ETSI Extends Term for Encrypted Traffic Integration Work Group
Tuesday, August 02, 2022 | Comments

The European Telecommunications Standards Institute (ETSI) recently extended the term of its Industry Specification Group Encrypted Traffic Integration (ISG ETI) for a two-year period to mid-2024 to work on specific cryptographic and key management models.

As it prepares for the new term, the group has adopted a new work item issuing guidance on the implementation of the EU Council Resolution on "Encryption: Security through encryption and security despite encryption" and will finalize the report for publication in the third quarter of 2022. This will be followed up by direct support from the group for the ETSI CYBER technical committee on aspects of encryption for the Network and Information Security (NIS2) directive.

In the meantime, the group has made significant progress and has begun work on the development of mitigation strategies. These strategies focus on progressing the networked domain to the adoption of the zero-trust model, in which an end-to-end link is built up from several trusted links. In that case, every link and every active entity is forced to make itself known in the trust chain from source to destination. The result is a form of "trust contract" between the user and the entire set of network entities within the chain. The intent is to ensure that stakeholders who need access to part of the communication, typically the content of headers, can stake their claim access and make their intent clear to the user, as well as across the entire communication chain. Each link then contributes to the security and trust of the chain by explicit proof of the actions taken. This is planned for publication in fourth quarter of 2022 and will feed into development of another report planned for publication in the second half of 2023.

During the initial period, the group developed the problem statement published as “ETSI GR ETI 001 (2021-06).” This report identified the impact of encrypted traffic on stakeholders and how these stakeholders' objectives inter-relate.

Over the next two years, the group will expand further on this with a view to identifying specific cryptographic and key management models to ensure all stakeholders across the communications chain have appropriate, often restricted access, in turn ensuring that they can meet user expectations. This period will include a review of the changing legislative environment in which networks operate and give guidance on how to integrate effective traffic protection with effective provisions for traffic and content management.

During this coming period, the industry specification group will strengthen ties to other ETSI groups, including CYBER, Lawful Interception, Network Function Virtualization and Fifth-generation fixed network (F5G) to ensure that the "trust contract" and "zero trust model" are feasible in deployed networks. As part of this, the ETI group will also extend its ties to the application domain, ensuring that any particularities of applications can be considered in the "trust contract" and "zero trust model" contexts. This will include close interactions with the eHealth, Intelligent Transport and Smart-city groups within ETSI.

Would you like to comment on this story? Find our comments system below.

Post a comment
Name: *
Email: *
Title: *
Comment: *


No Comments Submitted Yet

Be the first by using the form above to submit a comment!


March 2023

27 - 30
International Wireless Communications Expo (IWCE) 2023
Las Vegas

May 2023

23 - 25
Critical Communications World (CCW)
Helsinki, Finland

More Events >
White Papers
More White Papers >

Site Navigation