changing face of security with 5g · 2020-01-21 · summary 5g will support the vision of...
TRANSCRIPT
5G Architecture
Management
Access Network Core Network
Transport Network
Core Network
Other Operator
Interconnect
NetworkUser
Equipment
Public
Network
User Payload
Control Signalling
Management Traffic
5G Use Cases
● Broadband Experience,
Everywhere, Anytime
● Internet of Things (IoT)
● Smart Vehicles, Transport &
Infrastructure
● Critical Control of Remote
Devices
● Media Everywhere
5G Features
5G technology is driven by 8 specification
requirements:
1. Up to 10Gbps data rate - > 10 to 100x
improvement over 4G and 4.5G networks
2. 1-millisecond latency
3. 1000x bandwidth per unit area
4. Up to 100x number of connected devices
per unit area (compared with 4G LTE)
5. 99.999% availability
6. 100% coverage
7. 90% reduction in network energy usage
8. Up to 10-year battery life for low power
IoT device
Historical Security
● Targeted Protection
○ Initially voice and then data
● Limited Protection needs
○ User: data encryption, basic
identity protection (temporary IDs)
● Relative Stability
○ Threats didn’t change much over
time
● Generally Successful
○ Issues with Cloning /
Masquerading and Crypto issues in
1st and 2nd Generation
○ Zero Config from users point of
view
Business & Trust Models
● Not just voice and data, but different
devices e.g. unattended machines,
sensors, smart meters, cars and
architectures (Cloud and IoT)
● Higher bitrate, lower latency and more
devices
● Connecting industries: manufacturing,
health, transport, smart cities…
● 5G has a crucial role in society operation
and security, privacy and resilience will
span beyond technology to regulations
and legal frameworks
Service Delivery Models
● Cloud, Virtualisation and Anything-
as-a-service
○ Reduce costs, deploy and
optimize services more rapidly
○ Increased dependency on secure
software
○ Decoupling of Hardware and
Software means that software can
no longer rely on security
attributes of dedicated hardware
○ Stronger isolation properties are
required
● Telecom Network API’s
Increased Privacy
● Awareness of user privacy due to
events such as:
○ Edward Snowden and NSA
○ Julian Assange and Wikileaks
○ Cambridge Analytica
● Big Data, Machine Learning and AI
push these concerns even further
Evolving Threat Landscape
● 5G as Critical Infrastructure will be
subject to cascading effects
● 5G Security protocols should be
designed for attack resistance
● Phase out of traditional methods
e.g. username/password
● Emphasis on measurable security
assurance and compliance
User Equipment
Examples: Smartphones, tablets, Smart
Devices (TV, Fridge, Home)
Why Target?
● Popularity
● Increased Data Transmission
● Large variety of connectivity options
● Mobile Malware
● Mobile Botnets
Access Networks
● Attacks on 4G Infrastructure
○ Attack the packet scheduling
algorithm to steal bandwidth
○ Message insertion leads to DoS attack
against a new arriving UE
● Femtocell attacks
○ Physical tampering with devices
○ Configuration attacks
○ Protocol attacks (MitM during first
access)
○ Attacks on the operators core network
from compromised nodes
○ Attacks on radio resources and
management to increase handovers
Core & External Networks
● DDoS attacks:
○ Signalling amplification
○ Home Subscriber Server saturation
● DDoS attacks targeting external
entities over the mobile operators
core network
● Compromise enterprise networks
Summary
● 5G will support the vision of “everything connected”
● Instead of individual security mechanisms, a systematic approach is needed
● 5G security cannot be “copied” from 4G or older security standards and practices
● There are valid security approaches, but they need to be revisited e.g. trust models, devices,
assurances
● Attacker targets include just about everything: user devices, access and core networks , home
and external networks
● Better synergy between IT, Security and Network Teams. The landscape is changing and so are
the skill sets