BIoT Canada
News

Whitepaper discusses 5G and cybersecurity issues

The 5G Americas publication defines the threats to 5G security and the ongoing standards development to keep it safe.


August 8, 2019  


Print this page

security
5G Americas, the industry trade association and voice of 5G and LTE for the Americas, has published a new white paper that explores improvements in 5G technologies that have been developed to address current and emerging cybersecurity threats in commercial wireless networks.

3rd Generation Partnership Project (3GPP), the global wireless industry standards organization of which 5G Americas is a market representation partner, has been working on the standardized development of these critical security requirements. They include measures for encryption, mutual authentication, integrity protection, privacy and network availability of:

  • A unified authentication framework that enables seamless mobility across different access technologies and support of concurrent connections
  • User privacy protection for vulnerable information often used to identify and track subscribers
  • Secure Service-Based Architecture (SBA) and slice isolation optimizing security that prevents threats from spreading to other network slices
  • Improving SS7 and Diameter protocols for roaming
  • Adding native support for secure steering of roaming (SoR), allowing operators to steer customers to preferred partner networks – improving the customer experience, reducing roaming charges, and preventing roaming fraud
  • Improved rogue base station detection and mitigation techniques
  • And even more proprietary operator and vendor analytics solutions that offer additional layers of security

5G New Radio (NR) can be “plugged” into a 4G core and co-exist with 4G radios as part of a network to speed deployments. In fact, 5G security improvements have been designed to build on top of, and further enhance, currently strong 4G security controls.

Previous security improvements from 3GPP included enhancements that were part of Release 8, which added security/authentication mechanisms via nodes to services capability servers and Release 11, which provided additional capabilities to enable secure access to the core network.

However as networks become more complex with 5G, additional threats and vulnerabilities increase the challenge to security.

User devices or equipment, radio access networks, mobility or “edge” threats, network core, secure gateway internet Local Area Network (LAN) firewall, roaming, or air interfaces all represent potential targets for attacks.

The Internet of Things (IoT) threat surface is exposed to a large vulnerable area of issues – including service, application, node/platform, network/transport, or the IoT device itself.

Complex 5G networks will replace pre-configured security mechanisms with dynamic, instantiated security measures that are deployed by AI-based systems to respond to a new generation of multi-pronged zero-day attacks.

The introduction of sophisticated network slicing in 5G also potentially expands the attack surface through which malware can be introduced. However, new 5G safeguards isolate these slices through multiple layers of the network and provide end-to-end security with a common authentication framework.

The Evolution of Security in 5G  white paper, which defines the threats to 5G security and the standards development, was created by a working group of 5G Americas’ Board of Governors member companies and project leaders Sankar Ray from AT&T and Mike Geller from Cisco.

The paper is available for free download on the 5G Americas website.