The upcoming 5G technology has put the spotlight on the importance of securing the networks and preventing data leaks. Unlike the previous cellular technologies, 5G is not just about faster broadband speeds or richer functions for an individual user but promises a `hyperconnected’ society with billions of connected devices or Internet of Things (IoT), as it is generally referred to.
Analysts believe that 50 billion devices will be connected to mobile networks by 2020. Every one of these devices, from your home automation devices to your connected car, can potentially be the weak link and attract hackers.
On one end, 5G use cases place the highest demands on the reliability and availability of the network, but at the same time it opens up the network to unprecedented security threats. Besides a large part of 5G networks will be cloud-based, which inherently increases the security risk. Further, multiple software and equipment vendors in a typical cloud environment make it more susceptible to security issues.
Besides, the integration of the industrial internet and the 5G network will have an impact on the security assurance system. To begin with, the security regulations are diversified. In comparison with traditional telecommunications networks, other business verticals, like financial, energy, and industrial networks, have different security regulations and standards, data protection norms, and security evaluation standards.
Besides, the assets are diversified. The equipment, platforms and applications in Multi-access Edge Computing (MEC) have different owners and users, and may also require an operation and maintenance system across multiple organizations. It is then essential that 5G adapts to a diversified security assurance system.
The Network Slice Security
Network slicing is a key concept being introduced in a 5G network. With this the service providers can orchestrate a separate 5G network slice for multiple industry applications on shared network infrastructure. It will also help in bringing down the Total Cost of Ownership (TCO) and also enables in building an open network ecosystem.
The network slicing approach brings fundamental changes in a telecom network, which lays a solid foundation for the deep integration of telecommunications networks and industrial applications.
However, security is the key precondition for vertical industries when using network slicing. In addition to providing the traditional mobile network security mechanisms (such as access authentication and encryption), 5G also needs to provide end-to-end isolation between network slices.
The MEC Security
MEC is one of the core technologies for the diversification of 5G services. With a distributed network architecture, MEC pushes the service capability and application to the edge of the network and changes the separation of network and services. The inherent advantage of MEC is that it greatly reduces the latency, which is a key requirement of 5G, especially for the use cases like Augmented Reality and Virtual Reality. It will play a key role in improving content distribution efficiency and user experience.
The deep integration of 5G and vertical industries demands that new services requiring more bandwidth and ultra-low latency will gradually emerge. It is then imperative to study the security issues faced by MEC to protect network functions and data assets and to provide more secure and reliable services. Further, what is of concern is that the 5G network capabilities can be exposed to vertical industries through APIs, which enables customization of network services.
5G Security Capability Exposure Model
The 5G security capability exposure model can be divided into three layers: resource layer, capability layer, and application layer.
The resource layer abstracts and encapsulates basic resources. Resources can be of many types and forms, provided by resource pools, including the security function pool, security algorithm pool, security information pool and trusted computing pool.
The capability layer provides many security capability sets that can be invoked by the application layer, such as the digital identity system, trusted computing system, and channel encryption system. These capability sets are integrated and maintained by operators in combination with the advantages of the 5G network, and provide highly available and flexible capability APIs.
On the other hand, the application layer organizes security capabilities to construct the security defense system to cope with the application security requirements.
5G network security issue is not just a technical issue. With 5G, security cannot be an afterthought. It needs to be an integral part of the deployment. The integration of 5G and several vertical industries, such as manufacturing, energy, and transportation, break the barriers of infrastructure and exposes the network to more risks. It is for this reason that the traditional security measures might not be enough for 5G.
The operators need to work on providing sustainable, credible and secure network services for the users. For this, 5G networks need to involve the customers, especially the different vertical industries, in implementing the security assurance system to provide customers with an overall stronger and more robust security assurance capabilities.