The 5G Annual Journal 2017 provides an analysis of the 5G ecosystem evolution over the past 12 months, showing how phase 1 projects in the 5G Infrastructure PPP programme have achieved outstanding progress and impact in the period mid-2016 to mid-2017.
5G-ENSURE drives the vision for security to be natively supported by the 5G infrastructure to ensure the correct support of the 5G use cases and fulfil the needs coming from vertical industries.
5G-ENSURE achievements, referred to as the project's "Golden Nuggets" span a set of security and privacy enablers; a 5G test-bed and reference security architecture.
5G Security and Privacy Enablers
17 enablers have been developed and released to concretely demonstrate their capabilities and operation in a 5G network. This has been achieved with the set-up of the 5G test bed. A second final set of security enablers have now been specified as completely new solutions as well as additional features of the enablers already available. They contribute to have a total of 24 enablers will soon be available, each with an open specification and a software release for demonstration and integration purpose.
Based on interconnected nodes in France and Finland, the test-bed shows, on a small scale, what a 5G network could be like, by enabling the development and testing of complex end-to-end, multi-domain, multi-operator 5G oriented security scenarios. The test-bed set-up meets the requirements of the 5G security and privacy enablers against the threats emerging from identified use cases. It is used to demonstrate the security enhancements provided by the capabilities/features of each delivered enabler but also to showcase the added value of combining them to improve access control, privacy, trust, as well as network management and virtualisation security.
5G Security Architecture
The security architecture builds on the current 3GPP security architecture (TS 33.401) where the network and its security functionalities are represented in terms of domains, strata and security feature groups. These building blocks have been revised in terms of concept and extended to capture the characteristics of 5G system such as the strong dependency on software defined networking and virtualisation and the need to support multi domains and vertical use cases. Therefore the concept of domain has been revised to distinguish between infrastructure domains, related to physical network aspects, and tenant domains, reflecting the logical network aspects. These domains are strongly connected to the 5G trust model as many of the domains will typically be coupled to administration/ownership. The strata concept has been extended to characterise the different functional aspects related to the provisioning of a service. Finally, the security feature groups concept that comprise the set of security capabilities required to protect and uphold the security of the various domains and strata have been replaced by Security Realms and Security Control Classes to better capture “Where” Security is needed and “What” type of Security is needed.
With the draft architecture in place, each of the 5G-ENSURE enablers has been linked to the major building blocks of the architecture showing the enhancements in terms of security and where these are needed.
The European 5G Annual Journal 2017
#5G #EU #5GIA @5GEnsure @5GPPP #security