Security
A Proposal for a Long-Term Post-Quantum Transitioning Strategy for the Broadband Industry via Composite Crypto and PQPs
October 22, 2020
The broadband industry has historically relied on public-key cryptography to provide secure and strong authentication across access networks and devices. In our environment, one of the most challenging issues—when it comes to cryptography—is to support devices with different capabilities. Some of these devices may or may not be fully (or even partially) upgradeable. This can […]
EAP-CREDS: Enabling Policy-Oriented Credential Management in Access Networks
August 20, 2020
In our ever-connected world, we want our devices and gadgets to be always available, independently from where or which access networks we are currently using. There’s a wide variety of Internet of Things (IoT) devices out there, and although they differ in myriad ways – power, data collection capabilities, connectivity – we want them all […]
Maintaining Confidentiality in the 10G Network
August 4, 2020
The 10G platform will offer almost limitless opportunities for innovation and new experiences in the home, bolstering the capabilities of the Internet of Things (IoT) landscape. While the volume of data that passes over cable technologies continues to grow, the classification of private and confidential boundaries continues to change. Moreover, security is an abstract topic, […]
10G Integrity: The DOCSIS® 4.0 Specification and Its New Authentication and Authorization Framework
May 28, 2020
One of the pillars of the 10G platform is security. Simplicity, integrity, confidentiality and availability are all different aspects of Cable’s 10G security platform. In this work, we want to talk about the integrity (authentication) enhancements, that have been developing for the next generation of DOCSIS® networks, and how they update the security profiles of […]
With Great Bandwidth Comes Great Responsibility
May 5, 2020
Cable’s next generation, 10G networks, holds the promise to deliver symmetrical multi-gigabit speeds that are 100 times faster than what some consumers are currently experiencing today. This great leap forward will enable services and experiences that will drive internet innovation for years to come. It is our mutual responsibility to assure that devices we connect […]
Revisiting Security Fundamentals Part 3: Time to Examine Availability
November 12, 2019
As I discussed in parts 1 and 2 of this series, cybersecurity is complex. Security engineers rely on the application of fundamental principles to keep their jobs manageable. In the first installment of this series, I focused on confidentiality, and in the second installment, I discussed integrity. In this third and final part of the […]
Revisiting Security Fundamentals Part 2: Integrity
October 24, 2019
Let’s revisit the fundamentals of security during this year’s security awareness month – part 2: Integrity. As I discussed in Part 1 of this series, cybersecurity is complex. Security engineers rely on the application of fundamental principles to keep their jobs manageable. The first blog focused on confidentiality. This second part will address integrity. The […]
False Base Station or IMSI Catcher: What You Need to Know
October 23, 2019
You might have heard of False Base Station (FBS), Rogue Base Station (RBS), International Mobile Subscriber Identifier (IMSI) Catcher or Stingray. All four of these terminologies refer to a tool consisting of hardware and software that allow for passive and active attacks against mobile subscribers over radio access networks (RANs). The attacking tool (referred to […]
Revisiting Security Fundamentals
October 17, 2019
It’s Cybersecurity Awareness Month—time to study up! Cybersecurity is a complex topic. The engineers who address cybersecurity must not only be security experts; they must also be experts in the technologies they secure. In addition, they have to understand the ways that the technologies they support and use might be vulnerable and open to attack. […]
Vaccinate Your Network to Prevent the Spread of DDoS Attacks
October 2, 2019
CableLabs has developed a method to mitigate Distributed Denial of Service (DDoS) attacks at the source, before they become a problem. By blocking these devices at the source, service providers can help customers identify and fix compromised devices on their network. DDoS Is a Growing Threat DDoS attacks and other cyberattacks cost operators billions of […]