ETSI Releases Middlebox Security Protocols Framework Specifications
ETSI announced a new specification, ETSI TS 103 523-1: Part 1 of the Middlebox Security Protocol (MSP) series, which defines the security properties of a Middlebox Security Protocol. Middleboxes are vital in modern networks - from new 5G deployments, with ever-faster networks that need performance management, to resisting new cyberattacks with evolved threat defence that copes with encrypted traffic, to VPN provision. Industry needs middlebox technology to keep pace with these and other evolving and diverse use cases. However, middlebox deployments often raise complex and multi-layered questions around the security, privacy and trust of using middleboxes.
MSP Part 1 (ETSI TS 103 523-1) addresses this gap by specifying a new security framework for middlebox protocols, allowing middleboxes to perform vital functions securely whilst keeping up with the rapid pace of technical development. The MSP series is driven by four important principles that are vital for secure MSP deployments to perform their functions. These are:
- Data Protection (DP): protecting data from network attackers and malicious actors.
- Transparency (T): having knowledge of which parties have what access to the data.
- Access Control (AC): allowing endpoints meaningfully to grant access to parties with this knowledge.
- Good Citizen (GC): preventing complexity that adds DDoS attack vectors to the network.
New EU Cybersecurity Strategy & New Rules to Make Physical and Digital Critical Entities More Resilient
The European Commission and the High Representative of the Union for Foreign Affairs and Security Policy are presenting a new EU Cybersecurity Strategy. As a key component of Shaping Europe's Digital Future, the Recovery Plan for Europe and the EU Security Union Strategy, the Strategy will bolster Europe's collective resilience against cyber threats and help to ensure that all citizens and businesses can fully benefit from trustworthy and reliable services and digital tools. Whether it is the connected devices, the electricity grid, or the banks, planes, public administrations and hospitals Europeans use or frequent, they deserve to do so with the assurance that they will be shielded from cyber threats.
The new Cybersecurity Strategy also allows the EU to step up leadership on international norms and standards in cyberspace, and to strengthen cooperation with partners around the world to promote a global, open, stable and secure cyberspace, grounded in the rule of law, human rights, fundamental freedoms and democratic values.
Security standards are for all! Read CEN and CENELEC’s new brochure
The CEN and CENELEC Sector Forum for Security (SF-Sec) has developed a brochure to share with the security standardization community. The brochure includes examples of areas of security to which standardization is contributing. In addition, it contains clear examples of how individuals in the security standardization community have developed standards on concrete topics. The brochure aims to be a call to action to invite stakeholders to participate actively in these efforts. The full brochure can be read and downloaded on CEN and CENELEC’s website.