Submitted by s.parker on March 3, 2017
5G PPP cross project workshop last February gathered experts from the 5G PPP to take stock of current progress at the technological level and chart a course for future priority actions.
Pascal Bisson, Thales and Technical Coordinator of 5G-ENSURE, chaired the session on 5G Security. He was joined by representatives from CHARISMA, METIS-II, and SUPERFLUIDITY to discuss major security issues in 5G and how these 5G PPP projects are addressing them. A summary of the main outcomes follows.
5G-ENSURE outputs for 5G Security
- The diverse set of use cases identified by 5G-ENSURE illustrate increased complexity of actors in 5G and related security issues.
- The security architecture leverages the current 4G architecture (TS 33.401) with its "strata" and "domains" and aims to address major gaps and changes brought by 5G, including a new trust model.
- The enablers focus on areas of major concerns: authentication, authorisation and accounting; privacy; trust; security; monitoring; network management and virtualisation isolation. Each enabler comes with a product vision, open specifications and reference implementation.
- The 5G test-bed is a a key asset, designed to meet the security requirements against the threats emerging from the use cases identified by 5G-ENSURE.
Security Aspects in CHARISMA
- Secure end-to-end services for 5G networks: security and policy management; decision control for threat detection; virtualisation isolation; identity and access management; proactive traffic and resource monitoring.
- Open Access Manager: Infrastructure sharing with centralised management enabling multi-tenancy. Infrastructure providers can offer end-to-end network slices to VNOs.
- Virtualised Security Functions: A virtualised intrusion and detection systems (IDS) and a virtualised firewall (vFW).
METIS-II on 5G Security from RAN perspective
- Security is becoming evermore important as computational abilities to "crack" security increases.
- METIS-II focuses on network access security and how this affects AS signaling and the RAN functions such as mobility.
- 5G requirements from 38.913: mobility enhancements, inactive state transmission and tight interworking between NR and LTE.
SUPERFLUIDITY on Network Security
- Verification can offer guarantees on network security.
- SELF - Network modelling language designed for SE.
- Symnet - fast symbolic execution engine for SELF.
- CTL - policy specification language.
Post-event report from METIS-II.
Social media reach: we are delighted to announce that the takeaway message from the workshop was Top Media Tweet on 5G-ENSURE in February, illustrating wide interest in the technology progress of 5G.<![CDATA[// ><!]]>