A Security Architecture for 5G Networks (original) (raw)
Related papers
Designing enhanced Security Architecture for 5G Networks
International Journal of Management, IT & Engineering, 2018
5G systems will give chances to the making of new administrations, for new plans of action, and for new players to enter the versatile market. The systems will bolster efficient and financially savvy dispatch of a huge number of administrations, custom fitted for various vertical markets having shifting administration and security necessities, and including an expansive number of performing artists. Key innovation ideas are organize cutting and organize softwarization, including system work virtualization and programming defined organizing. The introduced security design expands upon ideas from the 3G and 4G security structures however broadens also, improves them to cover the new 5G condition. It includes a tool kit for security pertinent demonstrating of the frameworks, an arrangement of security plan standards, and an arrangement of security capacities and components to execute the security controls expected to accomplish expressed security goals. In a savvy city utilize case setting, we outline its utility; we look at the abnormal state security angles originating from the arrangement of an extensive number of IoT gadgets and system softwarization
Virtual security as a service for 5G verticals
2018 IEEE Wireless Communications and Networking Conference (WCNC), 2018
The future 5G systems ought to meet diverse requirements of new industry verticals, such as Massive Internet of Things (IoT), broadband access in dense networks and ultrareliable communications. Network slicing is an important concept that is expected to support these 5G verticals and cope with the conflicting requirements of their respective services. Network slicing allows the deployment of multiple virtual networks, or slices, over the same physical infrastructure as well as supporting on-demand resource allocation to those slices. In this paper, we propose an architecture that will explore how both Network Function Virtualization (NFV) and Software Defined Networking (SDN) may be leveraged to secure a network slice on-demand, addressing the new security concerns imposed to the network management by the flexibility and elasticity support. Our proposed framework aims to ensure an optimal resource allocation that manages the slice security strategy in an efficient way. Moreover, experimental performance evaluations are presented to evaluate the security overhead in virtualized environments.
An Introduction of a Modular Framework for Securing 5G Networks and Beyond
Network
Fifth Generation Mobile Network (5G) is a heterogeneous network in nature, made up of multiple systems and supported by different technologies. It will be supported by network services such as device-to-device (D2D) communications. This will enable the new use cases to provide access to other services within the network and from third-party service providers (SPs). End-users with their user equipment (UE) will be able to access services ubiquitously from multiple SPs that might share infrastructure and security management, whereby implementing security from one domain to another will be a challenge. This highlights a need for a new and effective security approach to address the security of such a complex system. This article proposes a network service security (NSS) modular framework for 5G and beyond that consists of different security levels of the network. It reviews the security issues of D2D communications in 5G, and it is used to address security issues that affect the users a...
White Paper: Intelligent Security Architecture for 5G and Beyond Networks
2020
5G's capabilities and flexibility hold the promise of further facilitating the society's digitalization by enabling new services (e.g. remote surgery, advanced industrial applications) and communication modes (e.g. gestures, facial expressions and haptics). Current wireless communication systems do not meet the performance requirements of these new services, such as bandwidth, latency and reliability. Furthermore, the current COVID-19 crisis has fundamentally changed the way the world communicates and operates, accelerating the shift towards a more digital world. Such shift and the new requirements make the need of reliable and high-quality digital services promised by 5G more crucial than ever.<br> To fulfil 5G promises, a shift towards full automation of network and service management and operation is a necessity. However, a major challenge facing full automation is the protection of the network and system assets β services, data and network infrastructure β against ...
Security Requirements Modelling for Virtualized 5G Small Cell Networks
βIt is well acknowledged that one of the key enabling factors for the realization of future 5G networks will be the small cell (SC) technology. Furthermore, recent advances in the fields of network functions virtualization (NFV) and software-defined networking (SDN) open up the possibility of deploying advanced services at the network edge. In the context of mobile/cellular networks this is referred to as mobile edge computing (MEC). Within the scope of the EU-funded research project SESAME we perform a comprehensive security modelling of MEC-assisted quality-of-experience (QoE) enhancement of fast moving users in a virtualized SC wireless network, and demonstrate it through a representative scenario toward 5G. Our modelling and analysis is based on a formal security requirements engineering methodology called Secure Tropos which has been extended to support MEC-based SC networks. In the proposed model, critical resources which need protection, and potential security threats are identified. Furthermore, we identify appropriate security constraints and suitable security mechanisms for 5G networks. Thus, we reveal that existing security mechanisms need adaptation to face emerging security threats in 5G networks.
Automation of 5G network slicing security using intent-based networking
International Journal of Electrical and Computer Engineering (IJECE), 2025
Network slicing is a fundamental technological advancement that facilitates the provision of novel services and solutions within the realm of 5G and the forthcoming 6G communications. Numerous challenges emerge when implementing network slicing on a large-scale commercial level since it necessitates comprehensive control and automation of the entire network. Cyberattacks, such as distributed denial of service (DDoS) and address resolution protocol (ARP) spoofing, can significantly disrupt the performance and accessibility of slices inside a multi-tenant virtualized networking infrastructure due to the shared utilization of physical resources. This article employs intent-based networking (IBN) to identify and address diverse threats through automated methods. A conceptual framework is presented in which the IBN manager is integrated into the network-slicing architecture to facilitate the implementation of automated security controls. The proposed work is assessed using an experimental test bed. The study's findings indicate that the network slice's performance exhibits improvement when successful detection and mitigation measures are implemented. This improvement is observed in various metrics: availability, packet loss, response time, central processing unit (CPU) and memory utilization.
Distributed AI-based Security for Massive Numbers of Network Slices in 5G & Beyond Mobile Systems
2021 Joint European Conference on Networks and Communications & 6G Summit (EuCNC/6G Summit), 2021
The envisioned massive deployment of network slices in 5G and beyond mobile systems makes the shift towards zerotouch, scalable and secure slice lifecycle management a necessity. This is to harvest the benefits of network slicing in enabling profitable services. These benefits will not be attained without ensuring a high level security of the created network slices and the underlying infrastructure, above all in a zero-touch automated fashion. In this vein, this paper presents the architecture of an innovative network slicing security orchestration framework, being developed within the EU H2020 MonB5G project. The framework leverages the potential of Security as a Service (SECaaS) and Artificial Intelligence (AI) to foster fully-distributed, autonomic and fine-grained management of network slicing security from the node level to the end-to-end and inter-slice levels.
Towards Autonomous Security Assurance in 5G Infrastructures
IEICE Transactions on Communications, 2019
5G infrastructures will heavily rely on novel paradigms such as Network Function Virtualization and Service Function Chaining to build complex business chains involving multiple parties. Although virtualization of security middleboxes looks a common practice today, we argue that this approach is inefficient and does not fit the peculiar characteristics of virtualized environments. In this paper, we outline a new paradigm towards autonomous security assurance in 5G infrastructures, leveraging service orchestration for semi-autonomous management and reaction, yet decoupling security management from service graph design. Our work is expected to improve the design and deployment of complex business chains, as well as the application of artificial intelligence and machine learning techniques over large and intertwined security datasets. We describe the overall concept and architecture, and discuss in details the three architectural layers. We also report preliminary work on implementation of the system, by introducing relevant technologies.
Enhancing Security of Software Defined Mobile Networks
IEEE Access
Traffic volumes in mobile networks are rising and end-user needs are rapidly changing. Mobile network operators need more flexibility, lower network operating costs, faster service roll-out cycles, and new revenue sources. The 5th Generation (5G) and future networks aim to deliver ultra-fast and ultra-reliable network access capable of supporting the anticipated surge in data traffic and connected nodes in years to come. Several technologies have been developed to meet these emergent demands of future mobile networks, among these are software defined networking, network function virtualization, and cloud computing. In this paper, we discuss the security challenges these new technologies are prone to in the context of the new telecommunication paradigm. We present a multi-tier component-based security architecture to address these challenges and secure 5G software defined mobile network (SDMN), by handling security at different levels to protect the network and its users. The proposed architecture contains five components, i.e., secure communication, policy-based communication, security information and event management, security defined monitoring, and deep packet inspection components for elevated security in the control and the data planes of SDMNs. Finally, the proposed security mechanisms are validated using test bed experiments.
A Survey on Network Slicing Security: Attacks, Challenges, Solutions and Research Directions
IEEE Communications Surveys & Tutorials
The dawn of softwarized networks enables Network Slicing (NS) as an important technology towards allocating endto-end logical networks to facilitate diverse requirements of emerging applications in fifth-generation (5G) mobile networks. However, the emergence of NS also exposes novel security and privacy challenges, primarily related to aspects such as NS life-cycle security, inter-slice security, intra-slice security, slice broker security, zero-touch network and management security, and blockchain security. Hence, enhancing NS security, privacy, and trust has become a key research area toward realizing the true capabilities of 5G. This paper presents a comprehensive and up-to-date survey on NS security. The paper articulates a taxonomy for NS security and privacy, laying the structure for the survey. Accordingly, the paper presents key attack scenarios specific to NS-enabled networks. Furthermore, the paper explores NS security threats, challenges, and issues while elaborating on NS security solutions available in the literature. In addition, NS trust and privacy aspects, along with possible solutions, are explained. The paper also highlights future research directions in NS security and privacy. It is envisaged that this survey will concentrate on existing research work, highlight research gaps and shed light on future research, development, and standardization work to realize secure NS in 5G and beyond mobile communication networks.