US perspectives on security and privacy in 5G

In June 2016, US regulator, the Federal Communications Commission, set out new rules for wireless broadband operations in frequencies above 24GHz, claiming that the US is the first country in the world to make this spectrum available for next generation wireless services. According to the FCC, the new rules ‘set a strong foundation for the rapid advancement to next generation 5G networks and technologies’.

So what role do 5G security and privacy play and what perspectives are US stakeholders already bringing to the discussion?

• Assessing, planning and incorporating security elements into networks and devices as early as possible in their developmental stages. Security elements are important for service providers and equipment developers to consider now with on-going discussions as networks and devices are deployed and operated.
• Network-based hop-to-hop security approach used today to secure the path between communications users will not be sufficient for differentiated end-to-end security for certain 5G services.
• Systems need of a secure architecture, stringent identity management and data protection, more rigorous authentication methods, and an array of system level protections to defend against distributed denial of service (DDoS) attacks and other intrusions.
• Security features incorporated into 5G systems by design would provide a significant advantage over any “built on top of” system design. Since the service and network architecture of 5G is going through dramatic remodelling, early inclusion of security protection will give competitive strength.
• The view that security should be a fundamental component in the design of any new network architecture and protocols is also shared by 5G Americas, which underscores the heightened sense that security is expected to take on as new technology and services are deployed. 5G systems are expected to provide important applications like smart grids, telemedicine, industrial control, public safety and automotive, bringing security requirements to defend against intrusion and ensure uninterrupted operations.
• On top of this, a variety of developments will have security implications: machine to machine communications will contemplate energy optimisation, reduced signalling, and massive connectivity. With these advances, the Internet of Things will become a reality. 5G systems will be capable of supporting a range of machine-to-machine services, from connected cars to smart cities to telemedicine and beyond.
• Highly secure 5G systems will be expected even in times of stress. Reliance on 5G will only increase in the event of a man-made or naturally occurring outage in a critical service. Hence 5G services will need to be highly secure prior to deployment.

In Europe, 5G-ENSURE is the first 5G PPP project that deals with the horizontal area of security. As such, it will provide input to other 5G projects, in terms of defining architecture and in contributing significant through various standardisation bodies.

Current outputs: 5G Use Cases with focus on security and privacy issues | 5G PPP security enablers technical roadmap (early vision) | 5G PPP security enablers open specifications | 5G Security test bed architecture