www.sesei.eu | dinesh.chand.sharma@sesei.eu | M: +919810079461 | Tel: +911133521500
Blockchain

ETSI Blockchain Group Releases First Reports, Targeting Industry & Govt. Bodies

The ETSI Industry Specification Group on Permissioned Distributed Ledger (ISG PDL) has recently released a number of Reports to support industry and government institutions needs for what is commonly known as blockchain. These Reports cover data record compliance to regulation, application scenarios and smart contracts.

  • ETSI GR PDL 002, “Applicability and compliance to data processing requirements”, describes the implications of the conduits used to connect data sources (sensors, gateways etc.) to distributed ledgers in utility and related industries. The Report also defines how regulatory aspects for data infrastructure security and privacy can be satisfied.
  • ETSI GR PDL 003 details the application scenarios and operational requirements for permissioned ledgers to help telecom operators, Internet and over-the-top service providers implement the technology. It includes provision models with special emphasis on as-a-service paradigms and PDL infrastructure governance aspects.
  • ETSI GR PDL 004, defines an architecture and functional framework for smart contracts and their planning, coding, and testing. The smart contract is a computer program stored in a distributed ledger system.
Digitization

ETSI Standard to Secure Digital Signatures Solves Issue For 4,000 Banks

ETSI is pleased to unveil ETSI TS 119 182-1, a specification for digital signatures supported by PKI and public key certificates which authenticates the origin of transactions ensuring that the originator can be held accountable and access to sensitive resources can be controlled. This standard is a major achievement for interoperability of digital signatures for a range of applications in today's digital economy including the banking and financial world where so far, some 4,000 banks were using various signing algorithms for their APIs to secure their online transactions. Called JAdES, ETSI TS 119 182-1 comes in support of secure communications fulfilling the requirements of the European Union eIDAS Regulation (No 910/2014) for advanced electronic signatures and seals and regulatory requirements for services such as open banking.

This JAdES digital signature specification is based on JSON Web Signature and contains the features already defined in the related ETSI standards for AdES (advanced electronic signature/seal) applied to other data formats including XML, PDF and binary. The standard was developed with contributions from a number of stakeholders including representatives from the banking sector who, through Open Banking Europe, have brought their operational requirements to align European APIs onto one security model. ETSI TS 119 182-1 can be used for any transaction between an individual and a company, between two companies, between an individual and a governmental body, etc. applicable to any electronic communications.

Security

ETSI Releases Middlebox Security Protocols Specification - Fine-Grained Access Control

ETSI announced a new specification, ETSI TS 103 523-2: Transport Layer MSP (TLMSP), Part 2 of the Middlebox Security Protocol (MSP) series, which defines a protocol for varied (fine-grained) access control to communications traffic.  This specification was developed by the ETSI Technical Committee CYBER. Middleboxes are vital in modern networks - from new 5G deployments, with ever-faster networks that need performance management, to resisting new cyberattacks with evolved threat defence that copes with encrypted traffic, to VPN provision. Network operators, service providers, users, enterprises, and small businesses require being granted varied (fine grained) permissions.

As more datagram network traffic is encrypted, the problems for cyber defence will grow. This intrusive "break-and-inspect" method, ignoring the desire for explicit authorization by endpoints, raises questions around security, privacy, and trust. ETSI TS 103 523-2, MSP Part 2 addresses this gap by specifying a protocol that allows fine-grained access and nuanced permissions for different portions of traffic, allowing middleboxes to perform their functions securely whilst keeping up with the rapid pace of technical development.