Whitepaper release on MEC security, first initiative in this domain
ETSI has published a whitepaper titled MEC security: Status of standards support and future evolutions written by several authors participating in MEC and other related ETSI groups. This whitepaper, the very first initiative in this domain, aims to identify aspects of security where the nature of edge computing leaves typical industry approaches to cloud security insufficient.
Edge computing environments are by nature characterised by a complex multi-vendor, multi-supplier, multi-stakeholder ecosystem of equipment and both HW and SW devices. Given this overall level of system heterogeneity, security, trust and privacy are key topics for the edge environments. The advent of edge cloud federations and the presence of (far) edge devices e.g. in Internet-of-Things environments, imposes to tackle MEC security in an end-to-end (E2E) approach, by leveraging existing standards relevant in the area.
In this heterogeneous scenario, talking about end-to-end MEC security implies to consider the impact on the elements coming from all stakeholders involved in the system. In this perspective, the paper provides an overview of ETSI MEC standards and current support for security, also complemented by a description of other relevant standards in the domain (e.g. ETSI TC CYBER, ETSI ISG NFV, 3GPP SA3) and cyber security regulation potentially applicable to edge computing. The whitepaper concludes on a general perspective of future evolutions and standard directions on MEC security.
Dario Sabella, Chairman of ETSI ISG MEC, said: “The publication of this whitepaper as a joint effort of experts from different standards bodies and companies, is a clear sign of a growing interest from the industry on end-to-end edge computing security. Starting from this work, the ETSI ISG MEC is now seriously considering addressing the identified future challenges, also in collaboration with other SDOs, in order to further help the ecosystem in securing end-to-end MEC environments.”
“Edge computing evolution will happen in parallel with the related infrastructural technologies, and security challenges will be associated with the ones for these technologies, with the additional 'edge twist' of being an extremely distributed cloud very much relying on network functionality. We need to consider the consolidation of hybrid clouds and NFV through the seamless integration of computing and networking, the integration of acceleration mechanisms at all levels, the pervasiveness of AI, and for sure the evolution of networks towards the 6G goal,” stated Diego Lopez, Chair of the NFV Network Operators Council.
This MEC Security whitepaper is a must-read for all ecosystem stakeholders, as the adoption of edge computing technologies introduces a need from infrastructure owners and application/content providers to guarantee a level of security on the usage of edge computing assets, to meet customer demands. Providing the needed clarifications in this paper, as the very first initiative in this domain, is a step forward for the alignment of the edge ecosystem, and a mean to further encourage the adoption of MEC technologies.