 We're here at the ITU in Geneva and I'm very pleased to be joined by Hong Yeol Young, Chairman of Study Group 17. Welcome and thank you very much indeed for joining us here today. Thank you very much for inviting me. First of all, I'd like to congratulate you on your chairmanship and could you please provide our viewers with an overview of a work that's taking place in Study Group 17. Thank you. Study Group 17 is responsible for building trust and security in the use of ICT. So we currently have three lead study group laws. First one is lead study group on security. And second one is lead study group on identity management. And third one is lead study group on telecommunication. So in the past, we had a 12 questions starting from question one and question 12. But at this meeting, post meeting in the study period, we Study Group 17 agreed to establish a new question that is question 13. So we became a 13 questions. So actually, let me briefly introduce the each questions. For example, question one is responsible for coordination activities within the ITUT and within the Study Group 17 and across the other groups. For example, ITU D and ITU R and other, for example, ISOIECS 27. So that is a role of the question one. And then question two is responsible for security frameworks. So actually, they developed a very famous recommendation that is EXTAD 805. So define some basic security requirements for the network security. So that is the second one. And third one is question three, telecommunication information management systems. Actually, this group has a good relationship with ISOIEC JT-1 as C27 working group one. So they have some common work, still have a common work with ISOIEC JT-1 as C27 working group one and working group five. And question four, very important question. As you may know, we have a double test resolution 50, tightly say cybersecurity. So question four is same title. So question four is cybersecurity. So it's responsible for cybersecurity issues. For example, cybersecurity information is extremely between the computer emergency response teams. We believe that the question rule is very important. As you may know, we have another resolution that is a double test 52, that is a countering spam, countering and combating spam. So question four is responsible for double test 16 resolution for 52. So title of the question five is countering spam by technical means because study of 17 is mandate is to develop a technical recommendation that not touching a policy and regulation issue. So title has been a little bit different, but that is the main note. I would like to introduce question six. It's very important. Normally, in the past, question six is responsible for developing IoT security, home network security, and mobile security, for example, 5G security, and smart grid security. And then so at this meeting, they will say some and including including ITS security, intelligence transport system securities. At this meeting, they will say contribution. So new question has been established, agreed at this meeting. So currently, our rules of the question six is focusing on the IoT security because you know IoT security is everywhere. So IoT security is one of our main priority in this in this period. And question six is application security. So and then question eight is you may know cloud computing security. So it's responsible for cloud computing security. In the past study period from study of 2013 to 2016, they developed a very high level, high level framework recommendations. And then question nine, telebiometrics. You may know we can we authenticate by the smartphone. We use a telebiometric information for users to be authenticated by the entity. So we recognize the importance of the use of the biometrics mechanisms for authentications of users. And the question 10 has a very important note. As I said, the study of 2017 has a three-road lead study. One of them is a lead study on identity management. So question 10 is responsible for that. So question 10 has produced a recommendation extra 1254. It's very uh important recommendations because that provides a entity authentication assurance framework that provides a poor levels of assurance framework. And question 11 is basic fundamental technology to support a security works. So they define a OID works or object identifier works and ASN1 works, FSEC syntax notation and other related work. And question 11, actually I would like to focus in process because question 11 has developed, produced a very, very famous and well recognized recommendation. That is a extract 519. It's PKI, public infrastructure. You may know PKI can be used as a basic and fundamental technology for every transactions, electronic transactions, and also we're looking forward to the technology can be used to other areas, for example, smart grid securities. And question 12 is a little bit far from the security works. Actually they are working on telecommunication language. So actually they have a working on telecommunication language fraud testing in cooperation with study 11 because study 11 is responsible for testing. And you know we've seen that privacy is a key issue in today's ICT ecosystem. But privacy it's also a policy discussion as well as a technical discussion. Can you please explain how your study group is approaching privacy in your work? Yes, we recognize privacy is very important topic and then privacy can be used to build a trust between organization. Actually, good news is we had a common text with ISYH-61 H27 working group 5 because working group 5 is working on privacy and identity measurements. Actually this study of 17 meeting approved common text that is a extract 1058 code of practice for PII protection, personally identifiable protection. So that is a actually that is a common text between I2T study group 17 and ISYH-JTC1 H27 working group 5. Actually working group 5 is finished FDI spallet. So next Hamilton meeting working group 5 we may produce a international standard. That means that so we have a one very very important recommendation produced by both groups. So in the first I2 in study 17 context privacy is the cognize as important topic and then security technology can be used to protect privacy. So that was our agreement. So we do not use a personal data because you say that you say that privacy is related to the regulation and privacy policy issues. So according to our plan report resolution 130. So maybe there's some different interpretation but our study of 17 consensus was that we do not touch a some policy issues or regulation issues but we will develop a recommendation to support policy issues and then regulation issues. So I think that we actually question 10 as I said question 10 is responsible for identity management. In the question 10 text they have a task items regarding the privacy PII protection issues. So and then question 3 as I said question 3 text also have a task question task mentioning about PII protection. So I think that we continue to explore possibility to deal with the privacy and PII protection issues. And you know looking to the future well what are some of the key security threats on the horizon and how might our standardization work help to mitigate those risks. Yes actually we when we use the ICT technology and for example new emerging area. So emerging we actually at the last study of 17 I believe that March 2016 study of 17 meeting agree to we identify some emerging area for example IMT 2020 so called fifth generation and we identify we agree emerging area is smart grid and IOT and also digital finance services and ITS. So we study of 17 agree to continue to provide a technical recommendations to mitigate new threats in the new emerging area as I said ITS security ITS intelligent transmission systems and internet of things environments and also digital financial service environment using mobile devices. So I believe that a study general consensus of study of 17 is to continue to work on that areas especially for new emerging areas. Okay Hong Yul I'd like to thank you very much indeed for your time today and wish you a successful study group here. Yes thank you.