News

Event type: None

The Challenging IoT Security & Privacy workshop takes place in the Amphitheatre ATHENA.

Event type: None

The ETSI IoT workshop takes place in the Amphitheatre ATHENA.

Scope

Cybersecurity is at the heart of the digital economy. Policy makers are taking up ambitious legislative initiatives for a secure digital economy for Europe and beyond. The industry is challenged to provide products and services which comply with such legislation. And standards are expected to play an important role in support as well. Will the policy, industrial and standardization actions succeed in making the cyber world safer?

The workshop looked at the panorama of cybersecurity, taking in the primary security issues and drivers.

This looked at the major technical issues and challenges to protecting information, infrastructure, customers, industry and assets from attack and failure. Then we reviewed the high-level drivers such as regulations, directives and mandates that help support cybersecurity. Finally, we looked at supporting vulnerability and disclosure schemes.

Target Audience

This event was of interest for those wishing to understand the latest context and direction of Cybersecurity initiatives: This will include C Level (such as CISO, CTOs), those responsible for security and involved in Standards making.

Event type: None

Scope

The principal focus of this workshop was on the cyber security aspects of network middleboxes. The term "middlebox" includes any device between user end-points other than a transparent switch. They embrace an enormous number of functional physical and virtual equipment components that exist in the complex paths typically found between communication endpoints. Middleboxes are essential to the operation of all telecommunication and ICT networks today, and large infrastructures will typically have thousands of ubiquitously deployed middleboxes. By almost any metric, middleboxes also represent perhaps the most active and innovative sector of network technology, research, and product development today with scholar research search engines displaying more than 10,000 published papers over the past decade and hundreds of new ones appearing every month. The published papers treating middlebox and transport cryptographic protocols number in the hundreds over the past three years and represent one of the most critically important developments and challenge in the cyber security field today. The workshop objective was significantly related to five new work items of the ETSI Cyber Security Technical Committee to produce a middlebox cyber security protocol (MSP).

Event Objectives

The workshop intended to:

Target audience

This event was of interest to Industry and academic R&D researchers, cyber security centres of excellence, network and cloud data centre operators, enterprise network users, and public officials concerned about the challenges of cyber security and management of encrypted network traffic between hosted services and user or device end points – especially for mobile, NFV, 5G, automotive, and IoT uses.

ETSI provided free on-line public availability of all papers with persistent identifiers for widespread reference and citation.

Event type: None

Scope

Technology changes the world and our societies at a fast pace. Society, public and private sectors have established that digitisation is beneficial and furthermore, fundamental in modern society. So, it deserves resilient IoT products, systems and services, with future-proof IoT security and privacy by default and by design.
At ETSI Security Week 2018, we will discuss these and related opportunities and challenges.
How to address, organize, standardize this dynamic hyper-connected world?

Target Audience

The event is of interest to:

Event type: None

Scope

5G phase 1 specifications are now done, and the world is preparing for the arrival of 5G networks. A major design goal of 5G is a high degree of flexibility to better cater for specific needs of actors from outside the telecom sector (e.g. automotive industry, mission-critical organisations). During this workshop, we will review how well 5G networks can provide security for different trust models, security policies, and deployment scenarios – not least for ongoing threats in the IoT world. 5G provides higher flexibility than legacy networks by network slicing and virtualization of functions. The workshop aims to discuss how network slicing could help in fulfilling needs for different users of 5G networks.
5G will allow the use of different authentication methods. This raises many interesting questions. How are these authentication methods supported in devices via the new secure element defined in ETSI SCP, or vendor-specific concepts? How can mission-critical and low-cost IoT use cases coexist side-by-side on the same network?
The 5G promise of higher flexibility is also delivered via its Service-Based Architecture (SBA). SBA provides open 3rd party interfaces to support new business models which allow direct impact on network functions. Another consequence of SBA is a paradigm shift for inter-operator networks: modern APIs will replace legacy signaling protocols between networks. What are the relevant security measures to protect the SBA and all parties involved? What is the role of international carrier networks like IPX in 5G?

Event Objectives

The workshop intends to:

Target Audience

The 5G Security workshop will be of interest to:

Event type: None

Event Technology: Digital Signature

Scope

While standards are well in place for signatures created locally by end-users, the market take-up of these solutions has been significantly low due to the unfriendly requirement for the end-user to have a physical device (e.g. dongle, smart card). The market has then been moving to signature creation services hosted in the cloud and managed by Trust Service Providers. These solutions imply moving the user private key from a user-owned device to the cloud and raise security challenges in order to ensure the security of the service. ETSI started to work on this topic in order to bring technical interoperability as well as a high level of assurance of the trust services building on the CEN standard for "server signing". The objective of the standards is to meet the aims of the eIDAS Regulation as well as to meet the general requirements of the European and international community.
The workshop discussed about standardization for remote signature creation services provided by Trust Service Providers, addressing business cases, audit requirements and protocols.

Objectives

1. Make users of the standards aware of:

2. Get an idea of some example business use cases

3. Collect initial feedback on standards and public review process

Target audience

This event was of particular interest for:

Event type: None

Scope

After several years of quiet incubation of the Bitcoin project, Blockchain is now a word known to the general public and pervasive in the industry.
More recently, researchers and industry are exploring the space of application of distributed ledgers beyond financial and monetary solutions, looking for alternatives to overcome the limitations of these technologies such as scalability and power consumptions, thus multiplying the number of projects and initiatives.
It remains unclear at this point what is and what should be the role of regulators and standardization bodies but in order to enable application of distributed ledger technologies (DLTs) in critical ICT services, ETSI is calling for a public discussion on the value of DLTs for the security and trust in the world wide ICT ecosystems.

The objective of this event is to: 

Target Audience

This event is of interest to any organisation having a stake in distributed ledgers developments and standardisation.

Event type: None

Participate in the Middlebox Hackathon!

Interested in improving network security? 

Target Audience

All attendees interested in middlebox security are welcome. The event is best suited for software development professionals. Students on relevant educational programmes are also welcome.

Join in the Slack conversation now: middleboxhackathon.slack.com (email us for an invitation)

#middleboxhackathon Download the Hackathon Flyer

Event type: None

Event Technology: Cybersecurity

Supporting European Cyber Security & Privacy Standardisation in the European Digital Single Market context – StandICT.eu - co located with the ETSI Security Week

Scope

The Digital Single Market (DSM) is aimed at boosting Europe's competitiveness throughout multiple industrial and service sectors. 5 priority domains are highlighted as the building blocks of the DSM: 5G, Cloud Computing, Internet of Things, Cybersecurity and Big Data. The emergence and continuous evolution in these domains compels the establishment of common standards to guarantee interoperable and benchmarked services and technologies to drive the DSM, keep markets open, support innovation and allow a full-service portability. In this context it is important to support contributions from the international Standards Development Organisations, national standardisation bodies, voluntary communities while ensuring the promotion and convergence of activities, interests and priorities.

The event will discuss the role of standardisation and the different European players in the domain of Cybersecurity: achievements made, ongoing activities, and gaps where standards are needed but have not been addressed so far. Standards in this domain are mainly driven by industry and private sector stakeholders playing a fundamental role in fostering innovation. However, voluntary communities, e.g. Open Source Software communities, and research, like in the field of Blockchain, have an increasing impact. The different players are considered as target audience and as contributors to the event.

StandICT.eu, "Supporting European Experts Presence in International Standardisation Activities in ICT", addresses the need for ICT Standardisation and defines a pragmatic approach and streamlined process to reinforce EU expert presence in the international ICT standardisation scene. Through a Standards Watch, StandICT.eu will analyse and monitor the international ICT standards landscape and liaise with Standards Development Organisations (SDOs) and Standard Setting Organisations (SSOs), key organisations such as the EU Multi Stakeholder Platform for ICT Standardisation as well as industry-led groups, to pinpoint gaps and priorities matching EU DSM objectives. These will become the topics for a series of 10 Open calls focused on priority domains and a continuous cascading grants process, launched by StandICT.eu from March 2018, providing support for European specialists to contribute to ongoing standards development activities, as well as to attend SDO & SSO meetings.

StandICT.eu has published the first Open Call for proposals from 30 March - 29 May 2018, midnight CET. The call is open for submissions of proposals for grants to support activities in standardisation addressing one or more priority topics of the call.

Links to StandICT.eu and to the 1st Open Call

Event Objectives

The event outputs will be oriented along the following lines:

Target audience

Target audience are stakeholders engaged in the development of standards in the domain of Cybersecurity & Privacy both from SDOs and communities, researchers and developers in the field, practitioners and potential users.