ETSI announced a new specification, ETSI TS 103 523-1: Part 1 of the Middlebox Security Protocol (MSP) series, which defines the security properties of a Middlebox Security Protocol. Middleboxes are vital in modern networks - from new 5G deployments, with ever-faster networks that need performance management, to resisting new cyberattacks with evolved threat defence that copes with encrypted traffic, to VPN provision. Industry needs middlebox technology to keep pace with these and other evolving and diverse use cases. However, middlebox deployments often raise complex and multi-layered questions around the security, privacy and trust of using middleboxes.
MSP Part 1 (ETSI TS 103 523-1) addresses this gap by specifying a new security framework for middlebox protocols, allowing middleboxes to perform vital functions securely whilst keeping up with the rapid pace of technical development. The MSP series is driven by four important principles that are vital for secure MSP deployments to perform their functions. These are:
- Data Protection (DP): protecting data from network attackers and malicious actors.
- Transparency (T): having knowledge of which parties have what access to the data.
- Access Control (AC): allowing endpoints meaningfully to grant access to parties with this knowledge.
- Good Citizen (GC): preventing complexity that adds DDoS attack vectors to the network.