Security
How Cable Networks Secure Communications
November 12, 2021
The email you sent, the website you visited, the internet searches you performed, the internet purchases you just made—they all require strong security to protect against eavesdropping, changes to your messages, and those who would make these services unavailable to you. These service examples demonstrate the foundational triad of security: confidentiality, integrity, and availability. Securing […]
Raising the Bar on Gateway Device Security
October 7, 2021
Today, CableLabs® has publicly released a set of best common practices (BCP) to enhance the security of cable modems, integrated access points, and home routers (collectively, known as “gateway devices”) against malicious activity and other cyber threats. This work builds on and extends CableLabs’ and the cable industry’s longstanding leadership in cybersecurity to ensure a […]
Practical Considerations for Post-Quantum Cryptography Deployment
August 17, 2021
It’s the year 2031, and the pandemic is in the past. While Dave drinks his morning coffee and reads the news, a headline catches his attention. A large quantum computer is finally operational! Suddenly, Dave’s mind is racing. After few seconds, as his heartbeat slows, he looks up into the mirror and proudly says, “Yes, […]
Transparent Security Outperforms Traditional DDoS Solution in Lab Trial
May 20, 2021
Transparent Security is an open-source solution for identifying and mitigating distributed denial of service (DDoS) attacks and the devices (e.g., Internet of Things [IoT] sensors) that are the source of those attacks. Transparent Security is enabled through a programmable data plane (e.g., “P4”-based) and uses in-band network telemetry (INT) technology for device identification and mitigation, […]
A Proposal for a Long-Term Post-Quantum Transitioning Strategy for the Broadband Industry via Composite Crypto and PQPs
October 22, 2020
The broadband industry has historically relied on public-key cryptography to provide secure and strong authentication across access networks and devices. In our environment, one of the most challenging issues—when it comes to cryptography—is to support devices with different capabilities. Some of these devices may or may not be fully (or even partially) upgradeable. This can […]
EAP-CREDS: Enabling Policy-Oriented Credential Management in Access Networks
August 20, 2020
In our ever-connected world, we want our devices and gadgets to be always available, independently from where or which access networks we are currently using. There’s a wide variety of Internet of Things (IoT) devices out there, and although they differ in myriad ways – power, data collection capabilities, connectivity – we want them all […]
Maintaining Confidentiality in the 10G Network
August 4, 2020
The 10G platform will offer almost limitless opportunities for innovation and new experiences in the home, bolstering the capabilities of the Internet of Things (IoT) landscape. While the volume of data that passes over cable technologies continues to grow, the classification of private and confidential boundaries continues to change. Moreover, security is an abstract topic, […]
10G Integrity: The DOCSIS® 4.0 Specification and Its New Authentication and Authorization Framework
May 28, 2020
One of the pillars of the 10G platform is security. Simplicity, integrity, confidentiality and availability are all different aspects of Cable’s 10G security platform. In this work, we want to talk about the integrity (authentication) enhancements, that have been developing for the next generation of DOCSIS® networks, and how they update the security profiles of […]
With Great Bandwidth Comes Great Responsibility
May 5, 2020
Cable’s next generation, 10G networks, holds the promise to deliver symmetrical multi-gigabit speeds that are 100 times faster than what some consumers are currently experiencing today. This great leap forward will enable services and experiences that will drive internet innovation for years to come. It is our mutual responsibility to assure that devices we connect […]
Revisiting Security Fundamentals Part 3: Time to Examine Availability
November 12, 2019
As I discussed in parts 1 and 2 of this series, cybersecurity is complex. Security engineers rely on the application of fundamental principles to keep their jobs manageable. In the first installment of this series, I focused on confidentiality, and in the second installment, I discussed integrity. In this third and final part of the […]