telebriefing-150415-ericssons-security-solutions

Straw Program
- Topics that highlight Ericsson’s IP
expertise
- Leverage Ericsson’s strengths and
apply to new technology and issues to
resolve. (e.g, MBH)
- Focus on operator perspective and
pain points
- Cover emerging tech and tech we have
“on the truck”
- Include “friendly” partners to show not
working in a vacuum
- Industry thought leaders for keynotes to
highlight technical business drivers
- One track for non-technical business
related content*
- Possible Friday customer meetings
• 2-3 distinct parallel tracks.
• Could have side room for “Meet the Engineer” private sessions.
Ericsson’s Security
Solutions
Security in A Networked Society
Telebriefing, 15 April 2015

Jonathan Olsson
Security specialist,
Group Function Technology
Stefan Jung
Head of Product Line Security
Business Unit Cloud and IP
Pedro Calderon
Product Management, Product Line Authentication & Digital ID
Business Unit Support Solutions
Telebriefing Security Solutions | Public | © Telefonaktiebolaget LM Ericsson 2015 | 2015-04-15 | Page 2

THE NetworkED society REQUIRES
A different SECURITY mINDSET
Security for
people
Security for
business
Security for
society

Connectivity more and more
part of our life
1875 20001975
10
30
50
15 years
50 billion connected devices
25 years
5 billion connected people
100 years
1 billion connected places
20
40
Connections(billion)
2020

Connectivity integrated
into our way of life
Collaboration
Innovation
Privacy
Competence
Trust
Socializing
Learning
Everything
PEOPLE do
Media
Commerce
Security
Government
Education
Transport
Healthcare
Utilities
In all parts of
SOCIETY &
BUSINESS
Will be done over a
NETWORK

NEW OPPORTUNITIES
– NEW CHALLENGES
Increased
network capacity
More commerce &
financial transactions
More cloud
storage & services
Open and capable
devices
An IP based unified
global network
New things
get connected
More services
get networked
More decisions
based on real-time data

our perspective on Security
in the networked society
• services should always be available
• security should require minimum effort from users
• communications should be protected
• all access to information and data should be authorized
• manipulation of data in the networks should be possible to detect
• the right to privacy should be protected

System scale
Users
Thousands Millions Billions
Enterprise
Telecom Networks
Multiple Networks
Moderate
Large
Very large
Our Focus:
Large scale security

AUTHENTICATION
& identity
Pedro Calderon

Secure Authentication
across all networks & services
Mobile
identity
ioT/M2MIMS & VolTe Media
delivery
Trusted
proxy
Cloud ready solutions

THE NETWORKED SOCIETY
Billion of devices in need of …
› Simple
› Scalable
› Cost efficient
› Secure
› E2E Solutions

Advanced security technology to…
› Meet the demand of billions of new connections
–Technology today is not only about connecting objects… It is about the data
integrity, its security and what companies do with it…
› Drive the Inflection point for new connections revenues
–Focusing on key Industry & Society Sectors
› Automotive (CVC), Industry 4.0, Health care (m-health) & Utilities.

Protected Enterprise
Protected GatewaySensor Network
SIM - UICC
GBA Bootstrapping
Protect Enterprise Access
Connect Device
Protected Data Transfer
Security for iot networks
BSF
NAF
BSF Bootstrapping Server Function
NAF Network Application Function

› First Network Based Authentication
(GBA) implementation over
LTE/WiFi for IOT/M2M in the world
› Scalable, Certificate independent
E2E solution for IoT Capillary
networks
› Future proof AKA Based 5G security
Ericsson Security
solutions for IOT

Sample use cases

Ericsson authentication & digital Identity
rich portfolio of mature & Innovative products
AUTHENTICATION
4 the NETWORK
SOCIETY
INNOVATIVE
YET PROVEN
SOLUTIONS
SCALABLE
AND
RELIABLE
GLOBAL
REACH AND
PRESENCE
PUSHING FOR
ENTIRE
ECOSYSTEM

Securing
the network society
Stefan Jung

The Traditional Approach to
Cyber Security
Build a fence around
the data. Which has
fundamental flaws…
• You can’t be 100% sure the
fence is working (no
instrumentation).
• Supervisors, courts and the
public have no transparency.
• Cloud computing means the
perimeter blurs.
• Over 50% of electronic fraud is
conducted by insiders.
ATTACKER
PERIMETER
INSIDER

Verifying that
DATA
In your network
is not compromised
What is data-centric security?
Firmware
ConfigurationsFirewalls Routing tables
Data-at-rest
…and other
critical assets
Event logs
PaaS / IaaS
Virtualization

The offerings
Data Centric Security portfolio:
Solutions:
Ericsson Cybersecurity
Ericsson Big Data Regulatory Compliance
Ericsson Industrial Infrastructure Assurance
Ericsson Internet-of-Things Security
Products:
Ericsson Security Operations Center Manager
Ericsson Security Appliance
Ericsson Global Signing as-a-Service
Ericsson Global Identity as-a-Service
CONFIDEN-
TIALITY
AVAILABILITY INTEGRITY
SECURITY
MODEL
Prevent the
disclosure of
information to
unauthorized
individual or
systems
Maintaining and
assuring the
accuracy and
consistency of
systems and data
Making sure that the
computing systems, the
security controls, and the
communication channels
are functioning correctly

Integrity Breach Confidentiality Breach
Your car Your braking system stops working Your braking patterns are exposed
Your flight
Your plane’s instruments report that
you are 1,000 feet lower than you
actually are
Your flight plan is posted on Internet
(note: it already is)
Your local power station
Critical systems compromised leading
to shutdown and catastrophic failure
Your electricity bill is published online
Your pacemaker Shutdown and death
Your heartbeat becomes public
knowledge
Your home
Your security system is remotely
disabled
The contents of your fridge are
‘leaked’. You drink how much beer?
Why does integrity matter

KSI® is a blockchain technology
invented by Guardtime.
KSI blockchain is a public ledger
that provides proof of time, integrity
and identity of electronic data.
Used by governments since 2007,
KSI will be made available for global
enterprises by Ericsson in 2015.
Enabling Technology
keyless signature infrastructure (KSI®)
KSI Calendar
Blockchain
Global
Aggregation
Tree
Europe Asia Americas
Hash Values Keyless Signatures
Customer Data

NETWORK Analytics –
Mobile network
securIty
Jonathan Olsson

Changing Device Ecosystem

Telecom
network
Integrated Security Solution
Internet
SIEM + NGFW
ERICSSON NETWORK
MANAGER
(e2e Analytics)
TRAFFIC
ANOMALIES
SECURITY
EVENTS
IMPROVED DETECTION AND RESPONSE

Operator Benefits
PROTECT
NETWORK RESOURCES
PROTECT
CUSTOMER SATISFACTION
INCREASE
TRUSTWORTHINESS
CREATE
VALUE-ADDED SERVICES
CONTROL
OPERATIONAL EXPENSE
PROTECT
ENTERPRISES

KSI is a data signature
technology invented by
Guardtime.
KSI data signatures provide proof
of time and integrity of electronic
data as well as attribution of
origin.
Used by governments since 2007,
KSI will be made available for
global enterprises by Ericsson in
2015.
Enabling technology
keyless signature infrastructure (KSI)
Open Verification: For signature
verification, one needs to trust publicly
available information only - verification
does not rely on trusted insiders or
security of key-stores.
Massively scalable: System
performance is practically independent of
the number of clients or amount of data
signed / verified.
Portable: Data can be verified even
after crossing geographical or
organizational boundaries or service
providers.
Supports Real-time
Protection: Data signature
verification requires milliseconds, which
allows clients to perform continuous
monitoring and tamper detection.
Long-term validity: Proof is
based only on the properties of hash
functions and does not expire.
Carrier Grade: The system
architecture is able to deliver 99.999%
availability.
Offline: The system does not
require network connectivity for
verification.
Post-Quantum: The proof stays
valid even assuming functioning
quantum computers, i.e. does not rely
on traditional asymmetric or elliptic curve
cryptography.
.

telebriefing-150415-ericssons-security-solutions

More Related Content

What's hot

Viewers also liked

Similar to telebriefing-150415-ericssons-security-solutions

telebriefing-150415-ericssons-security-solutions