SlideShare a Scribd company logo

5G Security Briefing

3G4G
3G4G

A detailed look at 5G security by experts from wenovator, Dr. Anand R. Prasad & Hans Christian Rudolph. This webinar covers: (1) 5G security (2) Private networks security and (3) Open vRAN security To learn more about wenovator, visit their website: https://www.wenovator.com/ All our #3G4G5G slides and videos are available at: Videos: https://www.youtube.com/3G4G5G Slides: https://www.slideshare.net/3G4GLtd Security Page: https://www.3g4g.co.uk/Security/ 5G Page: https://www.3g4g.co.uk/5G/ Security Blog Posts: https://blog.3g4g.co.uk/search/label/Security Free Training Videos: https://www.3g4g.co.uk/Training/

1 of 30
Download to read offline
5G Security Briefing
3G4G.CO.UK Webinar
Dr. Anand R. Prasad & Hans Christian Rudolph
wenovator LLC
March 6, 2021 2021 © wenovator LLC 1
Contents
1. About wenovator
2. 5G Security
• New Challenges
• Standards Enhancements
• Security Assurance
3. Related Topics
• Non-Public Networks
• Open vRAN
4. Key Takeaways
March 6, 2021 2021 © wenovator LLC 2
About the Company
• Private company, founded in 2019
• Built around the concept of holistic security
• Specialization: Mobile Networks & related emerging technologies
• Areas of practice
• Security Strategy & Design
• Solution Assessment & Enhancements
• Advisory on Strategic Partnerships
March 6, 2021 2021 © wenovator LLC 3
Global Engagement & Contribution
3GPP
• Chairman 3GPP
SA3
• Vice-Chairman
3GPP SA3
• Rapporteurs of
several WIDs &
SIDs
• Key contributors of
4G & 5G security
ETSI
• Contributor &
participant of ETSI
NFV, ETSI TC Cyber
• ETSI Security week
committee member
• Speaker at ETSI
events
IEEE
• Senior Member
• Keynote IEEE 5G
Forum
• IEEE 802.11 and
802.15 contributor
GSMA
• Speaker at GSMA
events including
MWC Barcelona
• Contributors to
GSMA FASG
TSDSI/GISFI
• Member of GISFI
Governing Body
• Member of TSDSI
Governing Council
• Founder &
Chairman of
Security and Green
ICT working
groups, GISFI
March 6, 2021 2021 © wenovator LLC 4
What is 5G Security?
That Depends on who you ask
As per public perception:
• Cloud & Edge computing, NFV,
SDN
• Intelligent, AI-enabled security
controls
• Network Slicing
As per 3GPP:
• TS 33.501
• TS 33.310
• TS 33.210
• Security Assurance
Specifications (SCAS)
March 6, 2021 2021 © wenovator LLC 5
As usual, the truth lies somewhere in between, but also includes aspects, such as
Secure System Development and Integration, Security Monitoring, Incident Response, etc.
5G – Increased Security Risk
5G mobile networks are subject to increased security risk compared to 4G,
as attack impact, risk exposure, and the ease of exploitation all increase.
Moreover, increased network complexity makes detection more difficult.
Therefore, network operators' security strategy needs to be redesigned.
March 6, 2021 2021 © wenovator LLC
Increased
Attack
Impact
Increased
Network
Exposure
Ease of
Exploitation
Increased
Security
Risk
6

Recommended

Presentation on 5G security
Presentation on 5G securityPresentation on 5G security
Presentation on 5G securityRanjitUpadhyay4
 
5G and IoT Security
5G and IoT Security5G and IoT Security
5G and IoT SecurityNUS-ISS
 
Transforming Private 5G Networks
Transforming Private 5G NetworksTransforming Private 5G Networks
Transforming Private 5G Networksinside-BigData.com
 
Expanding the 5G NR (New Radio) ecosystem
Expanding the 5G NR (New Radio) ecosystemExpanding the 5G NR (New Radio) ecosystem
Expanding the 5G NR (New Radio) ecosystemQualcomm Research
 
5G SA security: a comprehensive overview of threats, vulnerabilities and rem...
 5G SA security: a comprehensive overview of threats, vulnerabilities and rem... 5G SA security: a comprehensive overview of threats, vulnerabilities and rem...
5G SA security: a comprehensive overview of threats, vulnerabilities and rem...PositiveTechnologies
 
Wi fi 6 (802.11ax) presentation
Wi fi 6 (802.11ax) presentationWi fi 6 (802.11ax) presentation
Wi fi 6 (802.11ax) presentationBryan Slayman
 
5G Network Architecture Options
5G Network Architecture Options5G Network Architecture Options
5G Network Architecture Options3G4G
 
Evolution of wireless technology 1 g 5g1 (2)
Evolution   of   wireless   technology   1 g   5g1 (2)Evolution   of   wireless   technology   1 g   5g1 (2)
Evolution of wireless technology 1 g 5g1 (2)Adarsh Kumarmn
 

More Related Content

What's hot

Firewall
FirewallFirewall
FirewallApo
 
5G Services Story
5G Services Story5G Services Story
5G Services StoryEricsson
 
Telecom Security in the Era of 5G and IoT
Telecom Security in the Era of 5G and IoTTelecom Security in the Era of 5G and IoT
Telecom Security in the Era of 5G and IoTPositiveTechnologies
 
An Introduction to 5G and ‘Real’ 5G
An Introduction to 5G and ‘Real’ 5GAn Introduction to 5G and ‘Real’ 5G
An Introduction to 5G and ‘Real’ 5G3G4G
 
Maximizing SD-WAN Architecture with Service Chaining - VeloCloud
Maximizing SD-WAN Architecture with Service Chaining - VeloCloudMaximizing SD-WAN Architecture with Service Chaining - VeloCloud
Maximizing SD-WAN Architecture with Service Chaining - VeloCloudVeloCloud Networks, Inc.
 
Next generation firewall(ngfw)feature and benefits
Next generation firewall(ngfw)feature and benefitsNext generation firewall(ngfw)feature and benefits
Next generation firewall(ngfw)feature and benefitsAnthony Daniel
 
LTE :Mobile Network Security
LTE :Mobile Network SecurityLTE :Mobile Network Security
LTE :Mobile Network SecuritySatish Chavan
 
6G Training Course Part 5: 6G Requirements
6G Training Course Part 5: 6G Requirements6G Training Course Part 5: 6G Requirements
6G Training Course Part 5: 6G Requirements3G4G
 
5G Network: Requirements, Design Principles, Architectures, and Enabling Tech...
5G Network: Requirements, Design Principles, Architectures, and Enabling Tech...5G Network: Requirements, Design Principles, Architectures, and Enabling Tech...
5G Network: Requirements, Design Principles, Architectures, and Enabling Tech...Sayed Chhattan Shah
 
Wireless network
Wireless networkWireless network
Wireless networkmattglover0
 
MILLIMETER WAVE FOR 5G CELLULAR
MILLIMETER WAVE FOR 5G CELLULARMILLIMETER WAVE FOR 5G CELLULAR
MILLIMETER WAVE FOR 5G CELLULARSudeeshvs01
 
5G spectrum innovations and global update
5G spectrum innovations and global update5G spectrum innovations and global update
5G spectrum innovations and global updateQualcomm Research
 
Advanced: Private Networks & 5G Non-Public Networks
Advanced: Private Networks & 5G Non-Public NetworksAdvanced: Private Networks & 5G Non-Public Networks
Advanced: Private Networks & 5G Non-Public Networks3G4G
 
5G Network Architecture and Design
5G Network Architecture and Design5G Network Architecture and Design
5G Network Architecture and Design3G4G
 
Opinion – 5G Reality Check: Speeds
Opinion – 5G Reality Check: SpeedsOpinion – 5G Reality Check: Speeds
Opinion – 5G Reality Check: Speeds3G4G
 
Introduction to SDN and NFV
Introduction to SDN and NFVIntroduction to SDN and NFV
Introduction to SDN and NFVCoreStack
 

What's hot (20)

Firewall
FirewallFirewall
Firewall
 
5G Services Story
5G Services Story5G Services Story
5G Services Story
 
Telecom Security in the Era of 5G and IoT
Telecom Security in the Era of 5G and IoTTelecom Security in the Era of 5G and IoT
Telecom Security in the Era of 5G and IoT
 
An Introduction to 5G and ‘Real’ 5G
An Introduction to 5G and ‘Real’ 5GAn Introduction to 5G and ‘Real’ 5G
An Introduction to 5G and ‘Real’ 5G
 
Maximizing SD-WAN Architecture with Service Chaining - VeloCloud
Maximizing SD-WAN Architecture with Service Chaining - VeloCloudMaximizing SD-WAN Architecture with Service Chaining - VeloCloud
Maximizing SD-WAN Architecture with Service Chaining - VeloCloud
 
Next generation firewall(ngfw)feature and benefits
Next generation firewall(ngfw)feature and benefitsNext generation firewall(ngfw)feature and benefits
Next generation firewall(ngfw)feature and benefits
 
5G Fundamentals
5G Fundamentals5G Fundamentals
5G Fundamentals
 
Wireless network security
Wireless network securityWireless network security
Wireless network security
 
LTE :Mobile Network Security
LTE :Mobile Network SecurityLTE :Mobile Network Security
LTE :Mobile Network Security
 
5G BASIC
5G BASIC5G BASIC
5G BASIC
 
6G Training Course Part 5: 6G Requirements
6G Training Course Part 5: 6G Requirements6G Training Course Part 5: 6G Requirements
6G Training Course Part 5: 6G Requirements
 
5G Network: Requirements, Design Principles, Architectures, and Enabling Tech...
5G Network: Requirements, Design Principles, Architectures, and Enabling Tech...5G Network: Requirements, Design Principles, Architectures, and Enabling Tech...
5G Network: Requirements, Design Principles, Architectures, and Enabling Tech...
 
Wireless network
Wireless networkWireless network
Wireless network
 
MILLIMETER WAVE FOR 5G CELLULAR
MILLIMETER WAVE FOR 5G CELLULARMILLIMETER WAVE FOR 5G CELLULAR
MILLIMETER WAVE FOR 5G CELLULAR
 
Wifi Security
Wifi SecurityWifi Security
Wifi Security
 
5G spectrum innovations and global update
5G spectrum innovations and global update5G spectrum innovations and global update
5G spectrum innovations and global update
 
Advanced: Private Networks & 5G Non-Public Networks
Advanced: Private Networks & 5G Non-Public NetworksAdvanced: Private Networks & 5G Non-Public Networks
Advanced: Private Networks & 5G Non-Public Networks
 
5G Network Architecture and Design
5G Network Architecture and Design5G Network Architecture and Design
5G Network Architecture and Design
 
Opinion – 5G Reality Check: Speeds
Opinion – 5G Reality Check: SpeedsOpinion – 5G Reality Check: Speeds
Opinion – 5G Reality Check: Speeds
 
Introduction to SDN and NFV
Introduction to SDN and NFVIntroduction to SDN and NFV
Introduction to SDN and NFV
 

Similar to 5G Security Briefing

Best 5G Security Solutions - SecurityGen
Best 5G Security Solutions - SecurityGenBest 5G Security Solutions - SecurityGen
Best 5G Security Solutions - SecurityGenSecurity Gen
 
5G Security Program Datasheet (2).pdf
5G Security Program Datasheet (2).pdf5G Security Program Datasheet (2).pdf
5G Security Program Datasheet (2).pdfSecurity Gen
 
Empowering 5G with Cutting-Edge Security Services.pdf
Empowering 5G with Cutting-Edge Security Services.pdfEmpowering 5G with Cutting-Edge Security Services.pdf
Empowering 5G with Cutting-Edge Security Services.pdfSecurityGen1
 
OSS BSS Transformation: Navigating the Digital Era in Telecom
OSS BSS Transformation: Navigating the Digital Era in TelecomOSS BSS Transformation: Navigating the Digital Era in Telecom
OSS BSS Transformation: Navigating the Digital Era in TelecomSecurityGen1
 
5G Security Program -Case Studies
5G Security Program -Case Studies 5G Security Program -Case Studies
5G Security Program -Case Studies Security Gen
 
Secure Horizons Navigating the Complexities of 5G Security.pdf
Secure Horizons Navigating the Complexities of 5G Security.pdfSecure Horizons Navigating the Complexities of 5G Security.pdf
Secure Horizons Navigating the Complexities of 5G Security.pdfSecurityGen1
 
SecurityGen's OSS/BSS Solutions: Navigating the Complexity of Modern Operations
SecurityGen's OSS/BSS Solutions: Navigating the Complexity of Modern OperationsSecurityGen's OSS/BSS Solutions: Navigating the Complexity of Modern Operations
SecurityGen's OSS/BSS Solutions: Navigating the Complexity of Modern OperationsSecurityGen1
 
CohesiveFT and IBM joint EMEA Webinar - 20Jun13
CohesiveFT and IBM joint EMEA Webinar - 20Jun13CohesiveFT and IBM joint EMEA Webinar - 20Jun13
CohesiveFT and IBM joint EMEA Webinar - 20Jun13Cohesive Networks
 
Shield Guard: Fortify Your Networks with Advanced 5G Security Services
Shield Guard: Fortify Your Networks with Advanced 5G Security ServicesShield Guard: Fortify Your Networks with Advanced 5G Security Services
Shield Guard: Fortify Your Networks with Advanced 5G Security ServicesSecurityGen1
 
Securing Private 5G Networks (1).pdf
Securing Private 5G Networks (1).pdfSecuring Private 5G Networks (1).pdf
Securing Private 5G Networks (1).pdfSecurity Gen
 
Securing Private 5G Networks (1).pdf
Securing Private 5G Networks (1).pdfSecuring Private 5G Networks (1).pdf
Securing Private 5G Networks (1).pdfSecurity Gen
 
Empower Your Defense: SecurityGen's Comprehensive Approach to DDoS Attack Pre...
Empower Your Defense: SecurityGen's Comprehensive Approach to DDoS Attack Pre...Empower Your Defense: SecurityGen's Comprehensive Approach to DDoS Attack Pre...
Empower Your Defense: SecurityGen's Comprehensive Approach to DDoS Attack Pre...SecurityGen1
 
Securing the 5G growth story with NFVi.pdf
Securing the 5G growth story with NFVi.pdfSecuring the 5G growth story with NFVi.pdf
Securing the 5G growth story with NFVi.pdfSecurity Gen
 
Understanding the Risks: Exploring 5G Vulnerabilities with SecurityGen
Understanding the Risks: Exploring 5G Vulnerabilities with SecurityGenUnderstanding the Risks: Exploring 5G Vulnerabilities with SecurityGen
Understanding the Risks: Exploring 5G Vulnerabilities with SecurityGenSecurityGen1
 
Securing the 5G growth story with NFVi (1).pdf
Securing the 5G growth story with NFVi (1).pdfSecuring the 5G growth story with NFVi (1).pdf
Securing the 5G growth story with NFVi (1).pdfSecurity Gen
 
IRJET- Data Security in Local Network for Mobile using Distributed Firewalls
IRJET- Data Security in Local Network for Mobile using Distributed FirewallsIRJET- Data Security in Local Network for Mobile using Distributed Firewalls
IRJET- Data Security in Local Network for Mobile using Distributed FirewallsIRJET Journal
 
Private sector cyber resilience and the role of data diodes
Private sector cyber resilience and the role of data diodesPrivate sector cyber resilience and the role of data diodes
Private sector cyber resilience and the role of data diodesOllie Whitehouse
 
SECURITY and PRINCIPLES IN 5G Technologies.pptx
SECURITY and PRINCIPLES IN 5G Technologies.pptxSECURITY and PRINCIPLES IN 5G Technologies.pptx
SECURITY and PRINCIPLES IN 5G Technologies.pptxMohammed Abdul Lateef
 
SECURING FUTURE CONNECTIVITY: An Extensive Analysis on 5G Network Security
SECURING FUTURE CONNECTIVITY: An Extensive Analysis on 5G Network SecuritySECURING FUTURE CONNECTIVITY: An Extensive Analysis on 5G Network Security
SECURING FUTURE CONNECTIVITY: An Extensive Analysis on 5G Network SecurityIRJET Journal
 

Similar to 5G Security Briefing (20)

Best 5G Security Solutions - SecurityGen
Best 5G Security Solutions - SecurityGenBest 5G Security Solutions - SecurityGen
Best 5G Security Solutions - SecurityGen
 
5G Security Program Datasheet (2).pdf
5G Security Program Datasheet (2).pdf5G Security Program Datasheet (2).pdf
5G Security Program Datasheet (2).pdf
 
Empowering 5G with Cutting-Edge Security Services.pdf
Empowering 5G with Cutting-Edge Security Services.pdfEmpowering 5G with Cutting-Edge Security Services.pdf
Empowering 5G with Cutting-Edge Security Services.pdf
 
OSS BSS Transformation: Navigating the Digital Era in Telecom
OSS BSS Transformation: Navigating the Digital Era in TelecomOSS BSS Transformation: Navigating the Digital Era in Telecom
OSS BSS Transformation: Navigating the Digital Era in Telecom
 
5G Security Program -Case Studies
5G Security Program -Case Studies 5G Security Program -Case Studies
5G Security Program -Case Studies
 
Secure Horizons Navigating the Complexities of 5G Security.pdf
Secure Horizons Navigating the Complexities of 5G Security.pdfSecure Horizons Navigating the Complexities of 5G Security.pdf
Secure Horizons Navigating the Complexities of 5G Security.pdf
 
SecurityGen's OSS/BSS Solutions: Navigating the Complexity of Modern Operations
SecurityGen's OSS/BSS Solutions: Navigating the Complexity of Modern OperationsSecurityGen's OSS/BSS Solutions: Navigating the Complexity of Modern Operations
SecurityGen's OSS/BSS Solutions: Navigating the Complexity of Modern Operations
 
CohesiveFT and IBM joint EMEA Webinar - 20Jun13
CohesiveFT and IBM joint EMEA Webinar - 20Jun13CohesiveFT and IBM joint EMEA Webinar - 20Jun13
CohesiveFT and IBM joint EMEA Webinar - 20Jun13
 
An analysis of the security needs
An analysis of the security needsAn analysis of the security needs
An analysis of the security needs
 
Shield Guard: Fortify Your Networks with Advanced 5G Security Services
Shield Guard: Fortify Your Networks with Advanced 5G Security ServicesShield Guard: Fortify Your Networks with Advanced 5G Security Services
Shield Guard: Fortify Your Networks with Advanced 5G Security Services
 
Securing Private 5G Networks (1).pdf
Securing Private 5G Networks (1).pdfSecuring Private 5G Networks (1).pdf
Securing Private 5G Networks (1).pdf
 
Securing Private 5G Networks (1).pdf
Securing Private 5G Networks (1).pdfSecuring Private 5G Networks (1).pdf
Securing Private 5G Networks (1).pdf
 
Empower Your Defense: SecurityGen's Comprehensive Approach to DDoS Attack Pre...
Empower Your Defense: SecurityGen's Comprehensive Approach to DDoS Attack Pre...Empower Your Defense: SecurityGen's Comprehensive Approach to DDoS Attack Pre...
Empower Your Defense: SecurityGen's Comprehensive Approach to DDoS Attack Pre...
 
Securing the 5G growth story with NFVi.pdf
Securing the 5G growth story with NFVi.pdfSecuring the 5G growth story with NFVi.pdf
Securing the 5G growth story with NFVi.pdf
 
Understanding the Risks: Exploring 5G Vulnerabilities with SecurityGen
Understanding the Risks: Exploring 5G Vulnerabilities with SecurityGenUnderstanding the Risks: Exploring 5G Vulnerabilities with SecurityGen
Understanding the Risks: Exploring 5G Vulnerabilities with SecurityGen
 
Securing the 5G growth story with NFVi (1).pdf
Securing the 5G growth story with NFVi (1).pdfSecuring the 5G growth story with NFVi (1).pdf
Securing the 5G growth story with NFVi (1).pdf
 
IRJET- Data Security in Local Network for Mobile using Distributed Firewalls
IRJET- Data Security in Local Network for Mobile using Distributed FirewallsIRJET- Data Security in Local Network for Mobile using Distributed Firewalls
IRJET- Data Security in Local Network for Mobile using Distributed Firewalls
 
Private sector cyber resilience and the role of data diodes
Private sector cyber resilience and the role of data diodesPrivate sector cyber resilience and the role of data diodes
Private sector cyber resilience and the role of data diodes
 
SECURITY and PRINCIPLES IN 5G Technologies.pptx
SECURITY and PRINCIPLES IN 5G Technologies.pptxSECURITY and PRINCIPLES IN 5G Technologies.pptx
SECURITY and PRINCIPLES IN 5G Technologies.pptx
 
SECURING FUTURE CONNECTIVITY: An Extensive Analysis on 5G Network Security
SECURING FUTURE CONNECTIVITY: An Extensive Analysis on 5G Network SecuritySECURING FUTURE CONNECTIVITY: An Extensive Analysis on 5G Network Security
SECURING FUTURE CONNECTIVITY: An Extensive Analysis on 5G Network Security
 

More from 3G4G

TechKnowledge Technology Stories - Part 3: Satellites - Our Friends In The Sk...
TechKnowledge Technology Stories - Part 3: Satellites - Our Friends In The Sk...TechKnowledge Technology Stories - Part 3: Satellites - Our Friends In The Sk...
TechKnowledge Technology Stories - Part 3: Satellites - Our Friends In The Sk...3G4G
 
TechKnowledge Technology Stories - Part 2: Connecting Everything Everywhere…
TechKnowledge Technology Stories - Part 2: Connecting Everything Everywhere…TechKnowledge Technology Stories - Part 2: Connecting Everything Everywhere…
TechKnowledge Technology Stories - Part 2: Connecting Everything Everywhere…3G4G
 
TechKnowledge Technology Stories - Part 1: Smaller, Faster, Cheaper and More…
TechKnowledge Technology Stories - Part 1: Smaller, Faster, Cheaper and More…TechKnowledge Technology Stories - Part 1: Smaller, Faster, Cheaper and More…
TechKnowledge Technology Stories - Part 1: Smaller, Faster, Cheaper and More…3G4G
 
Beginners: An Quick Introduction to 3GPP
Beginners: An Quick Introduction to 3GPPBeginners: An Quick Introduction to 3GPP
Beginners: An Quick Introduction to 3GPP3G4G
 
Should we stop the shutdown of 2G/3G to save lives??
Should we stop the shutdown of 2G/3G to save lives??Should we stop the shutdown of 2G/3G to save lives??
Should we stop the shutdown of 2G/3G to save lives??3G4G
 
Technology Introduction Series: Edge Computing tutorial.pdf
Technology Introduction Series: Edge Computing tutorial.pdfTechnology Introduction Series: Edge Computing tutorial.pdf
Technology Introduction Series: Edge Computing tutorial.pdf3G4G
 
6G: Potential Use Cases and Enabling Technologies
6G: Potential Use Cases and Enabling Technologies6G: Potential Use Cases and Enabling Technologies
6G: Potential Use Cases and Enabling Technologies3G4G
 
3GPP SON Series: SON Management in HetNets and Enhanced ICIC (eICIC)
3GPP SON Series: SON Management in HetNets and Enhanced ICIC (eICIC)3GPP SON Series: SON Management in HetNets and Enhanced ICIC (eICIC)
3GPP SON Series: SON Management in HetNets and Enhanced ICIC (eICIC)3G4G
 
3GPP SON Series: Cell Outage Detection and Compensation (COD & COC)
3GPP SON Series: Cell Outage Detection and Compensation (COD & COC)3GPP SON Series: Cell Outage Detection and Compensation (COD & COC)
3GPP SON Series: Cell Outage Detection and Compensation (COD & COC)3G4G
 
3GPP SON Series: Minimization of Drive Testing (MDT)
3GPP SON Series: Minimization of Drive Testing (MDT)3GPP SON Series: Minimization of Drive Testing (MDT)
3GPP SON Series: Minimization of Drive Testing (MDT)3G4G
 
3GPP SON Series: RACH Optimization
3GPP SON Series: RACH Optimization3GPP SON Series: RACH Optimization
3GPP SON Series: RACH Optimization3G4G
 
Beginners: Energy Consumption in Mobile Networks - RAN Power Saving Schemes
Beginners: Energy Consumption in Mobile Networks - RAN Power Saving SchemesBeginners: Energy Consumption in Mobile Networks - RAN Power Saving Schemes
Beginners: Energy Consumption in Mobile Networks - RAN Power Saving Schemes3G4G
 
Beginners: Introduction to 5G Reduced Capability (RedCap) Devices
Beginners: Introduction to 5G Reduced Capability (RedCap) DevicesBeginners: Introduction to 5G Reduced Capability (RedCap) Devices
Beginners: Introduction to 5G Reduced Capability (RedCap) Devices3G4G
 
Beginners: Different Types of RAN Architectures - Distributed, Centralized & ...
Beginners: Different Types of RAN Architectures - Distributed, Centralized & ...Beginners: Different Types of RAN Architectures - Distributed, Centralized & ...
Beginners: Different Types of RAN Architectures - Distributed, Centralized & ...3G4G
 
Beginners: Connecting Underground Railway Network
Beginners: Connecting Underground Railway NetworkBeginners: Connecting Underground Railway Network
Beginners: Connecting Underground Railway Network3G4G
 
Beginners: Open RAN Terminology – Virtualization, Disaggregation & Decomposition
Beginners: Open RAN Terminology – Virtualization, Disaggregation & DecompositionBeginners: Open RAN Terminology – Virtualization, Disaggregation & Decomposition
Beginners: Open RAN Terminology – Virtualization, Disaggregation & Decomposition3G4G
 
Opinion: Why do so many new RAN players love Open RAN
Opinion: Why do so many new RAN players love Open RANOpinion: Why do so many new RAN players love Open RAN
Opinion: Why do so many new RAN players love Open RAN3G4G
 
Intermediate: 5G Applications Architecture - A look at Application Functions ...
Intermediate: 5G Applications Architecture - A look at Application Functions ...Intermediate: 5G Applications Architecture - A look at Application Functions ...
Intermediate: 5G Applications Architecture - A look at Application Functions ...3G4G
 
3GPP SON Series: Mobility Load Balancing (MLB)
3GPP SON Series: Mobility Load Balancing (MLB)3GPP SON Series: Mobility Load Balancing (MLB)
3GPP SON Series: Mobility Load Balancing (MLB)3G4G
 
Misc: What Else Does ‘G’ Mean?
Misc: What Else Does ‘G’ Mean?Misc: What Else Does ‘G’ Mean?
Misc: What Else Does ‘G’ Mean?3G4G
 

More from 3G4G (20)

TechKnowledge Technology Stories - Part 3: Satellites - Our Friends In The Sk...
TechKnowledge Technology Stories - Part 3: Satellites - Our Friends In The Sk...TechKnowledge Technology Stories - Part 3: Satellites - Our Friends In The Sk...
TechKnowledge Technology Stories - Part 3: Satellites - Our Friends In The Sk...
 
TechKnowledge Technology Stories - Part 2: Connecting Everything Everywhere…
TechKnowledge Technology Stories - Part 2: Connecting Everything Everywhere…TechKnowledge Technology Stories - Part 2: Connecting Everything Everywhere…
TechKnowledge Technology Stories - Part 2: Connecting Everything Everywhere…
 
TechKnowledge Technology Stories - Part 1: Smaller, Faster, Cheaper and More…
TechKnowledge Technology Stories - Part 1: Smaller, Faster, Cheaper and More…TechKnowledge Technology Stories - Part 1: Smaller, Faster, Cheaper and More…
TechKnowledge Technology Stories - Part 1: Smaller, Faster, Cheaper and More…
 
Beginners: An Quick Introduction to 3GPP
Beginners: An Quick Introduction to 3GPPBeginners: An Quick Introduction to 3GPP
Beginners: An Quick Introduction to 3GPP
 
Should we stop the shutdown of 2G/3G to save lives??
Should we stop the shutdown of 2G/3G to save lives??Should we stop the shutdown of 2G/3G to save lives??
Should we stop the shutdown of 2G/3G to save lives??
 
Technology Introduction Series: Edge Computing tutorial.pdf
Technology Introduction Series: Edge Computing tutorial.pdfTechnology Introduction Series: Edge Computing tutorial.pdf
Technology Introduction Series: Edge Computing tutorial.pdf
 
6G: Potential Use Cases and Enabling Technologies
6G: Potential Use Cases and Enabling Technologies6G: Potential Use Cases and Enabling Technologies
6G: Potential Use Cases and Enabling Technologies
 
3GPP SON Series: SON Management in HetNets and Enhanced ICIC (eICIC)
3GPP SON Series: SON Management in HetNets and Enhanced ICIC (eICIC)3GPP SON Series: SON Management in HetNets and Enhanced ICIC (eICIC)
3GPP SON Series: SON Management in HetNets and Enhanced ICIC (eICIC)
 
3GPP SON Series: Cell Outage Detection and Compensation (COD & COC)
3GPP SON Series: Cell Outage Detection and Compensation (COD & COC)3GPP SON Series: Cell Outage Detection and Compensation (COD & COC)
3GPP SON Series: Cell Outage Detection and Compensation (COD & COC)
 
3GPP SON Series: Minimization of Drive Testing (MDT)
3GPP SON Series: Minimization of Drive Testing (MDT)3GPP SON Series: Minimization of Drive Testing (MDT)
3GPP SON Series: Minimization of Drive Testing (MDT)
 
3GPP SON Series: RACH Optimization
3GPP SON Series: RACH Optimization3GPP SON Series: RACH Optimization
3GPP SON Series: RACH Optimization
 
Beginners: Energy Consumption in Mobile Networks - RAN Power Saving Schemes
Beginners: Energy Consumption in Mobile Networks - RAN Power Saving SchemesBeginners: Energy Consumption in Mobile Networks - RAN Power Saving Schemes
Beginners: Energy Consumption in Mobile Networks - RAN Power Saving Schemes
 
Beginners: Introduction to 5G Reduced Capability (RedCap) Devices
Beginners: Introduction to 5G Reduced Capability (RedCap) DevicesBeginners: Introduction to 5G Reduced Capability (RedCap) Devices
Beginners: Introduction to 5G Reduced Capability (RedCap) Devices
 
Beginners: Different Types of RAN Architectures - Distributed, Centralized & ...
Beginners: Different Types of RAN Architectures - Distributed, Centralized & ...Beginners: Different Types of RAN Architectures - Distributed, Centralized & ...
Beginners: Different Types of RAN Architectures - Distributed, Centralized & ...
 
Beginners: Connecting Underground Railway Network
Beginners: Connecting Underground Railway NetworkBeginners: Connecting Underground Railway Network
Beginners: Connecting Underground Railway Network
 
Beginners: Open RAN Terminology – Virtualization, Disaggregation & Decomposition
Beginners: Open RAN Terminology – Virtualization, Disaggregation & DecompositionBeginners: Open RAN Terminology – Virtualization, Disaggregation & Decomposition
Beginners: Open RAN Terminology – Virtualization, Disaggregation & Decomposition
 
Opinion: Why do so many new RAN players love Open RAN
Opinion: Why do so many new RAN players love Open RANOpinion: Why do so many new RAN players love Open RAN
Opinion: Why do so many new RAN players love Open RAN
 
Intermediate: 5G Applications Architecture - A look at Application Functions ...
Intermediate: 5G Applications Architecture - A look at Application Functions ...Intermediate: 5G Applications Architecture - A look at Application Functions ...
Intermediate: 5G Applications Architecture - A look at Application Functions ...
 
3GPP SON Series: Mobility Load Balancing (MLB)
3GPP SON Series: Mobility Load Balancing (MLB)3GPP SON Series: Mobility Load Balancing (MLB)
3GPP SON Series: Mobility Load Balancing (MLB)
 
Misc: What Else Does ‘G’ Mean?
Misc: What Else Does ‘G’ Mean?Misc: What Else Does ‘G’ Mean?
Misc: What Else Does ‘G’ Mean?
 

Recently uploaded

GraphSummit London Feb 2024 - ABK - Neo4j Product Vision and Roadmap.pptx
GraphSummit London Feb 2024 - ABK - Neo4j Product Vision and Roadmap.pptxGraphSummit London Feb 2024 - ABK - Neo4j Product Vision and Roadmap.pptx
GraphSummit London Feb 2024 - ABK - Neo4j Product Vision and Roadmap.pptxNeo4j
 
Pragmatic UI testing with Compose Semantics.pdf
Pragmatic UI testing with Compose Semantics.pdfPragmatic UI testing with Compose Semantics.pdf
Pragmatic UI testing with Compose Semantics.pdfinfogdgmi
 
The Art of the Possible with Graph by Dr Jim Webber Neo4j.pptx
The Art of the Possible with Graph by Dr Jim Webber Neo4j.pptxThe Art of the Possible with Graph by Dr Jim Webber Neo4j.pptx
The Art of the Possible with Graph by Dr Jim Webber Neo4j.pptxNeo4j
 
Introduction to Multimodal LLMs with LLaVA
Introduction to Multimodal LLMs with LLaVAIntroduction to Multimodal LLMs with LLaVA
Introduction to Multimodal LLMs with LLaVARobert McDermott
 
"How we created an SRE team in Temabit as a part of FOZZY Group in conditions...
"How we created an SRE team in Temabit as a part of FOZZY Group in conditions..."How we created an SRE team in Temabit as a part of FOZZY Group in conditions...
"How we created an SRE team in Temabit as a part of FOZZY Group in conditions...Fwdays
 
Dev Dives: Leverage APIs and Gen AI to power automations for RPA and software...
Dev Dives: Leverage APIs and Gen AI to power automations for RPA and software...Dev Dives: Leverage APIs and Gen AI to power automations for RPA and software...
Dev Dives: Leverage APIs and Gen AI to power automations for RPA and software...UiPathCommunity
 
Are Human-generated Demonstrations Necessary for In-context Learning?
Are Human-generated Demonstrations Necessary for In-context Learning?Are Human-generated Demonstrations Necessary for In-context Learning?
Are Human-generated Demonstrations Necessary for In-context Learning?MENGSAYLOEM1
 
Utilising Energy Modelling for LCSF and PSDS Funding Applications
Utilising Energy Modelling for LCSF and PSDS Funding ApplicationsUtilising Energy Modelling for LCSF and PSDS Funding Applications
Utilising Energy Modelling for LCSF and PSDS Funding ApplicationsIES VE
 
Leonis Insights: The State of AI (7 trends for 2023 and 7 predictions for 2024)
Leonis Insights: The State of AI (7 trends for 2023 and 7 predictions for 2024)Leonis Insights: The State of AI (7 trends for 2023 and 7 predictions for 2024)
Leonis Insights: The State of AI (7 trends for 2023 and 7 predictions for 2024)Jay Zhao
 
Harnessing the Power of GenAI for Exceptional Product Outcomes by Booking.com...
Harnessing the Power of GenAI for Exceptional Product Outcomes by Booking.com...Harnessing the Power of GenAI for Exceptional Product Outcomes by Booking.com...
Harnessing the Power of GenAI for Exceptional Product Outcomes by Booking.com...Product School
 
IT Nation Evolve event 2024 - Quarter 1
IT Nation Evolve event 2024  - Quarter 1IT Nation Evolve event 2024  - Quarter 1
IT Nation Evolve event 2024 - Quarter 1Inbay UK
 
Launching New Products In Companies Where It Matters Most by Product Director...
Launching New Products In Companies Where It Matters Most by Product Director...Launching New Products In Companies Where It Matters Most by Product Director...
Launching New Products In Companies Where It Matters Most by Product Director...Product School
 
AI MODELS USAGE IN FINTECH PRODUCTS: PM APPROACH & BEST PRACTICES by Kasthuri...
AI MODELS USAGE IN FINTECH PRODUCTS: PM APPROACH & BEST PRACTICES by Kasthuri...AI MODELS USAGE IN FINTECH PRODUCTS: PM APPROACH & BEST PRACTICES by Kasthuri...
AI MODELS USAGE IN FINTECH PRODUCTS: PM APPROACH & BEST PRACTICES by Kasthuri...ISPMAIndia
 
National Institute of Standards and Technology (NIST) Cybersecurity Framework...
National Institute of Standards and Technology (NIST) Cybersecurity Framework...National Institute of Standards and Technology (NIST) Cybersecurity Framework...
National Institute of Standards and Technology (NIST) Cybersecurity Framework...MichaelBenis1
 
"The Transformative Power of AI and Open Challenges" by Dr. Manish Gupta, Google
"The Transformative Power of AI and Open Challenges" by Dr. Manish Gupta, Google"The Transformative Power of AI and Open Challenges" by Dr. Manish Gupta, Google
"The Transformative Power of AI and Open Challenges" by Dr. Manish Gupta, GoogleISPMAIndia
 
Act Like an Owner, Challenge Like a VC by former CPO, Tripadvisor
Act Like an Owner,  Challenge Like a VC by former CPO, TripadvisorAct Like an Owner,  Challenge Like a VC by former CPO, Tripadvisor
Act Like an Owner, Challenge Like a VC by former CPO, TripadvisorProduct School
 
Introducing the New FME Community Webinar - Feb 21, 2024 (2).pdf
Introducing the New FME Community Webinar - Feb 21, 2024 (2).pdfIntroducing the New FME Community Webinar - Feb 21, 2024 (2).pdf
Introducing the New FME Community Webinar - Feb 21, 2024 (2).pdfSafe Software
 
Building Products That Think- Bhaskaran Srinivasan & Ashish Gupta
Building Products That Think- Bhaskaran Srinivasan & Ashish GuptaBuilding Products That Think- Bhaskaran Srinivasan & Ashish Gupta
Building Products That Think- Bhaskaran Srinivasan & Ashish GuptaISPMAIndia
 
"Testing of Helm Charts or There and Back Again", Yura Rochniak
"Testing of Helm Charts or There and Back Again", Yura Rochniak"Testing of Helm Charts or There and Back Again", Yura Rochniak
"Testing of Helm Charts or There and Back Again", Yura RochniakFwdays
 

Recently uploaded (20)

In sharing we trust. Taking advantage of a diverse consortium to build a tran...
In sharing we trust. Taking advantage of a diverse consortium to build a tran...In sharing we trust. Taking advantage of a diverse consortium to build a tran...
In sharing we trust. Taking advantage of a diverse consortium to build a tran...
 
GraphSummit London Feb 2024 - ABK - Neo4j Product Vision and Roadmap.pptx
GraphSummit London Feb 2024 - ABK - Neo4j Product Vision and Roadmap.pptxGraphSummit London Feb 2024 - ABK - Neo4j Product Vision and Roadmap.pptx
GraphSummit London Feb 2024 - ABK - Neo4j Product Vision and Roadmap.pptx
 
Pragmatic UI testing with Compose Semantics.pdf
Pragmatic UI testing with Compose Semantics.pdfPragmatic UI testing with Compose Semantics.pdf
Pragmatic UI testing with Compose Semantics.pdf
 
The Art of the Possible with Graph by Dr Jim Webber Neo4j.pptx
The Art of the Possible with Graph by Dr Jim Webber Neo4j.pptxThe Art of the Possible with Graph by Dr Jim Webber Neo4j.pptx
The Art of the Possible with Graph by Dr Jim Webber Neo4j.pptx
 
Introduction to Multimodal LLMs with LLaVA
Introduction to Multimodal LLMs with LLaVAIntroduction to Multimodal LLMs with LLaVA
Introduction to Multimodal LLMs with LLaVA
 
"How we created an SRE team in Temabit as a part of FOZZY Group in conditions...
"How we created an SRE team in Temabit as a part of FOZZY Group in conditions..."How we created an SRE team in Temabit as a part of FOZZY Group in conditions...
"How we created an SRE team in Temabit as a part of FOZZY Group in conditions...
 
Dev Dives: Leverage APIs and Gen AI to power automations for RPA and software...
Dev Dives: Leverage APIs and Gen AI to power automations for RPA and software...Dev Dives: Leverage APIs and Gen AI to power automations for RPA and software...
Dev Dives: Leverage APIs and Gen AI to power automations for RPA and software...
 
Are Human-generated Demonstrations Necessary for In-context Learning?
Are Human-generated Demonstrations Necessary for In-context Learning?Are Human-generated Demonstrations Necessary for In-context Learning?
Are Human-generated Demonstrations Necessary for In-context Learning?
 
Utilising Energy Modelling for LCSF and PSDS Funding Applications
Utilising Energy Modelling for LCSF and PSDS Funding ApplicationsUtilising Energy Modelling for LCSF and PSDS Funding Applications
Utilising Energy Modelling for LCSF and PSDS Funding Applications
 
Leonis Insights: The State of AI (7 trends for 2023 and 7 predictions for 2024)
Leonis Insights: The State of AI (7 trends for 2023 and 7 predictions for 2024)Leonis Insights: The State of AI (7 trends for 2023 and 7 predictions for 2024)
Leonis Insights: The State of AI (7 trends for 2023 and 7 predictions for 2024)
 
Harnessing the Power of GenAI for Exceptional Product Outcomes by Booking.com...
Harnessing the Power of GenAI for Exceptional Product Outcomes by Booking.com...Harnessing the Power of GenAI for Exceptional Product Outcomes by Booking.com...
Harnessing the Power of GenAI for Exceptional Product Outcomes by Booking.com...
 
IT Nation Evolve event 2024 - Quarter 1
IT Nation Evolve event 2024  - Quarter 1IT Nation Evolve event 2024  - Quarter 1
IT Nation Evolve event 2024 - Quarter 1
 
Launching New Products In Companies Where It Matters Most by Product Director...
Launching New Products In Companies Where It Matters Most by Product Director...Launching New Products In Companies Where It Matters Most by Product Director...
Launching New Products In Companies Where It Matters Most by Product Director...
 
AI MODELS USAGE IN FINTECH PRODUCTS: PM APPROACH & BEST PRACTICES by Kasthuri...
AI MODELS USAGE IN FINTECH PRODUCTS: PM APPROACH & BEST PRACTICES by Kasthuri...AI MODELS USAGE IN FINTECH PRODUCTS: PM APPROACH & BEST PRACTICES by Kasthuri...
AI MODELS USAGE IN FINTECH PRODUCTS: PM APPROACH & BEST PRACTICES by Kasthuri...
 
National Institute of Standards and Technology (NIST) Cybersecurity Framework...
National Institute of Standards and Technology (NIST) Cybersecurity Framework...National Institute of Standards and Technology (NIST) Cybersecurity Framework...
National Institute of Standards and Technology (NIST) Cybersecurity Framework...
 
"The Transformative Power of AI and Open Challenges" by Dr. Manish Gupta, Google
"The Transformative Power of AI and Open Challenges" by Dr. Manish Gupta, Google"The Transformative Power of AI and Open Challenges" by Dr. Manish Gupta, Google
"The Transformative Power of AI and Open Challenges" by Dr. Manish Gupta, Google
 
Act Like an Owner, Challenge Like a VC by former CPO, Tripadvisor
Act Like an Owner,  Challenge Like a VC by former CPO, TripadvisorAct Like an Owner,  Challenge Like a VC by former CPO, Tripadvisor
Act Like an Owner, Challenge Like a VC by former CPO, Tripadvisor
 
Introducing the New FME Community Webinar - Feb 21, 2024 (2).pdf
Introducing the New FME Community Webinar - Feb 21, 2024 (2).pdfIntroducing the New FME Community Webinar - Feb 21, 2024 (2).pdf
Introducing the New FME Community Webinar - Feb 21, 2024 (2).pdf
 
Building Products That Think- Bhaskaran Srinivasan & Ashish Gupta
Building Products That Think- Bhaskaran Srinivasan & Ashish GuptaBuilding Products That Think- Bhaskaran Srinivasan & Ashish Gupta
Building Products That Think- Bhaskaran Srinivasan & Ashish Gupta
 
"Testing of Helm Charts or There and Back Again", Yura Rochniak
"Testing of Helm Charts or There and Back Again", Yura Rochniak"Testing of Helm Charts or There and Back Again", Yura Rochniak
"Testing of Helm Charts or There and Back Again", Yura Rochniak
 

5G Security Briefing

  • 1. 5G Security Briefing 3G4G.CO.UK Webinar Dr. Anand R. Prasad & Hans Christian Rudolph wenovator LLC March 6, 2021 2021 © wenovator LLC 1
  • 2. Contents 1. About wenovator 2. 5G Security • New Challenges • Standards Enhancements • Security Assurance 3. Related Topics • Non-Public Networks • Open vRAN 4. Key Takeaways March 6, 2021 2021 © wenovator LLC 2
  • 3. About the Company • Private company, founded in 2019 • Built around the concept of holistic security • Specialization: Mobile Networks & related emerging technologies • Areas of practice • Security Strategy & Design • Solution Assessment & Enhancements • Advisory on Strategic Partnerships March 6, 2021 2021 © wenovator LLC 3
  • 4. Global Engagement & Contribution 3GPP • Chairman 3GPP SA3 • Vice-Chairman 3GPP SA3 • Rapporteurs of several WIDs & SIDs • Key contributors of 4G & 5G security ETSI • Contributor & participant of ETSI NFV, ETSI TC Cyber • ETSI Security week committee member • Speaker at ETSI events IEEE • Senior Member • Keynote IEEE 5G Forum • IEEE 802.11 and 802.15 contributor GSMA • Speaker at GSMA events including MWC Barcelona • Contributors to GSMA FASG TSDSI/GISFI • Member of GISFI Governing Body • Member of TSDSI Governing Council • Founder & Chairman of Security and Green ICT working groups, GISFI March 6, 2021 2021 © wenovator LLC 4
  • 5. What is 5G Security? That Depends on who you ask As per public perception: • Cloud & Edge computing, NFV, SDN • Intelligent, AI-enabled security controls • Network Slicing As per 3GPP: • TS 33.501 • TS 33.310 • TS 33.210 • Security Assurance Specifications (SCAS) March 6, 2021 2021 © wenovator LLC 5 As usual, the truth lies somewhere in between, but also includes aspects, such as Secure System Development and Integration, Security Monitoring, Incident Response, etc.
  • 6. 5G – Increased Security Risk 5G mobile networks are subject to increased security risk compared to 4G, as attack impact, risk exposure, and the ease of exploitation all increase. Moreover, increased network complexity makes detection more difficult. Therefore, network operators' security strategy needs to be redesigned. March 6, 2021 2021 © wenovator LLC Increased Attack Impact Increased Network Exposure Ease of Exploitation Increased Security Risk 6
  • 7. Added complexity and security risk due to high-degree of virtualization and cloud usage Diverse technology ecosystem renders compliance to industry standards and best practices more important than ever Customer's expectations require 5G to be more open and interconnected than any previous mobile generation Diversified service offerings complicates assurance of continuous level of security Greater functional disaggregation throughout the Radio Access and Core Network New and untested protocols (e.g. Protocol for Interconnect Security / PRINS) Heavy use of common web protocols lowers barrier for unexperienced vendors as well as attackers and fraudsters 5G – Security Challenges March 6, 2021 2021 © wenovator LLC 7
  • 8. 3GPP 5G Security Framework Improvements Across The Board User Plane Integrity Protection Primary Authentication Secondary Authentication Increased Home Control Enhanced Subscriber Privacy Visibility and Configurability Service Based Architecture Initial NAS Message Protection 5GS – EPS Interworking Security Unified Access- agnostic Authentication PLMN Interconnect Security - SEPP RAN Security – DU-CU Split Architcture Enablers Advancing the Security Concept to allow both innovation and backwards compatibility. Feature Enhancements 5G improves several foundational security controls to maintain state-of-the-art protection. New Security Features Substancial improvements in terms of privacy protection and extensibility make 5G suitable for critical use cases. March 6, 2021 2021 © wenovator LLC 8
  • 9. Authentication Framework • Access agnostic • 3GPP RAN • Non-3GPP networks (e.g., Wi-Fi) • Wireline networks • Algorithm flexibility • 5G AKA, EAP-AKA' • Other key generating algorithms of the EAP framework (e.g., EAP-TLS) • Improved key hierarchy • Unified 3GPP/non-3GPP hierarchy • Decoupled mobility and security anchors in the serving network March 6, 2021 2021 © wenovator LLC 9 Home Network Serving Network
  • 10. Subscriber Privacy • Concealment of Subscription Permanent Identifiers (SUPI) • SUPI ciphering into a Subscription Concealed Identifer (SUCI) may be performed in either ME or USIM • SUCI deciphering on network side performed by the Subscriber Identity De-concealing Function (SIDF), part of the UDM • 5G further prohibits subscriber paging by SUPI SUCI SUPI Type Home Network Identifier Routing Indicator Protection Scheme Home Network Public Key ID Protection Scheme Output March 6, 2021 2021 © wenovator LLC 10
  • 11. Interconnect Security Control Plane • Interconnect signaling has long been a source for security and fraud risks for network operators • 5G introduces Security Edge Protection Proxy (SEPP) for: • signaling peer authentication • message validation (plausibility checks, configured policies, etc.) • filtering and rate limiting • Builds on PRINS or TLS security User Plane • Less well-known are GTP attacks, which too are known to have been abused in real-world deployments • For this purpose, 5G includes Inter PLMN UP Security (IPUPS) as part of UPF, responsible for: • filtering malformed messages • correlating messages to active PDU sessions based on Tunnel Endpoint Identifier (TEID) March 6, 2021 2021 © wenovator LLC 11
  • 12. User Plane Integrity Protection • Lack of UP IP is one of the few serious 4G/LTE security flaws • Practical attacks have been demonstrated (see alter- attack.net) • 5G introduces PDCP protection policies enabling UP IP • Optional feature, under control of the Serving Network operator • May not be supported by all 5G UE March 6, 2021 2021 © wenovator LLC 12 U P I P
  • 13. Service-Based Interface Security • Service Communiction Proxy (SCP) supports key 5G Core functions: • Discovery, routing, load-balancing, etc. • Building Security on the assumption of Zero Trust is no longer optional • Enforcing network security best practices remains essential • Same goes for protecting REST APIs: • Restrict data exposure to a minimum • Explicitly define access token scope → see OWASP API Security Top 10 March 6, 2021 2021 © wenovator LLC 13
  • 14. Secure Session Establishment NAS/RRC Protection Non-Access Stratum • Integrity protection for messages setting up a NAS security context • Preventing exposure of unsecured information over the air Access Stratum • Ensuring UE security capabilities are not tampered with over the air Bid Down Protection • Anti Bid-Down Between Architectures (ABBA) parameter prevents potential for bid down as new features are introduced March 6, 2021 2021 © wenovator LLC 14
  • 15. Security Assurance Specifications • Combined effort of GSMA & 3GPP: • GSMA specifies Network Equipment Security Assurance Scheme (NESAS) • 3GPP compiles technical security assurance specifications (SCAS) • Given the geopolitical climate, increased interest in NESAS/SCAS • Already covers key 4G/5G NF, incl: • General security requirements • gNB, AMF, UPF, UDM, SMF, AUSF, NRF, NEF, SEPP March 6, 2021 2021 © wenovator LLC 15
  • 16. Private Mobile Network Security March 6, 2021 2021 © wenovator LLC 16
  • 17. Standards Perspective Non-Public Networks (NPN) in 3GPP Public Network Integrated • Provisioned by a public mobile network (PLMN) to some degree • Primary authentication always performed between UE and PLMN • Only AKA-based authentication algorithms may be used • PLMN Operator controls mobile identities, RAN and core network security controls Standalone • Completely isolated from PLMNs • Primary authentication may use alternative EAP-based algorithms • Full control of security controls March 6, 2021 2021 © wenovator LLC 17
  • 18. 5G NPNs For Industry 4.0 Distinct Priorities Stricter Thresholds Higher Impact Availability > Integrity > Confidentiality • More than anything else, industrial settings demand reliability and timeliness • Safety = Availability + Integrity + Latency Deterministic Communication • 5G is the first wireless standard supporting Time Sensitive Networking (TSN), enabling real-time operation & maintenance Security Flaws turn into Safety Incidents • For deployment in which machines work alongside humans or handle hazardous materials, holistic security is not an option March 6, 2021 2021 © wenovator LLC 18
  • 19. Private Mobile Networks Our Perspective & Recommendations March 6, 2021 2021 © wenovator LLC • Industrial verticals first need to determine requirements on their connectivity & security • Based on chosen deployment model, utilized standard contols and advance from there • Operators need to design security frameworks capable of different integration models & tech stacks wenovator.com/private-5g-security 19
  • 20. Open vRAN March 6, 2021 2021 © wenovator LLC 20
  • 21. Standards Perspective Open RAN Enablers in 3GPP • Functional disaggregation in 5G NR: • Centralized Unit (CU) • Distributed Unit (DU) • Clear separation of User Plane and Control Plane • Standard security controls on distributed RAN interfaces: • IPsec and/or DTLS on F1-C connecting DU and CU, E1 connecting CU-CP and CU-UP, and Xn-C between distinct gNBs • IPsec on F1-U between CU and DU and Xn-U between distinct gNBs March 6, 2021 2021 © wenovator LLC 21 CU-UP CU-CP DU RU gNB F 1-C F 1-U Xn-C Xn-U E 1
  • 22. Shift to an Open Technology Stack Opportunity for Security Improvements Mix & Match Best- in-Class Security More Attention to OAM Traffic Greater Control for MNOs Increased Network Visibility Greater Automation Potential March 6, 2021 2021 © wenovator LLC 22
  • 23. Open vRAN Security Our Perspective & Recommendations March 6, 2021 2021 © wenovator LLC • Operators should prepare to take on increased responsibility for security design & implementation • Advocate for clear separation of duties to ensure interoperability • Vendors need to rethink design and packaging of their solutions, allowing them to be integrated into more diverse ecosystems wenovator.com/open-vran-security 23
  • 24. Key Takeaways March 6, 2021 2021 © wenovator LLC 24
  • 25. Technology Focus Areas March 6, 2021 2021 © wenovator LLC Open vRAN Technology Liberation for the Radio Access Connectivity (5G,4G,Wi-Fi) The Next Generation of Mobile & Fixed Communication Internet Of Things Creating Intelligent Distributed Systems Cloud & Edge Computing Distributed Compute and Storage at the Network Edge Private Mobile Networks Reliable Wireless Networking in most demanding Scenarios S e c u r i t y S e r v i c e s S p e c t r u m 25
  • 26. Vicious Cycle of Patchwork Security Pointwise Fix Leading to Continued Spend Security Gap Technology Solution Resource Shortage • Companies are faced with increased technology complexity • Security market full with products addressing a specific issues • Lack of comprehensive security strategy, quickly renders operating & maintaining solutions infeasible March 6, 2021 2021 © wenovator LLC 26
  • 27. How To Do Better Holistic Approach to Technology Changes March 6, 2021 2021 © wenovator LLC • Business needs, security requirements, and risk appetite must be well understood • Implementing a successful security concept requires five key activities • The wenovator proposition is to help its clients execute technology transitions correctly from the start 1. Understand 2. Assess 3. Architect 4. Act 5. Protect 27
  • 28. Takeaways • With 5G comes increased footprint, complexity & exposure • Holistic security considerations are a must for provisioning adequate security • Consistently applying security best practices is indispensable • Optimization & automation becomes quint-essential March 6, 2021 2021 © wenovator LLC 28
  • 29. Blogs Books Specifications Magazine Journals References wenovator blog posts wenovator.com/en/blog Journal of ICT Standardization, River Publishers journals.riverpublishers.com/index.php/JICTS/index • 5G non-standard aspects, vol 5 issue 3 • 3GPP 5G specifications, vol 6 issue 1 • 3GPP 5G Phase 2 security, vol 8 issue 1 RSA 2019 Talk: 4G to 5G Evolution: In-Depth Security Perspective https://youtu.be/DeTASrRYalE Cybersecurity Magazine cybersecurity-magazine.com • Several articles on 5G security and related aspects 3GPP SA3 specifications 3gpp.org/DynaReport/33-series.htm March 6, 2021 2021 © wenovator LLC 29
  • 30. Contact 107-0062 Tokyo, Minatoku Minamiaoyama 2-2-15 Win Aoyama 942 wenovator.com linkedin.com/company/wenovator twitter.com/wenovator March 6, 2021 2021 © wenovator LLC 30