ETSI - TS 103 523-1
CYBER; Middlebox Security Protocol; Part 1: MSP Framework and Template Requirements
| Organization: | ETSI |
| Publication Date: | 1 December 2020 |
| Status: | active |
| Page Count: | 59 |
scope:
The present document is the first part of the Middlebox Security Protocol (MSP) series [i.22]. It is intended to be used by MSP profile developers, MSP profile implementors and MSP specification writers to create MSP profiles and analyse their security. The present document does not specify an MSP profile itself.
The present document defines a security baseline that MSP profiles fulfil to be included in the MSP series. This baseline (defined via the MSP Framework and MSP Template Requirements) facilitates creation of MSP profiles for a wide array of implementations and applications, by simplifying the security analysis required for each profile.
The present document is intended to be a human-readable guide to the security methodology and principles applied to create the MSP Framework and resulting MSP Template Requirements (see Clauses 6.2 to 6.5). Clause 5 and Clause 6, together with profile-specific analysis, form the security analysis for the MSP series. The present document is not and does not attempt to be a security proof; security proofs are only as strong as the assumptions made [i.20] and can lead to a false sense of security [i.25].
The present document describes the motivations behind MSP's creation, how MSP differs to previous middlebox protocols and some of MSP's architectures. The present document introduces the MSP Framework: a common set of security provisions that underpins all MSP specifications (MSP Template Requirements). The present document describes the motivation for having such a framework, the issues addressed by it and the four principles that guided its creation. The remainder of the present document defines the usage and applicability of the MSP Framework to subsequent parts of the MSP series: how the MSP Framework is to be used by MSP profile developers, MSP profile implementors and MSP specification writers.
The present document includes informative annexes to aid readers in its usage. Annex A contains a non-exhaustive list of use cases for MSP. Annex B contains an exemplar MSP Conformance Analysis, performed against the Enterprise Transport Security (ETS) profile, ETSI TS 103 523-3 [i.6]. Annex C describes how a traditional TLS split proxy does not meet the MSP standard set out in the present document.
Comprehensive mitigations for all potential attacks are out of scope. Security requirements of generic and well-known cryptographic algorithms, and assessment of security properties of cryptographic primitives, are out of scope. Attacks that are not attacks on the MSP specification itself, such as implementation vulnerabilities, are out of scope.
Document History
