Edge Computing Cybersecurity Standards: Protecting Infrastructure and Applications

The advent of MEC (Multi-access Edge Computing), as a natural evolution of cloud computing, can enable innovative services and applications, with many opportunities for end users. Hosting applications at the edge could also address privacy and security issues inherent to the traditional cloud-based deployment model, e.g., keeping regional regulatory compliance. However, shifting workloads to the edge of the network warrants the consideration of new security risks. Separately, the recent specification of MEC federations (as result of the GSMA's Telco Edge Cloud) underscores the importance of security and trust due to the heterogeneity of edge systems in global MEC deployments. Edge cybersecurity solutions must adopt international standards for interoperability. Accordingly, ETSI MEC has endeavored to study edge security threats and craft solutions, oftentimes based on existing standards from other industry groups. This paper discusses the security challenges that arise from shifting workloads to the edge of the network with particular emphasis on international standards and aims to provide a tutorial for developers and architects to navigate the complexities in achieving edge computing security.