The principal focus of this workshop was on the cyber security aspects of network middleboxes. The term "middlebox" includes any device between user end-points other than a transparent switch. They embrace an enormous number of functional physical and virtual equipment components that exist in the complex paths typically found between communication endpoints. Middleboxes are essential to the operation of all telecommunication and ICT networks today, and large infrastructures will typically have thousands of ubiquitously deployed middleboxes. By almost any metric, middleboxes also represent perhaps the most active and innovative sector of network technology, research, and product development today with scholar research search engines displaying more than 10,000 published papers over the past decade and hundreds of new ones appearing every month. The published papers treating middlebox and transport cryptographic protocols number in the hundreds over the past three years and represent one of the most critically important developments and challenge in the cyber security field today. The workshop objective was significantly related to five new work items of the ETSI Cyber Security Technical Committee to produce a middlebox cyber security protocol (MSP).
The workshop intended to:
- Provide a unique global forum for significant technical papers and dialogue from industry and academia on both in-band and out-of-band secure protocols, techniques, and innovations for discovering and managing implementations of middleboxes within operator networks and virtual instantiations at data centres and their controlled, trusted visibility of encrypted traffic for cyber defence and privacy purposes.
- Provide related use case examples.
- Consider the usefulness of instantiating the protocols and techniques in publicly available technical specifications with demonstrations.
This event was of interest to Industry and academic R&D researchers, cyber security centres of excellence, network and cloud data centre operators, enterprise network users, and public officials concerned about the challenges of cyber security and management of encrypted network traffic between hosted services and user or device end points – especially for mobile, NFV, 5G, automotive, and IoT uses.
ETSI provided free on-line public availability of all papers with persistent identifiers for widespread reference and citation.
|Tuesday 12 June 2018|
Martin Ranhed, Advenica
|Session 1: Business Needs, Requirements and Use Cases |
Session Chair: Martin Ranhed, Advenica
|09:00||UK's National Health Service Case |
Chris Flynn, UK's National Health Service
|09:20||Defending the UK: Government, Citizens and Business. What are the Threats and What is Needed for Cyber-Defence into the Future? |
Tommy Charles, NCSC
|09:40||Encryption: a Double-Edged Sword |
Nalini Elkins, Enterprise Data Center Operators
|10:00||The Impact of TLS 1.3 on Enterprises |
Steve Fenter, US Bank
|10:20||Questions & Answers|
|10:30||Coffee & Networking Break|
|11:00||Session 2: Research and Development Progress |
Session Chair: Olaf Bonorden, McAfee
|11:00||Let's be PATIENT |
Arnaud Taddei, Symantec
|11:15||Accountable Proxying Over TLS: Real-World Threats and the Need for Formal Proofs |
Karthikeyan Bhargavan, INRIA
|11:30||ACME STAR as a MSP for TLS traffic |
Antonio Pastor, Telefonica
|11:45||Middlebox Current Usage and Challenges Requiring Specification |
Nicolas Thomas, Fortinet
|12:00||Questions & Answers|
|14:15||Session 3: Joint Efforts |
Session Chair: Colin Whorlow, NCSC
|14:15||IEEE Encrypted Traffic Inspection (ETI) |
Olaf Bonorden, McAfee
|14:30||Attestation of SHIELD's Network Infrastructure and Middleboxes |
Ludovic Jacquin, HPE
|14:45||Questions & Answers|
|15:00||Coffee & Networking Break|
|15:30||ETSI TC CYBER Work on Middlebox Security Protocol: |
|17:00||Wrap up and Closure for the Day |
Tony Rutkowski, CIS
|17:30||Start of the Middlebox Hackathon|
The Programme Committee was composed of the following members:
- Tony Rutkowski, Center for Internet Security & PC chairman
- Olaf Bonorden, McAfee
- Matt Carus, NCSC
- Roger Ericsson, Advenica
- Daniel Powell, NCSC
- Martin Ranhed, Advenica
The Programme Committee was in charge of selecting the presentations that fit the event objectives and build the programme on Middlebox Workshop.