-related interconnectionIP-related interconnection

Inter-operator IP Packet Exchange (IPX) (Managed)

Third Party Provider

ThirdPartySubscriber

PublicMobile

Network

MobileSubscribers

PublicMobile

Network

MobileSubscribers

Content ProviderContent Provider

CorporateNetwork

CorporateNetwork

Internet(Unmanaged)

“On-Net” Services

“Off-Net” Services

Third Party Provider

Content ProviderContent Provider

CorporateNetwork

CorporateNetwork

PublicMobile

Network

MobileSubscribers

PublicMobile

Network

MobileSubscribers

Calling Party Pays

Calling Party Pays

Calling Party Pays

SIP Proxy/Hub

Other Hub/Proxy

Other Hub/Proxy

Accounting Function

Multi-lateral connection Mgmt

Routing andAddressing

Function

Service Awarefor event based

and stream basedtraffic

Service Layer(“new IPX part”)

Streaming QoS

Conversational (Voice) QoS

Conversational (Video) QoS

Network Layer(“existing GRX part”)

Eg, SIP Voice

Eg, SMTP MMS

Eg, IM & Presence

OriginatingNetwork

TerminatingNetwork

IPX

Traffic detectionfor routing, charging

and Multi-lateraldestination policing

ENUMDNSetc

Best Effort QoSInteractive QoS

10

VoIP interconnectionVoIP interconnection

Challenges with current situation:Service providers are creating isolated islands of users that must use the PSTN to completetheir calls, even if the destination is a VoIP user.

Limits the utility of future VoIP applications and the full potential of lower costs.

PSTN

Wirelessnetworks

Enterprisenetworks

eCommunitiesCable

networks

…

An eCommunity user canconnect to any othereCommunity user for free (pureIP), but must pay for calls sentand received from non-eCommunity users. The samecommonly holds for wireless andother TDM or VoIP providercustomers.

Prior registry approaches have failed because most registries only enable IP – IP connections:- limited economic benefits- and narrow range of total call volume

The point of connection to the PSTN networkin regards to location of call terminationdetermines the cost.

{source: IntelePeer ™, 2007}

11

Conclusions

• TISPAN adresses important NGN standardisation aspects

– Security

– performance (QoS)

– IPTV

– IP-Interconnect

• Standards are important for Telenor

– For interoperability

– For deployment of services

– Arena for expert networking

12

Be inspiring

Telenor - here to help