3 Management Functional Areas
Last update PvD

3.6 SM
Security Management

[M.3400]:  The functions contained within Security Management (SM) may differ from administration to administration.  The purpose of this section is to list some of the aspects of security access relating to management information that may be taken into account.  Security management will include:

Security Management is more than AAA (Authentication, Authorisation, Accounting);  it extends to service (business) security.  It is commonly characterised by (CIA):

It concerns:

Particular operations (transaction types) on particular data (record fields, object attributes) by particular users should be controlled:  potentially denied and/or potentially audited.  This requires that all (global) operations/­data/­users should be controlled and checked.

Typically, one discerns domains and transactions:

Network Access Domain (NAD):
physical or logical domain (area of responsibility, e.g. a region or subnetwork);
Functional Access Domain (FAD):
transaction capability (e.g. create/­delete/­read/­modify/­write, start/­stop, etc.) on a functional application area (skills related, e.g. subscriber administration, routing, maintenance (multiple levels), billing, customers (CNM), etc).

Actors (operators, processes) get an authorisation profile related to their responsibilities/­skills for a particular network domain, like customer sales representatives, equipment maintenance, etc.  Obviously, the FADs are also determined by the operator's business processes.

Fraud detection and prevention is of increasing importance.  It is the fight against unauthorised use of the network (e.g. through stolen mobile phones) and unauthorised 'management' of the network (e.g. one of the human operators exceeding his authorisation, via Customer Network Management, and hacking).  It involves Accounting and Configuration Management, and risk management (contingency planning).  Auditing (e.g. who has last changed a particular attribute) and policing (surveillance) prove to be very useful, even though it is detection after the fact.

The following table may help to determine the level of countermeasures:

(recovery costs)
(risk probability)

Next section: GM
Up to Contents
Up to Index