I. Design Principles for 5G Security
II. Cyber Security Business Models in 5G
III. Physical Layer Security
IV. 5G WLAN Security
V. Safety of 5G Network Physical Infrastructures
2. AGENDA
I. Design Principles for 5G Security
II. Cyber Security Business Models in 5G
III. Physical Layer Security
IV. 5G WLAN Security
V. Safety of 5G Network Physical
Infrastructures
2
3. 2.1
INTRODUCTION TO
DESIGN PRINCIPLES
3
Concepts mentioned are used in the
context of 5G networks to address
various security, efficiency, and
operational challenges associated with
the deployment and operation of
advanced communication systems.
4. Design principles
• Design improvements in place after the
generations from 1g to 5g
The varying design principles have the
consequences leading to breakdown into 5
generations
• 1. Zero-trust security
• 2. End-to-end security
• 3. Defense in depth
• 4. Privacy-preserving design
4
5. 1. Zero-trust security:
Zero Trust security is a strategy that requires users
to be authenticated, authorized, and continuously
validated before being granted access to
applications and data. The main concept behind
Zero Trust is "never trust, always verify"
Implement strong authentication and
authorization mechanisms to ensure only
authorized entities access the network and
resources.
Employ dynamic security policies that adapt to
changing threats and vulnerabilities.
5
6. • Encrypting data during transmission
and storage
• Implementing strong access control
measures
• Regularly patching software
vulnerabilities
6
2. End-to-end security
End-to-end security is a holistic approach
that involves implementing security measures at
every point along a system or network.
7. 3. Defense in depth
• DID is a strategy that uses multiple
security products and practices to
safeguard an organization's network, web
properties, and resources.
• Employ multiple layers of security
controls to create a resilient defense
against cyberattacks.
• Implement security at the network,
device, application, and data levels.
• Use a combination of preventive,
detective, and corrective controls to
mitigate risks and respond to incidents
effectively.
7
8. 4. Privacy-preserving design
• It is a privacy-first approach which allows users to
protect the privacy of their personally identifiable
information (PII) while allowing marketers to maintain
the functionality of data-driven systems
8
• Minimize data collection and storage to protect user
privacy and prevent unauthorized access
to personal information.
• Anonymize data where possible to reduce the risk of
identity theft and tracking.
• Provide users with control over their data and allow them
to make informed choices about privacy settings.
10. Introduction
The business model concept is situated at the
intersection of entrepreneurship and strategy
and acts as a pivotal link between strategic ideas and
practical decision-making within the dynamic
context of modern business.
Definition of Business Model
A model that acts as decisions related to strategy,
architecture, and economics for sustainable
competitive advantage.
10
12. 12
The 4C Typology of the ICT Business
Model
: - Business models in the ICT sector
have evolved with the mobile
telecommunications industry,
emphasizing vertical and horizontal
integration for value creation.
ICT introduced a 4C typology for
classifying Internet-based business
models: Connection, Content, Context,
and Commerce.
13. 4C Model Layers:
1. Connection (C1): Definition: Concerns connection-related business models
providing services. Example: Stakeholders offering connection-related services
in the ICT industry.
2. Content (C2): Definition: Focuses on monetizing content services, including
various online content types. Example: Platforms offering mobile video
streaming, peer-to-peer content exchange, web browsing, and
educational/entertainment content.
3. Context (C3): Definition: Involves creating and monetizing user, content,
equipment/device, and system profiles, turning data into meaningful information.
Example: Utilizing data from 5G networks to offer personalized services based
on user profiles, time, place, and history data.
4. Commerce (C4): Definition: Involves monetizing resources, actors, or activities
related to ongoing communications, encompassing B2B, B2C, B2G, C2B, C2C,
and G2G communication. Example: Monetization of business, consumer, and
government types of communication in various communication channels.
Sample Footer Text 13
15. 1. Beamforming and Directionality:
Focus: Directing signals in specific directions.
Benefit: Reduces eavesdropping vulnerability.
2. Millimeter-Wave Technology:
Focus: Leveraging focused and directional millimeter-wave
frequencies.
Benefit: Minimizes interference, increases security.
3. Massive MIMO:
Focus: Using a multitude of antennas for improved signal
focus.
Benefit: Strengthens signal, reduces eavesdropping risks.
4. Secure Transmission Techniques:
Focus: Introducing controlled interference for secure
transmission.
Benefit: Enhances data confidentiality.
15
Key
Components
16. WBPLSEC
SYSTEM
MODEL
• WBPLSec (Watermark-Based Blind
Physical Layer Security)
is a novel security approach for
wireless communications
that leverages the physical
properties of the wireless channel to
enhance confidentiality and
secrecy.
• It operates at the physical layer,
providing an additional layer of
security beyond traditional
cryptographic techniques. 16
17. • Key Features of WBPLSec:
• Physical Layer Security: Operates directly at the physical
layer, capitalizing on the physical properties of wireless
channels for enhanced security.
• Watermarking as a Security Mechanism: Innovatively
employs watermarking techniques for secure message
embedding and authentication within wireless signals.
• Blind Detection Capability: Facilitates watermark extraction
without requiring the original signal, offering a distinct
advantage in terms of robustness and resilience against
attacks.
17
18. Breakdown of the process
1. Transmitter: Alice starts by preparing her secret message. This
message is then encoded into a watermark and cleverly woven into
the fabric of her data packet. The watermarked data packet is then
transmitted through the wireless channel.
2. Jamming Receiver: Meanwhile, Bob's receiver plays a crucial role. It
not only receives the watermarked data packet but also acts as a
jamming receiver.
This specialized receiver generates a deliberate jamming signal
that acts as a shield, further obfuscating the secret message from
prying ears.
3. Watermarked Signal Extraction: While the eavesdroppers only see
the original data and the jamming signal, Bob's receiver has the
key to unlock the hidden message.
It skillfully extracts the watermark from the received signal,
revealing Alice's secret message to its rightful recipient.
18
20. • The arrival of 5G promises lightning-fast speeds and
transformative applications, but with great power comes
great responsibility
• 5G WLAN (Wireless Local Area Network) security refers to
the measures and protocols implemented to secure wireless
communications within a local area network using 5G
technology.
• As 5G networks enable faster and more efficient wireless
connectivity, ensuring the security of WLANs becomes crucial
to protect sensitive data, maintain user privacy, and prevent
unauthorized access
20
21. Security Principles
1. Zero-Trust Security: Move beyond implicit trust and continuously
verify the identity and access rights of all network elements and users.
2. End-to-End Security: Protect data and communication throughout its
entire journey, from user devices to network core and applications.
3. Defense-in-Depth: Implement multiple layers of security controls like
firewalls, intrusion detection, and data encryption to create a resilient
defense.
4. Privacy-Preserving Design: Minimize data collection and storage, use
anonymization techniques, and give users control over their privacy
settings.
21
22. Physical Layer
1. Beamforming: Directs signals towards intended users, reducing
eavesdropping opportunities.
2.Full-duplex communication: Transmits and receives simultaneously,
enhancing spectrum efficiency and reducing vulnerability to certain attacks.
3. Physical layer encryption: Explored for added protection against
physical layer attacks.
Data link/MAC Layer
1. Enhanced authentication and key management: Stronger protocols
like WPA3 and Enhanced Open for secure user and device
authentication.
2. Dynamic resource allocation: Minimizes interference and mitigates
jamming attacks.
3. Traffic encryption: Protects data confidentiality and integrity using AES-
based encryption.
4. Secure link establishment: Securely establishes and maintains
connections between devices. 22
23. Network Layer
1. Network slicing: Isolates different services and traffic types,
reducing attack surfaces and potential impact.
2. IPsec: Protects IP traffic with authentication and encryption.
3. SDN/NFV: Centralized control and programmability for flexible
security policy enforcement and dynamic threat response.
Transport Layer
1. TLS: Secures communication between applications and servers,
ensuring confidentiality and integrity of data in transit.
2. DTLS: Variant of TLS for UDP-based applications, providing similar
security for real-time and low-latency services.
23
24. Application Layer
1. Secure coding practices: Prevent vulnerabilities in applications
and services.
2. Data minimization: Collect and store only essential data to reduce
exposure in case of breaches.
3. User privacy protection: Mechanisms for consent management,
data anonymization, and location privacy.
24
26. SAFETY OF 5G NETWORK PHYSICAL
INFRASTRUCTURE
• The safety of 5G network physical infrastructures is a
critical aspect that involves ensuring the security,
reliability, and resilience of the physical components
that make up the 5G network.
• This encompasses a range of considerations to safeguard
infrastructure from physical threats, environmental
challenges, and potential vulnerabilities
26
27. 1. Physical Security Measures:
• Access Control: Implementing strict access control measures to
secure physical locations where 5G infrastructure components are
housed, such as data centers and cell sites.
• Surveillance Systems: Employing surveillance cameras and
monitoring systems to deter unauthorized access and detect any
suspicious activities.
2. Resilience to Environmental Factors:
• Weatherproofing: Ensuring that infrastructure components are
designed to withstand various weather conditions, such as extreme
temperatures, heavy rain, and storms.
• Natural Disaster Preparedness: Implementing measures to protect
against natural disasters, such as earthquakes, floods, or hurricanes.
27
28. 3. Redundancy and Backup Systems:
•Power Redundancy: Implementing backup power systems, such as
generators and uninterruptible power supplies (UPS), to ensure
continuous operation during power outages.
•Network Redundancy: Designing the network with redundancy to
reroute traffic in case of component failures, enhancing reliability.
4. Cybersecurity Integration:
•Physical and Cyber Convergence: Ensuring a holistic approach that
integrates physical security measures with robust cybersecurity
protocols to protect against cyber-physical threats.
• Access Management: Implementing secure access management
systems to prevent unauthorized access to critical infrastructure.
28
29. 5. Regulatory Compliance:
•Compliance with Safety Standards: Adhering to safety and security
standards and regulations established by relevant authorities to ensure
that the infrastructure meets industry-specific safety guidelines.
•Emergency Response Planning: Developing and implementing
emergency response plans to address unforeseen events and mitigate
potential risks.
6. Public Safety Considerations:
•Electromagnetic Radiation Safety: Adhering to safety guidelines
related to electromagnetic radiation exposure to address public
concerns and ensure compliance with established limits.
•Community Engagement: Engaging with local communities to
address safety concerns and communicate the safety measures in
place.
29