ETSI releases Middlebox Security Protocols specification


Tuesday, 09 March, 2021
ETSI releases Middlebox Security Protocols specification

ETSI has announced a new specification, ETSI TS 103 523-2: Transport Layer MSP (TLMSP), Part 2 of the Middlebox Security Protocol (MSP) series, which defines a protocol for varied (fine-grained) access control to communications traffic. The specification was developed by ETSI Technical Committee CYBER.

Middleboxes are vital in modern networks — from new 5G deployments with ever-faster networks that need performance management, to resisting new cyber attacks with evolved threat defence that copes with encrypted traffic, to VPN provision.

Network operators, service providers, users, enterprises and small businesses require being granted varied (fine-grained) permissions.

Various cyber defence techniques motivate these requirements. At present, the solutions used often break security mechanisms and/or ignore the desire for explicit authorisation by the endpoints. Some encryption protocols can even be blocked altogether at the enterprise gateway, forcing users to revert to insecure protocols.

As more network traffic is encrypted, the problems for cyber defence will grow. Intrusive ‘break and inspect’ methods, ignoring the desire for explicit authorisation by endpoints, raise questions around security, privacy and trust.

ETSI TS 103 523-2, MSP Part 2 addresses this gap by specifying a protocol that allows fine-grained access and nuanced permissions for different portions of traffic, allowing middleboxes to perform their functions securely whilst keeping up with the rapid pace of technical development.

This new specification defines TLMSP, a protocol that grants fine-grained permissions and accesses to different middleboxes. It allows endpoint control of what entities can access data for cyber defence purposes and protects against unauthorised access.

TLMSP was born from an academic effort that evolved into ETSI TC CYBER, adding security measures against known attacks and more features including auditing, a more flexible message format, adaptation to varying network conditions, on-path middlebox discovery and improved handling of errors.

Image credit: ©stock.adobe.com/au/monsitj

Related News

Sanctions on Hytera halted by appeals court

The sanctions follow a years-long trade secrets and copyright infringement dispute between the...

MXene-based compound to enable 3D-printed antennas

The integration of MXene onto 3D-printed nylon-based parts allows a channel-like structure to...

NT launches draft Drone Industry Strategy, Drone Innovation Challenge

Northern Territory residents are invited to have their say on a new draft strategy designed to...

Content from other channels on our network

Zendesk launches AI-powered customer experience solution

How breakfast influences student achievement

Fujitsu establishes security consulting division

Ingram Micro Experience 2024 open for registrations

Secure-by-design software development for digital innovation

Department of Agriculture modernises TAMS system

SA Water revamping spend management platform

Cobalt Iron nabs EU patents for security techniques

New online resource to support employment of ex-service people

Good evidence confuses ChatGPT when used for health information: study

Future Made in Australia Act welcomed by climate orgs

An interconnected ASEAN Power Grid: report

What Australia thinks about the energy transition

Call for improved train lighting to save lives

Foiling hackers in the smart home era

  • All content Copyright © 2024 Westwick-Farrow Pty Ltd